Warning: file_get_contents() [function.file-get-contents]: SSL operation failed with code 1. OpenSSL Error messages: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version in D:\Sites\sis\lersais\news\widgets\get_stories.inc.php on line 42

Warning: file_get_contents() [function.file-get-contents]: Failed to enable crypto in D:\Sites\sis\lersais\news\widgets\get_stories.inc.php on line 42

Warning: file_get_contents(http://slashdot.org/stories/security) [function.file-get-contents]: failed to open stream: operation failed in D:\Sites\sis\lersais\news\widgets\get_stories.inc.php on line 42
All Headlines
Krebs on Security
Infosec Island
 

The Promise and Perils of Artificial Intelligence

Jun 14, 2019 | Infosec Island

AI will help us to improve our lives. We, in turn, must ensure that the software doing so is secure.

  (Read Story...)

Building Modern Security Awareness with Experiences

Jun 14, 2019 | Infosec Island

Think about your own organization’s culture and then find ways to create immersive, engaging experiences that will resonate with your people.

  (Read Story...)

Spring Cleaning: Why Companies Must Spring Clean Out Their Social Media Accounts This Season

Jun 14, 2019 | Infosec Island

Tips for cleaning and securing your online data this spring.

  (Read Story...)

Influence Operation Uses Old News of New Purposes

Jun 18, 2019 | Infosec Island

A recently uncovered influence campaign presents old terror news stories as if they were new, likely in an attempt to spread fear and uncertainty, Recorded Future reports.

  (Read Story...)

Collections Firm Behind LabCorp, Quest Breaches Files for Bankruptcy

Jun 20, 2019 | Krebs on Security

A medical billing firm responsible for a recent eight-month data breach that exposed the personal information on nearly 20 million Americans has filed for bankruptcy, citing "enormous expenses" from notifying affected consumers and the loss of its four largest customers.

  (Read Story...)

Today’s Top Public Cloud Security Threats …And How to Thwart Them

Jun 21, 2019 | Infosec Island

In order to thwart exposure, companies must have the capability to look at all cloud environments and perform assessments of how such resources are secured.

  (Read Story...)

Tracing the Supply Chain Attack on Android

Jun 25, 2019 | Krebs on Security

Earlier this month, Google disclosed that a supply chain attack by one of its vendors resulted in malicious software being pre-installed on millions of new budget Android devices. Google didn't exactly name those responsible, but said it believes the offending vendor uses the nicknames "Yehuo" or "Blazefire." What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware.

  (Read Story...)

Breach at Cloud Solution Provider PCM Inc.

Jun 27, 2019 | Krebs on Security

A digital intrusion at PCM Inc., a major U.S.-based cloud solution provider, allowed hackers to access email and file sharing systems for some of the company's clients, KrebsOnSecurity has learned.

  (Read Story...)

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Jun 28, 2019 | Krebs on Security

It might be difficult to fathom how this isn't already mandatory, but Microsoft Corp. says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Microsoft Azure and Office365 accounts to use multi-factor authentication. The move comes amid a noticeable uptick in phishing and malware attacks targeting CSP employees and contractors.

  (Read Story...)

Who’s Behind the GandCrab Ransomware?

Jul 08, 2019 | Krebs on Security

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. What follows is a deep dive into who may be responsible for recruiting new members to help spread the contagion.

  (Read Story...)

Patch Tuesday Lowdown, July 2019 Edition

Jul 09, 2019 | Krebs on Security

Microsoft today released software updates to plug almost 80 security holes in its Windows operating systems and related software. Among them are fixes for two zero-day flaws that are actively being exploited in the wild, and patches to quash four other bugs that were publicly detailed prior to today, potentially giving attackers a head start in working out how to use them for nefarious purposes.

  (Read Story...)

FEC: Campaigns Can Use Discounted Cybersecurity Services

Jul 11, 2019 | Krebs on Security

The U.S. Federal Election Commission (FEC) said today companies can offer discounted cybersecurity services to political campaigns without running afoul of existing campaign finance laws, provided they already do the same for other non-political entities. The decision comes amid much jostling on Capitol Hill over election security at the state level, and fresh warnings from U.S. intelligence agencies about impending cyber attacks targeting candidates in the lead up to the 2020 election.

  (Read Story...)

Is ‘REvil’ the New GandCrab Ransomware?

Jul 15, 2019 | Krebs on Security

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced ransomware program known variously as "REvil," "Sodin," and "Sodinokibi."

  (Read Story...)

Meet the World’s Biggest ‘Bulletproof’ Hoster

Jul 16, 2019 | Krebs on Security

For at least the past decade, a computer crook variously known as "Yalishanda," "Downlow" and "Stas_vl" has run one of the most popular "bulletproof" Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers. What follows are a series of clues that point to the likely real-life identity of a Russian man who appears responsible for enabling a ridiculous amount of cybercriminal activity on the Internet today.

  (Read Story...)

Party Like a Russian, Carder’s Edition

Jul 17, 2019 | Krebs on Security

KrebsOnSecurity has seen some creative yet truly bizarre ads for cybercrime services in the underground, but the following animated advertisement for a popular credit card fraud shop likely takes the cake.

  (Read Story...)

Party Like a Russian, Carder’s Edition

Jul 17, 2019 | Krebs on Security

KrebsOnSecurity has seen some creative yet truly bizarre ads for cybercrime services in the underground, but the following animated advertisement for a popular credit card fraud shop likely takes the cake.

  (Read Story...)

Meet the World’s Biggest ‘Bulletproof’ Hoster

Jul 16, 2019 | Krebs on Security

For at least the past decade, a computer crook variously known as "Yalishanda," "Downlow" and "Stas_vl" has run one of the most popular "bulletproof" Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers. What follows are a series of clues that point to the likely real-life identity of a Russian man who appears responsible for enabling a ridiculous amount of cybercriminal activity on the Internet today.

  (Read Story...)

Is ‘REvil’ the New GandCrab Ransomware?

Jul 15, 2019 | Krebs on Security

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced ransomware program known variously as "REvil," "Sodin," and "Sodinokibi."

  (Read Story...)

FEC: Campaigns Can Use Discounted Cybersecurity Services

Jul 11, 2019 | Krebs on Security

The U.S. Federal Election Commission (FEC) said today companies can offer discounted cybersecurity services to political campaigns without running afoul of existing campaign finance laws, provided they already do the same for other non-political entities. The decision comes amid much jostling on Capitol Hill over election security at the state level, and fresh warnings from U.S. intelligence agencies about impending cyber attacks targeting candidates in the lead up to the 2020 election.

  (Read Story...)

Patch Tuesday Lowdown, July 2019 Edition

Jul 09, 2019 | Krebs on Security

Microsoft today released software updates to plug almost 80 security holes in its Windows operating systems and related software. Among them are fixes for two zero-day flaws that are actively being exploited in the wild, and patches to quash four other bugs that were publicly detailed prior to today, potentially giving attackers a head start in working out how to use them for nefarious purposes.

  (Read Story...)

Who’s Behind the GandCrab Ransomware?

Jul 08, 2019 | Krebs on Security

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. What follows is a deep dive into who may be responsible for recruiting new members to help spread the contagion.

  (Read Story...)

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Jun 28, 2019 | Krebs on Security

It might be difficult to fathom how this isn't already mandatory, but Microsoft Corp. says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Microsoft Azure and Office365 accounts to use multi-factor authentication. The move comes amid a noticeable uptick in phishing and malware attacks targeting CSP employees and contractors.

  (Read Story...)

Breach at Cloud Solution Provider PCM Inc.

Jun 27, 2019 | Krebs on Security

A digital intrusion at PCM Inc., a major U.S.-based cloud solution provider, allowed hackers to access email and file sharing systems for some of the company's clients, KrebsOnSecurity has learned.

  (Read Story...)

Tracing the Supply Chain Attack on Android

Jun 25, 2019 | Krebs on Security

Earlier this month, Google disclosed that a supply chain attack by one of its vendors resulted in malicious software being pre-installed on millions of new budget Android devices. Google didn't exactly name those responsible, but said it believes the offending vendor uses the nicknames "Yehuo" or "Blazefire." What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware.

  (Read Story...)

Collections Firm Behind LabCorp, Quest Breaches Files for Bankruptcy

Jun 20, 2019 | Krebs on Security

A medical billing firm responsible for a recent eight-month data breach that exposed the personal information on nearly 20 million Americans has filed for bankruptcy, citing "enormous expenses" from notifying affected consumers and the loss of its four largest customers.

  (Read Story...)

Today’s Top Public Cloud Security Threats …And How to Thwart Them

Jun 21, 2019 | Infosec Island

In order to thwart exposure, companies must have the capability to look at all cloud environments and perform assessments of how such resources are secured.

  (Read Story...)

Influence Operation Uses Old News of New Purposes

Jun 18, 2019 | Infosec Island

A recently uncovered influence campaign presents old terror news stories as if they were new, likely in an attempt to spread fear and uncertainty, Recorded Future reports.

  (Read Story...)

Spring Cleaning: Why Companies Must Spring Clean Out Their Social Media Accounts This Season

Jun 14, 2019 | Infosec Island

Tips for cleaning and securing your online data this spring.

  (Read Story...)

Building Modern Security Awareness with Experiences

Jun 14, 2019 | Infosec Island

Think about your own organization’s culture and then find ways to create immersive, engaging experiences that will resonate with your people.

  (Read Story...)

The Promise and Perils of Artificial Intelligence

Jun 14, 2019 | Infosec Island

AI will help us to improve our lives. We, in turn, must ensure that the software doing so is secure.

  (Read Story...)

Utilising the Benefits of Industrial Robots Securely

Jun 05, 2019 | Infosec Island

The benefits of industrial robots won’t be achieved for long if they are not deployed with cybersecurity at their core.

  (Read Story...)

On the Horizon: Parasitic Malware Will Feast on Critical Infrastructure

Jun 04, 2019 | Infosec Island

Unprepared organizations will have a wide (and often unmonitored) attack surface that can be targeted by parasitic malware.

  (Read Story...)

Thoughts on DoS Attack on US Electric Utility

Jun 04, 2019 | Infosec Island

The recent DoS incident affecting power grid control systems in Utah, Wyoming and California was interesting for several reasons.

  (Read Story...)

Network of Fake Social Accounts Serves Iranian Interests

May 29, 2019 | Infosec Island

FireEye security researchers have uncovered a network of fake social media accounts that engage in inauthentic behavior and misrepresentation, likely in support of Iranian political interests.

  (Read Story...)

Researchers Analyze the Linux Variant of Winnti Malware

May 28, 2019 | Infosec Island

Chronicle, the cybersecurity arm of Google’s parent Alphabet, has identified and analyzed samples of the Winnti malware that have been designed specifically for the Linux platform.

  (Read Story...)

←  1 / 151010  →