A new sextortion scam is informing victims that their computers suffered a malware infection after they visited an adult website. In this latest ruse, digital criminals claim that they infected a user with malware after they visited a child pornography website. They then say that they leveraged that infection to capture compromising video footage of...

Your company has decided to adopt the Cloud – or maybe it was among the first ones that decided to rely on virtualized environments before it was even a thing. In either case, cloud security has to be managed. How do you go about that? Before checking out vendor marketing materials in search of the perfect technology solution, let’s step back and...

A variant of the STOP ransomware family is downloading the Azorult infostealer onto victim's machines as part of its infection process. Security researcher Michael Gillespie was the first to detect this malicious activity. While testing some of the crypto-malware family's newer variants, he noticed that some of them were creating traffic indicative...

It can be hard to know how to best allocate your federal agency’s resources and talent to meet FISMA compliance, and a big part of that challenge is feeling confident that you’re choosing the right cybersecurity and compliance reporting solution. A Few FISMA SI-7 Basics So what sorts of specifications do you need to look for, and why? While the...

Two smart car alarm systems suffered from critical security vulnerabilities that affected upwards of three million vehicles globally. Researchers at Pen Test Partners independently assessed the security of products developed by Viper and Pandora, two of the world's largest and most well-known vendors of smart car alarms. With both systems, they...

The U.S. government had its longest government shutdown in history between December 22, 2018, and January 25, 2019. It’s not yet clear what overall impact this closure had on U.S. digital security. In the short term, a SecurityScorecard report found that federal agencies’ network security ratings slightly declined but that both their endpoint...

Following a ransomware attack at a medical billing company, thousands of patients are being warned that their highly sensitive medical information and personal details were amongst the breached data. Michigan-based Wolverine Solutions Group (WSG) says that it discovered its systems had suffered a security breach on September 25 last year. Malware...

It would be hard to be involved in technology in any way and not see the dramatic upward trend in DevOps adoption. In their January 2019 publication “Five Key Trends To Benchmark DevOps Progress,” Forrester research found that 56 percent of firms were ‘implementing, implemented or expanding’ DevOps. Further, 51 percent of adopters have embraced...

The Jokeroo ransomware-as-a-service (RaaS) offers various membership plans through which would-be digital criminals can become affiliates. In his analysis of the ransomware-as-a-service, Bleeping Computer creator and owner Lawrence Abrams found that Jokeroo differs from similar platforms in that it offers at least three different membership tiers....

A complete security program involves many different facets working together to defend against digital threats. To create such a program, many organizations spend much of their resources on building up their defenses by investing in their security configuration management (SCM), file integrity monitoring (FIM), vulnerability management (VM) and log...

A new variant of the CryptoMix Clop ransomware family claims to target entire networks instead of individual users' machines. Security researcher MalwareHunterTeam discovered the variant near the end of February 2019. In their analysis of the threat, they noticed that the ransomware came equipped with more email addresses than previous versions of...

The discovery of a significant container-based (runc) exploit sent shudders across the Internet. Exploitation of CVE-2019-5736 can be achieved with "minimal user interaction"; it subsequently allows attackers to gain root-level code execution on the host. Scary, to be sure. Scarier, however, is that the minimal user interaction was made easier by...

Tripwire's February 2019 Patch Priority Index (PPI) brings together the top vulnerabilities from Microsoft and Adobe. First on the patch priority list this month are patches for Microsoft's Browser and Scripting Engine. These patches resolve 23 vulnerabilities, including fixes for Memory Corruption, Elevation of Privilege, Spoofing, Security Feature...

This Thursday, March 7, 2019, I’ll be facilitating a Learning Lab titled Fine Tuning Your Cyber-Defense Technologies with the ATT&CK Framework at the 2019 RSA Conference in San Francisco, CA. This will be my fourth time speaking at RSA, and this will be my second time facilitating a learning lab, which I'm happy about. I really enjoy the learning...

TikTok has agreed to pay a penalty of $5.7 million in order to settle allegations that it illegally collected children's personal data. The penalty effectively settles a complaint submitted by the U.S. Federal Trade Commission against TikTok alleging that the video social networking app had...

If you think back to last year, Coinhive was everywhere. The service offered any website an arguably legitimate way of generating income that didn't rely upon online adverts. And plenty of well-known sites, such as Showtime, Salon.com and The Pirate Bay, were happy to give it a go. Rather than making money through ads that might irritate you or...

Ring Doorbell has patched a flaw that allowed attackers to spy on and inject their own application footage, thereby undermining users' home security. Researchers at Dojo, Bullguard's Internet of Things (IoT) security team, discovered the vulnerability while performing an independent security assessment of the smart doorbell. They began their...

Researchers have uncovered a new family of malware called "Farseer" that's designed to conduct surveillance against Windows users. Discovered by Palo Alto Networks, Farseer works by using a technique known as "DLL sideloading" to drop legitimate, signed binaries to the host. These binaries usually consist of trusted applications that don't raise...