Month: November 2016

Vulnerabilities

Issued by: Help Net Security

Fake executive social media accounts threaten enterprises

New research has uncovered numerous duplicative Twitter and LinkedIn accounts among Fortune 500 leaders, raising concerns about potential security vulnerabilities. Analysts at BrandProtect reviewed profiles for the 54 CEOs at Fortune 500 companies using Twitter and the 187 CEOs using LinkedIn. Of these CEOs, 19 percent were represented online by multiple Twitter accounts, while 9…

Network Security

Issued by: Trend Micro Blog

Thousands of WordPress sites with malware highlight need for comprehensive security

While everyone was worrying about the holiday influx of POS malware, a cyber criminal group quietly exploited a plug-in vulnerability with the mysterious SoakSoak malware and infected at least 100,000 sites utilizing WordPress’s content management system. Researchers with security firm Sucuri discovered the malware campaign in mid-December, noting that it leveraged a flaw within a…

Network Security

Issued by: Kaspersky Blog

Trapped in social networks

A recent survey of 4,831 active social network users, conducted by Kaspersky Lab in 12 countries, reveals that an overwhelming majority (78%) of respondents considered quitting their social networks — but chose to stay. They wanted to leave for a variety of reasons: 39% of users complained they were wasting too much time, the top…

Network Security

Issued by: Help Net Security

Key causes of network outages and vulnerabilities

A new global study, conducted by Dimensional Research, surveyed 315 network professionals about their experiences with network outages, vulnerabilities and compliance. Among the report’s findings, there is almost universal agreement that human factors lead to network outages, and in many cases these outages are quite frequent.

Malware & Threats

Issued by: CIO Security

This malware attack starts with a fake customer-service call

Hotel and restaurant chains, beware. A notorious cybercriminal gang is tricking businesses into installing malware by calling their customer services representatives and convincing them to open malicious email attachments. The culprits in these hacks, which are designed to steal customers’ credit card numbers, appear to be the Carbanak gang, a group that was blamed last…

Software Security

Issued by: Security Week

ImageWare Launches Multi-modal Biometric Authentication for Enterprises

Today’s security consensus is that password-based authentication and access is insecure, and that some form of two- or multi-factor authentication is necessary. The simplest and easiest second factor is an SMS-based soft token, and that is the route already adopted by many organizations. However, NIST’s recently published concern over some implementations of SMS-based 2FA has…

Network Security

Issued by: Help Net Security

Waterfall BlackBox: Restoring trust in network information

Waterfall Security Solutions announced the launch of the Waterfall BlackBox, developed to maintain the integrity of log repositories in the event of a cyber attack. Based on Waterfall’s patented unidirectional technology, the Waterfall BlackBox creates a physical barrier between networks and logged data, so that stored logs become inaccessible to attackers who are trying to…

Malware & Threats

Issued by: Trend Micro Blog

Retailers may be gifted FastPOS this holiday season

Chilly weather, falling leaves and pumpkin-spiced everything are signs that the holiday season is just around the corner. Retailers have already taken steps to get ready by hiring and training personnel for these busy times. However, can they say the same for their point-of-sales systems? When a person pays with a debit or credit card,…

Network Security

Issued by: Security Intelligence

Cybercriminals Are Getting Better at Using Advanced Authentication Methods

Cybercriminals are learning how to use newer authentication methods to exploit security weaknesses. As always, it is a cat-and-mouse game with serious consequences. Facial recognition software can be exploited with high-definition photos, many of which can be found on social media accounts. Fraudsters can easily bypass one-time passwords by calling cellphone companies and impersonating the…