Let’s face it: it is a matter of when your company is going to get hit by digital attackers and how hard, not if. This causes a lot of pain and overall damage, both of which are not good for business. Cyber attacks are at the forefront of news headlines and are plaguing C-Level executives' thoughts; unfortunately, these attacks are going to get more...

Mobile online dating apps are popular among adults looking to find their ideal partner. According to the Pew Research Center, 15 percent of U.S. adults said they had used matchmaking sites in 2015. Following Valentine’s Day, many dating sites may offer promotions, coupons, and discounts to encourage new users to enroll, meaning new users will be...

Digital attackers abused the SWIFT system of an Indian bank in an attempt to make off with approximately $2 million in stolen funds. On 18 February, City Union Bank disclosed the attempted heist in a statement (PDF): During our reconciliation process on 7th February 2018, it was found that 3 fraudulent transactions were initiated by the cyber...

There were 978 million victims of cybercrime last year and these people lost a combined $172 billion, according to Norton. Those numbers alone should be enough to make businesses sit up and take notice. It’s important, too, to stress that it isn’t just the large corporations that suffer at the hands of online criminals. About half of small...

It's mid-February, which means IT security executives' and industry analysts' plans for 2018 are really starting to gather momentum. Every year, this personnel faces the difficult task of deciding what security investments they should make given current developments in the cyber threat landscape. Google Trends and other services can help...

Unknown criminals abused the SWIFT network to steal 339.5 million rubles ($6 million) from the Central Bank of Russia in 2017. The bank's Financial Sector Computer Emergency Response Team (FinCERT) revealed the attack in its report on illegal transactions that occurred in 2017. As quoted by Sputnik International: Bank of Russia has been informed...

A cybercrime gang based in Ukraine is estimated to have made as much as $50 million after tricking Bitcoin investors into handing over the login credentials for their online wallets. Security researchers at Cisco Talos describe how a massive phishing operation has been co-ordinated from Ukraine, after criminals purchased Google Adwords posing as...

UK government officials have publicly attributed the NotPetya malware attacks of June 2017 to actors in the Russian government. Foreign Office Minister Lord Ahmad made his thoughts known in a statement released on 15 February: The UK Government judges that the Russian Government, specifically the Russian military, was responsible for the...

App security isn’t a feature or a benefit – it is a bare necessity. One breach could cost your company not just millions of dollars but a lifetime of trust. That is why security should be a priority from the moment you start writing the first line of code. While you were busy developing the most intuitive, innovative and exciting apps, security...

The DoubleDoor Internet of Things (IoT) botnet circumvents firewall protection and other security measures by abusing two vulnerabilities. Detected by NewSky Security in its honeypot logs, DoubleDoor begins by deploying CVE-2015-7755. The vulnerability allows remote attackers to gain administrative access to ScreenOS, an operating system for Juniper...

Ransomware attacks against healthcare providers aren't new. In 2017, two crypto-malware infections affecting medical organizations made The State of Security's top list of ransomware attacks for the year. The first involved an unknown strain that targeted Arkansas Oral & Facial Surgery Center, an incident which affected X-ray images, documents, and...

2018 is set to be a very exciting year for cloud computing. In the fourth financial quarter of 2017, Amazon, SAP, Microsoft, IBM, Salesforce, Oracle, and Google combined had over $22 billion in their revenue from cloud services. Cloud services will only get bigger in 2018. It’s easy to understand why businesses love the cloud. It’s easier and more...

Today’s VERT Alert addresses Microsoft’s February 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-765 on Wednesday, February 14th. In-The-Wild & Disclosed CVEs CVE-2018-0771 This vulnerability describes a Same-Origin Policy (SOP) bypass in Microsoft Edge. The SOP is designed to...

A new variant of the Android Remote Access Tool (AndroRAT) is exploiting a vulnerability to escalate privileges on unpatched Android devices. The malware disguises itself as a utility app called "TrashCleaner" and waits for users to download it from a malicious URL. Upon running for the first time, the malicious app forces the device to install what...

DevOps and traditional security seem to be at odds with one other. But it doesn’t have to be that way. You can make security a part of your DevOps process without sacrificing agility or security. First, let's define what DevOps is. Let's then look at how it combines with security to create DevSecOps. DevOps: A Working Definition So, what do we...

Bad actors secretly infected more than 4,000 websites with the script for a crypto-miner after hacking a single technology provider. The trouble started on 11 February when Ian Thornton-Trump encountered something concerning while visiting the website for the UK Information Commissioner's Office (ICO). https://twitter.com/phat_hobbit/status...

Navigating the noise, complexity and uncertainties of the cybersecurity landscape demands clear thinking. But that’s no easy task. The security professional today has to be knowledgeable about the organization’s own environment, business needs and risks, compliance requirements, best practice frameworks, internal policies and procedures, and the...

Securing industrial operations is a unique challenge. The same approach used to secure information technology (IT) networks can't effectively secure plant floors. That's because operational technology (OT) has evolved tremendously over the years, creating very complex environments consisting of a dizzying variety of devices from different makes,...