Resources

Blog

Hacked LinkedIn Accounts Spreading Malicious Links via InMail

A new phishing campaign is targeting LinkedIn users, leveraging hacked accounts to send malicious links via the platform’s private messaging feature. According to security researchers at Malwarebytes, the campaign abuses Premium membership accounts, which can message other LinkedIn users – regardless of whether they’re connected or not. “The...
Blog

Malvertising Op Pushes Code that Mines Cryptocurrencies in Browser

A malvertising campaign is distributing code that mines different cryptocurrencies inside an unsuspecting user's web browser. For the operation, computer criminals are targeting mainly visitors to video streaming and in-browser gaming sites based in Russia and Ukraine. They abuse an online advertising network to display ads containing custom...
Blog

4 Credit Bureau Data Breaches that Predate the 2017 Equifax Hack

UPDATED 19/9/17 to correct the fact that US Info Search never sold any data to Ngo Equifax made headlines on September 7, 2017, when it announced its discovery of a data breach earlier in the year. In the security incident, computer criminals leveraged a "U.S. website application vulnerability" to view some of the consumer credit reporting agency's...
Blog

Kedi RAT Phones Transmits Data to Attackers Using Gmail

A new remote access trojan (RAT) known as Kedi phones home and transmits a victim's stolen data to attackers using Gmail. The malware relies on spear-phishing, one of the most common types of phishing attacks, for distribution. These attack emails spread a 32-bit Mono/.Net Windows executable, written in C#, that masquerades as a Citrix tool. It then...
Blog

Herding Pets & Cattle: Extending Foundational Controls into the Cloud

Flexibility, on-demand computing resources, and speed are just some of the benefits that are driving information technology's shift to the cloud. In fact, market data shows that roughly a quarter of overall computing workloads already operate in public environments today. That figure is expected to grow to half over the next 10 years. At the same...
Blog

Insider Threat Hunting: What You Need to Know

Insider threat relates to malicious activity from an organization’s internal employees, contractors, or ex-employees who abused access to the company’s internal systems and applications to compromise the confidentiality, integrity, or availability concerns to critical information systems or data with or without malicious intent. Insider threat...
Blog

BlueBorne: Billions of Bluetooth Devices Vulnerable to Wireless Attacks

Researchers have uncovered several zero-day flaws affecting billions of Bluetooth-enabled devices, including smartphones, TVs, laptops, watches, smart TVs and more. Dubbed “BlueBorne,” the attack vector enables malicious actors to leverage the short-range wireless protocol to take full control over targeted devices, access data and spread malware to...
Blog

One Million Canoe.ca Site Users Potentially Affected by Data Breach

A data breach might have exposed the personal information belonging to approximately one million users of the Canoe.ca portal. On 2 September, the news and entertainment gateway learned of a security incident that involved some of its databases containing records it collected between 1996 and 2008. The company, operated by MediaQMI Inc. and owned by...
Blog

Is It Possible to Manage a Secure Business in the Cloud?

"Cloud computing" is not a buzz phrase anymore, but it is essential for most businesses looking to achieve sound business continuity alternatives combined with a comprehensive security model. Cloud Computing What is cloud computing, and what does it do? Very simply, for the end-user, a cloud computing experience is no different than using a...
Blog

Anti-Honeypot – Repelling Attackers Using Fake Indicators

When you, your co-worker or family member are infected with the latest ransomware, it is the “successful” end of a multi-party complex venture. Cybercrime nowadays is not a single genius guy sitting in his parents’ garage – it's an enterprise. It has the equivalents of CEO, CFO, COO, and CTO. As an example, you may think about a ransomware campaign,...
Blog

VERT Threat Alert: September 2017 Patch Tuesday Analysis

Today’s VERT Alert addresses the Microsoft September 2017 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-742 on Wednesday, September 13th. In-The-Wild & Disclosed CVEs CVE-2017-8759 This vulnerability, discovered by researchers at FireEye, has been exploited as part of the spread of the...
Blog

1.65M Users Victimized by Cryptocurrency Miner Threats So Far in 2017

Threat actors victimized more than 1.5 million computer users with cryptocurrency mining software in the first eight months of 2017. It's perfect legal for users to install software on their computers that mines cryptocurrency. But miners are unique in that many of them come with the ability to achieve persistence on a system, to automatically...
Blog

Women in Information Security: Keirsten Brager

My interviews with women and non-males in cybersecurity here on The State of Security have been very popular. Last month, when I looked for subjects for the third "Women in Information Security" series, I got an overwhelming response! The first person I interviewed for this next wave of interviews was security engineer Keirsten Brager. We had an...
Blog

Russian Computer Criminal Pleads Guilty to Global ATM Fraud Scheme

A Russian computer computer has pleaded guilty to helping to perpetrate an ATM fraud scheme in hundreds of cities worldwide. On 8 September, Roman Valerevich Seleznev, 32, submitted a guilty plea in connection with a hacking attack that targeted RBS Worldpay, a payment processing company. The hack occurred back in November 2008 when Estonian...
Blog

The Most Egregious Data Breaches of the Last 4 Years

With the slew of massive data breaches in the news recently, like the HBO hacks or the Gmail phishing scam, many businesses may worry that they could be next. And while many breaches are easily preventable, many more are the result of complex, sophisticated cyber attacks that are hard to defend against. As more and more information moves online,...
Blog

Tick, Tock on NIST 800-171 Compliance

If you have contracts with the United States Department of Defense (DoD) or are a subcontractor to a prime contractor with DoD contracts, your organization has until December 31, 2017, to implement NIST SP 800-171. This is a requirement that is stipulated in the Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012. In the context...
Blog

5,400 AXA Customers' Personal Data Potentially Exposed in Breach

A data breach might have exposed personal information belonging to 5,400 customers of the French life insurance agency AXA. The firm began sending out e-mails notifying affected customers of the incident on 7 September. AXA expects it will send out the last of these alerts by the end of the day on 8 September. As quoted by The Straits Times, here's...
Blog

Equifax Data Breach Could Impact 143 Million U.S. Consumers

Equifax, one of the largest credit reporting firms in the nation, announced on Thursday that a recent "cybersecurity incident" may have affected 143 million U.S. consumers. The information compromised includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. Credit card numbers for...