Cyberattack

Security Flaw in TPM Chips Allows Attacks on RSA Private Keys

Details of Infineon’s RSA key generation vulnerability was made public today after several announcements by vendors last week. more

Flame Virus Was Developed by U.S., Israel to Slow Iranian Nuclear Efforts, According to Officials

The United States and Israel are reported to be responsible for developing the Flame virus aimed at collecting intelligence in preparation for cyber-sabotage aimed at slowing Iran's ability to develop a nuclear weapon, according to Western officials with knowledge of the effort. According the Washington Post, "[t]he massive piece of malware secretly mapped and monitored Iran's computer networks, sending back a steady stream of intelligence to prepare for a cyberwarfare campaign, according to the officials." more

Chinese Hackers Had Access to Canadian Government Systems for Years, Report Reveals

For five years, Canadian government networks have been vulnerable to Chinese state-sponsored cyber espionage, according to a recent report by Canada's Communications Security Establishment (CSE). more

Reducing the Risks of BYOD with DNS-Based Security Intelligence; Part 2: Taking Control

In part 1, I talked about some of the risks associated with BYOD. But there are actions you can take to greatly reduce this risk. One effective method for limiting the risk of BYOD is to employ DNS-based security intelligence techniques. DNS-based security intelligence makes use of an enterprise's caching DNS server to monitor and block DNS queries to known botnet command and control (C&C) domains. more

Europe and North America Energy Sector Targeted by Sophisticated Cyberattack Group

The Western energy sector is being targeted by a new wave of cyberattacks capable of providing attackers ability to severely disrupt affected operations, according to reports on Wednesday. more

Defense Science Board Urges Obama to Take Immediate Cybersecurity Measures

According to a report by the Defense Science Board, the President-elect Barack Obama will inherit a cybersecurity infrastructure that is ill-prepared for advanced cyberattacks which will be of particular challenge for the new leaders... Reporting today on eWeek, Roy Mark writes: "The Bush administration has been widely criticized by security experts as de-emphasizing cyber-security and hamstringing the authority of officials in charge of government-wide cyber-security" said Roy Mark in a report eWeek." more

Iranian Influence Operation Worldwide Significantly Larger Than Previously Identified

An apparent Iranian influence operation targeting internet users worldwide is reported as significantly larger than previously identified, Reuters reports. more

U.S. Senator Inquiring Into Friday’s Crippling Cyberattack

U.S. Sen. Mark R. Warner (D-VA), a member of the Senate Select Committee on Intelligence and co-founder of the bipartisan Senate Cybersecurity Caucus, has released a letter asking three federal agencies for information on the tools available that prevent cyber criminals from compromising consumer products, such as Internet of Things (IoT) devices. more

Rising Ransomware Threats and a Record-Breaking $75M Payout

A recent report has revealed an alarming trend in ransomware attacks and a staggering $75 million ransom payout. The report by Zscaler ThreatLabz team indicates a 17.8% increase in ransomware attacks. more

WHOIS Database Download: Proactive Defense Against the Rising Tide of BEC Fraud

How many times have you heard that humans are the weakest link in cybersecurity? The headlines have proven that over and over again. In particular, business email compromise or BEC (also known as email account compromise or EAC) scams, which typically target an employee with access to the financial resources of his company -- this could be a C-level executive or any high-ranking officer -- for fraud are still on a constant uphill trend. more

AI-Powered Malware Evolves: Google Uncovers Live Use of Generative Models in Active Intrusions

Google's Threat Intelligence Group reveals that hackers are integrating AI models directly into malware, enabling live code mutation, stealthier operations, and dynamic payload execution while exploiting AI tools through deceptive prompts and underground marketplaces. more

KRACK Attack Can Affect All Modern WiFi Networks, Researchers Have Disclosed

Security researchers Mathy Vanhoef and Frank Piessens have detected a major vulnerability in the WPA2 protocol that secures all protected Wi-Fi networks. more

Fed Records Indicate Over 50 Cybersecurity Breaches Since 2011, Some Flagged as “Espionage”

The cybersecurity reports, which represent only a slice of all cyber attacks on the Fed, were obtained by Reuters through a Freedom of Information Act request. more

Repeat DDoS Attacks the Norm in Q4 2015, 24 Attacks per Target on Average

During Q4, repeat DDoS attacks were the norm, with an average of 24 attacks per targeted customer in Q4, reports Akamai in its newly released Q4 2015 State of the Internet - Security Report. more

Do Your Analytics Efforts Expose Your SQL Data Sources to Attacks?

Structured Query Language (SQL) continues to be quite relevant today. Many organizations still use SQL database systems, and it still ranks as the top in-demand language in tech job postings -- even in 2020. Companies are also increasing their analytics and business intelligence efforts, where SQL skills come in as quite handy. SQL queries allow you to pull key information from databases quickly. more