The scourge of ransomware is by far today’s biggest computer security concern. By stepping into the crypto realm, cybercrooks have thrown down the gantlet to antivirus labs around the globe that are still mostly helpless in the face of this challenge. While many experts have been busy reverse-engineering obtained ransomware samples and posting...

SCENE: A man and a woman stare at a computer screen. They are both visibly stressed. The man is sweating through his shirt. The woman grips a fistful of her own hair. MAN This DDoS attack is bad. Really bad. WOMAN Almost as bad as this DDoS attack script pun. If only actual DDoS attack scripts could be so anti-climactic. In reality, DDoS attack...

These days, consumers are constantly being pushed to move away from paper correspondence and communication to an electronic alternative. Every time I sign into my bank account, I’m reminded of my option to forego the physical receipt of my monthly statement and go paperless. While the benefits of going paperless are clear to both businesses and...

I found a USB stick in the street the other day. This is not the first thumb drive I have found, and apparently this is not an unusual event, as some reports indicate that dry cleaners find thousands of them (along with some more unsavory items) each year. These reports are consistent with news stories about unusual items left in the back of taxis,...

Some of the world's most popular news and entertainment websites have been spreading poisoned adverts to potentially hundreds of thousands of visitors, putting innocent readers at risk of having their computers hit by threats such as ransomware. Famous sites which displayed the malicious ads and endangered visiting computers include MSN, bbc.com,...

A hacker has been charged with illegally accessing the nude photos of several celebrities in the "Fappening" or "Celebgate" scandal. On Tuesday, Ryan Collins, 36, of Lancaster, Pennsylvania signed an agreement in which he agreed to plea guilty to a federal violation of the Computer Fraud and Abuse...

On November 3, 2015, ProtonMail, a Switzerland-based encrypted email service, tweeted out that it had been taken offline by a distributed denial-of-service (DDoS) attack. The attack was so massive that it spread to the datacenter where the email service kept its servers, causing several banks and some tech companies to be knocked offline. For days,...

Recently, I read an article that suggested the 'human firewall' is broken and that it cannot be fixed. This observation comes from a company that provides commercial technical solutions to assist with mitigating cyber threats. The first aspect of this comment I would like to address is the element referred to as ‘the human firewall.’ Let's call it...

21st Century Oncology, a Florida-based chain of 181 cancer treatment centers in the US and Latin America, announced earlier this month that an unauthorized intrusion into one of its databases may have exposed patient information. In a Securities and Exchange Commission filing, the clinic said it is...

China has called for increased cooperation with the FBI on matters pertaining to internet security and counterterrorism. Reuters reports that Guo Shengkun, China's minister of public safety, recently told FBI Director James Comey in a Beijing meeting that his country was willing to enhance its mutual trust and respect with the United States with...

What is SCM? Well, let’s start with what it stands for. Generally, it represents "Security Configuration Management," but it is also referred to as "Secure Configuration Management." Both are equally acceptable and mean the same thing. SCM exists at the point where IT Security and IT Operations meet. It’s a software-based solution that aims to...

Last weekend, I was doing some work around the house and needed a flashlight. I cursed having to get up and get one from the closet when my daughter said, "Use the flashlight app, Dad." Then we discovered that my Android phone doesn't have a built-in light. This, of course, led me to look for an app and spend much more time than getting off my lazy...

Code.org has fixed an error on its website that accidentally exposed email addresses belonging to its volunteers. On Saturday, Hadi Partovi, the CEO of the non-profit organization that encourages students to learn about computer science, issued a statement of apology on the company's blog. "On Friday night we discovered and fixed an error in the...

Recently, there has been a lot of publicity regarding the new national cyber security plan and the billions of dollars pledged to its various parts, including the appointment of the United States' first ever federal chief information security officer (CISO). We understand in large part that the monies “pledged” are goals and aspirations. They are...

Staminus, a global Web security company specializing in protecting against distributed denial of service (DDoS) attacks, has reportedly fallen victim to a massive hack. According to a report by investigative journalist Brian Krebs, the company’s entire network was knocked offline for more than 20 hours until Thursday evening. On Friday afternoon,...

A typo helped prevent a group of hackers from successfully stealing one billion dollars during a bank heist that occurred last month. In the heist, a group of attackers infiltrated Bangladesh Bank's systems and made off with the credentials necessary for making payment transfers, reports Reuters. ...

In the information security space, there’s no shortage of insight that says increased technology and hardware are needed to combat the loss of information from expensive IT infrastructure. However, the real problems often lie in fallible human beings who’ve been entrusted to maintain the infrastructure and are failing to do so. Meanwhile, it’s...

Security Configuration Management (SCM) exists where IT security and IT operations meet. It has evolved over the years from a ‘nice to have’ to a ‘must-have.’ The last line of defence is on the endpoint, as network intrusion detection becomes less effective and as the attacks become more sophisticated. One area where a good SCM solution should...

Researchers have discovered a sophisticated strain of Android malware targeting the mobile banking apps of some of Australia’s largest banks. Experts at IT security company ESET said the malware ­­­­– dubbed Android/Spy.Agent.SI – is not only capable of stealing users’ credentials but also thwarting two-factor authentication. “The malware . . ....

As a security professional, I attend many conferences and networking events. I often overhear people at these events use the following exit line: “It was great meeting you. I’ll be sure to add you on LinkedIn.” Many people use LinkedIn as a virtual business card or an online resume. While LinkedIn is a great networking tool, it can also be used for...