Resources

Blog

Hackers Gaining Access to Starbucks Accounts

Updated at 9:00 AM PST. According to reports, hackers have gained access to a number of Starbucks mobile app accounts. The source of the compromise is reportedly due to account passwords being guessed or reused, giving attackers access to customer accounts through the application program interface ...
Blog

Oregon Data Breach Used by Theft Ring to File Fraudulent Tax Returns

Federal law enforcement have arrested five men for filing close to 1,000 fraudulent tax returns using the stolen information they obtained from a breach that compromised the data of 125,000 people, 88,000 of whom were listed in an Oregon employment company’s database. Lateef A. Animawun, 34, of Smyrna, Georgia; Oluwatobi R. Dehinbo, 30, of Marietta,...
Blog

United Airlines Bug Bounty - Find Vulnerabilities, Win Airmiles!

It seems more and more companies are beginning to understand the benefits of running a bug bounty program, encouraging vulnerability researchers to report security flaws responsibly (for a reward) rather than publishing details on the web or selling a flaw to potentially malicious parties. The latest high profile firm found running a bug bounty is...
Blog

VERT Threat Alert: May 2015 Patch Tuesday Analysis

Today’s VERT Threat Alert addresses 13 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-614 on Wednesday, May 13th. MS15-043 VBScript ASLR Bypass CVE-2015-1684 VBScript and JScript ASLR Bypass CVE-2015-1686 ...
Blog

How to Keep Ransomware From Bringing Your Company to its Knees

Many IT administrators struggle to protect their company’s server from malware, and one of the most common malicious software that can damage your IT setup is ransomware. Ransomware is hacking software that cybercriminals use to hold the IT system hostage. If the user of the IT system refrains from paying the ransom that is demanded by the cyber...
Blog

Changing Mindsets: The Added Safety in Online Shopping

Many of us have embraced the “shopping online is not safe” mentality, or at least held that mindset for a time but today, shopping locally has become (arguably) more dangerous than shopping online. When comparing current security issues, one might have a hard time choosing between risking shopping over a potentially unsafe server connection to that...
Blog

And You Thought Java Was Oracle's Biggest Security Blunder…

The best things in life may be free but in software, that statement isn't so true. A free database based on the code of one of the most popular enterprise databases around sounds like a great deal, but it can quickly turn into a nightmare. With data breaches becoming ever more common, storing data in...
Blog

'Breaking Bad' Ransomware Targeting Australian Computers

A security firm has observed that a new type of crypto ransomware whose theme is styled around the popular television series Breaking Bad is targeting Australian computers. In a post published on its Security Response blog, Symantec discusses how the ransomware incorporates several elements from Breaking Bad, which premiered in 2008 and aired its...
Blog

Computer Criminals Brought to Justice – Valérie Gignac

Last week, we explored the story of Konstantin Simeonov Kavrakov, a Bulgarian who hacked Bill Gates’ bank account and stole thousands of dollars. We now report on the story of Valérie Gignac, a Canadian woman who is believed to have hacked users’ webcams and subsequently harassed them. According to a statement published by the Royal Canadian Mounted...
Blog

C-Level Executives and the Need for Increased Cybersecurity Literacy

Now more than ever, it’s evident cybersecurity risk oversight at the board level is essential to keep any business or organization afloat – and off the headlines. However, despite the abundance of data breaches and high-profile cyber attacks, C-level executives still lack understanding of these cyber risks, as well as confidence in their...
Blog

Millions of WordPress Websites at Risk from in-the-wild Exploit

What's happened? A widespread vulnerability has been found in WordPress, that impacts millions of websites running the popular blogging software and content management system. What's the vulnerability? It's a cross-site scripting (XSS) vulnerability inside the popular JetPack plugin. and the default Twenty Fifteen theme installed on all WordPress...
Blog

Six Steps to Protect Your SMB Against a Data Breach

The number of data breaches increased 27.5% in 2014, making measures against these types of security incidents increase significantly among large companies. What about small businesses? Do they really stand a chance against hackers and security incidents? Being a small company might make you think no hacker will bother stealing your data. But, just...
Blog

Top 10 Information Security Conferences

Recently, we compiled a list of the top 10 highest paying jobs in information security in an effort to help individuals navigate this exciting field as a career choice. That being said, we would be remiss if we stopped there. Information security is continuously evolving, so knowing which events offer the best opportunities for learning new ideas...
Blog

Why You Need a Disciplined Response to Digital Forensics

With acceptance that the prospect of unauthorised incursion, hacks and/or compromise of corporate, and personal systems is to now be expected, it would seem to make good sense to accommodate mechanisms with which the organisation may respond to such manifestation as and when they are encountered. It is this awareness which is driving many reputable...
Blog

Stop Sending Me Threat Intelligence in Email

I've been talking to many different organizations recently about their sources of threat intelligence, and one thing I've heard numerous times is that some of the most timely, valuable threat intelligence they are receiving is via email. I’ve even heard that we’ve made some progress with STIX, as sometimes STIX content is attached to the emails...