Cyberattack

Flame Virus Was Developed by U.S., Israel to Slow Iranian Nuclear Efforts, According to Officials

The United States and Israel are reported to be responsible for developing the Flame virus aimed at collecting intelligence in preparation for cyber-sabotage aimed at slowing Iran's ability to develop a nuclear weapon, according to Western officials with knowledge of the effort. According the Washington Post, "[t]he massive piece of malware secretly mapped and monitored Iran's computer networks, sending back a steady stream of intelligence to prepare for a cyberwarfare campaign, according to the officials." more

Reducing the Risks of BYOD with DNS-Based Security Intelligence; Part 2: Taking Control

In part 1, I talked about some of the risks associated with BYOD. But there are actions you can take to greatly reduce this risk. One effective method for limiting the risk of BYOD is to employ DNS-based security intelligence techniques. DNS-based security intelligence makes use of an enterprise's caching DNS server to monitor and block DNS queries to known botnet command and control (C&C) domains. more

Europe and North America Energy Sector Targeted by Sophisticated Cyberattack Group

The Western energy sector is being targeted by a new wave of cyberattacks capable of providing attackers ability to severely disrupt affected operations, according to reports on Wednesday. more

Defense Science Board Urges Obama to Take Immediate Cybersecurity Measures

According to a report by the Defense Science Board, the President-elect Barack Obama will inherit a cybersecurity infrastructure that is ill-prepared for advanced cyberattacks which will be of particular challenge for the new leaders... Reporting today on eWeek, Roy Mark writes: "The Bush administration has been widely criticized by security experts as de-emphasizing cyber-security and hamstringing the authority of officials in charge of government-wide cyber-security" said Roy Mark in a report eWeek." more

Iranian Influence Operation Worldwide Significantly Larger Than Previously Identified

An apparent Iranian influence operation targeting internet users worldwide is reported as significantly larger than previously identified, Reuters reports. more

U.S. Senator Inquiring Into Friday’s Crippling Cyberattack

U.S. Sen. Mark R. Warner (D-VA), a member of the Senate Select Committee on Intelligence and co-founder of the bipartisan Senate Cybersecurity Caucus, has released a letter asking three federal agencies for information on the tools available that prevent cyber criminals from compromising consumer products, such as Internet of Things (IoT) devices. more

WHOIS Database Download: Proactive Defense Against the Rising Tide of BEC Fraud

How many times have you heard that humans are the weakest link in cybersecurity? The headlines have proven that over and over again. In particular, business email compromise or BEC (also known as email account compromise or EAC) scams, which typically target an employee with access to the financial resources of his company -- this could be a C-level executive or any high-ranking officer -- for fraud are still on a constant uphill trend. more

KRACK Attack Can Affect All Modern WiFi Networks, Researchers Have Disclosed

Security researchers Mathy Vanhoef and Frank Piessens have detected a major vulnerability in the WPA2 protocol that secures all protected Wi-Fi networks. more

Repeat DDoS Attacks the Norm in Q4 2015, 24 Attacks per Target on Average

During Q4, repeat DDoS attacks were the norm, with an average of 24 attacks per targeted customer in Q4, reports Akamai in its newly released Q4 2015 State of the Internet - Security Report. more

Rising Ransomware Threats and a Record-Breaking $75M Payout

A recent report has revealed an alarming trend in ransomware attacks and a staggering $75 million ransom payout. The report by Zscaler ThreatLabz team indicates a 17.8% increase in ransomware attacks. more

Fed Records Indicate Over 50 Cybersecurity Breaches Since 2011, Some Flagged as “Espionage”

The cybersecurity reports, which represent only a slice of all cyber attacks on the Fed, were obtained by Reuters through a Freedom of Information Act request. more

Do Your Analytics Efforts Expose Your SQL Data Sources to Attacks?

Structured Query Language (SQL) continues to be quite relevant today. Many organizations still use SQL database systems, and it still ranks as the top in-demand language in tech job postings -- even in 2020. Companies are also increasing their analytics and business intelligence efforts, where SQL skills come in as quite handy. SQL queries allow you to pull key information from databases quickly. more

Microsoft’s Brad Smith Calls for a ‘Digital Geneva Convention’ to Protect Civilians

In a blog post published today on Microsoft's website, company President and Chief Legal Officer, Brad Smith, has raised concerns over escalating cyberattcks over the past year and the need for a Digital Geneva Convention. more

Tactics for Responding to Cyber Attacks - Squeezing Your Cyber Response-Curve: Part 1

Many cyber attacks against companies today go unreported, and more still are undetected... Timing and context are everything. The faster a company identifies a problem, and the faster and deeper it is understood and its relevance to the business, the more effectively the company can respond. We call this squeezing the cyber response curve. This two-part post will discuss the current state of cyber threats, what the cyber response curve is and its impact your organization and how you can effectively squeeze this curve to improve attack response. more

Chinese Hackers Had Access to Canadian Government Systems for Years, Report Reveals

For five years, Canadian government networks have been vulnerable to Chinese state-sponsored cyber espionage, according to a recent report by Canada's Communications Security Establishment (CSE). more