28 Jan 2019

The Pentagon’s Cybersecurity Is Falling Behind

The latest annual report by the U.S. Defense Department’s test and evaluation office warns that while the cyberdefense capabilities of the U.S. military are advancing, “the rate of these improvements is not outpacing the growing capabilities of potential adversaries who continue to find new vulnerabilities and techniques to counter fixes.” In

Read More
28 Jan 2019

Exclusive: Ukraine says it sees surge in cyber attacks targeting election

Ukraine claims that threat actors working for the Russian government are carrying out cyberattacks on electoral servers as well as the computers of election officials in an attempt to interfere with the upcoming Ukrainian presidential election that will take place in March of this year. According to the head of the

Read More
28 Jan 2019

Ursnif Trojan is back with fileless persistence

Carbon Black researchers have uncovered a sophisticated malware campaign involving the infamous Ursnif Trojan, also known as Dreambot, and the popular GandCrab ransomware. In the first stage of the campaign, threat actors distribute spam emails containing Microsoft Word documents that have been corrupted with malicious macro scripts. The macros inside

Read More
28 Jan 2019

Dailymotion Resets Passwords After Credential Stuffing Attack

Credential stuffing attacks are on the rise. The latest victim is video platform Dailymotion, which has forced users to reset their passwords after it discovered that threat actors were attempting to access user accounts using stolen login credentials for other websites. The credential stuffing attacks began on January 19 and

Read More
28 Jan 2019

This Trojan infects Chrome browser extensions, spoofs searches to steal cryptocurrency

Researchers with Kaspersky Lab have uncovered a Trojan that is designed to compromise systems by somewhat unorthodox means in order to steal cryptocurrency. The Trojan, dubbed Razy, is distributed through malicious web-based adds (malvertising) as well as file hosting services. The Trojan can install new browser extensions on Google Chrome,

Read More
28 Jan 2019

Flood of Complaints to EU Countries Since Data Law Adopted

Since the European Union’s (EU) General Data Protection Regulation (GDPR) entered into force on May 25 of last year, EU citizens have filed over 95,000 complaints under the legislation. In response, three fines have been issued to parties that were found to be in violation of the law, the most notable of

Read More
25 Jan 2019

Exclusive: Google Caught Hosting Hezbollah’s Violent Android Games

In December of last year, Google removed two games from the Play Store after Forbes provided evidence that the applications were developed by Hezbollah, a Lebanese Islamist militant group that the U.S. and various other Western and Middle-Eastern countries consider to be a terrorist organization. The games were Holy Defense, in

Read More
25 Jan 2019

Collateral Damage: When Cyberwarfare Targets Civilian Data

As acts of cyberwar by nation-state threat actors are becoming increasingly common and disruptive, the goals of attacking parties include damaging critical infrastructure; stealing military data and technology; spreading disinformation; and, increasingly, stealing civilian data. According to Terry Ray, Chief Technology Officer at Imperva, companies, educational institutions, medial instantiations and other

Read More
25 Jan 2019

GDPR Compliance Brings Other Benefits: Cisco Study

The findings of Cisco’s 2019 Data Privacy Benchmark Study(PDF) imply that GDPR compliance has major security and other benefits for companies. Only a small majority (59%) of organizations in the study indicated that they were compliant, while 29% were set to achieve compliance within a year. Compliant organizations were less

Read More
25 Jan 2019

Massive mortgage and loan data leak gets worse as original documents also exposed

Earlier this week, a security researcher found an unprotected Elasticsearch server that exposed financial data relating to tens of thousands of current and former loan- and mortgage holders in the US. The database contained converted versions of text documents mentioning names, birth dates, address details, social security numbers and other

Read More