Changes that expand the Federal Bureau of Investigation's (FBI) hacking and surveillance powers took effect on 1 December under Rule 41. Previously, it was an established fact of criminal procedure that a judge's warrants pertained only to a suspected criminal's misdeeds in particular district. If the subject committed crimes in multiple districts,...

"Do you buy, build, or partner for cyber security capability" This is a question a lot of MSPs and IT providers are looking a right now. It’s no secret that according to the CompTIA data (see below chart), the Cyber Security discussion with businesses will be a hot topic worldwide. Another...

What happens when service providers issue routers with remotely exploitable flaws? This weekend, we saw a glimpse of what is possible when attackers attempted to load Mirai-based malware on routers through a vulnerability in an exposed remote management protocol. Although the attackers probably failed in their ultimate goal of creating a large...

My talk at BSides Philly on December 3 is called "Hacking the Human: Social Engineering Basics," and it's about providing a social engineering foundation for people to adapt to their individual situation and needs. "Teach a man to fish" and all that, you know? Over the course of the talk I reference many thinkers, philosophers, psychologists, and...

On the cusp of 2017, one thing's clear: distributed denial-of-service (DDoS) attacks made their mark in 2016. Arbor Networks tracked 124,000 DDoS attacks each week between January 2015 and June 2016. Furthermore, 274 of the attacks observed in the first half of 2016 reached over 100 Gbps (as compared to 223 in all of 2015), while 46 attacks...

Christmas is around the corner, and cyber criminals are as restless as Santa’s dwarves. All big ransomware families are being updated on quite a regular basis, leaving users breathless and file-less. The Cerber ransomware family is an excellent example of a crypto family constantly being renewed. Cerber 5.0.1 is now making its rounds in the wild,...

Facebook has taken the privacy of their customers seriously, as their Chief Security Officer (CSO) Alex Stamos has stated that the company has engaged in black market purchases of leaked or hacked databases that contain Facebook account credentials. A Preface To The Facebook Black Market Trade Facebook has publicly disclosed that it has bought...

For the third time in under a year, I've had to analyze a CVE against a third-party library I use that is related to CWE-502 De-serializing of Untrusted Data. In each case, the library maintainers have pushed back, correctly in my opinion, that the problem is not in the library itself but in the hosting application. Fortunately for me, my...

San Francisco's transport system, known as Muni, was hit hard by a ransomware attack this weekend that forced the network to offer free rides to passengers. More than 2000 systems at the public transport agency are believed to have been hit, including Windows workstations, servers and ticketing machines. The first many users would have known that...

Cloud computing has come a long way in just a few years. Now, most businesses use some sort of cloud service, whether it be for a specific software application, infrastructure requirements, or more. The cloud certainly represents the way many companies are choosing to operate, but some have shown reluctance to adopt cloud solutions. One of the major...

As humans and as users, we make mistakes. Sometimes we forget to implement that software patch until a week or two after its release. Other times, we decide to click on an enticing pop-up. Those types of actions can degrade our computer's speed and security. It's, therefore, our responsibility to adjust our behavior accordingly and protect ourselves...

Researchers have released a decryption utility that victims of TeleCrypt ransomware can use to restore access to their files. The Delphi-written trojan first reared its ugly head in the beginning of November 2016. Most crypto-ransomware samples communicate with their command-and-control (C&C) servers over HTTP-based protocols to send information...

In my ongoing blog series “Hacker Mindset,” I explore an attacker's assumptions, methods and theories, including how information security professionals can apply this knowledge to increase cybervigilance on the systems and networks they steward. In this article, I examine attribution and its relation to information systems and crime. Methodology...

Women in information security are a fascinating group of people. I should know, being one myself. But being female in a quickly growing male-dominated industry poses its own challenges. And those of us who pursue security and IT in spite of gender stereotypes have unique strengths and insight. I first interviewed Tiberius Hefflin, a Scottish security...

In any organisation, even the most uncomplicated business decisions have their associated risks. Such risks involve people, processes and technology, and they must be systematically identified and addressed on time and on budget. Risk management, as we know, is a process through which the uncertainties around delivering an objective are managed....

Organizations around the globe remain unprepared to prevent, detect and respond to cyber attacks, revealed a recent study conducted by the Ponemon Institute. The 2016 Cyber Resilient Organization study surveyed over 2,400 security and IT professionals from the U.S., U.K., France, Germany, United Arab Emirates, Brazil and Australia. Of the...

A malicious image file is distributing the Nemucod malware downloader to unsuspecting users via Facebook chat. Threat intelligence analyst Bart Blaze heard about the malware campaign from a friend. They told him they had received a message on Facebook chat that contained only a Scalable Vector Graphics (SVG) file, which is an XML-based vector image...

Readers beware! The .Aesir Virus File Ransomware is becoming one of the biggest threats to your online security. We have recently become aware of a change in one of the most infamous cyber threats’ behavioral patterns. It would appear that the all-too-well known Locky ransomware virus has changed its format. Victims are now seeing their encrypted...

A few well-known UK brands have hit the headlines recently as a result of a breach or security issue. For instance, Tesco Bank announced 40,000 customer accounts were affected by a “sophisticated” attack. Half of those had money taken from them. As a result, Tesco Bank could incur a severe penalty imposed by regulators. That fee would be in addition...

Meet John. He's a 53-year-old accountant who owns property in New Zealand. He's also an experienced investor who likes to invest in New Zealand shares. As such, he understands how trading works, and he knows a good opportunity when he sees one. But there are some things you don't know about John. For starters, his first name isn't John. It's a...