The online store for American gun manufacturer Smith & Wesson fell victim to a Magecart attack that's designed to steal customers' payment data. Willem de Groot of Sanguine Security learned that a particular Magecart group had been impersonating his employer and abusing his name as a contact to register domain names. While investigating this group,...

The path is starting to get steeper now as we climb to ML2. It is time to start defining a vulnerability management program with objectives and goals. This program is expected to grow and evolve over time as the organization grows and evolves. Document the requirements Start by documenting what is in place now and what objections the organization...

In this, the final post in my series on considerations for managing your security with cloud services, we will be looking at Infrastructure as a Service (IaaS). If you haven’t yet read the previous blog entries about SaaS and PaaS, it’s worth going back to read these first, as much of the thinking associated with these services is also true for IaaS...

As we wind down 2019, it is a great time to think about your vulnerability management plans for the coming year. The five W’s can help guide our efforts as we resolve to improve our digital security for the coming new year. What Is Vulnerability Management? Vulnerability assessments are useful for detecting security issues within your environment....

Cybersecurity incidents and data breaches have become a normal part of the news cycle. It feels like every day you hear about a big corporation or organization suffering an attack that has put customer or user data in jeopardy. Sometimes this is because a security strategy was lacking; sometimes, the criminal's attack was simply too powerful....

After its developers fixed several issues, DeathRansom ransomware is now actively infecting users and encrypting victims' data. DeathRansom wasn't actually crypto-ransomware when attackers first began distributing it. At that time, the threat pretended to encrypt users' information and appended the .wctc extension onto victims' files. Researchers...

A new threat group called "Fullz House" is using both phishing and web skimming in order to maximize the profits of its attacks. Fullz House isn't new to the threat landscape, but RiskIQ observed that the group had expanded its activities to include web skimming beginning in August-September 2019. These two operations are mostly split. However,...

Facebook and Twitter have announced that personal data related to hundreds of users may have been improperly accessed after users logged into third-party Android apps with their social media accounts. According to a report by CNBC, users of Android apps that made use of a software development kit (SDK) named oneAudience may have unwittingly shared...

‘Tis the season! Winter holidays are upon us, and with it brings the yearly high-volume online shopping season we all know as Black Friday/Cyber Monday (BFCM). With the total US consumer spending estimated at over $717 billion in the 2018 BFCM season, retailers know that the next few weeks are a critical time for their infrastructure. Unfortunately...

In my last blog, I gave you some insight into some of the starting steps for adjusting your security strategies for a SaaS-enabled world. Here, I explore some of the additional adaptions to consider with PaaS. Traditional IT organisations have seen significant gains in adopting Platform as a Service (PaaS) solutions. In this blog post, the second in...

Catch Hospitality Group revealed that a point-of-sale (POS) malware incident might have exposed some of its customers' data. The restaurant and catering company launched an investigation and retained the services of a digital forensics firm after detecting unauthorized activity on its payment...

Depending on your familiarity with the Cloud Security Alliance (CSA) publications, part one of this blog was intended as either an introduction or a nagging reminder of the ‘Egregious Eleven’ security threats to cloud computing. It also hopefully made some helpful observations about the first six items on the list. Part two now looks at the...

A convicted Nigerian fraudster earned more than $1 million from a scam that he executed while serving a multi-year prison term. The Economic and Financial Crimes Commission (EFCC) launched an investigation into how Hope Olusegun Aroke had pulled off the heist while serving a 24-year sentence at the...

Security researchers have released a new decryption tool that could help victims of Jigsaw ransomware recover their affected files for free. In a blog post announcing the new utility, Emsisoft explained that its decryptor can work against 85 extensions employed by the ransomware family. The security firm also said that they would update their tool...

This is a follow-up/continuation to Part One of the series, where I recommend reading to help provide some background into why we should all consider reviewing our OPSEC (Operational Security), not just those with something to hide. Have you actually thought about how much you are tracked on a daily basis? Think about everything you post on social...

Macy's is notifying customers about a data security incident that might have exposed some of their personal and financial information. The American department chain store said that it first learned of the incident back in mid-October. At that time, Macy's security teams launched an investigation into...

Ransomware hit Louisiana's state government hard yesterday, shutting down multiple websites and email systems after it fell victim for the second time in just a few months to a ransomware attack. In a series of tweets, Louisiana state governor John Bel Edwards revealed that his office had activated a cybersecurity response team in response to an...

As business adoption of cloud services continues to grow at a rapid pace, so does the need to adapt security methods to accommodate the myriad of options. Traditional best practices often still provide a solid foundation from which to build on, but depending upon the technologies you opt to migrate to the cloud, different challenges and solutions...

Digital fraudsters are stealing Microsoft Office 365 administrator credentials as part of a broader phishing campaign targeting organizations. The campaign began with a phishing email that leveraged Microsoft and its Office 365 brand to lull recipients into a false sense of security. This attack email was unique, however, in that it originated from...

According to IBM, 98 percent of companies will be using multiple hybrid cloud environments by 2021. This trend isn’t surprising. There are many benefits to operating in the cloud such as improved productivity, an increase in elasticity and huge cost-savings, to name a few. However, we keep seeing a range of issues when it comes to cloud security....