In February of 2015, researchers at Kaspersky Lab disclosed the existence of a sophisticated cyber-attack group that's been in operation since early 2001, and targeted almost every industry and foreign countries with its zero-day malware. Kaspersky called this threat actor the Equation Group because of its love for encryption algorithms and the...

Google has announced it will now label websites that it continuously flags for displaying unsafe or malicious content as "repeat offenders." For more than a decade, Google has worked to protect users with the help of Safe Browsing. It's a feature that examines billions of URLs on a daily basis in search of unsafe web resources. Safe Browsing looks...

In late September, when Apple released iOS 10, it also took a dramatic step back in at least one aspect of iPhone and iPad security. Russian firm Elcomsoft discovered that local password-protected iTunes backups made of iPhones and iPads running iOS 10 were an astonishing 2500 times faster to crack than iOS 9. ...

According to new research published by Microsoft last month, one in three users fell victim to a tech support scam in the last year. One in five followed up on a suspicious interaction by downloading software or visiting a fraudulent website, while nearly one in ten lost money. The classic scam The traditional form of a tech support scam has been...

Against many experts' advice, we as users tend to overshare information about ourselves on social media. Doing so makes the job of a bad actor so much easier. Depending on the content of the shared details, an actor can leverage the information to commit identity theft. Alternatively, they can abuse it to conduct targeted phishing campaigns known as...

Today’s VERT Alert addresses 14 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-698 on Wednesday, November 9th. Ease of Use (published exploits) to Risk Table Automated Exploit ...

An Austrian security researcher recently unveiled a vulnerability affecting Netflix that allowed attackers to takeover user accounts. In a blog post published on Monday, the researcher – known as ‘Slashcrypto’ – explained the attack works when a victim’s voicemail can be hacked to bypass the password reset function of Netflix. “… When a user wanted...

A team sent by Bangladesh Bank arrived in Manila to move part of 81 million USD stolen from it in a heist back to its account at the New York Federal Reserve. According to Reuters , casino boss Kim Wong surrendered 4.63 million USD and 488.28 million pesos (10.05 million USD) to authorities after...

Just like in September, the cyber extortion epidemic keeps mutating. The crooks at the helm of ransomware campaigns are constantly experimenting with the geography of their attacks, intimidation tactics, data locking mechanisms, and payment channels. Learn how this underground ecosystem evolved last month and whether the security industry is ready...

I've added some handy tools to my pentest toolbox this year. You'll find a short description of each with links to more information below. Whether red or blue team, you'll want to know what these tools can do. Password Spraying Password spraying is guessing a few passwords against a large list of users in order to avoid account lockout. You would...

The webcam is a cherished tool of digital extortionists. With the help of a remote access trojan (RAT) like BlackShades or Dark Comet, a bad actor can "slave" a user's computer, assume control over their webcam, record the unknowing individual, and leverage that footage to get what they want from their victim. Those demands could consist of money,...

As we near the end of 2016, it’s safe to say this year has brought its fair share of notorious cyber attacks, data breaches and security incidents. We saw a rampant rise in ransomware targeting hospitals and healthcare providers; we saw attacks on industrial control systems (ICS) resulting in disruptions and outages; we saw high-profile banks lose...

The Bizarro Sundown exploit kit is spreading two versions of Locky ransomware via the still-active ShadowGate malvertising campaign. In October, Trend Micro spotted two versions of Bizarro Sundown, a modification of the earlier Sundown exploit kit which rose to prominence with RIG following Neutrino's demise. The first iteration reared its ugly head...

What has caused a seemingly typical ransomware from turning into one of the most popular malware threats this year? I've uncovered the facts, so allow me to give some insight into how this ransomware became one of the most feared strains this year. The First Johnycryptor Ransomware Major Hits In early July 2016, various security vendors spotted...

In February 2016, Tripwire first unveiled the results of its 2016 Breach Detection Survey. The study polled the comments of 763 security information security personnel about their organizations' efficacy of implementing seven key security controls: PCI DSS, SOX, NERC CIP, MAS TRM, NIST 800-53 and IRS 1075. Those controls are essential to helping an...

Actors can use spoofing attacks to gain control of a smart webcam that leaks its own password as well as local network credentials. To raise awareness about the insecure design of many Internet of Things (IoT) devices, researchers at Bitdefender Labs took a look at a smart webcam. The camera comes with a motion and sound detection system, two-way...

The HookAds malvertising campaign redirects users to a landing page for the RIG exploit kit that comes prepackaged with all types of baddies. HookAds, which got its name from a string found by Malwarebytes researchers in the delivery URL, works as follows. A malvertising chain redirects visitors to adult websites that sometimes generate millions of...

Information security really needs female professionals. There aren't a lot of us, but all the women in infosec I've met so far have been fascinating. In my first interview, I spoke with Tiberius Hefflin, a Security Assurance Analyst. The second woman I spoke to was Tracy Z. Maleeff, who is well known on Twitter as @InfoSecSherpa. Kim Crawley: How...

For the ancient Greeks, Cerberus was a multi-headed dog guarding the gates of the underworld. Its duty was to not let any dead soul exit the kingdom of the dead. Perhaps it’s not a coincidence that cybercriminals chose this dreadful creature as the foundation of the ransomware monster known as Cerber. Nobody wants to see Cerber ransomware encrypt...

Celebrating the fifth and final week of National Cyber Security Awareness Month (NCSAM) 2016, we at The State of Security would like to emphasize the goal of building resilience in critical infrastructure. We'll do so by discussing three ICS security incidents that rocked 2016 and by sourcing expert opinion on what we can learn from each of those...