Yearly Archives: 2017
Infosec Innovator Uncovered: Inky Phish Fence®
Stopping the #1 Source of Exploitation: Spear Phishing in Depth Again, it’s nearly closing time at another INFOSEC show and as usual, I’m still trying to find the most innovative […]
Embarrassing data leak business data in a public Amazon S3 bucket
The leading global professional services company Accenture exposed its business data in a public Amazon S3 bucket. Disconcerting! Another Tech giant has fallen victim of an embarrassing data leak, this time the […]
FormBook malware used in high-volume distribution campaigns targeting organizations in the US and South Korea
Crooks are spreading the FormBook malware to target aerospace firms, defense contractors and some manufacturing organizations in the US and South Korea. According to researchers at FireEye, FormBook was spotted […]
Microsoft’s October Patch Tuesday addresses critical Windows DNS client Zero-Day Flaws tied to DNSSEC
Microsoft’s October Patch Tuesday addresses three critical zero-day security vulnerabilities tied to the DNSSEC protocol. Microsoft’s October Patch Tuesday addresses three critical security vulnerabilities in the Windows DNS client in Windows 8, […]
HPE allowed Russians to review the code of ArcSight software, which is also used by the Pentagon
HPE gave Russian gov access to review ArcSight software that is currently used by corporate and government entities worldwide, including the Pentagon. The recent news of the alleged hack of Kaspersky […]
Disqus data breach – 2012 incident Exposed details for 17.5 Million users
On Friday evening, the worldwide blog comment hosting service for web sites and online communities Disqus has confirmed a data breach that occurred back in 2012. In 2012, hackers have stolen details for at least 17.5 […]
Imperva Report Q2 2017- Over 75% of DDoS targets were hit multiple times
According to Imperva DDoS report, over 75% of targets were hit multiple times in Q2 2017, while the percentage was only 43.2% in the same period of 2016. Imperva published the Global DDoS […]
Four Ways to Empower Your Employees through Security Awareness Training
Every IT leader dreams of implementing the perfect cybersecurity policy. Employees would follow every security best practice with flawless execution, the entire company would know how to identify phishing scams, […]
Yahoo hack – All 3 Billion Yahoo accounts were hacked in 2013 attack
The Yahoo hack occurred in 2013 is bigger than originally stated, Verizon confirmed that all 3 Billion Yahoo accounts were hacked in the attack. The Yahoo hack occurred in 2013, […]
Dream Market dark web drug dealer OxyMonster arrested on way to beard contest
The Dream Market dark web drug dealer was arrested by US authorities after he traveled the US for this year’s annual World Beard and Mustache Championships. A Dark-Web drug dealer was arrested by US authorities after […]
Vxers abused legitimate VMware binary to spread Banking Trojan Distribution
Cisco researchers discovered a malware campaign abusing a legitimate VMware binary to spread a banking Trojan. The threat actor behind the campaign uses multiple methods of re-direction when infecting the victims’ […]
Cyber Defense Magazine Announces Top 25 Cyber Security Leaders for 2017
Next-generation INFOSEC leaders receive Coveted Cyber Security Leaders Awards 2017 during the National Cyber Security Awareness Month #CyberAware NASHUA, NH (PRWEB) OCTOBER 02, 2017 Cyber Defense Magazine, the industry’s leading electronic […]
A high-risk two-years old flaw in Linux kernel was just patched
A high-risk security vulnerability discovered more than two years ago has been patched in Linux kernel. The flaw discovered by researchers with Qualys Research Labs affects all Linux distributions that […]
China widely disrupted WhatsApp in the country, broadening online censorship
The popular instant messaging application WhatsApp has been widely blocked in mainland China by the Government broadening online censorship. Bad news for the Chinese users of the popular instant messaging app […]
Phantom Menace or Not, Now is the Time to Check Your DDoS Defenses
Recently a group of cybercriminals calling itself Phantom Squad unleashed a digital extortion scheme targeting businesses across the US, Europe and Asia. In the extortion notes the group threatened to […]
Deloitte targeted by a cyber attack that exposed clients’ secret emails
The accountancy firm Deloitte announced it is has been targeted by a sophisticated hack that compromised its global email server. Today the accountancy firm giant Deloitte revealed that is has been targeted by a sophisticated hack that […]
Iranian cyber spies APT33 target aerospace and energy organizations
The Iran-linked APT33 group has been targeting aerospace and energy organizations in the United States, Saudi Arabia, and South Korea. According to security firm FireEye, a cyber espionage group linked to […]
Researchers demonstrate how to steal Bitcoin by exploiting SS7 issues
Hackers have exploited security weaknesses in SS7 protocol to break into a GMail account, take control of a bitcoin wallet and steal funds. In June 2016, researchers with Positive Technologies […]
Hackers exploit an undocumented Word feature for user fingerprinting
Kaspersky researchers discovered a new attack technique leveraging an undocumented Word feature to gather information on users. Kaspersky researchers discovered a new attack technique leveraging Microsoft Word documents to gather information on […]
Equifax Breach – Exclusive Detailed Analysis by ICIT
The catastrophic breach of Equifax’s systems was inevitable because of systemic organizational disregard for cybersecurity and cyber-hygiene best practices, as well as Equifax’s reliance on unqualified executives for information security. […]
Thousands of Elasticsearch installs compromised to host PoS Malware
Experts discovered 4,000 compromised installations on Amazon AWS of open source analytics and search tool Elasticsearch that were running PoS malware. Security researchers from the firm Kromtech have discovered 4,000 compromised instances of open […]
$700 billion National Defense Authorization Act (NDAA) Includes Cybersecurity Funding…Rejects Kaspersky
While there is no evidence that Eugene Kasperky’s antivirus products have backdoors or covert eavesdropping technology, in the final version for the defense bill is a provision that bars the […]
Hackers are offering Equifax data for sale, but they are scammers
It has happened, the information stolen in the recent Equifax data breach is offered for sale on the dark web by crooks, but watch out, they are scammers. Equifax discovered the […]
The Privacy Imperative
WITHOUT STRONG PRIVACY, CYBER SECURITY IS A COMPLETE FARSE It’s 2017, Defcon and BlackHat conferences just took place this summer, in Las Vegas, NV. BlackHat had over 15,000 attendees and some […]
Toast Overlay attacks, a Cloak and Dagger with No Permissions, fixed by Google
Google just fixed a high-severity Android vulnerability, tracked as CVE-2017-0752, that ties with the Toast Overlay attacks. Security researchers with Palo Alto Networks Unit 42, warned of a high-severity Android […]
Hackers can remotely access Smiths Medical Syringe Infusion Pumps to kill patients
The US-CERT is warning of hackers can remotely access Smiths Medical Syringe Infusion Pumps to control them and kill patients. IoT devices continue to enlarge our surface of attack, and in […]
Taringa Data Breach, over 28 Million users affected
The data breach notification website LeakBase reported to the colleagues at THN the Taringa data breach, over 28 Million users’ data exposed. Taringa, also known as ‘The Latin American Reddit’, is a […]
Equifax Breach: Another Challenge to Consumer Rights and Privacy
By Gary S. Miliefsky, Executive Producer, Cyber Defense Magazine While I was recently sharing my 7 secrets of infosec tips and best practices at an amazing conference, CloudSEC 2017 in […]
US Government website was hosting a JavaScript downloader delivering Cerber ransomware
Security experts discovered last week that a US government website was hosting a JavaScript downloader used to deliver the Cerber ransomware. The security researcher at NewSky Security Ankit Anubhav discovered […]
FDA recalls 465,000 pacemakers open to cyber attack
The United States Federal Drug Administration (FDA) is recalling 465,000 pacemakers that could be hacked by attackers. The Food and Drug Administration (FDA) is recalling roughly half a million pacemakers […]