Blog

Blog

Mega Breach Strikes Rambler.ru with Leak of Nearly 100M User Records

Russian e-mail service provider Rambler.ru suffered a mega breach when someone leaked close to 100 million of its users' login credentials online. Data breach monitoring service LeakedSource said the 98,167,935 leaked credentials are real, information which someone allegedly stole in a hack against the "Russian version of Yahoo" during a security...
Blog

How a Massive 540 Gb/sec DDoS Attack Failed to Spoil the Rio Olympics

On 21 August, 2016, the International Olympic Committee (IOC) held the closing ceremony for the 2016 Summer Olympics at the Maracanã Stadium in Rio de Janeiro, Brazil. Hopefully, the celebration symbolized the close of a memorable fortnight during which athletes and spectators alike didn't get hacked and evaded the traps of computer criminals....
Blog

Security Hygiene for Dorm Life

Going back to school, especially college, is a fun time of year. One of the best experiences, by far, is living with other people in a dorm or private shared housing. You can make awesome friends, have amazing parties, and make excellent memories. It's important to note in these shared living situations that hygiene is incredibly important. You don...
Blog

Apple Issues Critical Updates for Spyware Flaws in Mac OS X, Safari

Apple issued critical updates for OS X Yosemite and El Capitan on Thursday to patch security vulnerabilities resembling those discovered on iOS 9.3.5 earlier this week. Dubbed Trident, the three zero-day vulnerabilities (CVE-2016-4655, CVE-2016-4656 and CVE-2016-4657) could allow an attacker to silently jailbreak an iOS device and spy on victims,...
Blog

'Guccifer' Receives Four Years in Prison for Hacking High-Profile Targets

A federal court has sentenced the man behind the 'Guccifer' moniker to four years in prison for hacking a number of high-profile targets. On 1 September, U.S. District Judge James C. Cacheris handed down a sentence of 52 months in prison to Marcel Lehel Lazar, 44, of Arad, Romania. According to a statement released by the U.S. Department of Justice,...
Blog

Survey: Only 34% of IT Pros 'Very Confident' They Could Recover from Ransomware

Ransomware is having quite the year. According to the FBI, crypto-malware authors extorted more than 200 million USD from users in the first three months of 2016. They're well on their way to raking in over one billion dollars by the end of the year. Part of the reason ransomware developers are doing so well, the FBI explains in a letter, is because...
Blog

How one company lost $44 million through an email scam

One of the world's leading wire and cable manufacturers, Leoni AG, has been swindled out of a jaw-dropping 40 million Euros (approximately US $44 million) after it was targeted by an email scammer. As Softpedia reports, a young woman working in the finance department of Leoni's factory in Bistrita, Romania, received an email in mid-August claiming...
Blog

Fraudsters Use Angler Phishing on Twitter to Lure PayPal Customers

Fraudsters are leveraging an emerging social engineering technique called "angler phishing" to fool victims into handing over their PayPal credentials. Researchers at security firm Proofpoint, who discovered this particular campaign, elaborate on what sets angler phishing apart from ordinary phishing attacks: "The attack technique takes its name...
Blog

How AI Can Save Corporate America from Devastating Cyber Attacks

It certainly has been another long week in cybersecurity. First, news that a third party hacked a group allegedly connected to the NSA and made off with secret “hacking tools” rocked the industry. It was shortly followed by news of cyber attacks in the form of smart email “bombs” raining down upon the mailboxes of .gov employees in a way very...
Blog

Dropbox Says Data Dump of 60M User IDs the Real Deal

American file hosting service Dropbox said a data dump of approximately 60 million users' records is real. A spokesperson for the company said the records, which include email addresses as well as hashed and salted passwords, are the same as those affected by a security incident that occurred several...
Blog

Combating the Major Risks Your Business Could be Facing

Organizations face all sorts of risks that threaten to derail their progress and inhibit future growth. The headlines likely don’t provide much comfort as you read about another major company becoming a victim of a massive security breach. There’s a lot to worry about out there, and the tiniest mistake can quickly be exploited, putting your business...
Blog

Back-to-School Tips on How Your Children Can Stay Safe Online

There's no hiding it. The days are getting cooler. The sun's setting earlier. And the leaves are beginning to change. Summer's gone as quickly as it came, which means one thing and one thing only: it's back-to-school season. Soon, kids around the world will be starting up a new year of classes. That means they'll be chatting on line, looking for...
Blog

Website Down? New FairWare Ransomware Could Be Responsible

Linux users are reporting a new ransomware called "FairWare" played a part in taking down their websites. News of the ransomware first surfaced in a post on Bleeping Computer's forums. According to the victim, attackers likely brute-forced or intercepted the password for their Linux machine. Once they acquired access, the baddies logged into the...
Blog

Collaboration Is Key to Information Security

The challenges facing security professionals certainly aren’t getting any easier – nor are they likely to do so anytime soon. Not only are the skills and knowledge that we need to operate evolving at an ever-relentless pace but also rapidly diversifying far beyond the familiar technical and governance areas we have been used to. When it seems that...
Blog

The Root Causes of a Poor Security Culture within the Workplace

Demonstrating to employees that security is there to make their life easier, not harder, is the first step in developing a sound security culture. But before we discuss the actual steps to improve it, let’s first understand the root causes of a poor security culture. Security professionals must understand that bad habits and behaviours tend to be...
Blog

Advanced Malware Detection and Response Begins at the Endpoint

It's no secret the security community is witnessing a boom in sophisticated techniques and attack campaigns. Some of the most advanced threats circulating in the wild today leverage polymorphic malware that changes its form based upon the environment in which it activates. As a result, signature-based detection solutions have a difficult time...
Blog

Startup Website Security And WordPress Vulnerability

You, a creative entrepreneur with a great idea, finally launch a business. As a startup, having your own website is essential in conducting business. Startups must always take extra precaution when it comes to their web security. Because startups are the perfect targets for hackers, your website should be protected as soon as it is ready to go live....
Blog

The DEF CON 24 Experience

This year, I was fortunate enough to attend the DEF CON 24 security conference, one of The State of Security's top 11 infosec conferences, which took place August 4-7, 2016, at Paris and Bally's in Las Vegas. Here's a summary of my experience. Cyber Grand Challenge An interesting addition to the unofficial first day of DEF CON this year was the...