Data breaches affecting corporate and internal networks increased considerably in 2015 compared to the previous year, according to the 2016 Global Security Report published by Trustwave on Tuesday.
read more
The Emergence of Identity as an Enterprise Attack Surface
In spite of heroic efforts, many companies today offer attackers no shortage of vulnerable points for entry into their networks. Whether it’s cloud services unknown to the corporate security team, or a web server that is 10 patch revisions behind, or an application that never underwent proper security or code review – the options are plentiful.
read more
MouseJack Vulnerability Affects 80 Percent of Organizations: Survey
Last week, Microsoft patched multiple vulnerabilities in its products, including the "MouseJack" flaw that could allow attackers to execute malicious commands on a computer by hijacking wireless mice and keyboards, yet the issue still affects the majority of organizations.
read more
Android, BlackBerry Spyware Used in India Attacks
An advanced persistent threat (APT) actor responsible for stealing sensitive information from high profile targets in India leveraged Android and BlackBerry spyware in its attacks.
read more
When it Comes to Business Defense, Simplicity is the Watchword
Enterprises Must go Beyond the Perimeter and Worry About the Surface Area that is Open for Attack and the Challenge of Detecting Attacks Quickly
read more
Google Analyzes Effectiveness of Website Hack Notifications
Google has teamed up with the University of California, Berkeley to conduct a study on the effectiveness of notifications sent out by the company to webmasters whose websites have been compromised.
read more
Kovter Ad Fraud Trojan Evolves Into Ransomware
Kovter, a recently discovered piece of ransomware, represents the latest step in the evolution of a malicious program from police scareware to ad fraud Trojan and now file-encrypting malware.
read more
Ransomware Uses Blockchains to Transmit Decryption Keys
Ransomware authors are always looking for new techniques to make their extortion business more efficient, and researchers have discovered a new method that cybercriminals are using to deliver decryption keys; blockchains.
read more
Google Tightens Security Rules for Chrome Extensions
Google has updated its User Data Policy for the Chrome Web Store, in an attempt to improve the safety and privacy for users of its Chrome web browser.
read more
Hacker Details How He Infiltrated Hacking Team
A hacker using the handle "Phineas Fisher" has described how he hacked into surveillance software maker Hacking Team. Hacking Team is an Italian firm that hacks to order, primarily for law enforcement agencies and intelligence agencies. Last summer, Phineas Fisher (now going by the alias Hack Back!) on Twitter broke into Hacking Team and stole and published thousands of internal documents, some source code and several 0-day exploits.
read more
