Monthly Archives: May 2018

On Monday, Two Canada’s five largest banks, the Bank of Montreal (BMO) and Simplii Financial, informed their customers they are investigating a data breach. The security breach suffered by the Bank of Montreal […]

As of May 25th, the European Union’s General Data Protection Regulation (GDPR) became the law of the land. And in a digital age where data knows no national boundaries, it’s […]

Group-IB has released a new report on Cobalt group’s attacks against banks and financial sector organizations worldwide after the arrest of its leader. Threat intelligence firm Group-IB published an interesting report titiled […]

Coca-Cola discovered a security breach in September when law enforcement officials notified it that a former employee at a Coca-Cola subsidiary was found in possession of an external hard drive containing worker […]

The Justice Department announced an effort to disrupt the VPNFilter botnet of hundreds of thousands of infected home and office (SOHO) routers and other networked devices under the control of […]

Yesterday AMD, ARM, IBM, Intel, Microsoft and other major tech firms released updates, mitigations and published security advisories for two new variants of Meltdown and Spectre attacks. Spectre and Meltdown made the […]

A team of security researchers from Chinese firm Tencent has discovered 14 security vulnerabilities in several BMW models. Researchers from the Tencent Keen Security Lab have discovered 14 vulnerabilities affecting […]

UNDERSTANDING THE FUTURE OF CYBERSECURITY When you finish reading this article, and I recommend you read it two or three times, you will have a keen understanding of where the […]

Security researchers discovered that a misconfigured server operated by the CalAmp company could allow anyone to access account data and takeover the associated vehicle. CalAmp is a company that provides backend services […]

Cybersecurity in the City: Ranking America’s Most Insecure Metros is a first-time report issued by Coronet, a provider of enterprise-grade cloud security to companies of any size. From December 2017 […]

With all eyes on privacy rights, forward-looking businesses are re-examining their social media, e-commerce and data mining strategies and looking for new ways forward. Motivating factors include the Facebook Cambridge […]

The head of the Mexican central bank, Alejandro Diaz de Leon announced this week that hackers were involved in shadowy transfers of between $18 million and $20 million. Mexican central […]

Nethammer attack technique is the first truly remote Rowhammer attack that doesn’t require a single attacker-controlled line of code on the targeted system. A few days ago security experts announced the first network-based remote […]

Stopping the #1 Source of Exploitation:  Spear Phishing in Depth Again, Inky® receives another award, two years in a row.  You’re still wondering who they are and why they are […]

Television Media Platform for InfoSec Knowledge CEO/Executive Hotseats – Totally Unscripted – Starting in 2018 Imagine you could sit down with the CEO and/or Founder of some of the hottest, […]

According to The Guardian newspaper, Ecuador spent millions on spy operation for Julian Assange after he hacked the embassy network. According to a report published by the Guardian, Ecuador spied on WikiLeaks […]

Rail Europe North America (RENA) notifies customers of a security breach, crooks compromised its website with a malware used to siphon payment card data. The website allows users to buy European train tickets, […]

EFAIL attacks – Researchers found critical vulnerabilities in PGP and S/MIME Tools, immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email. A few hours ago, I reported the news that […]

Security experts at Flashpoint confirmed the availability online for the source code of the TreasureHunter PoS malware since March. The researchers found evidence that the threat has been around since at least late […]

Developers of major operating systems and hypervisors misread documentation from Intel and introduced a the CVE-2018-8897 vulnerability into to their products. The development communities of major operating systems and hypervisors […]

The macOS client for the Signal fails to properly delete disappearing messages from the recipient’s system, potentially exposing sensitive messages. Signal is considered the most secure instant messaging app, searching for […]

The baseStriker attack technique allows to bypass anti-phishing filters by splitting and disguising a malicious link using a tag called the <base> URL tag. Security researchers at cloud security company […]

SPECIAL REPORT: Case Study: Neil Daniell, Information Security Specialist at Peoples Bancorp Cyber attacks on the banking industry are growing more sophisticated, frequent, and dynamic. This includes risks from distributed denial-of-service […]

The European Union’s General Data Protection Regulation (GDPR) becomes law in just a matter of weeks. This far-reaching regulation shifts the focus of ownership of data back to individuals – […]

Cyber threats continue to originate from a wide variety (and ever-multiplying) range of entities from state-sponsored groups and terrorists to criminal elements and emerging hacktivist movements. As these groups exercise […]

Last week, the European Central Bank has published the European framework for testing financial sector resilience to cyber attacks. The framework aims to simulate the effects of cyber attacks on critical systems […]

The Pentagon is ordering retail outlets on US military bases to stop selling Huawei and ZTE products due to unacceptable security risk they pose. Smartphones manufactured by Chinese firms Huawei and […]

Social networks could be a privileged attack vector to rapidly spread a malware to a huge audience, FacexWorm targets cryptocurrency users by spreading through Facebook Messenger. Social networks could be […]

SamSam ransomware made the headlines again, crooks now spreading thousands of copies of the ransomware at once into individual targeted organizations. Ransomwarecontinues to be one of the most dangerous cyber […]

I’ve been following the Managed Security Service Provider (MSSP) market for some time. I’m always looking for innovators and those who understand how to harness ‘big data’ to their advantage. […]