Cybersecurity

WHOIS Database Download: Proactive Defense Against the Rising Tide of BEC Fraud

How many times have you heard that humans are the weakest link in cybersecurity? The headlines have proven that over and over again. In particular, business email compromise or BEC (also known as email account compromise or EAC) scams, which typically target an employee with access to the financial resources of his company -- this could be a C-level executive or any high-ranking officer -- for fraud are still on a constant uphill trend. more

Call for Participation – ICANN DNSSEC and Security Workshop at ICANN67, Cancun, Mexico

The ICANN Security and Stability Advisory Committee (SSAC) and the Internet Society Deploy360 Programme are planning a DNSSEC and Security Workshop during the ICANN67 meeting held from 07-12 March 2020 in Cancun, Mexico. The original DNSSEC Workshop has been a part of ICANN meetings for many years and has provided a forum for both experienced and new people to meet, present, and discuss current and future DNSSEC deployments. more

KRACK Attack Can Affect All Modern WiFi Networks, Researchers Have Disclosed

Security researchers Mathy Vanhoef and Frank Piessens have detected a major vulnerability in the WPA2 protocol that secures all protected Wi-Fi networks. more

Arbor Networks: Internet Architecture and Operations Facing Perfect Storm

According to the latest Infrastructure Security Report by Arbor Netowrks, the Internet architecture and operations is about to face a perfect storm with the convergence of issues including IPv4 to IPv6 migration, implementation of DNS Security Extensions (DNSSEC) and to 4-byte ASNs (used for inter-domain routing on the Internet). "Any one of these changes alone would constitute a significant architectural and operational challenge for network operators; considered together, they represent the greatest and potentially most disruptive set of circumstances in the history of the Internet, given its growth in importance to worldwide communications and commerce," says the report.
 more

Fed Records Indicate Over 50 Cybersecurity Breaches Since 2011, Some Flagged as “Espionage”

The cybersecurity reports, which represent only a slice of all cyber attacks on the Fed, were obtained by Reuters through a Freedom of Information Act request. more

Repeat DDoS Attacks the Norm in Q4 2015, 24 Attacks per Target on Average

During Q4, repeat DDoS attacks were the norm, with an average of 24 attacks per targeted customer in Q4, reports Akamai in its newly released Q4 2015 State of the Internet - Security Report. more

AI-Powered Malware Evolves: Google Uncovers Live Use of Generative Models in Active Intrusions

Google's Threat Intelligence Group reveals that hackers are integrating AI models directly into malware, enabling live code mutation, stealthier operations, and dynamic payload execution while exploiting AI tools through deceptive prompts and underground marketplaces. more

Do Your Analytics Efforts Expose Your SQL Data Sources to Attacks?

Structured Query Language (SQL) continues to be quite relevant today. Many organizations still use SQL database systems, and it still ranks as the top in-demand language in tech job postings -- even in 2020. Companies are also increasing their analytics and business intelligence efforts, where SQL skills come in as quite handy. SQL queries allow you to pull key information from databases quickly. more

Microsoft’s Brad Smith Calls for a ‘Digital Geneva Convention’ to Protect Civilians

In a blog post published today on Microsoft's website, company President and Chief Legal Officer, Brad Smith, has raised concerns over escalating cyberattcks over the past year and the need for a Digital Geneva Convention. more

Ransomware Crime Bill Goes into Effect in the State of California

As of January 1, the delivery of ransomware is illegal in California as per Senate Bill 1137 going into effect. more

Tactics for Responding to Cyber Attacks - Squeezing Your Cyber Response-Curve: Part 1

Many cyber attacks against companies today go unreported, and more still are undetected... Timing and context are everything. The faster a company identifies a problem, and the faster and deeper it is understood and its relevance to the business, the more effectively the company can respond. We call this squeezing the cyber response curve. This two-part post will discuss the current state of cyber threats, what the cyber response curve is and its impact your organization and how you can effectively squeeze this curve to improve attack response. more

AI System Abused in China-Linked Cyberattack, Says Anthropic

A Chinese-linked cyberattack exploited Anthropic's Claude AI to infiltrate global institutions with limited human input, prompting urgent calls for regulation and sparking debate over the growing autonomy of artificial intelligence in digital threats. more

Experienced a Breach? Here Are Four Tips for Incident Response

The threat level has never been higher for organizations charged with protecting valuable data. In fact, as recent headlines will attest, no company or agency is completely immune to targeted attacks by persistent, skilled adversaries. The unprecedented success of these attacks against large and well-equipped organizations around the world has led many security executives to question the efficacy of traditional layered defenses as their primary protection against targeted attacks. more

Cybersecurity Continues to Be the US Securities and Exchange Commission’s Top Priority for 2019

For the fourth year, the U.S. Securities and Exchange Commission's Office continues to include cybersecurity as one of the top enforcement priorities for 2019. more

U.S. Navy Investigating Possibility of Cyberattack Behind Two Navy Destroyer Collisions

Deputy chief of naval operations for information warfare, Vice Adm. Jan Tigh, says the military is investigating the possibility of compromised computer systems behind two U.S. Navy destroyer collisions with merchant vessels that occurred in recent months. more