25 Nov 2019

Cybercriminals targeting e-commerce website vulnerabilities this holiday season

98% of Alexa 1000 websites have not adopted sufficient client-side cybersecurity measures to prevent threat actors from attacking the websites to carry out personal, financial and credential theft, a recent study by Tala Security found. This risk is elevated during the holiday season when ecommerce sales and cybercriminial activity related

Read More
22 Nov 2019

Nominet Tackles Cybercrime with 29,000 .UK Domain Suspensions

Nominet suspended 29,000 .uk domains over the past year, aiming to clean up Britain’s domain name space. The .uk registry reportedly took down 28,937 domains as a result of criminal activity between the months of November 2018 and October 2019. This represents just 0.22% of the 13 million .uk domains

Read More
20 Nov 2019

1.19 billion confidential medical images available on the internet

An ongoing study by Greenbone researched the security of Picture Archiving and Communications Systems (PACS) servers used by health providers to store imaging records. In the US, Greenbone security identified 786 million medical images that include at least one piece of personal identification, details of patient names, reason for imaging,

Read More
20 Nov 2019

Google: BigQuery and GCE users get these new controls over sensitive cloud data

Google announced an alternative to existing key management services offered by Google cloud; External Key Manager. To give companies more control of encrypted data, External Key Manager will allow customers to keep encryption keys out of Google’s hands. Yesterday, Google announced Big Query Reservations, an entreprise-friendly pricing model that offers

Read More
15 Nov 2019

Alleged $20M Carding Forum Mastermind Faces US Charges

Russian citizen Aleksei Burkov is facing charges of running a $20 million carding forum. Burkov arrived at Dulles International Airport on Monday after being arrested in Israel in 2015, and now faced charges within the US after several attempts to circumvent extradition to the U.S. Burkov allegedly ran the site

Read More
14 Nov 2019

This unusual new ransomware is going after servers

An unusual ransomware named PureLocker by cybersecurity analysts has been targeting enterprise servers. PureLocker is written in PureBasic, which easily targets different platforms as it is transferable between Linux, OS-X, and Windows. Attacks are launched against the targets, holding them hostage until cryptocurrency ransom is paid; often hundreds of thousands

Read More
13 Nov 2019

The Executive’s Guide To Quantum Safe Security: Take these steps to make your enterprise quantum proof

The steady progress in quantum computing is resulting in exciting developments that will one day bring new capabilities to a wide range of use cases. Quantum computers can also bring new capabilities to attackers. The mathematician Peter Shor has proven that quantum computers can be used to rapidly factor large numbers into their primes in a way that will break most forms of asymmetric encryption used today. The computer scientist Lov Grover proved another algorithm that will, among other things, enable incredibly fast invalidation of another tool for security, the security hash. There are certainly other ways quantum computers will be used by adversaries, but these two methods alone are cause for serious concern. Imagine all the data your company believes is important being read by an adversary that wants to put you out of business, and imagine that adversary is operating in a location untouchable by the rule of law. 

Read More
12 Nov 2019

TrickBot Malware Uses Fake Sexual Harassment Complaints as Bait

Recently, attackers have formulated fake sexual harassment complaints that appear to come from the U.S. Equal Employment Opportunity Commission to disperse TrickBot malware, which targets financial data and acts to deploy other malware. This spearphishing campaign utilizes social engineering tactics to convince targets into exposing sensitive information. The customized phishing

Read More
12 Nov 2019

Report Reveals Businesses Aren’t Ready for 5G

AT&T recently published a Cybersecurity Insights Report, which found that many businesses are not prepared for a data acceleration to 5G. The report states that enterprises are lacking the expansion of virtualization and software-defined networking (SDN) capabilities. Only 16% of survey respondents said they have already began preparing for 5G

Read More
11 Nov 2019

Understanding the Ripple Effect: Large Enterprise Data Breaches Threaten Everyone

With the value of data skyrocketing, there has been an increase in cyberattacks against larger enterprises. These organizations often host data for thousands of customers, and the risk from these breaches don’t end after the attack. Spearphishing, extortion attempts, and account takeover attempts often follow. Last year Risk Based Security

Read More