Month: April 2019

Network Security

Issued by: Blog Malwarebytes

Consumers have few legal options for protecting privacy

There are no promises in the words, “We care about user privacy.” Yet, these words appear on privacy policy after privacy policy, serving as disingenuous banners to hide potentially invasive corporate practices, including clandestine data collection, sharing, and selling. This is no accident. It is a strategy. In the US, companies that break their own…

Vulnerabilities

Issued by: Dark Reading

When Every Attack Is a Zero Day

The collective efforts of hackers have fundamentally changed the cyber defense game. Today, adversarial automation is being used to create and launch new attacks at such a rate and volume that every strain of malware must now be considered a zero day and every attack considered an advanced persistent threat. That’s not hyperbole. According to…

Network Security

Issued by: Help Net Security

A casual approach to workplace communications presents major security risks

Workers are comfortable sharing personal, sensitive and confidential information over chat platforms. They practice risky digital habits, and don’t care if their communications are leaked. Symphony Communication Services Workplace Confidential Survey, which polled over 1,500 workers in the U.S. and U.K., examined the growth of new collaboration tools and platforms entering the workplace. The findings…

Network Security

Issued by: Help Net Security

Scientists may have identified a new way to improve network security

With cybersecurity one of the nation’s top security concerns and billions of people affected by breaches last year, government and businesses are spending more time and money defending against it. Researchers at the U.S. Army Combat Capabilities Development Command’s Army Research Laboratory, the Army’s corporate research laboratory also known as ARL, and Towson University may…

Malware & Threats

Issued by: Symantec Blog

Cryptojacking Fluctuates Along with Cryptocurrency Values

It’s hard to know who tracks the value of cryptocurrencies more closely. Is it the investors who own the virtual coins, or the criminals who hijack computing power to mine them? For their part, the criminals clearly do follow cryptocurrency values. Symantec, as detailed in its annual Internet Security Threat Report (ISTR), tracked a decline…

Malware & Threats

Issued by: Security Week

Examining Triton Attack Framework: Lessons Learned in Protecting Industrial Systems

Recently, the infamous Triton (also known as Trisis) malware framework made news again after researchers from FireEye found evidence of the same attacker lurking in other critical infrastructure. In 2017, Triton was behind an attack that shut down Schneider Electric’s Triconex safety instrumentation system (SIS) at a petrochemical plant in Saudi Arabia — the malware…

Malware & Threats

Issued by: Help Net Security

Framing supply chain attacks

The increase in the demand for innovative software has effectively reshaped the software development industry itself. Today, speed and agility are paramount and development teams are pushed to deliver highly advanced applications in record time — which means that writing every single line of code from the ground up is often not a sustainable practice….

Vulnerabilities

Issued by: Help Net Security

Backdoors inevitably create vulnerabilities that can be exploited by malicious actors

73 percent of IT security professionals believe countries with government-mandated encryption backdoors are more susceptible to nation-state attacks. The Venafi survey on government-mandated encryption backdoors evaluated the opinions of 517 IT security professionals attending the RSA Conference 2019. “This is a tense moment for industry professionals because they know backdoors make our critical infrastructure more…

Network Security

Issued by: Help Net Security

79% of organizations want a federal privacy law amid lack of compliance

There is a significant enthusiasm for a federal privacy law amid organizations’ lack of ability to comply with data privacy rules stemming from both mushrooming government regulations and complex data sharing agreements between companies. Organizations are also overconfident in knowing where private data resides, and tend to use inadequate tools such as spreadsheets to track…