IoT Devices Fuel Complex DDoS Attacks: Report

The continuous use of compromised Internet of Things (IoT) devices to launch distributed denial of service (DDoS) attacks has helped cybercriminals increase the complexity of their assaults, NETSCOUT’s Arbor Networks says. According to the company’s 13th Annual Worldwide Infrastructure Security Report (WISR), attackers focused on increasing complexity in 2017, and the exploitation of IoT devices…

Insurers, Nonprofits Most Likely to Fall for Phishing: Study

The employees of insurance companies and non-profit organizations are most likely to fall for phishing attacks, according to a study conducted by security awareness training firm KnowBe4. KnowBe4’s study is based on data collected from six million users across 11,000 organizations. The company has tested users at three stages: before any awareness training, after 90…

5 Steps to Better Security in Hybrid Clouds

Following these tips can improve your security visibility and standardize management across hybrid environments. When it comes to embracing innovation, we are all a little cautious by nature. For example, we know electric cars are the future, but the infrastructure to fully support them isn’t ready yet. So sales of hybrid gas/electric cars are booming…

Can Biometrics Solve the Authentication Problem?

When Apple introduced the Touch ID fingerprint access button, commentators believed it would kick-start the ever-promising, never-quite-delivering biometric market. But Touch ID was defeated by hackers within days. When Apple introduced the FaceID biometric, the same happened – it was defeated within weeks. In November 2017, F-Secure demonstrated that Android’s Trusted Face Smart Lock can be defeated by…

Gemalto Licensing Tool Exposes ICS, Corporate Systems to Attacks

A significant number of industrial and corporate systems may be exposed to remote attacks due to the existence of more than a dozen vulnerabilities in a protection and licensing product from Gemalto. Gemalto Sentinel LDK is a software licensing solution used by many organizations worldwide on both their enterprise and industrial control systems (ICS) networks….

AMD, Apple Sued Over CPU Vulnerabilities

Apple and Advanced Micro Devices (AMD) are also facing class action lawsuits following the disclosure of critical CPU vulnerabilities that affect billions of devices. The Meltdown and Spectre attack methods, which rely on vulnerabilities that have been around for roughly two decades, allow malicious applications to bypass memory isolation mechanisms and access passwords, photos, documents, emails, and…

Infosec expert viewpoint: Google Play malware

Researchers routinely discover a variety of malicious apps on Google Play, some of which have been downloaded and installed on millions of devices worldwide. Here’s what infosec experts think about the security of Google Play, what they think Google should do better, and what users can do in order to protect themselves from malicious apps…

Man Admits to Directing DDoS Attacks Across the US

New Mexico man pleads guilty to directing cyberattacks against his prior employers, business competitors, and law enforcement agencies. John Kelsey Gammell has pleaded guilty to engaging in, and directing, distributed denial-of-service (DDoS) attacks against websites of former employers, business competitors, and public services including law enforcement and courts, the US Department of Justice reported this…

Game over? It’s up to your password

My fellow 90s gamers will remember LAN parties — the original connected gaming — and playing Counter-Strike and Half-Life in Internet cafés. For many, Counter-Strike was our introduction to multiplayer gaming. Then, in the early 2000s, a game called World of Warcraft changed everything. I had never seen so many people on the same server before! It was a new world,…