Security researcher Patrick Wardle has been looking at ways to generically detect ransomware attacks on Mac OS X systems and he has developed a tool that appears to be capable of accomplishing the task.
read more
The Panama Papers Wake Up Call
Zero-day exploits. SQL injection. Malware. There’s plenty to worry about as a security professional. But none of those attack vectors were part of the recent massive data leak at Panamanian law firm Mossack Fonseca.
read more
New FireEye Service Evaluates M&A Cyber Risks
Threat protection firm FireEye this week launched a new service designed to help organizations manage the risks associated with corporate Mergers & Acquisitions (M&A).
read more
Cyber Insurance: Security Tool or Hype?
A few months back, I was a passive observer to an interesting email thread. People on the thread were discussing a breach that was big news at the time. Suggestions were made as to why the breach occurred, how it may have occurred, how the response could have been better executed, among many other points. At one point in the discussion, one individual decided to interject the concept of cyber insurance in a mocking and condescending tone.
read more
EFF Sues DoJ Over Secret Data Decryption Orders
The Electronic Frontier Foundation (EFF) filed a lawsuit on Tuesday against the U.S. Department of Justice in hopes of obtaining information on secret court orders requiring technology companies to decrypt their customers’ communications.
read more
Bugcrowd Raises $15 Million to Expand Bug Bounty Business
Crowdsourced security testing company Bugcrowd announced today that has closed $15 million in a Series B funding round led by Blackbird Ventures. The new funding brings the total raised by the company to $24 million.
read more
CryptXXX Ransomware Steals Bitcoin, Private Data
As if denying a user’s access to their files and asking for a $500 ransom to restore access wasn’t bad enough, the authors of a new piece of ransomware called CryptXXX decided to also pack their malware with information stealing capabilities.
read more
“Multigrain” PoS Malware Exfiltrates Card Data Over DNS
Researchers at FireEye have come across a piece of malware that steals payment card data from point-of-sale (PoS) systems and sends it back to the attackers via DNS.
read more
Oracle Critical Patch Update for April 2016 Fixes 136 Vulnerabilities
Oracle’s Critical Patch Update (CPU) for April 2016 was released on Tuesday, bringing 136 security fixes across multiple product families. Many of the vulnerabilities addressed in the update are remotely exploitable, with seven carrying a rating of a 10.0 using the Common Vulnerability Scoring System (CVSS).
read more
Google Runs Over 400 Million Android Security Scans Daily
Google has been working on improving the overall security of its Android platform, and the Internet giant is not being shy about some of the success it has had in advancing the security of its mobile ecosystem.
read more
