Cybersecurity

Threat Intelligence Platform in Action: Investigating Important Use Cases

As technology gets more and more sophisticated, tech-savvy cybercriminals are having a field day devising increasingly ingenious ways to steal confidential data from ill-prepared targets. What this means is that an equally sophisticated cybersecurity response is needed to keep attackers at bay. This would involve re-examining reactive cybersecurity practices and adopting a proactive approach towards an active search for risks and vulnerabilities with the help of threat intelligence (TI). more

ICANN Security Team Reports on Conficker Post-Discovery Analysis

A paper released today by ICANN provides a chronology of events related to the containment of the Conficker worm. The report, "Conficker Summary and Review," is authored by ICANN's Dave Piscitello, Senior Security Technologist on behalf of the organization's security team. more

Airplanes Vulnerable to Hacking, Says U.S. Department of Homeland Security

Researchers have been able to successfully demonstrate a commercial aircraft can be remotely hacked. more

EU Launches First European Public-Private Partnership on Cybersecurity, Plans $2B Investment

The European Commission has launched a new public-private partnership on cybersecurity expected to trigger €1.8 billion ($2B) of investment by 2020. more

A Research Finds Banking Apps Leaking Info Through Phones

A recent research seems to indicate that financial industries should increase the security standards they use for their mobile home banking solutions. IOActive Labs recently performed a black box and static analysis of worldwide mobile home banking apps. The research used iPhone/iPad devices to test a total of 40 home banking apps from the top 60 most influential banks in the world. more

Watching the Watchers Watching Your Network

It seems that this last holiday season didn't bring much cheer or goodwill to corporate security teams. With the public disclosure of remotely exploitable vulnerabilities and backdoors in the products of several well-known security vendors, many corporate security teams spent a great deal of time yanking cables, adding new firewall rules, and monitoring their networks with extra vigilance. more

Botnets: Most Prevalent Threat on the Internet for the Enterprises

Based on the total number of transactions, Zscaler reports botnets as the biggest security risk on the Internet for the enterprises. "Once a host gets infected, the botnet usually spreads quickly within an enterprise. It also generates a significant amount of traffic to the command and control server, to download additional malware or perform other actions." more

Exploiting Video Console Chat for Cybecrime or Terrorism

A couple of days ago there was a lot of interest in how terrorists may have been using chat features of popular video console platforms (e.g. PS4, XBox One) to secretly communicate and plan their attacks. Several journalists on tight deadlines reached out to me for insight in to threat. Here are some technical snippets on the topic that may be useful for future reference. more

Mobile Malware Growing Exponentially, Limited Capability of Current Security Solutions Big Concern

Security analysis suggest troubling and escalating trends in the development of malware that exploits vulnerabilities on mobile devices. "From turning mobile devices into bots, to infiltration of mobile applications, driven by the use of personal devices in the workplace, cybercriminals are taking full advantage of this market," reports M86 Security Labs in its just released Threat Predictions Report. more

Top Level Domains and a Signed Root

With DNSSEC for the root zone going into production in a couple of weeks, it is now possible for Top Level Domain (TLD) managers to submit their Delegation Signer (DS) information to IANA. But what does this really mean for a TLD? In this post we're going to try to sort that out. more

French Presidential Candidate Confirms Massive Hack, Emails Dumped Online Two Days Before Election

Leading French presidential candidate Emmanuel Macron's campaign confirmed on Friday a "massive" computer hack that dumped its campaign emails online less than two days before the election. more

U.S. House Committee to Hold Hearing on Recent Cyberattacks

U.S. Subcommittee on Communications & Technology and the Subcommittee on Commerce, Manufacturing, and Trade have announced a joint hearing to examine recent cyberattacks. more

Public Cloud Services in Mature Asia/Pacific Region to Reach $7.4 Billion in 2015

The public cloud services market in the mature Asia/Pacific (AP) region is on pace to grow 8.7 percent in 2015 to total $7.3 billion, up from $6.7 billion in 2014, according to new research from Gartner. more

Centralizing DNS Data for Security, Compliance, and Performance

Private DNS data lakes consolidate fragmented logs into a centralised platform, improving visibility, security, and compliance. They enable advanced analytics, strengthen threat detection, and help organisations optimise network performance in increasingly complex IT environments. more

Senate Urges Domain Registrars to Combat Russian Election Interference

The United States Senate Intelligence Committee Chair, Mark Warner, has called on several domain name registrars, including Namecheap, GoDaddy, and Cloudflare, to address the misuse of their services by Russian actors attempting to influence the 2024 U.S. presidential election. more