When enterprises build their security models based on implied trust at the hardware and firmware level, they’re building them on a foundation of sand. Security researchers are going to repeatedly hammer that lesson home at Black Hat this week as they demonstrate a range of vulnerabilities, attack techniques and tools designed to get as close…

There’s no question that ransomware is one of the most formidable threats to a business. With so much riding on digitized data, important applications and other systems, any interruption to access of these crucial assets can quickly spell disaster for an organization. Despite efforts on the part of enterprises to educate staff and enhance their…

A British man pleaded guilty last week in a German court to launching a cyberattack that resulted in more than one million customers of telecommunications provider Deutsche Telekom experiencing Internet disruptions. German media has identified the 29-year-old man as “Peter Parker” and “Spiderman,” online monikers linked to domains used to coordinate some attacks powered by…

BEC fraud netted cyberthieves five times more profit than ransomware over a three-year period, according to Cisco’s midyear report released today. Despite all the recent attention paid to ransomware, cybercriminals walked away with $5.3 billion from business email compromise (BEC) attacks compared with $1 billion for ransomware over a three-year stretch, according to Cisco’s 2017…

Necurs botnet spreads Trickbot malware to US financial institutions, while new Emotet banking Trojan attacks discovered – signalling increasingly complex attacks on the industry. The Necurs botnet has begun delivering the Trickbot banking Trojan to financial institutions in the United States, a sign of increasingly larger and more complex attacks on the industry.

Lloyd’s of London estimates multi-billion-dollar loss figures in worst-case scenarios of a major zero-day exploit or massive cloud outage. WannaCry spread like wildfire in a matter of days reaching 150 countries and creating an anticipated $4 billion in losses, but if attackers were to launch a global, system-wide attack that hit a multitude of cloud-based companies,…

Researchers at Black Hat USA will release a toolset that studies and then cheats specific Android AV apps. A team of researchers from Georgia Tech built an Android hacking tool that snuck past nearly all of 58 Android AV antivirus programs in tests conducted via VirusTotal. Their AVPass toolkit includes a query function that vets…

Number of iOS devices running malicious apps more than tripled in three consecutive quarters, while infected Android devices remained largely flat, report shows. iPhones and other devices running Apple’s iOS have seen a jump in malicious apps attacking them while Android malware infections have remained largely stable, according to a report released today by mobile…