Cyberattack

Cyberattack / Most Viewed

Password Leaks

The technical press is full of reports about the leak of a hashed password file from LinkedIn. Worse yet, we hear, the hashes weren't salted. The situation is probably both better and worse than it would appear; in any event, it's more complicated. more»

Major Flaw Found in WannaCry Raises Questions on Whether it was Really a Ransomware

An extensive analysis of WannaCry seems to indicate attackers would be unable to determine which users have paid the ransom and they cannot decrypt on a per-user basis. more»

Can Big Companies Stop Being Hacked?

The recent huge security breach at Sony caps a bad year for big companies, with breaches at Target, Apple, Home Depot, P.F.Changs, Neiman Marcus, and no doubt other companies who haven't admitted it yet. Is this the new normal? Is there any hope for our private data? I'm not sure, but here are three observations... This week Brian Krebs reported on several thousand Hypercom credit card terminals that all stopped working last Sunday. Had they all been hacked? more»

Spamhaus Tells Us That Botnets Are Getting Worse

The Spamhaus Project just published a long article about the botnets they've been watching during 2014. As this chart shows, we're not making any progress. They also note that the goals of botnets have changed. While in the past they were mostly used to send spam, now they're stealing banking and financial information, engaging in click fraud, and used for DDoS and other malicious mischief. more»

WannaCry Ransomware Cyberattack Spreading to Countries Across the World, 45K Attacks Reported So Far

Security researchers are reporting a massive attack today, dubbed "WannaCry", which has reached 45,000 attacks in 74 countries around the world so far, mostly in Russia. more»

Experienced a Breach? Here Are Four Tips for Incident Response

The threat level has never been higher for organizations charged with protecting valuable data. In fact, as recent headlines will attest, no company or agency is completely immune to targeted attacks by persistent, skilled adversaries. The unprecedented success of these attacks against large and well-equipped organizations around the world has led many security executives to question the efficacy of traditional layered defenses as their primary protection against targeted attacks. more»

The Reality Virus

There's a new virus infecting the Internet that's more pernicious and more dangerous than any virus that has gone before. It's the first example ever of a hybrid Internet-human virus and probably the universal common ancestor of all hybrid Internet-human viruses to come. The condition the virus leaves behind is increasingly well recognised and goes by the understated label of "post-truth" but the virus itself is so far anonymous and so I propose we name it after the effect it has on those it has infected who, put simply, can no longer distinguish reality from fiction, hence the reality virus. more»

The Internet Needs a Security and Performance Upgrade

Many of you will have seen news stories that explained what was going on: a huge DDoS attack on the infrastructure of Dyn had taken down access to many large websites like Twitter. A great deal of digital ink has since been spilled in the mainstream press on the insecurity of the Internet of Things, as a botnet of webcams was being used. Here are some additional issues that might get missed in the resulting discussion. more»

Russian Security Firm Kaspersky Announces Its Own Secure OS, 14 Years in the Making

"I've anticipated this day for ages -- the day when the first commercially available mass market hardware device based on our own secure operating system landed on my desk," writes Eugene Kaspersky, Chairman and CEO of Kaspersky Lab, in a blog post introducing company's layer 3 switch powered by Kaspersky OS. more»

North Korea Suffers Internet Outage, U.S. Blamed

According to reports, North Korea has accused the United States for conducting a cyberattack that has disrupted Internet connectivity in the country. "While the details of the cause of the disruption are unknown, we can confirm that in the last two days, North Korea's sole Internet provider has, in fact, suffered from disruptions in connectivity to the global Internet," reports Doug Madory from Renesys. more»

South Korean Banks Receive DDoS Threat from Hacker Group, Record Ransomware Payment Demanded

Various sources including South Korea's news agency Yonhap are reporting that a hacker group has threatened to launch a DDoS attack against seven South Korean banks unless they pay about 360 million won (US$315,000) in bitcoin. more»

Deadline of April 10 to Apply For CARIS Workshop on Coordinating Response to Internet Attacks

You have just a couple of days to either complete a survey or submit a paper to join the "Coordinating Attack Response at Internet Scale (CARIS)" Workshop happening on June 19, 2015, in Berlin, Germany... If you are interested in helping improve the overall security and resilience of the Internet through increased communication between the groups responding to the large-scale attacks happening on the Internet every day, I would strongly encourage you to apply! more»

Reducing the Risks of BYOD with DNS-Based Security Intelligence; Part 2: Taking Control

In part 1, I talked about some of the risks associated with BYOD. But there are actions you can take to greatly reduce this risk. One effective method for limiting the risk of BYOD is to employ DNS-based security intelligence techniques. DNS-based security intelligence makes use of an enterprise's caching DNS server to monitor and block DNS queries to known botnet command and control (C&C) domains. more»

US Opens Unified Cyber Security Command Centre

Department of Homeland Security (DHS) Secretary Janet Napolitano today opened the new National Cybersecurity and Communications Integration Center (NCCIC) — a 24-hour, DHS-led coordinated watch and warning center that will improve national efforts to address threats and incidents affecting the nation's critical information technology and cyber infrastructure. more»

Michael Chertoff: Respond to Cyberattacks With Overwhelming Force, Apply Cold War Principle

Tom Espiner reporting in ZDNet UK: "Governments should formulate a doctrine to stave off cyberattacks similar to the Cold War-era principle of nuclear deterrence, according to former US Department of Homeland Security secretary Michael Chertoff. 'Rules of the road' for dealing with cyberattacks should include agreed principles on how to react to sustained cyberattacks on critical national infrastructure, Chertoff told a press conference at RSA Conference Europe on Thursday." more»

Industry Updates