A new security report reveals cryptominers infected ten times more organizations than ransomware in 2018, but only one in five IT security professionals were aware their company's networks had been infected by mining malware. more
In January 2018, I looked back at 2017 to figure out how routing security looked globally and on a country level. Using the same metrics and methodology, I've recently taken a look at 2018 to see if we're making improvements. The good news is, it seems like the routing system is doing better! But there is still much work to be done. Using BGPStream.com, a great public service providing information about suspicious events in the routing system, I analyzed the number of incidents... more
A new report warns that unless government and private sector decision makers begin developing specific procedures and trust now against cyber-enabled economic warfare (CEEW), the United States will find itself flat-footed during a major cyber event. more
Dan Coats, Director of US National Intelligence warns China and Russia are increasingly using cyber operations to steal information, influence citizens and to disrupt critical infrastructure. more
Ars Technica's Dan Goodin reports that an "investigation shows the spam run worked by abusing a weakness at GoDaddy that allowed the scammers to hijack at least 78 domains belonging to Expedia, Mozilla, Yelp, and other legitimate people or organizations." more
The U.S. Department of Homeland Security has issued a rare "emergency" directive ordering federal agencies to audit all DNS records within ten days. more
A wave of DNS hijacking is reported to have affected dozens of domains belonging to government, telecommunications and internet infrastructure entities across the Middle East and North Africa, Europe and North America. more
In its latest quarterly report, McAfee Labs has reported seeing an average of 480 new threats per minute and a sharp increase in malware targeting IoT devices. more
Researchers at Certfa Lab provide a review of the latest wave of organized phishing attacks by Iranian state-backed hackers which succeeded by compromising 2-factor authentication. more
Chinese hackers have breached U.S. Navy contractors to steal a wide range of data from ship-maintenance data to missile plans through what is reported as the most debilitating cyber campaigns linked to Beijing. more
According to the APWG's new Phishing Activity Trends Report released today, phishers are using new techniques to carry out their attacks and hide their origins in order to make the most of every phishing campaign. more
The "Paris Call for Trust and Security in Cyberspace," announced by French President at the Paris Peace Forum on November 13, has attracted more than 450 signatories. more
US, China and Russia have refused to sign the French-backed agreement, Paris Call for Trust and Security in Cyberspace, announced by French President at the UNESCO Internet Governance Forum (IGF) on Monday. more
Karachi-based Bank Islami revealed Saturday morning that it had detected abnormal transactions resulting in 2.6 million Pakistani rupees, roughly $19,500 and precautionary steps where taken immediately. more
Yahoo today announced it has agreed to pay $50 million in damages and will offer two years of free credit-monitoring services to 200 million people whose email addresses and other personal information were stolen as part of the massive security breach. more