North Korea’s DDoS Attacks Analyzed Based on IPs
Arbor Networks has used the IP addresses shared recently by United States authorities to analyze distributed denial-of-service (DDoS) attacks attributed to the North Korean government. The security firm believes the data may not be as useful for organizations as the U.S. hopes. Earlier this month, the United States Computer Emergency Readiness Team (US-CERT) released a…
Trump’s Executive Order: What It Means for US Cybersecurity
The provisions are all well and good, but it’s hardly the first time they’ve been ordered by the White House. The WannaCry ransomware attack has dominated headlines recently, and with good reason – it has infected hundreds of thousands of computers in close to 100 countries, shutting down hospitals in the UK, causing problems for…
U.K. Center of Security Excellence Hit by Ransomware
One of the world’s top ten universities, awarded the status of “centre of excellence in cyber-security research” by the UK’s GCHQ, has been hit by a so-far unrecognized strain of ransomware. This comes just one month after many UK health trusts were struck by the global WannaCry ransomware. In a statement originally issued yesterday and…
U.S. Warns of North Korea’s ‘Hidden Cobra’ Attacks
The United States Computer Emergency Readiness Team (US-CERT) released a technical alert on Tuesday on behalf of the DHS and the FBI to warn organizations of North Korea’s “Hidden Cobra” activities, particularly distributed denial-of-service (DDoS) attacks. The threat actor dubbed by the U.S. government “Hidden Cobra” is better known in the infosec community as Lazarus…
10 Ways to Fight Advanced Malware With Threat Intelligence Sharing
Last month, we celebrated the two-year anniversary of the IBM X-Force Exchange (XFE). During that week, the threat intelligence sharing platform reached a record spike in traffic as users flocked to the site to stay up to date on the recently exposed WannaCry ransomware.
Week in review: PowerPoint malware delivery, dark web fraud guides, security through APIs
Here’s an overview of some of last week’s most interesting news and articles: UK ICO offers grants for practical privacy research The programme is open to academic institutions, civil society groups, trade and industry associations and organisations with a genuine commitment to public benefit outcomes. Proposals do not need to be technology based but must…
Four New Cyberthreats on the CISO’s Radar
Enterprises today face new cyberthreats from many different vectors, including some that didn’t exist just a few years ago. Chief information security officers (CISOs) need to keep their eyes on the evolving ways their companies can be breached and close any gaps to minimize the damage.
5 incident response practices that keep enterprises from adapting to new threats
Security analysts within enterprises are living a nightmare that never ends. 24 hours a day, their organizations are being attacked by outside (and sometimes inside) perpetrators – hackers, hacktivists, competitors, disgruntled employees, etc. Attacks range in scope and sophistication, but are always there, haunting the security teams tasked with guarding against them. To cope with…
Health Care and Ransomware: A Marriage Made in Hades
The WannaCry ransomware attack that struck on May 12 and quickly spread around the world was anything but routine. Heretofore, most ransomware attacks were initiated after a successful phishing effort; that wasn’t the case with WannaCry. Ransomware attacks are generally confined and targeted; this one, to date, has hit more than 100,000 organizations in over…
Week in review: WannaCry decryptor available, stealing Windows credentials using Google Chrome
Here’s an overview of some of last week’s most interesting news and articles: DocuSign breached, stolen info used for targeted phishing campaign Phishing emails impersonating electronic signature technology provider DocuSign are not an unusual sight, but the latest campaign has the added advantage of specifically targeting registered DocuSign users. There’s now a WannaCry decryptor tool…