In this podcast recorded at Black Hat USA 2017, Dr. Richard Ford, Chief Scientist at Forcepoint, talks about the security industry’s need of a paradigm shift toward examining user behavior and intent. Here’s a transcript of the podcast for your convenience. Hello, my name is Dr. Richard Ford, I’m the Chief Scientist over at …
WordPress security outfit Wordfence has flagged several attempts by attackers to upload ransomware that provides them with the ability to encrypt a WordPress website’s files. They dubbed the malware “EV ransomware”, due to the .ev extension that is added to the encrypted files. About EV ransomware The ransomware is uploaded once …
Security awareness is a term that most information security professionals are familiar with – security culture a little less so. “Security awareness training is based on a behavioural theory that was debunked decades ago,” says Kai Roer, co-founder of European security startup CLTRe. “The Rational Economic Theory says …
What will it take for cybersecurity policy to finally catch up to the digital age? I get this question often, and increasingly I worry that it will take a true “black swan” event to shock the system. Black swan events are rare, come as a surprise, and have a major impact. However, in 2017 alone, we seem to have already spotted a few black …
SANS ISC handler Xavier Mertens has flagged and analyzed a malicious Word file that, somehow, …
There has been a lot of hype around blockchain technology and the benefits it could potentially …
Trend Micro’s Zero Day Initiative has released details about two remote code execution zero-day flaws affecting popular freemium PDF tool Foxit Reader. The first one (CVE-2017-10951) is a command injection flaw that exists within the …
A hacker that goes by the handle “xerub” has apparently figured out the decryption key for Apple’s Secure Enclave Processor (SEP) firmware, and made it available online: key is fully grown https://t.co/MwN4kb9SQI use …
New Firebox M Series appliances help SMBs keep up with encrypted traffic WatchGuard Technologies announced hardware upgrades to its Firebox M Series to handle the proliferation of encrypted web traffic. With the new M470, M570 and M670 …
The majority of IT security professionals believe encryption backdoors are ineffective and potentially dangerous, with 91 percent saying cybercriminals could take advantage of government-mandated encryption backdoors. 72 percent of the …
There has been a lot of hype around blockchain technology and the benefits it could potentially bring to a wide variety of verticals, including identity verification. While the benefits are exciting, there are a handful of very important steps …
The infamous NotPetya ransomware attack, which started in Ukraine on June 27 but later spread to many international businesses, has resulted in huge monetary losses for the victims. Even those who paid the ransom couldn’t recover swiftly, …
SANS ISC handler Xavier Mertens has flagged and analyzed a malicious Word file that, somehow, is made to automatically download an additional malicious RTF file, ultimately leading to a RAT infection. What is curious about this particular attack …
The majority of IT security professionals believe encryption backdoors are ineffective and potentially dangerous, with 91 percent saying cybercriminals could take advantage of government-mandated encryption backdoors. 72 percent of the …
