Blog

Blog

What the Cloud Can Do to Improve IT Security

Cloud computing has come a long way in just a few years. Now, most businesses use some sort of cloud service, whether it be for a specific software application, infrastructure requirements, or more. The cloud certainly represents the way many companies are choosing to operate, but some have shown reluctance to adopt cloud solutions. One of the major...
Blog

TeleCrypt Ransomware Decryption Utility Released

Researchers have released a decryption utility that victims of TeleCrypt ransomware can use to restore access to their files. The Delphi-written trojan first reared its ugly head in the beginning of November 2016. Most crypto-ransomware samples communicate with their command-and-control (C&C) servers over HTTP-based protocols to send information...
Blog

Hacker Mindset: The Mystery of Cybersecurity Attribution

In my ongoing blog series “Hacker Mindset,” I explore an attacker's assumptions, methods and theories, including how information security professionals can apply this knowledge to increase cybervigilance on the systems and networks they steward. In this article, I examine attribution and its relation to information systems and crime. Methodology...
Blog

Women in Information Security: Jess Dodson

Women in information security are a fascinating group of people. I should know, being one myself. But being female in a quickly growing male-dominated industry poses its own challenges. And those of us who pursue security and IT in spite of gender stereotypes have unique strengths and insight. I first interviewed Tiberius Hefflin, a Scottish...
Blog

Malicious Image Distributing Nemucod Downloader to Facebook Users

A malicious image file is distributing the Nemucod malware downloader to unsuspecting users via Facebook chat. Threat intelligence analyst Bart Blaze heard about the malware campaign from a friend. They told him they had received a message on Facebook chat that contained only a Scalable Vector Graphics (SVG) file, which is an XML-based vector image...
Blog

Enter .Aesir - The Newest Variant of Locky Ransomware

Readers beware! The .Aesir Virus File Ransomware is becoming one of the biggest threats to your online security. We have recently become aware of a change in one of the most infamous cyber threats’ behavioral patterns. It would appear that the all-too-well known Locky ransomware virus has changed its format. Victims are now seeing their encrypted...
Blog

Could Technology Have Helped Prevent the Tesco Bank Breach?

A few well-known UK brands have hit the headlines recently as a result of a breach or security issue. For instance, Tesco Bank announced 40,000 customer accounts were affected by a “sophisticated” attack. Half of those had money taken from them. As a result, Tesco Bank could incur a severe penalty imposed by regulators. That fee would be in addition...
Blog

Boiler Room Share Scams: What Are They & How to Defend Against Them

Meet John. He's a 53-year-old accountant who owns property in New Zealand. He's also an experienced investor who likes to invest in New Zealand shares. As such, he understands how trading works, and he knows a good opportunity when he sees one. But there are some things you don't know about John. For starters, his first name isn't John. It's a...
Blog

New Android Spyware Found Using Former Hacking Team C&C Servers

Researchers have found a new Android spyware program that's using command and control (C&C) servers previously ran by Hacking Team. Team Red Naga came into contact with the spyware after someone contacted them about "advanced malware" that had infected one of their co-workers. Early on in their analysis, Team Red Naga didn't find anything...
Blog

Mark Zuckerberg has his Pinterest account hacked (again)

Facebook founder Mark Zuckerberg has had extraordinary success at building a social network that has attracted over a billion users. But that's not to say that he's had such luck in every other area of IT. Take securing his online accounts from attack, for instance. To misquote Oscar Wilde's "The Importance of being Earnest": "To lose control of...
Blog

Burgling From an OSINT Point of View

This is a more technology-based continuation of KGW Portland's story that it published discussing what 86 convicted burglars looked for in target selection. My aim is to add aspects of both Social Engineering and Open Source Intelligence (OSINT) into this to attempt to help raise awareness. The purpose behind the anonymous questionnaire, which was...
Blog

Women in Information Security: Kat Sweet

Women are vital to the information security field, but there are relatively few of us. Speaking to women in our industry gleams insights about how we've ended up in that male dominated field and perhaps how to attract more of us. I first interviewed Tiberius Hefflin, a Scottish security analyst who's working in the United States. Then I spoke to...
Blog

Adobe Ordered to Pay $1 Million Over 2013 Mega Breach

Adobe Systems has been ordered to pay a fine of $1 million as a result of a data breach that exposed the personal information of millions of users back in 2013. According to reports, the fine will be payable to 15 U.S. states that investigated the computer software company over the breach. “Under a multistate agreement today, Adobe will pay $1...
Blog

CryptoLuck Ransomware Infects Victims Using Signed GoogleUpdate.exe

A new ransomware called "CryptoLuck" is infecting victims via a legitimate, code-signed program from Google known as "GoogleUpdate.exe." Security researcher Kafeine spotted the RIG-E (Empire) exploit kit distributing CryptoLuck via malvertising. It's not the first time they've detected an exploit kit campaign distributing ransomware. In this...
Blog

Reacting Properly to Security Incidents or Downtime

Preparing for challenges associated with any technology central to your workflow is an important part of a comprehensive security and risk management strategy for organizations concerned with the integrity of their system. Inevitably, regardless of the steps you take to prevent problems associated with things like viruses, hardware failures, data...
Blog

Here's What Happens After Your Webmail Account is Compromised

2016 will forever be remembered for all the "mega-breaches" that exposed users' personal information. Most of those larger-than-life security incidents dated back several years, with some breaches having made a larger splash in the security community than others. LinkedIn and Tumblr certainly stood out. But all other events paled in comparison to...