Navigate Up
Sign In

Information Security Feeds

What has the Necurs botnet been up to?
Fri, 19 Jan 2018 19:12:01 +0000
The Necurs botnet has been slowly growing since late 2012 and still tops the list of largest spam botnets in the world. Since then, the botnet has occasionally stopped or temporarily minimized the sending out of spam but has returned in full force. How big is the Necurs botnet? It’s difficult to say precisely, but the latest information provided by the Cisco Talos team can give a general idea. The researchers analyzed 32 distinct spam … More

Researchers uncover mobile, PC surveillance platform tied to different nation-state actors
Fri, 19 Jan 2018 17:36:22 +0000
The Electronic Frontier Foundation (EFF) and mobile security company Lookout have uncovered a new malware espionage campaign that has targeted activists, journalists, lawyers, military personnel, and enterprises in more than 20 countries in North America, Europe, the Middle East, and Asia. They have dubbed the threat Dark Caracal, and have traced its activities to as far back as 2012. The malware used by Dark Caracal The attackers went after information stored on targets’ Android devices … More

Infosec expert viewpoint: Google Play malware
Fri, 19 Jan 2018 14:30:30 +0000
Researchers routinely discover a variety of malicious apps on Google Play, some of which have been downloaded and installed on millions of devices worldwide. Here’s what infosec experts think about the security of Google Play, what they think Google should do better, and what users can do in order to protect themselves from malicious apps on the official Android app store. Chris Boyd, Lead Malware Intelligence Analyst, Malwarebytes Google Play continues to have issues where … More

New infosec products of the week​: January 19, 2018
Fri, 19 Jan 2018 13:55:19 +0000
Continuous vulnerability management for ICS cybersecurity PAS Cyber Integrity 6.0 now includes continuous vulnerability management providing visibility into vulnerability risk within industrial process control networks. Cyber Integrity moves beyond traditional IT vulnerability management by also addressing the proprietary industrial control systems that comprise 80 percent of a facility environment. BlackBerry releases cloud-based static binary code scanning solution BlackBerry Jarvis is a cloud-based static binary code scanning solution that identifies vulnerabilities in software used in automobiles. … More

IT infrastructure spending for cloud environments to reach $46.5 billion in 2017
Fri, 19 Jan 2018 13:00:41 +0000
Total spending on IT infrastructure products (server, enterprise storage, and Ethernet switches) for deployment in cloud environments is expected to total $46.5 billion in 2017 with year-over-year growth of 20.9%, according to a new forecast from IDC. Public cloud datacenters will account for the majority of this spending, 65.3%, growing at the fastest annual rate of 26.2%. Off-premises private cloud environments will represent 13% of cloud IT infrastructure spending, growing at 12.7% year over year. … More

G Suite users get a better view of their enterprise security posture
Thu, 18 Jan 2018 19:36:52 +0000
Google is rolling out a new security tool for G Suite Enterprise users: the Security Center. The tool aims to give administrators a better understanding of their organization’s security. The G Suite Security Center Admins get a unified dashboard that shows them important security metrics across services like Gmail, Google Drive, Mobile Management, etc. These metrics show how many messages were encrypted with Transport Layer Security, when were messages marked as malware, how are users … More

HITB Security Conference in Amsterdam to feature innovative research on attack and defense topics
Thu, 18 Jan 2018 18:02:36 +0000
The agenda for Day 1 of the 9th annual HITB Security Conference in The Netherlands has been announced and it’s packed with cutting edge research on a range of attack and defense topics from crypto currencies to fuzzing and more. Invoke-DOSfuscation: Techniques FOR %F IN (-style) DO (S-level CMD Obfuscation) In this presentation, Daniel Bohannon, a Senior Applied Security Researcher with MANDIANT’s Advanced Practices group, will dive deep into cmd.exe’s multi-faceted obfuscation opportunities beginning with … More

Norwegian health authority hacked, patient data of nearly 3 million citizens possibly compromised
Thu, 18 Jan 2018 16:52:31 +0000
Hackers have breached the systems of the Southern and Eastern Norway Regional Health Authority (Helse Sør-Øst RHF), and possibly made off with personal information and health records of some 2.9 million Norwegians. What’s known about the breach The breach was announced on Monday by the authority. The first to notice that something was amiss was HelseCERT, the Norwegian healthcare sector’s national information security center, which detects unwanted events and traffic and reports them to affected … More

What is the impact and likelihood of global risks?
Thu, 18 Jan 2018 14:00:52 +0000
The World Economic Forum, a not-for-profit foundation that each year gathers participants from around the world to discuss a wide range of global issues, has published its yearly Global Risks Report. Based on the opinions of almost 1,000 global experts and decision-makers, the top 5 global risks in 2018 in terms of likelihood are extreme weather events, natural disasters, cyber attacks, data fraud or theft, and failure of climate-change mitigation and adaptation. Cyber attacks and … More

Is ethical hacking more lucrative than software engineering?
Thu, 18 Jan 2018 13:45:30 +0000
HackerOne published its 2018 Hacker Report, which examines the geography, demographics, experience, tools used and motivations of nearly 2,000 bug bounty hackers across 100 countries. HackerOne found that on average, top earning ethical hackers make up to 2.7 times the median salary of a software engineer in their respective home countries. Also, hackers in India are making as much as 16 times the median. And yet, the new data finds that overall hackers are less … More