Billions of dollars are spent every year on cyber security products; and yet those products continually fail to protect businesses. Thousands of reports analyze breaches and provide reams of data on what happened; but still the picture worsens. A new study takes a different approach; instead of trying to prevent hacking based on what hacking has achieved, it asks real hackers, how do you do it?
read more
First SHA-1 Collision Attack Conducted by Google, CWI
Researchers at Google and Centrum Wiskunde & Informatica (CWI) in the Netherlands have managed to conduct the first real world collision attack against SHA-1, creating two documents with different content but identical hashes.
read more
These Were the Top Threats Targeting Healthcare Firms in Q4 2016
Healthcare is a consistent target for cybercriminals, with IBM's 2016 Cyber Security Intelligence Index claiming it had become the single most attacked industry. Today FortiGuard Labs has released details on the top 5 methods used to attack healthcare in Q4, 2016.
read more
Noise-Canceling Headphones for Your Threat Intel Team
With Transparency and Customized Scoring, You Cancel Out The Noise That’s Distracting Your Threat Intelligence Team
read more
Understanding and Combating the Evolving Attack Chain
Adversaries continue to find new ways to operate, using varied techniques to accomplish their mission. And, unless you remain informed about these changes, it’s hard to defend against these evolving threats.
read more
Code Execution Flaw Affected Linux Kernel Since 2005
A researcher has discovered a serious locally exploitable vulnerability that appears to have been around in the Linux kernel for more than 11 years. The flaw has been addressed in the kernel and Linux distributions are working on releasing patches.
read more
Hard Drive LED Allows Data Theft From Air-Gapped PCs
Researchers at Ben-Gurion University of the Negev in Israel have disclosed yet another method that can be used to exfiltrate data from air-gapped computers, and this time it involves the activity LED of hard disk drives (HDDs).
read more
Netflix Releases Open Source Security Tool “Stethoscope”
Netflix this week released Stethoscope, an open source web application that gives users specific recommendations for securing their computers, smartphones and tablets.
read more
Android Ransomware Demands Victims Speak Unlock Code
A newly discovered Android ransomware variant that packs speech recognition capabilities demands that victims speak a code provided by the attackers to unlock their devices, Symantec warns.
read more
Can the World Economic Forum’s Cyber Security Principles Advance Cyber Resilience?
A few weeks ago, the World Economic Forum (WEF) met in Davos, Switzerland where an expert working group issued a report “Advancing Cyber Resilience: Principles and Tools for Boards.” It is touted as a first-of-its-kind resource to support board of directors and CEOs on cyber security and cyber resilience strategy.
read more
