In the 21st century, we can expect information technology to play a major role in international espionage and conflict. We hear constant news reports of data theft. Accusations made by world powers of online tampering or detrimental hacking are a common occurrence. Many of these accusations go unfounded, but they prove that the internet is...

There’s an old principle in tabletop RPG (Role Playing Games) circles that goes something like this: If you find yourself in the company of a halfling and an ill-tempered dragon, remember that you do not have to outrun the dragon; you simply have to outrun the halfling. In the context of security and specifically password creation, this principle...

It’s not much of a stretch these days to say that technology is becoming essential to our daily lives. We trust so much to our technology, from our bank accounts and financial statements to sensitive medical records and even (potentially) embarrassing personal information. We have complex interactions with non-human entities in which we share...

A ransomware attack campaign based in India has caused millions of dollars of damages after infecting three banks and a pharmaceutical company. The research team at Malwarebytes has identified LeChiffre, whose name means "encryption" in French, as the malware responsible for the attack campaign. "It is different than most of the ransomware present...

People ask me, “What do you do?” When I answer with, “I am a penetration tester,” I find that people generally just nod along and pretend they know what it is that I actually do. However, on the day where I am in the mood to razzle dazzle, I answer with “I am a hacker!” The reactions generally vary between priceless disbelief and excitement. But in...

Online criminals are more interested in getting their hands on stolen Uber, PayPal and even Facebook accounts, than credit card numbers and other personally identifiable information (PII). The price of these stolen identifiers on the underground marketplace, or “the Dark Web,” shows the value of credit cards has declined in the last year, according...

In November 2014, researchers from Ben-Gurion University unveiled "AirHopper," a type of malware which forces a computer to transmit sensitive information in the form of keystrokes to a mobile receiver via FM radio waves. The team went on to demonstrate that an AirHopper-based attack could succeed without the availability of a network, SIM, or Wi-Fi...

Researchers have uncovered an attack campaign that is using social engineering techniques in order to deliver remote access trojans (RATs) to SMBs located in India, the UK, and the United States. The Security Response team at Symantec provides an overview of the campaign, which began early last year, in a blog post: "The attackers operate with few...

Aerospace parts manufacturer FACC says that its financial accounting department has been attacked by hackers, who managed to steal approximately €50 million ($54.5 million) from its coffers. Perhaps surprisingly, the company, whose largest shareholder is a Chinese aviation corporation, appears not to have been hacked for its data or intellectual...

In my previous post in this series, we discussed that a "SIEM" is defined as a group of complex technologies that together, provide a centralized bird's-eye-view into an infrastructure. Furthermore, it provides analysis and workflow, correlation, normalization, aggregation and reporting, as well as log management. In this next post, I hope to answer...

Online security trends continue to evolve. This year, online extortion will become more prevalent. We also expect that at least one consumer-grade IoT smart device failure will be lethal. Ransomware will make further inroads, since the majority go unreported. China will drive mobile malware growth to 20M, and cybercrime legislation will take a...

With mobile phones in almost every pocket today, the payphone has lost its usefulness for perhaps everyone – except maybe Clark Kent. This is why New York City held a competition looking for the best ideas to make appropriate use of this valuable real-estate spread throughout the city. About a year after the contest winner was announced, the city...

The nation’s critical infrastructure experienced a 20 percent increase in cyber incidents in the fiscal year 2015, said government experts. Source: ICS-CERT According to an end-of-year report by the Industrial Control Systems Cybersecurity Emergency Response Team (ICS-CERT), investigators...

Yahoo Mail! has patched a stored cross-site scripting (XSS) vulnerability and awarded a researcher $10,000 for finding the flaw. Discovered by Finnish researcher Jouko Pynnonen, the bug allowed an attacker to embed malicious Javascript code into a specially crafted email. The code would automatically execute whenever the message was viewed,...

I received a phone call from a friend the other night. He was very concerned because he received one of those now infamous letters from the Office of Personnel Management, which indicated that his records were among one of the millions that were taken in the OPM hack. His information was originally submitted as he was applying for a security...

"123456" and "password" were the most-used and second most-used passwords of 2015, according to an annual worst passwords ranking. Every year, SplashData, a developer of password management software, releases an annual list of the worst--in this case, most commonly used--passwords. It builds its ranking based on more than two million leaked...

In a previous post, I noted some security issues that I had observed during recent visits to medical professional offices and hospitals. In reflecting on that post, I realized an important aspect of the disconnect I experienced as I observe security around me. It is that I carry with me a threat model that is probably very different than the threat...

Looking for a great information security podcast? There are plenty to choose from! Here’s a roundup of currently active information security podcasts. The list is split into two categories: podcasts run by people representing themselves (meaning they are not speaking for a company) and podcasts produced under the name of a company. I made the...

Ukrainian officials stated over the weekend that they have traced a targeted attack against Boryspil International Airport back to the BlackEnergy trojan. Last week, Specialists of the State Service of Special Communications and Information Protection of Ukraine revealed that malware had infected one of the workstations at Boryspil. That workstation...

Recently, I introduced a three-part series on how to build a successful vulnerability management program. The first installment examined Stage 1, the vulnerability scanning process. My next article investigates Stages 2 (asset discovery and inventory) and 3 (vulnerability detection), which occur primarily using the organization’s technology of...