Cybersecurity

EU Considers Integrating New Norms of Cyberwar Into Security Policies

"The European Parliament has been asked to adopt a new set of 'norms' about online conflict," reports Simon Sharwood in The Register.

Department of Homeland Security Issues More Warnings on Security Vulnerabilities in Medical Devices

The U.S. Department of Homeland Security has issued a warning about cybersecurity vulnerabilities in medical devices which have come after independent researchers, or the companies themselves, reporting the problems.

New Type of DDoS Attack Targets Vulnerability in Universal Plug and Play Networking Protocol

A new type of DDoS attack takes advantage of an old vulnerability with the potential to put any company with an online presence at risk of attack warn researchers.

Millennials an Untapped Resource for Cybersecurity Skills but They Lack Awareness, Study Finds

A study was recently conducted by Enterprise Strategy Group (ESG) to find out where the potential answers to the cybersecurity skills shortage amongst technology-savvy millennials and post-millennials in the US.

Massachusetts School District Pays Hackers $10K in Bitcoin, Police Calls Case “Impossible” to Solve

A Massachusetts school district was forced to pay a $10,000 Bitcoin ransom to hackers following a cyberattack that blocked access to its system.

Large Open-Source Data Set Released to Help Train Algorithms Spot Malware

For the first time, a large dataset has been released by a security firm to help AI research and training of machine learning models that statically detect malware.

Experts Urge Support for Security Researchers, Call a Stop to Intimidation Efforts

Over fifty experts and expert advocates have released an open letter in support of security research and against efforts to chill or intimidate security researchers.

2.6 Billion Records Were Stolen, Lost or Exposed Worldwide in 2017, an 88% Increase From 2016

Over the past five years, nearly 10 billion records have been lost, stolen or exposed, with an average of five million records compromised every day.

Enterprise Networks Are Being Impacted by Unwanted and Unidentified Cryptomining Activity

Researchers at security service provider, Zscaler, are reporting that in the past six months they have blocked over 2.5 billion web-based cryptomining attempts within their cloud service.

Iran Among Countries Affected by a Cyberattack That Left U.S. Flag on Screens

A hacking incident over the weekend attacked networks in a number of countries including data centers in Iran where they left the image of a U.S. flag on screens along with a warning: "Don't mess with our elections."

Researchers Discover Over 1.5 Billion Files Exposed Through Misconfigured Data Services

Many administrators misconfigure cloud storage, such Amazon Simple Storage Service (S3) buckets, resulting in the contents being publicly-accessible.

Access Logs Reveal 12M Visits to .CM Typosquatted Sites Just in 2018 So Far

An anonymous tip has lead security experts Brian Krebs and Matthew Chambers to four years of access logs for the entire network of more than 1,000 dot-cm typosquatting domains.

APNIC Labs Partners with Cloudflare for Joint DNS Research Project

APNIC Labs, the research arm of Asia-Pacific Network Information Centre, is partnering with Cloudflare for a joint research project relating to the operation of the DNS, reports Geoff Huston, APNIC's Chief Scientist.

Close to 20% VPN Providers Reported Leaking Customer IP Addresses via WebRTC Bug

Close to 20% of popular VPN services are reported to be leaking customer's IP address via a WebRTC bug known since January 2015, and which "some VPN providers have never heard of."

Russian-Based Kaspersky Lab Planning on Swiss Data Center to Address Russian Exploit Concerns

Leading Moscow-based anti-virus software provider Kaspersky Lab is planning to open a data center in Switzerland to address Western government concerns that Russia exploits its anti-virus software to spy on customers, according to a report from Reuters on Wednesday.