Office 365 Phishing attacks create a sustained insider ni...
DERBYCON - Earlier this month, Salted Hash deconstructed a Phishing email that had bypassed company filters and made into the general inbox. The email focuse...

Are you ready for ‘Moneyball’ security?
Are your security priorities driven by evidence or collective wisdom? Security moves fast. We face an intense pressure to perform. Rapidly changing organizat...

Cloud-Focused Firms Earn High Marks for Software Security...
Businesses that are cloud-focused tend to run the most secure software, while the healthcare sector is struggling the most when it comes to accomplishing the...

Viacom Left Sensitive Data And Secret Access Key On Unsec...
Viacom—the popular entertainment and media company that owns Paramount Pictures, Comedy Central, MTV, and hundreds of other properties—has exposed the keys t...

iOS 11 Update includes Patches for Eight Vulnerabilities
Apple released a number of patches, including a security update for iOS 11, which is available today.

BrandPost: Mobile Access: Get on the Right Road to Security
Mobility is a disruptive technology. It’s disrupting the old order (users accessing resources from one place, through one point of access) and replacing it w...

IDG Contributor Network: Using the new NIST standards in ...
NIST is in the process of finalizing updates for two important information security standards: NIST 800-53 Rev. 5 (“Security and Privacy Controls for Federal...

Avast-Owned Piriform Releases CCleaner Security Update
The Avast subsidiary has released two new versions of CCleaner following the discovery of a supply-chain attack.

New Spam Campaign Literally Doubles Down on Ransomware
An upgraded spam campaign alternates Locky and FakeGlobe ransomware, forcing victims to pay twice or lose all their data.

GDPR & the Rise of the Automated Data Protection Officer
Can artificial intelligence and machine learning solve the skills shortage as the EU's General Data Protection Regulation deadline approaches?

Viacom's Secret Cloud Keys Exposed
The entertainment giant is the latest company to misconfigure its Amazon Web Services S3 cloud storage bucket.

Security executives on the move and in the news
The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring ...

Equifax Suffered Earlier Breach in March
Equifax suffered another breach of its systems, back in March, the company revealed Monday.

Think tank proposed new rules to hold tech companies resp...
I actively try to avoid idiots, but every once in a while I accidentally step in a pile of idiot juice. Today, that happened to be an “investigative” report ...

Think tank wants tech firms to be held responsible for on...
I actively try to avoid idiots, but every once in a while I accidentally step in a pile of idiot juice. Today, that happened to be an “investigative” report ...

Siemens' New ICS/SCADA Security Service a Sign of the Times
Major ICS/SCADA vendors are entering the managed security services business with cloud-based offerings for energy and other industrial sectors.

Risks Limited With Latest Apache Bug, Optionsbleed
The risks surrounding the latest Apache bug, called Optionsbleed, are limited given it can only be attacked under certain conditions. Apache, and many Linux ...

IDG Contributor Network: Fraud stories, part 2: digital i...
An elderly man gets a phone call from his account manager at the wealth management division of the bank. “Sir, there has been a compromise of your account. P...

How Apple's New Facial Recognition Technology Will Change...
Expect a trickle-down effect, as tech similar to Face ID becomes offered outside of Apple.

IT Security News Blast 9-19-2017
No one is safe from internet attacks, and A.I. defenses can’t help, Google security veteran says Adkins explained that AI-powered security software is ...

Here’s How Hackers Can Hijack Your Online Bitcoin Wallets
Researchers have been warning for years about critical issues with the Signaling System 7 (SS7) that could allow hackers to listen in private phone calls and...

Phased Process for Cloud Security
My colleague Doug Cahill and I have been following the development of cloud security for the past few years. What we’ve noticed is that many organizations t...

The 6 phases of adopting cloud security practices
My colleague Doug Cahill and I have been following the development of cloud security for the past few years. What we’ve noticed is that many organizations te...

BrandPost: Threat Intelligence: The Fuel that Powers Cybe...
For anyone reading the news regularly, it’s not hard to grasp that cyber threats are getting more sophisticated and damaging by the day. From a security tech...

Future cyber security threats and challenges: Are you rea...
The world is changing, and with it so is the internet. Or perhaps it’s the other way around. The internet continues to create new business and social opportu...

IDG Contributor Network: Achieving long-term resilience w...
The laudable aim of the National Institute of Standards and Technology (NIST) is to build a common language through a set of best practices and security prin...

Red Alert 2.0: New Android Banking Trojan for Sale on Hac...
The Recent discoveries of dangerous variants of the Android banking Trojan families, including Faketoken, Svpeng, and BankBot, present a significant threat t...

Digital future: Are we ready for what’s next?
The Internet Society (ISOC), a global non-profit dedicated to ensuring the open development, evolution and use of the Internet, released “Paths to our Digita...

The Pirate Bay Caught Running Browser-Based Cryptocurrenc...
The world's popular torrent download website, The Pirate Bay, has again been in a new controversy—this time over secretly planting an in-browser cryptocurren...

Hackers exploit an undocumented Word feature to carry on ...
Kaspersky researchers discovered a new attack technique leveraging Microsoft Word documents to gather information on users. The technique is innovative becau...

Addressing security concerns around connected ecosystems
The convergence of IoT applications with emerging technologies such as artificial intelligence, Big Data, and context-aware computing could help address curr...

The hacker Kuroi’SH defaced the official Google Brazil do...
A hacker using the online moniker of ‘Kuroi’SH’ defaced the official Google Brazil domain on Tuesday afternoon. The defaced page displayed a message greeting...

Hackers backdoored CCleaner, likely affecting millions of...
Legitimately signed but backdoored versions of the popular CCleaner utility were available for download from the developer’s Web site and servers for nearly ...

Tackling third party threats
In today’s business environment, it’s not uncommon for organisations to outsource some or all of their IT capabilities to third-party contractors. It’s true ...

Retailers experience two cyber attacks every week
Retailers are responding to cyber attacks on average twice a week — this is according to the latest research from Zynstra, an enterprise-grade IT software pr...

Cybercriminals deploying assortment of banking Trojans an...
Check Point revealed that banking trojans were extensively used by cybercriminals during August, with three variants appearing in the company’s latest Global...

Five Steps To Securing Your Greatest Asset: Your Employees
Employees can be your biggest asset. If not managed properly, they can also be your weakest link. The trick lies in empowering them to do their jobs properly...

Equifax Exec Departures Raise Questions About Responsibil...
Disclosed details suggest a failure by the technology team but senior executives and the board are not above responsibility as well, experts say.

Avast CCleaner Compromised Amid Rise in Supply Chain Threats
Attackers somehow hacked the build system of Avast's CCleaner to deliver malware, potentially affecting millions of users.

Attackers Use Undocumented MS Office Feature to Leak Syst...
An undocumented Microsoft Office feature allows for spying via specially crafted Word documents—no macros, exploits or any other active content needed.

Pirate Bay Spotted Hosting Monero Cryptocurrency Miner
A cryptocurrency miner surfaced on The Pirate Bay for a day over the weekend.

IDG Contributor Network: A note to mom about cybersecurity
I often ask myself the above question. Given my line of work in cybersecurity awareness, I guess that’s no surprise. But it’s not just a work question. I’m n...

IDG Contributor Network: Volunteer your services, not you...
After seeing the devastation from hurricanes Harvey and Irma, many people wanted to help the victims. Some donated money, while others donated their time and...

Equifax Hit with Lawsuit
Victims living or doing business in Florida can send a certified letter to seek relief and still remain in compliance with the state's credit laws, attorney ...

Please don't send me to cybersecurity training
You clicked on a bogus email, and you should've known better. Now you're going to cybersecurity school. Huh? I don't want to go. Talk about engaged students....

IT Security News Blast 9-18-2017
Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop Visa has updated their advisory about these 200,000+ credit cards stolen in the Equifax bre...

Warning: CCleaner Hacked to Distribute Malware; Over 2.3 ...
If you have downloaded or updated CCleaner application on your computer between August 15 and September 12 of this year from its official website, then pay a...

To Be Ready for the Security Future, Pay Attention to the...
It's easy to just move on to the next problem, ignoring what's happened -- but that's a mistake.

Heimdal Security – Nominated for Anti-Ransomware Solution...
If you’ve been reading this blog for a while, you most likely know that we’re dedicated to the fight against ransomware. This is deeply tied to our core miss...

Warning: CCleaner Hacked to Distribute Malware; Over 2.3 ...
If you have downloaded or updated CCleaner application on your computer between 15 August and September 12 of this year from its official website, then pay a...