RSS Reader for Computer Security Articles
At ShmooCon 2017, CSO's Steve Ragan sits down with Gabe Bassett, senior information security data Scientist at Verizon Enterprise Solutions. The two discuss how attack surfaces work within the Verizon Data Breach Investigations Report (DBIR) and how companies can use those to assess their risk profiles.
In part two of CSO's interview with Gabe Bassett from Verizon Enterprise Solutions at ShmooCon 2017, Steve Ragan and Bassett discuss why vulnerabilities are not the major vectors that hackers use to get into a company's infrastructure.
A chief criticism I heard from readers of my book, Spam Nation: The Inside Story of Organized Cybercrime, was that it dealt primarily with petty crooks involved in petty crimes, while ignoring more substantive security issues like government surveillance and cyber war. But now it appears that the chief antagonist of Spam Nation is at the dead center of an international scandal involving the hacking of U.S. state electoral boards in Arizona and Illinois, the sacking of Russia’s top cybercrime investigators, and the slow but steady leak of unflattering data on some of Russia’s most powerful politicians.
Several readers have called attention to warnings coming out of Canada about a supposed new form of ATM skimming called “shimming.” Shimming attacks are not new (KrebsOnSecurity first wrote about them in August 2015), but they are likely to become more common as a greater number of banks in the United States shift to issuing chip-based cards. Here’s a brief primer on shimming attacks, and why they succeed.
Amateur hackers are alarmed with the apparent demise of LeakedSource, a controversial breach notification site that’s been accused of doing more harm than good.
U.S. law enforcement has allegedly confiscated its servers, and now some hackers are wondering if customers of LeakedSource might be next.
“All the people who used PayPal, credit card, etc. to buy membership, the FBI now have your email, payment details and lookup history,” wrote one user on HackForums.net.
To read this article in full or to leave a comment, please click here
If President Donald Trump is still using his personal, unsecured Android smartphone, as reported, he is surely creating bucketsful of worry for White House communications security staff.
As CIOs and Chief Information Security Officers already know, any organization can install strong security technology into a network or a smartphone, only to be defeated if end users don’t use it or follow safe cyber practices.
“The most vulnerable parts of communications are the people, and if they aren’t taking precautions, problems exist,” said Chris Perry, chief operating officer for Secured Communications, a provider of encrypted VPNs for mobile devices used by governments and companies.
To read this article in full or to leave a comment, please click here
Law enforcement authorities from Europe and Asia have arrested five members of an international cybercriminal group that specialized in hacking into automated teller machine (ATMs).
The investigation began in early 2016, according to Europol. Three suspects were arrested in Taiwan, one in Romania, and one in Belarus. Most of them had multiple citizenships and could travel easily between countries, the agency said Friday.
Hacking into ATMs to steal money is nothing new, and there are malware programs built specifically for such machines that allow criminals to withdraw money using hidden commands.
To infect ATMs with such malware most attackers either receive help from bank insiders or buy service keys that can be used to open the front panels of ATMs and access their communications ports.
To read this article in full or to leave a comment, please click here
The U.K. and U.S. are planning to work more closely to combat the spread of extreme Islamist ideology in cyberspace, British Prime Minister Theresa May said on Friday.
May was speaking at a White House news conference, alongside U.S. President Donald Trump, held to outline the results of talks between the two leaders. May is in Washington as the first foreign head of state to meet Trump.
She noted the conventional military fight against ISIS is working and the group is losing territory but noted the two countries “need to redouble our efforts.”
“Today we’re discussing how we can do this by deepening intelligence and security cooperation and critically, by stepping up our efforts to counter Daesh in cyberspace,” she said, using an alternate name for the terrorist group.
To read this article in full or to leave a comment, please click here