Month: June 2017

  • Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques

    Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers. Cyber espionage groups and financial threat actors continue to adopt the latest cutting-edge application whitelisting bypass techniques and introduce innovative obfuscation into their phishing lures. Read full news article on FireEye Blog…

  • Weekend Roundup: The Digital Threats To Democracy Are Mounting

    Hacked elections, fake news, search engine manipulation and criminal cyberattacks are becoming increasingly common. Read full news article on The Huffington Post  

  • Trump’s Voter Fraud Commission Wants All Your Data. What Could Go Wrong?

    Trump’s commission to investigate voting fraud wants to make all your voter data public. Here is every reason why experts on both sides of the aisle think that’s a bad idea. Read full news article on Wired – Threat Level  

  • Sonatype Acquires Vor Security to Expand Nexus Open-Source Component Support

    Sonatype announced the acquisition of Vor Security to extend their open-source component intelligence solutions’ coverage to include Ruby, PHP, CocoaPods, Swift, Golang, C, and C++. Sonatype, well known as the creators of artifact repositories Apache Maven and Nexus, have extended their previously Java, JavaScript, .Net and Python centric component intelligence capabilities to include the new…

  • From BlackEnergy to ExPetr

    To date, nobody has been able to find any significant code sharing between ExPetr/Petya and older malware. Given our love for unsolved mysteries, we jumped right on it. Read full news article on Exploit This  

  • Food Supplier Passes Squid Off as Octopus

    Food Supplier Passes Squid Off as Octopus According to a lawsuit (main article behind paywall), “a Miami-based food vendor and its supplier have been misrepresenting their squid as octopus in an effort to boost profits.” Tags: Read full news article on Schneier on Security  

  • So You Think You Can Spot a Skimmer?

    This week marks the 50th anniversary of the automated teller machine — better known to most people as the ATM or cash machine. Thanks to the myriad methods thieves have devised to fleece unsuspecting cash machine users over the years, there are now more ways than ever to get ripped off at the ATM. Read…

  • The ‘slow-burn’ cost of a cyber attack

    Businesses have been warned that they may be hit for damages in multiple ways after being affected by a cyber-attack. A new report by Lloyd’s of London says there are two different costs linked to a cyber-attack: Read full news article on BetaNews  

  • How to Achieve Continuous Container Security for Your CI/CD Pipeline

    Integrate and Automate Security in Your Build, Ship, & Run Processes As enterprises move quickly to deploy containers and microservices with a continuous integration and delivery (CI/CD) pipeline, security often becomes an afterthought. DevOps and security teams should also strive to achieve continuous container security in the pipeline. Read full news article on DABCC  

  • This CEO Hopes To Rewrite The Code Of Compliance Management Software

    Thomas Sehested, GAN Integrity CEO and Co-Founder, shares the vision behind his company, disrupting the compliance industry, and his approach to building a future-proof business. What specific void or opportunity did you discover that inspired the idea behind your company? Read full news article on Forbes.com  

  • 8 Things Every Security Pro Should Know About GDPR

    In just under one year, the European Union’s General Data Protection Regulation (GDPR) will formally begin being enforced. The statute requires any company, or entity, that handles personal data belonging to EU residents to comply with a broad set of requirements for protecting the privacy of that data. Read full news article on dark READING…

  • With a single wiretap order, US authorities listened in on 3.3 million phone calls

    NEW YORK, NY — US authorities intercepted and recorded millions of phone calls last year under a single wiretap order, authorized as part of a narcotics investigation. The wiretap order authorized an unknown government agency to carry out real-time intercepts of 3.29 million cell phone conversations over a two-month period at some point during 2016,…