The California Department of Insurance on Friday revealed that an investigation into the data breach of health insurance giant Anthem Inc. has concluded that a foreign country was behind the attack.
read more
St. Jude Patches Vulnerabilities in Cardiac Devices
St. Jude Medical has released security updates to patch some of the flaws discovered by MedSec in its cardiac devices, but the manufacturer insists that the risk of cyberattacks is very low.
read more
Shamoon 2 Variant Targets Virtualization Products
A second variant of the Shamoon 2 malware discovered by researchers at Palo Alto Networks has been set up to target virtualization products, likely in an effort to increase the impact of the attack and make recovery more difficult for targeted organizations.
read more
Sundown Exploit Kit Variant Distributes Cryptocurrency Miner
An atypical variant of the Sundown exploit kit (EK) was recently seen using a different infrastructure than previously known and distributing a cryptocurrency mining application, Malwarebytes Labs security researchers reveal.
read more
New York Governor Proposes New Cyber Security Measures
Following the Intelligence Community report blaming Russia for both the Democratic National Committee hack in 2016, and for attempting to influence the presidential election in favor of Republican Donald Trump, the Democrat Governor of New York has now introduced new cyber security proposals to his January State of the State address.
read more
Mac Crashing Attack Method Used in Tech Support Scam
A snippet of malicous code designed to crash Mac OS machines is being delivered through drive-by downloads as part of a campaign designed to trick users into calling a fake tech support service, security researchers warn.
read more
“Truffle Hog” Tool Detects Secret Key Leaks on GitHub
A free and open source tool called “Truffle Hog” can help developers check if they have accidentally leaked any secret keys through the projects they publish on GitHub.
read more
Organizations Challenged with Cybersecurity Framework Implementation
Adopting a cyber security framework provides clear benefits that increase over time; but for most organizations, framework adoption requires overcoming a range of both technical and organizational impediments. Automated foundational controls are currently not being widely implemented.
read more
Edge Exploits Added to Sundown EK
The maintainers of the Sundown exploit kit have started using two Microsoft Edge vulnerabilities just a few days after researchers published a proof-of-concept (PoC) exploit.
read more
Understanding the Benefits of Security Abstraction
The world of cybersecurity is becoming more and more complicated and – some say – almost unmanageable. This is due to the increasing volume of advanced attack campaigns and subsequent investment by organizations in more and more security tools – tools that are potentially effective, but are also trapped in silos that limit their capabilities.
read more
