Help Net Security

Don't miss:

Hackable smart car wash systems can hurt people

How to protect the power grid from low-budget cyberattacks

Phishers’ techniques and behaviours, and what to do if you’ve been phished

Hot stuff

car wash

Hackable smart car wash systems can hurt people

Two years after researchers Billi Rios and Terry McCorkle first flagged serious vulnerabilities in automatic, smart car wash systems by US manufacturer PDQ, the company is finally acknowledging the danger. What changed since the initial discovery? Rios, founder of Whitescope, and researcher Jonathan Butts, founder of QED Secure Solutions, have …

hidden attacker

An internet-connected fish tank let hackers into a casino’s network

A high-tech, internet-connected fish tank in a North American casino has been used to exfiltrate data from the company’s network. Smart drawing pads used in an architectural firm were part of a botnet used to mount DDoS attacks against websites around the world owned by entertainment companies, design companies, and government bodies. …

Circle eye

MacOS malware used to spy on home users in the US

A new variant of the macOS malware Fruitfly has been found by security researcher Patrick Wardle on some 400 machines of (mostly) home users located in the US. Fruitfly: The first variant The malware was first flagged earlier this year, and found to be able to take screenshots, turn on the target computer’s webcam, simulate mouse clicks …

Siemplify

Creating the security operations center of the future with Siemplify

Security operations teams are engaged in a constant struggle to keep up with the volume of security alerts, maintain the right skills, and manage incident response processes. They want quality information, presented in a way that makes it easy to grasp and react to quickly. They want not to be bogged down in security alerts, and not to spend …

Pwn Pulse

Spotlight

Review: Pwnie Express Pulse

phishing

Phishers’ techniques and behaviours, and what to do if you’ve been phished

Once a user has been phished, how long does it takes for the phishers to misuse the stolen …

smart grid

How to protect the power grid from low-budget cyberattacks

Cyberattacks against power grids and other critical infrastructure systems have long been …

measure

Most companies fail to measure cybersecurity effectiveness

DEF CON 25

Decrypting DEF CON badge challenges

Expert corner

Decrypting DEF CON badge challenges

Marc Laliberte Information Security Threat Analyst at WatchGuard Technologies

Decrypting DEF CON badge challenges

Could e-discovery pros fill the insatiable demand for cybersecurity talent?

Jared Coseglia CEO at TRU Staffing Partners

Could e-discovery pros fill the insatiable demand for cybersecurity talent?

Don’t let cybercrime hold your innovation to ransom

Geoff Webb VP of Strategy at Micro Focus

Don’t let cybercrime hold your innovation to ransom

What will it take to improve the ICS patch process?

Nir Giller CTO/CISO at CyberX

What will it take to improve the ICS patch process?

Getting the most out of your SIEM investment

Kumar Saurabh CEO at LogicHub

Getting the most out of your SIEM investment

Five crucial ways to help keep a system safe from harm

Rush Taggart CSO at CardConnect

Five crucial ways to help keep a system safe from harm

What makes a good security analyst: The character traits you need

Anton Goncharov CTO at Gemini Data

What makes a good security analyst: The character traits you need

With ransomware, pay up if you want to keep paying

Carl Herberger VP of Security at Radware

With ransomware, pay up if you want to keep paying

Security startup confessions: Attending industry events

Kai Roer CEO of CLTRe

Security startup confessions: Attending industry events

DLP APIs: The next frontier for Data Loss Prevention

Roman Foeckl CEO at CoSoSys

DLP APIs: The next frontier for Data Loss Prevention

Where does the cyber security buck stop?

Corey Nachreiner CTO at WatchGuard Technologies

Where does the cyber security buck stop?

How to build a better SOC team

Reggie Best Chief Product Officer at Lumeta

How to build a better SOC team

What's New

smart grid

How to protect the power grid from low-budget cyberattacks

Cyberattacks against power grids and other critical infrastructure systems have long been considered a threat limited to nation-states due to the sophistication and resources necessary to mount them. At the Black Hat USA 2017 conference in Las …

phishing

Phishers’ techniques and behaviours, and what to do if you’ve been phished

Once a user has been phished, how long does it takes for the phishers to misuse the stolen credentials? To discover the answer to that question and many others, Imperva researchers went undercover by creating 90 personal online accounts, …

car wash

Hackable smart car wash systems can hurt people

Two years after researchers Billi Rios and Terry McCorkle first flagged serious vulnerabilities in automatic, smart car wash systems by US manufacturer PDQ, the company is finally acknowledging the danger. What changed since the initial …

hidden attacker

An internet-connected fish tank let hackers into a casino’s network

A high-tech, internet-connected fish tank in a North American casino has been used to exfiltrate data from the company’s network. Smart drawing pads used in an architectural firm were part of a botnet used to mount DDoS attacks against …

Android malware

Lippizan: Sophisticated, targeted spyware on Google Play

Google has discovered targeted spyware on Google Play that is likely the work of Equus Technologies, an Israeli cyber surveillance technology dealer. The malware, dubbed Lipizzan, was also discovered on and removed from fewer than 100 Android …

Reviews

Review: Pwnie Express Pulse

Review: Pwnie Express Pulse

Review: Acunetix 11

Review: Acunetix 11

Review: Advanced Persistent Security

Review: Advanced Persistent Security

Review: Data Breach Preparation and Response

Review: Data Breach Preparation and Response

Review: The Internet of Risky Things

Review: The Internet of Risky Things

Review: DNS Security

Review: DNS Security

Review: iStorage diskAshur Pro SSD

Review: iStorage diskAshur Pro SSD

Review: The Basics of Cyber Safety

Review: The Basics of Cyber Safety

Review: IS Decisions UserLock

Review: IS Decisions UserLock

Review: Threat Forecasting

Review: Threat Forecasting

Review: FourV Systems GreySpark

Review: FourV Systems GreySpark

Review: Boxcryptor

Review: Boxcryptor

Don't miss

car wash

Hackable smart car wash systems can hurt people

smart grid

How to protect the power grid from low-budget cyberattacks

phishing

Phishers’ techniques and behaviours, and what to do if you’ve been phished

danger

Security vulnerabilities in radiation monitoring devices

business

22% of SMBs hit by ransomware had to cease business operations

Android malware

Lippizan: Sophisticated, targeted spyware on Google Play

hidden attacker

An internet-connected fish tank let hackers into a casino’s network

measure

Most companies fail to measure cybersecurity effectiveness

Employees working while on holiday open orgs to security risks

bug bounties

Microsoft offers rewards for Windows bugs

biohazard

Malware creators increasingly run their business like legitimate software companies

GDPR

Only 2% of “GDPR-ready” organizations are actually compliant

Malware news

22% of SMBs hit by ransomware had to cease business operations

More than one-third of small and medium-sized businesses have experienced a ransomware attack in the last year, a new Malwarebytes report claims, and 22 percent of these impacted businesses had to cease operations immediately. …

Lippizan: Sophisticated, targeted spyware on Google Play

NanoCore RAT creator pleads guilty

Malware creators increasingly run their business like legitimate software companies

MacOS malware used to spy on home users in the US

Black Hat USA 2017

McAfee aims to strengthen human-machine defense teams

“Today’s security teams are facing 244 new cyber threats every minute, amid a serious talent shortage. Siloed security, without automation, managed by overwhelmed teams is not a sustainable defense strategy,” said Raja Patel, Vice President and …

Hackable smart car wash systems can hurt people

How to protect the power grid from low-budget cyberattacks

Threat prevention for protecting production environments

Phishers’ techniques and behaviours, and what to do if you’ve been phished