Cyberattack

Cybercriminals Continuing to Exploit Human Nature, Increasing Reliance on Ransomware, Study Finds

Cybercriminals are continuing to exploit human nature and relying on familiar attack patterns such as phishing, and increase their reliance on ransomware, where data is encrypted and a ransom is demanded, according to Verizon 2016 Data Breach Investigations Report released today. more

Experts Concerned Over Looming Security Risks of Ultrasonic Cross-Device Tracking

In the upcoming Black Hat London presentation, security researcher from University College London, Vasilios Mavroudis and colleagues are going to describe and demonstrate the practical security and privacy risks that arise with the adoption systems enabled with ultrasonic cross-device tracking (uXDT). more

Automated Web Application Attacks Can Peak at 25,000 an Hour

Web applications, on average, experience twenty seven attacks per hour, or roughly one attack every two minutes, according to the newly released Imperva Web Application Attack Report. Report also notes that when websites came under automated attack they received up to 25,000 attacks in one hour, or 7 attacks every second. more

Google Offers Free DDoS Protection for News Sites

Google has announced its first initiative out of Jigsaw which is the expansion of its experimental service, Project Shield. Google is offering Project Shield as a free service leveraging Google technology to protect news and free expression sites from DDoS attacks on the web. more

Security Flaw in TPM Chips Allows Attacks on RSA Private Keys

Details of Infineon’s RSA key generation vulnerability was made public today after several announcements by vendors last week. more

Flame Virus Was Developed by U.S., Israel to Slow Iranian Nuclear Efforts, According to Officials

The United States and Israel are reported to be responsible for developing the Flame virus aimed at collecting intelligence in preparation for cyber-sabotage aimed at slowing Iran's ability to develop a nuclear weapon, according to Western officials with knowledge of the effort. According the Washington Post, "[t]he massive piece of malware secretly mapped and monitored Iran's computer networks, sending back a steady stream of intelligence to prepare for a cyberwarfare campaign, according to the officials." more

Reducing the Risks of BYOD with DNS-Based Security Intelligence; Part 2: Taking Control

In part 1, I talked about some of the risks associated with BYOD. But there are actions you can take to greatly reduce this risk. One effective method for limiting the risk of BYOD is to employ DNS-based security intelligence techniques. DNS-based security intelligence makes use of an enterprise's caching DNS server to monitor and block DNS queries to known botnet command and control (C&C) domains. more

Europe and North America Energy Sector Targeted by Sophisticated Cyberattack Group

The Western energy sector is being targeted by a new wave of cyberattacks capable of providing attackers ability to severely disrupt affected operations, according to reports on Wednesday. more

Defense Science Board Urges Obama to Take Immediate Cybersecurity Measures

According to a report by the Defense Science Board, the President-elect Barack Obama will inherit a cybersecurity infrastructure that is ill-prepared for advanced cyberattacks which will be of particular challenge for the new leaders... Reporting today on eWeek, Roy Mark writes: "The Bush administration has been widely criticized by security experts as de-emphasizing cyber-security and hamstringing the authority of officials in charge of government-wide cyber-security" said Roy Mark in a report eWeek." more

Iranian Influence Operation Worldwide Significantly Larger Than Previously Identified

An apparent Iranian influence operation targeting internet users worldwide is reported as significantly larger than previously identified, Reuters reports. more

Rising Ransomware Threats and a Record-Breaking $75M Payout

A recent report has revealed an alarming trend in ransomware attacks and a staggering $75 million ransom payout. The report by Zscaler ThreatLabz team indicates a 17.8% increase in ransomware attacks. more

WHOIS Database Download: Proactive Defense Against the Rising Tide of BEC Fraud

How many times have you heard that humans are the weakest link in cybersecurity? The headlines have proven that over and over again. In particular, business email compromise or BEC (also known as email account compromise or EAC) scams, which typically target an employee with access to the financial resources of his company -- this could be a C-level executive or any high-ranking officer -- for fraud are still on a constant uphill trend. more

U.S. Senator Inquiring Into Friday’s Crippling Cyberattack

U.S. Sen. Mark R. Warner (D-VA), a member of the Senate Select Committee on Intelligence and co-founder of the bipartisan Senate Cybersecurity Caucus, has released a letter asking three federal agencies for information on the tools available that prevent cyber criminals from compromising consumer products, such as Internet of Things (IoT) devices. more

KRACK Attack Can Affect All Modern WiFi Networks, Researchers Have Disclosed

Security researchers Mathy Vanhoef and Frank Piessens have detected a major vulnerability in the WPA2 protocol that secures all protected Wi-Fi networks. more

Do Your Analytics Efforts Expose Your SQL Data Sources to Attacks?

Structured Query Language (SQL) continues to be quite relevant today. Many organizations still use SQL database systems, and it still ranks as the top in-demand language in tech job postings -- even in 2020. Companies are also increasing their analytics and business intelligence efforts, where SQL skills come in as quite handy. SQL queries allow you to pull key information from databases quickly. more