By Lawrence Abrams September 11th, 2017 Today, a victim of a new ransomware called Paradise posted in the BleepingComputer.com forums and uploaded a sample so we could take a look at it. While this ransomware is not revolutionary by any means, since it is in active distribution and a Ransomware as a Service (RaaS),… Continue reading Paradise Ransomware Uses RSA Encryption to Encrypt Your Files
Why even smaller enterprises should consider nation-state quality cyber defenses
Recent events are forcing smaller enterprises to reconsider their security posture. By Druce MacFarlane September 11th, 2017 Traditionally, there was a stratification of security requirements influenced by organization size. These requirements imposed expenses, policies, and processes – and were often a balance between efficacy and convenience. Governments, for example, were often prime… Continue reading Why even smaller enterprises should consider nation-state quality cyber defenses
Why Relaxing Our Password Policies Might Actually Bolster User Safety
By Jackson Shaw September 11th, 2017 Recent guidance from NIST may seem counterintuitive. Despite the publicity about breaches, ransomware, and the like, we’re still using some pretty dumb passwords. Users typically aim for passwords that are easy to remember for their multiple logins, which they are asked to change frequently. Unfortunately, this has… Continue reading Why Relaxing Our Password Policies Might Actually Bolster User Safety
Hacked sex robots could kill you, warn British tabloids
Insert floppy di*k joke here. Graham Cluley September 11th, 2017 Dr Nick Patterson, of Deakin University in Australia, has been widely quoted in the British tabloid press warning about – as the Daily Star puts it – the risk of “ultra-realistic sex robots being used by warped hackers to attack humans”: … Continue reading Hacked sex robots could kill you, warn British tabloids
High Severity Flaws Patched in FreeXL Library
By Eduard Kovacs on September 11, 2017 An update released last week for the FreeXL library patches a couple of high severity remote code execution vulnerabilities discovered by Marcin Noga, a Polish researcher working for Cisco Talos. FreeXL is an open source C-based library that allows users to extract data from Microsoft Excel… Continue reading High Severity Flaws Patched in FreeXL Library
Google Chrome Will Soon Warn You of Software That Performs MitM Attacks
September 10, 2017 By Catalin Cimpanu Google Chrome 63 will include a new security feature that will detect when third-party software is performing a Man-in-the-Middle (MitM) attack that hijacks the user’s Internet connection. A MitM attack is when an application installed on a user’s computer or a local network intercepts the user’s web traffic.… Continue reading Google Chrome Will Soon Warn You of Software That Performs MitM Attacks
Translate.com Exposes Highly Sensitive Information in Massive Privacy Breach
By Florian Faes on September 7, 2017 How would you feel if your letter of resignation were posted online? Or sensitive parts of your employment contract? Or details of that M&A deal you have been working on with an investment bank? Thousands of people are about to find out unless translate.com fixes… Continue reading Translate.com Exposes Highly Sensitive Information in Massive Privacy Breach
Scotiabank internet whizzkids screw up their HTTPS security certs
Not exactly a move designed to inspire confidence By Iain Thomson in San Francisco 8th September 2017 No certs for you! The team behind Scotiabank’s Digital Banking Unit isn’t impressing some customers, after forgetting to renew the security certificates for their own website. The DBU was set up last year to… Continue reading Scotiabank internet whizzkids screw up their HTTPS security certs
Malware Group Uses Facebook CDN to Bypass Security Solutions
By Catalin Cimpanu A malware group is using Facebook’s CDN servers to store malicious files that it later uses to infect users with banking trojans. Researchers spotted several campaigns using Facebook’s CDN servers in the last two weeks, and previously, the same group also used Dropbox and Google’s cloud storage services to… Continue reading Malware Group Uses Facebook CDN to Bypass Security Solutions
Cloud Security Hype Fails to Match Deployments
By: Dark Reading Staff Technologies like software-defined perimeter and key management as-a-service generate enthusiasm but will take years to reach mainstream adoption. Businesses have taken greater interest in securing data, applications, and workloads as they move information to the cloud. However, many top-of-mind security technologies are still years away from deployment at most… Continue reading Cloud Security Hype Fails to Match Deployments