FBI Talks Avalanche Botnet Takedown
BLACK HAT USA – Las Vegas – Tom Grasso, unit chief of the FBI’s cyber division, took the Black Hat stage to discuss the processes and partnerships leading up to the massive Avalanche takedown in December 2016. Avalanche “wasn’t a botnet,” he noted at the beginning of his talk. It was an infrastructure for enabling…
Hacking the Wind
BLACK HAT USA – Las Vegas – Gaping security holes in wind energy control networks make them vulnerable to cyberattacks for extortion and physical destruction purposes, a researcher showed here today. Jason Staggs, a security researcher at the University of Tulsa, has spent the past couple of years crisscrossing the US and hacking away at…
IBM Launches Security Testing Services For Cars, IoT
IBM Security announced on Monday that the services provided by its X-Force Red penetration testing group have been expanded to include connected vehicles and Internet of Things (IoT) devices. IBM X-Force Red, which the company launched one year ago, has been working with automotive manufacturers and third-party suppliers to provide expertise and penetration testing and consulting services.
Sweden Rattled by Massive Confidential Data Leak
Sweden’s minority government was battling to contain the fallout Monday after a massive leak that may have made confidential military information accessible abroad, as well as the private data of millions of citizens. The leak made an entire database on Swedish drivers’ licenses available to technicians in the Czech Republic and Romania, with media reporting…
One in Ten U.S. Organizations Hit by WannaCry: Study
A recent survey discovered that the vast majority of organizations in the United States weren’t prepared for the WannaCry ransomware attack, but just one in ten ended up being infected by the malware. WannaCry stormed the world in mid-May by leveraging a previously patched exploit called EternalBlue, which hacker group Shadow Brokers allegedly stole from the NSA-linked Equation…
7 Hardware & Firmware Hacks Highlighted at Black Hat 2017
When enterprises build their security models based on implied trust at the hardware and firmware level, they’re building them on a foundation of sand. Security researchers are going to repeatedly hammer that lesson home at Black Hat this week as they demonstrate a range of vulnerabilities, attack techniques and tools designed to get as close…
Forecasting the Future of Ransomware
There’s no question that ransomware is one of the most formidable threats to a business. With so much riding on digitized data, important applications and other systems, any interruption to access of these crucial assets can quickly spell disaster for an organization. Despite efforts on the part of enterprises to educate staff and enhance their…
Briton Pleads Guilty to Mirai Attacks in German Court
A British man pleaded guilty last week in a German court to launching a cyberattack that resulted in more than one million customers of telecommunications provider Deutsche Telekom experiencing Internet disruptions. German media has identified the 29-year-old man as “Peter Parker” and “Spiderman,” online monikers linked to domains used to coordinate some attacks powered by…
Week in review: macOS security, Segway vulns, and the SOC of the future
Here’s an overview of some of last week’s most interesting news and articles: The future of macOS security: Baked-in protection and third-party tools Anyone in the information security industry who’s interested in Mac security probably knows who Patrick Wardle is. Apart from being Chief Security Researcher at Synack, he’s also the creator of a number…
As GDPR approaches, retail data breaches remain unacceptably high
Two in five retailers across the globe have experienced a data breach in the past year, according to Thales and 451 Research. The report reveals that 43 percent of retailers had experienced a data breach in the last year, with a third claiming more than one. With 60% claiming that they had been breached in…