APT3 hackers linked to Chinese intelligence
The APT3 hacker group, which has been attacking government and defense industry targets since 2010, has been linked to the Chinese Ministry of State Security, according to a report by Recorded Future. Other attackers have been linked to the Chinese military, but this is the first time a group has been connected to Chinese intelligence,…
Breaking TLS: Good or bad for security?
As the use of TLS by malware and phishing increases, some security practitioners are seeking solutions to break TLS so they can monitor all traffic in and out of their network. Breaking TLS is typically accomplished by loading an inspection CA certificate that dynamically generates certificates by your TLS inspection device. The public key from…
Beware the coffee shop: Mobile security threats lurk around every corner
40 percent of organizations believe that C-level executives, including the CEO, are most at risk of being hacked when working outside of the office, according to a new report from iPass. Cafés and coffee shops were ranked the number one high-risk venue by 42 percent of respondents, from a list also including airports (30 percent),…
Health Care and Ransomware: A Marriage Made in Hades
The WannaCry ransomware attack that struck on May 12 and quickly spread around the world was anything but routine. Heretofore, most ransomware attacks were initiated after a successful phishing effort; that wasn’t the case with WannaCry. Ransomware attacks are generally confined and targeted; this one, to date, has hit more than 100,000 organizations in over…
Protecting your cloud from ransomware
For enterprises that use the cloud, the key to being protected starts with understanding the layers that make up the components of their cloud stack. These different layers create multiple potential targets, and for the informed, they each represent a piece of the cloud environment that can be secured against potential threats. Ransomware doesn’t have…
Week in review: WannaCry decryptor available, stealing Windows credentials using Google Chrome
Here’s an overview of some of last week’s most interesting news and articles: DocuSign breached, stolen info used for targeted phishing campaign Phishing emails impersonating electronic signature technology provider DocuSign are not an unusual sight, but the latest campaign has the added advantage of specifically targeting registered DocuSign users. There’s now a WannaCry decryptor tool…
Healthcare organizations still complacent about cybersecurity
The rapid fire spread of the WannaCry ransomware, which infected thousands of organizations globally, is one of the most significant cyberattacks in recent digital history. The impact was particularly damaging to the healthcare sector, with the UK’s National Health Service (NHS) being one of the first and most adversely affected victims, causing numerous patient services…
Number of HTTPS phishing sites triples
When, in January 2017, Mozilla and Google made Firefox and Chrome flag HTTP login pages as insecure, the intent was to make phishing pages easier to recognize, as well as push more website owners towards deploying HTTPS. But while the latter aim was achieved, and the number of phishing sites making use of HTTPS has…
NSA Tools Behind WannaCry Being Used In Even Bigger Attack Campaign
Attackers have been using NSAs EternalBlue and Double Pulsar to distribute AdylKuzz cryptocurrency malware to hundreds of thousands of systems, Proofpoint says. The WannaCry ransomware outbreak this week garnered widespread attention for its sheer global scope and audacity but another likely even bigger attack leveraging the same stolen NSA exploits has been going on unnoticed…
3 in 5 companies expect to be breached in 2017
New research found that of the 50 percent who reported being breached in 2016, the average material impact to the business was $4 million. Vanson Bourne interviewed 600 senior IT decision-makers at organisations with at least 1,000 employees across Australia, France, Germany, Italy, the United Kingdom and the United States.