🔐 5 blockchain terms business leaders need to know 🔐

Blockchain technology is critical to business security, according to a Globant report. Here are the important blockchain terms to get accustomed with.

📖 Read

via "Security on TechRepublic".

🕴 What the Government Shutdown Teaches Us about Cybersecurity 🕴

As lawmakers face a Friday deadline to prevent the federal government from closing a second time, we examine the cost to the digital domain, both public and private.

📖 Read

via "Dark Reading: ".

⚠ Crypto mirror on the wall, who’s the smartest of them all? ⚠

Can scientists out-perform sports stars, musicians and politicians in recognition and influence? You bet they can!

📖 Read

via "Naked Security".

❌ Managing Enterprise Security After the Data Supernova ❌

It's futile to try to put the data genie back in the bottle. Next best thing is whole-enterprise data visibility.

📖 Read

via "Threatpost | The first stop for security news".

❌ First ‘Clipper’ Malware Discovered on Google Play ❌

A fake MetaMask app is the first instance of this new type of cryptocurrency stealer appearing outside of shady third-party app stores.

📖 Read

via "Threatpost | The first stop for security news".

❌ Exposed: Instagram, OKCupid, Mumsnet All Face Data Concerns ❌

Three major websites are making data-breach news this week.

📖 Read

via "Threatpost | The first stop for security news".

🕴 Security Pros Agree Military Should Conduct Offensive Hacking 🕴

But it can't operate in a bubble, a new Washington Post study indicates.

📖 Read

via "Dark Reading: ".

❌ Temporary Patch Released For Adobe Reader Zero-Day ❌

The zero-day flaw in Adobe Reader DC could allow bad actors to steal victims’ NTLM hashes.

📖 Read

via "Threatpost | The first stop for security news".

❌ U.S. Senators Urge VPN Ban for Federal Workers Over Spying ❌

Wyden and Rubio are eyeing VPN services they say could be instruments of espionage for Russia and China.

📖 Read

via "Threatpost | The first stop for security news".

❌ Threatpost Poll: Is It Impossible to Secure Mobile Devices? ❌

From spyware to leaky apps, mobile devices are facing a heightened level of threats. Are we prepared to secure them?

📖 Read

via "Threatpost | The first stop for security news".

🕴 OkCupid Denies Data Breach Amid Account Hack Complaints 🕴

Users on the dating website report hackers breaking into their accounts, changing email addresses, and resetting passwords.

📖 Read

via "Dark Reading: ".

🕴 New Encryption Mode Brings Sincerity and Discretion to Low-Cost Android Devices 🕴

Adantium, developed by Google, brings communication encryption to bear on storage security.

📖 Read

via "Dark Reading: ".

🕴 Experian: US Suffers the Most Online Fraud 🕴

New data from the credit reporting firm shows the sheer scale of online activity in the US also has made businesses and consumers there prime targets.

📖 Read

via "Dark Reading: ".

🕴 Client-Side DNS Attack Emerges From Academic Research 🕴

A new DNS cache poisoning attack is developed as part of the research toward a dissertation.

📖 Read

via "Dark Reading: ".

⚠ Facebook defends gun-law loophole firm as “political advertisers” ⚠

Concealed Online, the third biggest "political advertiser" on Facebook, touts the Virginia loophole, granting concealed weapons permits.

📖 Read

via "Naked Security".

⚠ Brave browser explains Facebook whitelist to concerned users ⚠

Brave is playing down fears after the revelation of what looked like a whitelist in its code allowing it to communicate with Facebook.

📖 Read

via "Naked Security".

⚠ Kids as young as eight falling victim to online predators ⚠

A UK children's charity has found that children as young as eight are being sexually exploited online via social media.

📖 Read

via "Naked Security".

⚠ Apple sued for ‘forcing’ 2FA on accounts ⚠

Time is money, baby: Jay Brodsky claims that Apple's 2FA "intermeddling" takes minutes out of his day, causing "economic loss."

📖 Read

via "Naked Security".

⚠ Russian ISPs plan internet disconnection test for entire country ⚠

Russia’s major ISPs plan to temporarily disconnect servers from the internet, effectively cutting the country off from the outside world.

📖 Read

via "Naked Security".

<b>&#9000; Email Provider VFEmail Suffers ‘Catastrophic’ Hack &#9000;</b>

<code>Email provider VFEmail has suffered what the company is calling “catastrophic destruction” at the hands of an as-yet unknown intruder who trashed all of the company’s primary and backup data in the United States. The firm’s founder says he now fears some 18 years’ worth of customer email may be gone forever.</code><code>Founded in 2001 and based in Milwaukee, Wisc., VFEmail provides email service to businesses and end users. The first signs of the attack came on the morning of Feb. 11, when the company’s Twitter account started fielding reports from users who said they were no longer receiving messages. VFEmail’s Twitter account responded that “external facing systems, of differing OS’s and remote authentication, in multiple data centers are down.”</code><code>Media</code><code>Two hours later, VFEmail tweeted that it had caught a hacker in the act of formatting one of the company’s mail servers in The Netherlands.</code><code>“nl101 is up, but no incoming email,” read a tweet shortly thereafter. “I fear all US based data my be lost.”</code><code>“At this time, the attacker has formatted all the disks on every server,” wrote VFEmail. “Every VM [virtual machine] is lost. Every file server is lost, every backup server is lost. Strangely, not all VMs shared the same authentication, but all were destroyed. This was more than a multi-password via ssh exploit, and there was no ransom. Just attack and destroy.”</code><code>In an update posted to the company’s Web site, VFEmail owner Rick Romero wrote that new email was being delivered and that efforts were being made to recover what user data could be salvaged.</code><code>“At this time I am unsure of the status of existing mail for US users,” Romero wrote. “If you have your own email client, DO NOT TRY TO MAKE IT WORK. If you reconnect your client to your new mailbox, all your local mail will be lost.”</code><code>Reached by KrebsOnSecurity on Tuesday morning, Romero said he was able to recover a backup drive hosted in The Netherlands, but that he fears all of the mail for U.S. users may be irreparably lost.</code><code>“I don’t have very high expectations of getting any U.S. data back,” Romero said in an online chat.</code><code>John Senchak, a longtime VFEmail user from Florida who also has been a loyal reader and commenter at this blog, told KrebsOnSecurity that the attack completely wiped out his inbox at the company — some 60,000 emails sent and received over more than a decade.</code><code>“I have a account with that site, all the email in my account was deleted,” Senchak said.</code><code>Asked if he had any clues about the attackers or how they may have broken in, Romero said the intruder appeared to be doing his dirty work from a server based in Bulgaria (94.155.49[9], username “aktv.”)</code><code>“I haven’t done much digging yet on the actors,” he said. “It looked like the IP was a Bulgarian hosting company. So I’m assuming it was just a virtual machine they were using to launch the attack from. There definitely was something that somebody didn’t want found. Or, I really pissed someone off. That’s always possible.”</code><code>This isn’t the first time criminals have targeted VFEmail. I wrote about the company in 2015 after it suffered a debilitating distributed denial-of-service (DDoS) attack after Romero declined to pay a ransom demand from an online extortion group. Another series of DDoS attacks in 2017 forced VFEmail to find a new hosting provider.</code><code>In December 2018, Romero tweeted that service had been disrupted by a DDoS attack that he attributed to “script kiddies,” a derisive reference to low-skilled online hooligans.</code><code>“After 17 years if I was planning it shut it down, it’d be shut down by me – not script kiddies,” Romero wrote on Dec. 8.</code><code>Attacks that seek to completely destroy data and servers without any warning or extortion demand are not as common…

🕴 2019 Security Spending Outlook 🕴

Cybersecurity and IT risk budgets continue to grow. Here's how they'll be spent.

📖 Read

via "Dark Reading: ".