Blog

Blog

Coinhive, the in-browser cryptomining service beloved by hackers, is dead

If you think back to last year, Coinhive was everywhere. The service offered any website an arguably legitimate way of generating income that didn't rely upon online adverts. And plenty of well-known sites, such as Showtime, Salon.com and The Pirate Bay, were happy to give it a go. Rather than making money through ads that might irritate you or...
Blog

Ring Doorbell Fixes Flaw that Allowed Attackers to Spy on, Inject Footage

Ring Doorbell has patched a flaw that allowed attackers to spy on and inject their own application footage, thereby undermining users' home security. Researchers at Dojo, Bullguard's Internet of Things (IoT) security team, discovered the vulnerability while performing an independent security assessment of the smart doorbell. They began their...
Blog

New 'Farseer' Malware Designed to Spy on Windows Users

Researchers have uncovered a new family of malware called "Farseer" that's designed to conduct surveillance against Windows users. Discovered by Palo Alto Networks, Farseer works by using a technique known as "DLL sideloading" to drop legitimate, signed binaries to the host. These binaries usually consist of trusted applications that don't raise...
Blog

Trends in Industrial Control Systems Cybersecurity

With connectivity to the outside world growing, cyber attacks on industrial computers constitute an extremely dangerous threat, as these types of incidents can cause material losses and production downtime for a whole system. Moreover, industrial enterprises knocked out of service can seriously undermine a region’s social welfare, ecology and...
Blog

Online Bidding Phishing Schemes Targeting U.S. Government Contractors

A couple of phishing schemes are currently targeting contractors who do business with two U.S. federal government agencies. Anomali Labs uncovered a malicious server hosting the two schemes in late February 2019. The first scheme begins when users visit transportation[.]gov[.]bidsync[.]kela[.]pw, a suspicious-looking subdomain which contains the...
Blog

Do Security Cameras Undermine your Authentication?

For various reasons, many executives and senior team members with privileged status on the network and/or access to financial assets oftentimes need to access corporate IT systems from a public place outside the office. What is very common in these types of places is that they’re covered with security cameras. Such devices are a must-have for...
Blog

Telephone Scams: Your Credit Card was Used in Fraudulent Activities

By now, everyone should have heard about the telephone scams involving a caller claiming to be from the CRA (Canada Revenue Agency) or the IRS (Internal Revenue Service). These tax agency scams generally receive the most coverage, but some don’t get much attention. Recently, people have also received calls from individuals claiming to be from their ...
Blog

Not All Sandboxes Are Created Equal

Sandbox environments are a common feature of many cybersecurity solutions in their fight against advanced malware. Firewalls, endpoint protection, and even next-generation machine learning systems use sandboxes as one of their lines of defense. However, not all sandboxes are created equal. Sandboxes can take different approaches towards malware...
Blog

GitHub Ups the Rewards, Expands the Scope of Its Bug Bounty Program

Web-based hosting service GitHub has decided to increase both the potential reward amounts and scope of its bug bounty program. On 19 February, GitHub announced its decision to raise its reward amounts. Security researchers can now expect to earn a minimum of $617 for reporting a low-severity vulnerability in the service's products. On the other end...
Blog

How Federal Agencies Can Fulfill the Next Steps of the FCWAA

On 25 January 2019, the longest U.S. government shutdown in history came to an end. It’s unclear exactly what impact this closure had on the government’s digital security. A SecurityScorecard report found that the shutdown coincided with a rise of expired SSL certificates protecting .gov domains, thereby producing a slight dip in overall network...
Blog

AWS System Manager And The Dangers of Default Permissions

In September of 2018, Amazon Web Services (AWS) announced the addition of the Session Manager to the AWS Systems Manager. The session manager enables shell or remote desktop level access to your AWS EC2 Windows and Linux instances, along with other benefits. This is a great new feature, but care should be taken when enabling this capability. While...
Blog

Tribbles, Supply Chains and Industrial Cyber Security

In the original Star Trek episode “The Trouble with Tribbles,” an unscrupulous merchant, Cyrano Jones, gives a small furry animal called a Tribble to communications officer Uhura. Uhura takes the Tribble aboard the Starship Enterprise where the animal begins to quickly reproduce, thereby threatening to overrun the ship and cause significant damage....
Blog

When it Comes to NIST 800-171 Compliance - There’s ‘On Time’ and There’s ‘Lombardi Time’

If you wait to become 800-171 compliant, you won’t win contracts. That was the message we wanted to make loud and clear to over 200 federal contractors during last week’s Washington Technology (WT) webcast, Inside NIST 800-171: Cyber Requirements and the Risk of Non-Compliance. Currently, all DoD contractors that handle, process or store sensitive types of government information must comply with...
Blog

Optus Customers Saw Incorrect Info After Logging Into My Account Site

Some customers of Optus said they saw incorrect information when they attempted to log into their profiles using the My Account website. On 13 February, customers of Australia's second-largest telecommunications company took to Twitter to explain that they were having issues accessing their accounts. One such user explained that the My Account...
Blog

Hacker arrested for wave of fake bomb and shooting threats against schools

FBI agents have arrested a 20-year-old man alleged to have been part of a hacking gang that not only launched distributed denial-of-service (DDoS) attacks but also launched a wave of bomb and shooting threats against thousands of schools in the United States and United Kingdom. Timothy Dalton Vaughn of Winston-Salem, North Carolina, is alleged to be...