Safeguarding your biggest cybersecurity target: Executives
Senior executives are among the favorite targets of malicious hackers and other bad actors, in part because they are more likely to hold valuable information — or have a high level of access to such data. That’s why it’s so important for organizations to make sure C-level officers and other top executives are adhering to…
The buck stops here: 8 security breaches that got someone fired
A secure network is a sign that a CSO is doing their job right – but it’s also something that’s hard to notice. It’s not exciting when nothing happens! But when something does happen in security, that’s usually really bad. It’s a great way for a CSO or CIO to get fired, or to get…
Double Whammy: When One Attack Masks Another Attack
In some contexts, a double whammy can mean a good thing: when your favorite team wins two games in a row, when two candy bars fall from the vending machine, etc. However, in the context of cyber security, a double whammy may translate to being attacked while still reeling from the impact of another threat….
Windows Defender Immune to AVGater Quarantine Flaw: Microsoft
A recently disclosed vulnerability that allows an attacker to abuse the quarantine feature of anti-virus products to escalate privileges doesn’t affect Windows Defender, Microsoft says. Dubbed AVGater, the new attack method relies on a malicious DLL being quarantined by an anti-virus product and then abuses the security program’s Windows process to restore the file.
Fileless Malware: A Hidden Threat
Malware is advancing at an unprecedented rate, with four new strains discovered every minute, Slate reported. This is already a lot for businesses to worry about and it doesn’t even cover the other threats that haven’t been detected. Many attackers have evolved their techniques to evade common security solutions in order to cause the most damage…
New Locky Ransomware Strain Emerges
Latest version goes by the .asasin extension and is collecting information on users’ computer operating system and IP address. Locky authors have again retooled the highly persistent ransomware campaign with a new strain that performs reconnaissance on victims’ computers and goes by a new file extension name, PhishMe reports today.
Android malware on Google Play adds devices to botnet
We have encountered a new and highly prevalent type of Android malware (detected as Android.Sockbot) posing as apps on Google Play and later adding compromised devices into a botnet. So far we have identified at least eight such apps, with an install base ranging from 600,000 to 2.6 million devices. This malware appears primarily targeting…
How to survive the worsening cyber threat landscape
Don’t expect the cyber threat landscape to get safer anytime soon. That’s the message given by speakers at two recent Boston-based events. “By any measure you want to use, the trend line is going the wrong way,” said Rob Joyce, White House cybersecurity coordinator, speaking at the Cambridge Cyber Summit hosted by CNBC and The…
macOS High Sierra Update Patches Keychain Access Flaw
An update released on Thursday by Apple for its macOS High Sierra operating system patches two vulnerabilities, including one that allows malicious applications to steal passwords from the Keychain. The Keychain flaw, tracked as CVE-2017-7150, was disclosed last week by Patrick Wardle, director of research at Synack. Apple has now addressed the issue with the release of High…
Criminal hacking: Top technology risk to health, safety and prosperity
Americans believe criminal hacking into computer systems is now a top risk to their health, safety and prosperity. Criminal hacking, a new ESET survey finds, outranks other significant hazards, including climate change, nuclear power, hazardous waste, and government surveillance. The survey was conducted by ESET security researchers, and asked randomly selected adults to rate their…