By Lawrence Abrams  September 11th, 2017   Today, a victim of a new ransomware called Paradise posted in the BleepingComputer.com forums and uploaded a sample so we could take a look at it. While this ransomware is not revolutionary by any means, since it is in active distribution and a Ransomware as a Service (RaaS),… Continue reading Paradise Ransomware Uses RSA Encryption to Encrypt Your Files

Recent events are forcing smaller enterprises to reconsider their security posture.   By Druce MacFarlane  September 11th, 2017   Traditionally, there was a stratification of security requirements influenced by organization size.  These requirements imposed expenses, policies, and processes – and were often a balance between efficacy and convenience.     Governments, for example, were often prime… Continue reading Why even smaller enterprises should consider nation-state quality cyber defenses

By Jackson Shaw September 11th, 2017   Recent guidance from NIST may seem counterintuitive.   Despite the publicity about breaches, ransomware, and the like, we’re still using some pretty dumb passwords. Users typically aim for passwords that are easy to remember for their multiple logins, which they are asked to change frequently. Unfortunately, this has… Continue reading Why Relaxing Our Password Policies Might Actually Bolster User Safety

Insert floppy di*k joke here.   Graham Cluley  September 11th, 2017     Dr Nick Patterson, of Deakin University in Australia, has been widely quoted in the British tabloid press warning about – as the Daily Star puts it – the risk of “ultra-realistic sex robots being used by warped hackers to attack humans”:  … Continue reading Hacked sex robots could kill you, warn British tabloids

By Eduard Kovacs on September 11, 2017   An update released last week for the FreeXL library patches a couple of high severity remote code execution vulnerabilities discovered by Marcin Noga, a Polish researcher working for Cisco Talos.   FreeXL is an open source C-based library that allows users to extract data from Microsoft Excel… Continue reading High Severity Flaws Patched in FreeXL Library

September 10, 2017  By Catalin Cimpanu   Google Chrome 63 will include a new security feature that will detect when third-party software is performing a Man-in-the-Middle (MitM) attack that hijacks the user’s Internet connection. A MitM attack is when an application installed on a user’s computer or a local network intercepts the user’s web traffic.… Continue reading Google Chrome Will Soon Warn You of Software That Performs MitM Attacks

By Florian Faes on September 7, 2017       How would you feel if your letter of resignation were posted online? Or sensitive parts of your employment contract? Or details of that M&A deal you have been working on with an investment bank? Thousands of people are about to find out unless translate.com fixes… Continue reading Translate.com Exposes Highly Sensitive Information in Massive Privacy Breach

Not exactly a move designed to inspire confidence   By Iain Thomson in San Francisco 8th September 2017   No certs for you!   The team behind Scotiabank’s Digital Banking Unit isn’t impressing some customers, after forgetting to renew the security certificates for their own website.   The DBU was set up last year to… Continue reading Scotiabank internet whizzkids screw up their HTTPS security certs

By Catalin Cimpanu       A malware group is using Facebook’s CDN servers to store malicious files that it later uses to infect users with banking trojans. Researchers spotted several campaigns using Facebook’s CDN servers in the last two weeks, and previously, the same group also used Dropbox and Google’s cloud storage services to… Continue reading Malware Group Uses Facebook CDN to Bypass Security Solutions

By: Dark Reading Staff   Technologies like software-defined perimeter and key management as-a-service generate enthusiasm but will take years to reach mainstream adoption.   Businesses have taken greater interest in securing data, applications, and workloads as they move information to the cloud. However, many top-of-mind security technologies are still years away from deployment at most… Continue reading Cloud Security Hype Fails to Match Deployments