Hide ‘N Seek IoT Botnet Can Survive Device Reboots

The Internet of Things (IoT) botnet known as Hide ‘N Seek that first emerged in January can now achieve persistence on infected devices, Bitdefender reports. Discovered toward the end of April, the latest version of the malware also includes code that allows it to target more vulnerabilities and new types of devices, the security firm discovered,…

IIC Publishes Best Practices for Securing Industrial Endpoints

The Industrial Internet Consortium (IIC) has published a new paper designed to provide a concise overview of the countermeasures necessary to secure industrial endpoints; that is, the industrial internet of things (IIoT). The paper (PDF) is not meant to provide a checklist for compliance or certification, but rather a starting point to understand what is…

Gemalto Licensing Tool Exposes ICS, Corporate Systems to Attacks

A significant number of industrial and corporate systems may be exposed to remote attacks due to the existence of more than a dozen vulnerabilities in a protection and licensing product from Gemalto. Gemalto Sentinel LDK is a software licensing solution used by many organizations worldwide on both their enterprise and industrial control systems (ICS) networks….

Windows Defender Immune to AVGater Quarantine Flaw: Microsoft

A recently disclosed vulnerability that allows an attacker to abuse the quarantine feature of anti-virus products to escalate privileges doesn’t affect Windows Defender, Microsoft says. Dubbed AVGater, the new attack method relies on a malicious DLL being quarantined by an anti-virus product and then abuses the security program’s Windows process to restore the file.

Securing Your Enterprise Assets While Traveling for Work

Traveling for work is a regular occurrence for many of us. Most of the time, traveling for client meetings, conferences, team meetings and other work-related activities also means taking a laptop or other portable devices traveling too. These devices could easily include your company’s IP, strategic plans, financials or other sensitive enterprise assets. With this…

3 overlooked endpoints for cyber attacks and how to protect them

You probably think you have endpoint security covered. After all, organizations have been securing end-user desktop and laptop computers for decades with anti-virus software and other cyber security programs. Because of these steps, you think you’re not at risk of an endpoint-initiated attack. However, NTT Security’s 2015 Global Threat Intelligence Report found that 70 percent…

Google Expands Safe Browsing Protection on macOS

Google announced this week that it will expand Safe Browsing on macOS in an effort to protect Chrome users against unwanted ad injections and unauthorized settings changes. “Safe Browsing is broadening its protection of macOS devices, enabling safer browsing experiences by improving defenses against unwanted software and malware targeting macOS,” Google’s Kylie McRoberts and Ryan…

FTC Seeks Tools for Securing Home IoT Devices

The U.S. Federal Trade Commission (FTC) announced on Wednesday the launch of a contest that aims to find solutions for securing the Internet of Things (IoT) devices deployed in consumers’ homes. The IoT Home Inspector Challenge seeks a technical solution for addressing vulnerabilities in IoT devices. The FTC said the tool can be a physical…