Categories
Anti-malware

Siemens Patches Improper Access Vulnerability in Ruggedcom Protocol

29th September, 2017  By Chris Brook     Industrial manufacturer Siemens is encouraging users running devices that use its Ruggedcom Discovery Protocol (RCDP) to apply firmware updates this week. The updates resolve a serious and remotely exploitable vulnerability that could let an attacker carry out administrative actions.   The issue, an improper access control vulnerability, […]

Categories
Anti-malware

Best and Worst Security Functions to Outsource

29th September, 2017  By Kelly Sheridan     Which security functions are best handled by third parties, and which should be kept in-house? Experts weigh in.   Security teams need more advanced people than they can find or afford. For many, outsourcing has become key to bridging the skills gap and addressing tasks they lack […]

Categories
Anti-malware

Analyzing Cybersecurity’s Fractured Educational Ecosystem

29th September, 2017  By Chaim Sanders   We have surprisingly little data on how to evaluate infosec job candidates academic qualifications. That needs to change.   Every day, a common scenario plays out across the US. An information security employer receives a resume from a recent graduate and looks at the student’s academic qualifications. Folks […]

Categories
Anti-malware

Europol’s EC3 and Trend Micro Partner to Arm Financial Industry with ATM Malware Protection

26 September 2017Press Release   Joint report presents physical and network-based malware affecting ATMs   Europol’s European Cybercrime Centre (EC3) and Trend Micro, a global leader in cybersecurity solutions today released a comprehensive report on the current state of ATM Malware. Cashing in on ATM Malware details both physical and network-based malware attacks on ATMs, […]

Categories
Anti-malware

Webroot SecureAnywhere AntiVirus Review

“Very good review on Webroot SecureAnywhere” ============================================================================= Webroot is a fairly well-known name in the security community, and it’s all encompassing “Secure Anywhere” software suite is offered in three varietals: antivirus, Internet Security Plus, and Internet Security Complete. I decided to take a look at its basic “antivirus” package, which touts lighting fast scans, no […]

Categories
Anti-malware

Whole Foods Market Payment Card Investigation Notification

Another breach is being investigated right now, it is still early days but watch this space.   Whole Foods Market recently received information regarding unauthorized access of payment card information used at certain venues such as taprooms and full table-service restaurants located within some stores. These venues use a different point of sale system than the company’s primary store checkout […]

Categories
Anti-malware

Google to Enforce HSTS on TLDs it Operates

  September 28, 2017 By Michael Mimoso   Google said this week it would enforce HSTS on 45 Top Level Domains it operates.   HSTS, or HTTP Strict Transport Security, forces HTTPS on client connections to webservers and is a key part of the strategy to encrypt the web.   Google is the registry for […]

Categories
Anti-malware

FIN7 Hackers Use LNK Embedded Objects in Fileless Attacks

By Ionut Arghire on September 28, 2017   The infamous FIN7 hacking group has been distributing malware through a LNK file embedded in a Word document via the Object Linking and Embedding (OLE) technology, Cisco Talos security researchers say.   FIN7, also known as Anunak, or Carbanak, is a financially motivated group that has been highly active […]

Categories
Anti-malware

Thousands of Malware Variants Found on Industrial Systems: Kaspersky

By Eduard Kovacs on September 28, 2017   Kaspersky said it had detected roughly 18,000 malware samples belonging to more than 2,500 families on industrial control systems (ICS) in the first half of 2017. According to the company’s “Threat Landscape for Industrial Automation Systems” report for the first six months of the year, nearly 38 […]

Categories
Anti-malware

Patch alert! Easy-to-exploit flaw in Linux kernel rated ‘high risk’

Urgent security triage needed   By John Leyden 28 Sep 2017     A flaw has been found in the way the Linux kernel loads ELF files.   If a malicious program is built as a Position Independent Executable (PIE), the loader can be exploited to map part of that application’s data segment over the memory area […]