β Targeted ransomware attacks β SophosLabs 2019 Threat Report β
π Read
via "Naked Security".
This year's SophosLabs Threat Report is out. We talk targeted ransomware attacks, and in particular, SamSam.π Read
via "Naked Security".
Naked Security
Targeted ransomware attacks β SophosLabs 2019 Threat Report
This yearβs SophosLabs Threat Report is out. We talk targeted ransomware attacks, and in particular, SamSam.
π How to improve enterprise IoT security: 5 tips π
π Read
via "Security on TechRepublic".
Some 15% of companies struggling with IoT security lost at least $34 million in the last couple years. Here are five ways to stay better protected.π Read
via "Security on TechRepublic".
TechRepublic
How to improve enterprise IoT security: 5 tips
Some 25% of companies struggling with IoT security lost at least $34 million in the last couple years. Here are five ways to stay better protected.
π 69% of ATMs can be hacked to spit cash in minutes π
π Read
via "Security on TechRepublic".
ATM vulnerabilities highlight the importance of securing machines against network attacks, according to a Positive Technologies report.π Read
via "Security on TechRepublic".
TechRepublic
69% of ATMs can be hacked to spit cash in minutes
ATM vulnerabilities highlight the importance of securing machines against network attacks, according to a Positive Technologies report.
π΄ To Click or Not to Click: The Answer Is Easy π΄
π Read
via "Dark Reading: ".
Mega hacks like the Facebook breach provide endless ammo for spearphishers. These six tips can help you stay safer.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
π AI, IoT, and edge computing drive cybersecurity concerns for 2019 π
π Read
via "Security on TechRepublic".
As companies adopt emerging technologies, the cyber risk landscape is set to grow larger in the new year, according to a Forcepoint report.π Read
via "Security on TechRepublic".
TechRepublic
AI, IoT, and edge computing drive cybersecurity concerns for 2019
As companies adopt emerging technologies, the cyber risk landscape is set to grow larger in the new year, according to a Forcepoint report.
π΄ Can Businesses Stand Up to Cybercrime? Only 61% Say Yes π΄
π Read
via "Dark Reading: ".
While 96% of US organizations say business resilience should be core to company strategy, only 61% say it actually is.π Read
via "Dark Reading: ".
Dark Reading
Can Businesses Stand Up to Cybercrime? Only 61% Say Yes
While 96% of US organizations say business resilience should be core to company strategy, only 61% say it actually is.
β Siemens Patches Firewall Flaw That Put Operations at Risk β
π Read
via "Threatpost | The first stop for security news".
The industrial company on Tuesday released mitigations for eight vulnerabilities overall.π Read
via "Threatpost | The first stop for security news".
Threat Post
Siemens Patches Firewall Flaw That Put Operations at Risk
The industrial company on Tuesday released mitigations for eight vulnerabilities overall.
π Researchers discover seven new Meltdown and Spectre attacks π
π Read
via "Security on TechRepublic".
Experiments showed that processors from AMD, ARM, and Intel are affected.π Read
via "Security on TechRepublic".
TechRepublic
Researchers discover seven new Meltdown and Spectre attacks
Experiments showed that processors from AMD, ARM, and Intel are affected.
π΄ Sharpen Your Malware-Fighting Skills at Black Hat Europe π΄
π Read
via "Dark Reading: ".
Don't miss out on the Black Hat Briefings, Trainings, and Arsenal tools that will equip you with the knowledge and skills you need to deal with today's top malware.π Read
via "Dark Reading: ".
Dark Reading
Sharpen Your Malware-Fighting Skills at Black Hat Europe
Don't miss out on the Black Hat Briefings, Trainings, and Arsenal tools that will equip you with the knowledge and skills you need to deal with today's top malware.
π΄ Understanding Evil Twin AP Attacks and How to Prevent Them π΄
π Read
via "Dark Reading: ".
The attack surface remains largely unprotected from Wi-Fi threats that can result in stolen credentials and sensitive information as well as backdoor/malware payload drops.π Read
via "Dark Reading: ".
Darkreading
Understanding Evil Twin AP Attacks and How to Prevent Them
The attack surface remains largely unprotected from Wi-Fi threats that can result in stolen credentials and sensitive information as well as backdoor/malware payload drops.
π΄ Airlines Have a Big Problem with Bad Bots π΄
π Read
via "Dark Reading: ".
Bad bots account for 43.9% of all traffic on their websites, APIs, and mobile apps, according to a new analysis of 100 airlines.π Read
via "Dark Reading: ".
Darkreading
Airlines Have a Big Problem with Bad Bots
Bad bots account for 43.9% of all traffic on their websites, APIs, and mobile apps, according to a new analysis of 100 airlines.
π΄ Black Hat: European Security Pros Wrestling With Potential Breaches, Privacy Issues π΄
π Read
via "Dark Reading: ".
Black Hat Europe attendee survey shows European cybersecurity leaders are uncertain of their ability to protect end user data - and are fearful of a near-term breach of critical infrastructure.π Read
via "Dark Reading: ".
Dark Reading
Black Hat: European Security Pros Wrestling With Potential Breaches, Privacy Issues
Black Hat Europe attendee survey shows European cybersecurity leaders are uncertain of their ability to protect end user data - and are fearful of a near-term breach of critical infrastructure.
π΄ Cryptojacking, Mobile Malware Growing Threats to the Enterprise π΄
π Read
via "Dark Reading: ".
At the same time, criminal organizations continue to look for new ways to attack their victims.π Read
via "Dark Reading: ".
Darkreading
Cryptojacking, Mobile Malware Growing Threats to the Enterprise
At the same time, criminal organizations continue to look for new ways to attack their victims.
<b>⌨ Calif. Man Pleads Guilty in Fatal Swatting Case, Faces 20+ Years in Prison ⌨</b>
<code>A California man who pleaded guilty Tuesday to causing dozens of swatting attacks β including a deadly incident in Kansas last year β now faces 20 or more years in prison.</code><code>Media</code><code>Tyler Raj Barriss, in an undated selfie.</code><code>Tyler Barriss, 25, went by the nickname SWAuTistic on Twitter, and reveled in perpetrating βswattingβ attacks. These dangerous hoaxes involve making false claims to emergency responders about phony hostage situations or bomb threats, with the intention of prompting a heavily-armed police response to the location of the claimed incident.</code><code>On Dec. 28, 2018, Barriss placed a call from California to police in Wichita, Kansas, claiming that he was a local resident whoβd just shot his father and was holding other family members hostage.</code><code>When Wichita officers responded to the address given by the caller β 1033 W. McCormick β they shot and killed 28-year-old Andrew Finch, a father of two who had done nothing wrong.</code><code>Barriss admitted setting that fatal swatting attack in motion after getting in the middle of a dispute between two Call of Duty gamers, 18-year-old Casey Viner from Ohio and Shane Gaskill, 20, from Wichita.</code><code>Viner allegedly asked Barriss to swat Gaskill. But when Gaskill noticed Barrissβ Twitter account (@swattingaccount) suddenly following him online, he tried to deflect the attack. Barriss says Gaskill allegedly dared him to go ahead with the swat, but then gave Barriss an old home address β 1033 W. McCormick β which was then being occupied by Finchβs family.</code><code>Viner and Gaskill are awaiting trial. A more detailed account of their alleged dispute is told here.</code><code>According to the Justice Department, Barriss pleaded guilty to making hoax bomb threats in phone calls to the headquarters of the FBI and the Federal Communications Commission in Washington, D.C. He also made bomb threat and swatting calls from Los Angeles to emergency numbers in Ohio, New Hampshire, Nevada, Massachusetts, Illinois, Utah, Virginia, Texas, Arizona, Missouri, Maine, Pennsylvania, New Mexico, New York, Michigan, Florida and Canada.</code><code>U.S. Attorney Stephen McAllister said Barriss faces 20 years or more in prison. Barriss is due to be sentenced Jan. 30, 2019.</code><code>Many readers following this story over the past year have commented here that the officer who fired the shot which killed Andrew Finch should also face prosecution. However, the district attorney for the county that encompasses Wichita decided in April that the officer will not face charges, and will not be named because he isnβt being charged with a crime.</code><code>As the victim of a swatting attack in 2013 and two other attempted swattings, Iβm glad to finally see a swatting prosecution that may actually serve as a deterrent to this idiotic and extremely dangerous crime going forward.</code><code>Itβs also great to see police departments like Seattleβs taking steps to help head off swatting incidents before they happen. Last month, the Seattle Police 911 Center launched a new program that lets residents register their address and corresponding concerns if they feel they may be the target of swatting.</code><code>But it would also be nice if more police forces around the country received additional training on exercising restraint in the use of deadly force, particularly in responding to hostage or bomb threat scenarios that have hallmarks of a swatting hoax.</code><code>For example, perpetrators of swatting often call non-emergency numbers at state and local police departments to carry out their crimes precisely because they are not local to the region and cannot reach the targetβs police department by calling 911. This is exactly what Tyler Barriss did in the Wichita case and others. Swatters also often use text-to-speech (TTY) services for the hearingβ¦
<code>A California man who pleaded guilty Tuesday to causing dozens of swatting attacks β including a deadly incident in Kansas last year β now faces 20 or more years in prison.</code><code>Media</code><code>Tyler Raj Barriss, in an undated selfie.</code><code>Tyler Barriss, 25, went by the nickname SWAuTistic on Twitter, and reveled in perpetrating βswattingβ attacks. These dangerous hoaxes involve making false claims to emergency responders about phony hostage situations or bomb threats, with the intention of prompting a heavily-armed police response to the location of the claimed incident.</code><code>On Dec. 28, 2018, Barriss placed a call from California to police in Wichita, Kansas, claiming that he was a local resident whoβd just shot his father and was holding other family members hostage.</code><code>When Wichita officers responded to the address given by the caller β 1033 W. McCormick β they shot and killed 28-year-old Andrew Finch, a father of two who had done nothing wrong.</code><code>Barriss admitted setting that fatal swatting attack in motion after getting in the middle of a dispute between two Call of Duty gamers, 18-year-old Casey Viner from Ohio and Shane Gaskill, 20, from Wichita.</code><code>Viner allegedly asked Barriss to swat Gaskill. But when Gaskill noticed Barrissβ Twitter account (@swattingaccount) suddenly following him online, he tried to deflect the attack. Barriss says Gaskill allegedly dared him to go ahead with the swat, but then gave Barriss an old home address β 1033 W. McCormick β which was then being occupied by Finchβs family.</code><code>Viner and Gaskill are awaiting trial. A more detailed account of their alleged dispute is told here.</code><code>According to the Justice Department, Barriss pleaded guilty to making hoax bomb threats in phone calls to the headquarters of the FBI and the Federal Communications Commission in Washington, D.C. He also made bomb threat and swatting calls from Los Angeles to emergency numbers in Ohio, New Hampshire, Nevada, Massachusetts, Illinois, Utah, Virginia, Texas, Arizona, Missouri, Maine, Pennsylvania, New Mexico, New York, Michigan, Florida and Canada.</code><code>U.S. Attorney Stephen McAllister said Barriss faces 20 years or more in prison. Barriss is due to be sentenced Jan. 30, 2019.</code><code>Many readers following this story over the past year have commented here that the officer who fired the shot which killed Andrew Finch should also face prosecution. However, the district attorney for the county that encompasses Wichita decided in April that the officer will not face charges, and will not be named because he isnβt being charged with a crime.</code><code>As the victim of a swatting attack in 2013 and two other attempted swattings, Iβm glad to finally see a swatting prosecution that may actually serve as a deterrent to this idiotic and extremely dangerous crime going forward.</code><code>Itβs also great to see police departments like Seattleβs taking steps to help head off swatting incidents before they happen. Last month, the Seattle Police 911 Center launched a new program that lets residents register their address and corresponding concerns if they feel they may be the target of swatting.</code><code>But it would also be nice if more police forces around the country received additional training on exercising restraint in the use of deadly force, particularly in responding to hostage or bomb threat scenarios that have hallmarks of a swatting hoax.</code><code>For example, perpetrators of swatting often call non-emergency numbers at state and local police departments to carry out their crimes precisely because they are not local to the region and cannot reach the targetβs police department by calling 911. This is exactly what Tyler Barriss did in the Wichita case and others. Swatters also often use text-to-speech (TTY) services for the hearingβ¦
π΄ Security Teams Struggle with Container Security Strategy π΄
π Read
via "Dark Reading: ".
Fewer than 30% of firms have more than a basic container security plan in place.π Read
via "Dark Reading: ".
Dark Reading
Security Teams Struggle with Container Security Strategy
Fewer than 30% of firms have more than a basic container security plan in place.
π΄ Small-Time Cybercriminals Landing Steady Low Blows π΄
π Read
via "Dark Reading: ".
High-end crime groups are acquiring the sorts of sophisticated capabilities only nation-states once had, while low-tier criminals maintain a steady stream of malicious activity, from cryptomining to PoS malware.π Read
via "Dark Reading: ".
Darkreading
Small-Time Cybercriminals Landing Steady Low Blows
High-end crime groups are acquiring the sorts of sophisticated capabilities only nation-states once had, while low-tier criminals maintain a steady stream of malicious activity, from cryptomining to PoS malware.
β Pwn2Own Trifecta: Galaxy S9, iPhone X and Xiaomi Mi6 Fall to Hackers β
π Read
via "Threatpost | The first stop for security news".
Hacker contest earns participants $325,000 based on the discovery of 18 vulnerabilities.π Read
via "Threatpost | The first stop for security news".
Threat Post
Pwn2Own Trifecta: Galaxy S9, iPhone X and Xiaomi Mi6 Fall to Hackers
Hacker contest earns participants $325,000 based on the discovery of 18 vulnerabilities.
β Bitcoin Giveaway Scam Balloons, with Google the Latest Victim β
π Read
via "Threatpost | The first stop for security news".
A slew of verified Twitter accounts have been hijacked and altered, used to tweet out a bogus Bitcoin giveaway scam.π Read
via "Threatpost | The first stop for security news".
Threat Post
Bitcoin Giveaway Scam Balloons, with Google the Latest Victim
A slew of verified Twitter accounts have been hijacked and altered, used to tweet out a bogus Bitcoin giveaway scam.
β Steganography β cool cybersecurity trick or dangerous risk? [VIDEO] β
π Read
via "Naked Security".
Burying secret data in plain sight- is it a clever cybersecurity trick, or a way to attract the very attention you wanted to avoid?π Read
via "Naked Security".
Naked Security
Steganography β cool cybersecurity trick or dangerous risk? [VIDEO]
Burying secret data in plain sight- is it a clever cybersecurity trick, or a way to attract the very attention you wanted to avoid?
β France: Letβs make the internet safer! US: βHow about NO?!β β
π Read
via "Naked Security".
Don't cry for us, Argentina: Critics saw potential for government meddling without court order, among other issues.π Read
via "Naked Security".
Naked Security
France: Letβs make the internet safer! US: βHow about NO?!β
Donβt cry for us, Argentina: Critics saw potential for government meddling without court order, among other issues.
β DARPA uses a remote island to stage a cyberattack on the US power grid β
π Read
via "Naked Security".
It enacted a worst-case, "black start" scenario: swaths of the country's grid offline for a month, battery backups exhausted.π Read
via "Naked Security".
Naked Security
DARPA uses a remote island to stage a cyberattack on the US power grid
It enacted a worst-case, βblack startβ scenario: swaths of the countryβs grid offline for a month, battery backups exhausted.