The anatomy of a completely fileless attack
The use of fileless malware is definitely on the rise, and it’s used both by targeted threat actors and cybercriminals. Trend Micro researchers, though, are keen to …
Another popular Chrome extension hijacked through phishing
Chris Pederick, the creator and maintainer of the Web Developer for Chrome extension, is the latest victim of attackers who hijack popular Chrome add-ons in order to push ads …
Malicious content delivered over SSL/TLS has more than doubled in six months
Threats using SSL encryption are on the rise. An average of 60 percent of the transactions in the Zscaler cloud have been delivered over SSL/TLS. Researchers also found that …
DigiCert to acquire Symantec’s website security business
Under the terms of the agreement, Symantec will receive approximately $950 million in upfront cash proceeds and approximately a 30 percent stake in the common stock equity of …
US DOJ publishes guidelines for setting up a vulnerability disclosure program
Instituting a vulnerability disclosure program (aka bug bounty program) that won’t blow up in the organization’s face can be a daunting task. Some will prefer to …
High-Tech Bridge appears in three Gartner Hype Cycles 2017
High-Tech Bridge has been identified as a Sample Vendor in the July 2017 Gartner reports “Hype Cycle for Application Services, 2017”, “Hype Cycle for Cloud …
US senators introduce bill to improve IoT security, protect researchers probing it
US Senators Mark Warner (D-VA), Cory Gardner (R-CO), Ron Wyden (D-WA) and Steve Daines (R-MT) introduced bipartisan legislation to improve the cybersecurity of …
Hackers impersonate women online to get into target corporate networks
By all (online) accounts, Mia Ash was a pretty and successful photographer based in London, and she was looking for friendship and love on the Internet. Her LinkedIn account …
Nmap 7.60 released: SSH support, SMB2/SMB3 improvements, 14 more scripts
Nmap is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network …
Most damaging threat vector for companies? Malicious insiders
According to a new SANS survey, 40 percent of respondents rated malicious insiders (insiders who intentionally do harm) as the most damaging threat vector their companies …
Most SMBs plan to outsource IT security this year
96 percent of small- to medium-sized businesses (SMBs) in the US, UK, and Australia believe their organizations will be susceptible to external cybersecurity threats in 2017. …
Weaponizing machine learning to improve cyber defenses
As defensive technologies based on machine learning become increasingly numerous, so will offensive ones – whether wielded by attackers or pentesters. The idea is the …