A Configuration Management Database (CMDB) is a repository that is an authoritative source of information of what assets are on the corporate network. At least, that’s what it’s supposed to be. However, in many of my recent discussions, the more common definition given for CMDB is “a struggle.” Does that sound familiar? If so, keep reading. If not,...

One of the best friends a user can have in today's digital age is a virtual private network (VPN). This tool masks a user's IP address and tunnels their data through a network of servers. In so doing, a VPN helps a user anonymously and more securely browse the web. Unfortunately, not all VPNs fulfill that purpose. A group of researchers from Queen...

A police department based in Texas has lost digital evidence and other files dating back to 2009 as a result of a ransomware attack. On 25 January 2017, the Cockrell Hill Police Department issued a press release in which it reveals a computer virus had recently affected one of its servers: "On December 12, 2016, the Cockrell Hill Police Department...

Since cloud technology first appeared on the scene, companies have been battling with the concept of cloud security. The reality is that the cloud presents you with three unique challenges from a security perspective. 1. You need to think differently It may sound obvious, but the cloud is different from a physical data centre. When IT departments...

The United States takes the number one spot worldwide in data breaches disclosed last year, revealed a new report analyzing breach activity in 2016. Risk Based Security’s annual report released on Wednesday found that the U.S. accounted for nearly half – 47.5 percent – of all incidents, and a whopping 68.2 percent of all exposed records. Close to 2...

A hacker has received nine months in prison for compromising hundreds of people's accounts as part of the 'Celebgate' scandal. From 23 November 2013 through August 2014, Edward Majerczyk, 29, of Orland Park, Illinois orchestrated a phishing scheme that targeted 30 celebrities and 270 others. He sent each victim an email that directed them to a...

Much of my time spent working is focused on performing technology assessments against some kind of baseline. Most of the time, these are specific government or industry standards like HIPAA, NIST, ISO and PCI. But when some of my clients reach out to me about evaluating their environment in light of these standards, it’s often done out of a feeling...

Vulnerability Description A vulnerability in the Cisco WebEx Browser extension for Chrome, Firefox, and Internet Explorer could be used to execute code on a victim system. It is trivial to exploit the vulnerability and sample exploit code has been released publicly. The vulnerability leverages command execution in the launch_meeting message via a...

A new variant of the SpyNote remote access trojan (RAT) is infecting Android devices by masquerading as a mobile Netflix app. The malware, which is based off the SpyNote RAT builder leaked in 2016, displays the same icon used by the official Netflix app that's found on Google Play. But it's a fake. Clicking on the app causes the icon to disappear...

We all know that ransomware is a growing problem for businesses and home users alike, and that most of it is targeted against Windows users. And we're also familiar with warnings to avoid downloading Android apps from third-party marketplaces rather than officially-sanctioned ones such as the Google Play marketplace. But infosecurity is not a world...

Python is a great development language for so many reasons. Its developers enjoy huge library support. Do you want to deploy a simple web server or implement a RESTful API? There are modules for that. Capture, analyze, and visualize network traffic flow? There are simple and free modules for all of that, too. Developers using Python can create a...

Since 2004, merchant companies that handle branded credit cards have worked to maintain compliance with the Payment Card Industry Data Security Standards (PCI DSS). These regulations, which consist of six fundamental control objectives and 12 core requirements, aim to protect payment card data for customers. They also help card issuers and banks...

Today, I came across a blog post that once again showcases the importance of properly managing DNS through its entire lifecycle. The article entitled “Respect My Authority – Hijacking Broken Nameservers to Compromise Your Target” (sic) was written by Matthew Bryant (@IAmMandatory). It can be found here. It’s a bit of long read but serves as a great...

One of the biggest complaints from company owners I hear from time and time again is as follows: "We need candidates that have experience to hit the ground running." On the flip side, candidates often issue the following complaint: "We need to have and/or gain experience to get jobs." The industry can see this and knows this. However, it...

A recent report released by Shodan found that as of January 22, 2017, nearly 200,000 publicly accessible internet devices were vulnerable to Heartbleed. The detailed report gives some insight into those who continue to be exposed to this vulnerability. It's no surprise that the majority of these systems are HTTPS pages hosted by Apache and running...

Lloyds Banking Group was reportedly hit by a massive distributed denial of service (DDoS) attack lasting two days, significantly disrupting its online banking services. According to reports, the British financial institution was one of several UK banks targeted by the cyber attacks, which ran from...

My boyfriend works a demanding day job at a major Canadian big box furniture and appliance retailing chain. Knowing that I write about information security for a living, he had an interesting story to tell me: "An LG Smart TV was returned to us by the customer, and it had their credit card credentials in it! Why didn't they do a factory reset first...

There are numerous ways to redirect a user to an exploit kit. Some of these methods are quite sophisticated. Take pseudo-Darkleech, for instance. This attack campaign injects malicious code into WordPress core files. That code creates a malicious iframe that redirects the user to a landing page for an exploit kit. In so doing, the campaign builds...

A new ransomware-as-a-service (RaaS) called Satan is attracting amateur computer criminals on the dark web with free licenses. Once a user creates an account for Satan and logs in, they can use the provided affiliate console to customize their ransomware campaign. The criminal can use the "Malwares" page, for instance, to specify Satan's ransom...

Some digital threats are more serious than others but when it comes to unpatched software, nothing's worse than an exploit kit. These software packages come preprogrammed with the ability to exploit active security issues on vulnerable computers. If they find one such hole agape, they'll use their exploit code to download ransomware and other baddies...