Phishers’ new trick for bypassing email URL filters
Phishers have come up with another trick to make Office documents carrying malicious links undetectable by many e-mail security services: they delete the links from the …
Rockwell Automation industrial energy meter vulnerable to public exploits
A low-skilled, remote attacker could use publicly available exploits to gain access to and mess with a power monitor by Rockwell Automation that is used by energy companies …
Flawed password managers allow malware to steal passwords from computer memory
The most widely used password managers sport fundamental vulnerabilities that could allow malware to steal the master password or other passwords stored by the software …
Ryuk: What does the helpdesk tell us?
Cybercrime is the only criminal channel that provides a helpdesk. An amusing side note in the world of digital crime, and whilst considerable efforts have been taken to …
Insights on modern adversaries and their tactics, techniques, and procedures
In today’s ever-evolving cyber landscape, speed is essential for effective cyber defense. CrowdStrike’s Global Threat Report reveals “breakout time” – the critical window …
European standards org releases consumer IoT cybersecurity standard
The European Telecommunications Standards Institute (ETSI) has released ETSI TS 103 645, a standard for cybersecurity in the Internet of Things, to establish a security …
Free decryption tool could save victims millions in ransomware payments
A new decryption tool has been released for free on the No More Ransom depository for the latest strand of GandCrab. This tool was developed by the Romanian Police in close …
Detecting Trojan attacks against deep neural networks
A group of researchers with CSIRO’s Data61, the digital innovation arm of Australia’s national science agency, have been working on a system for run time detection of trojan …
Webinar: Defending account takeovers at Remitly
Account Takeover attacks don’t follow conventional attack patterns – they look, act, and feel like legitimate users. Without the right tooling, visibility into …
IT security incidents affecting German critical infrastructure are on the rise
The number of IT security incidents reported by critical infrastructure companies in Germany has soared. In 2017, the German Federal Office for Security in Information …
How RSA Conference 2019 brings diverse security professionals together
With RSA Conference 2019 USA just two weeks away, we asked Sandra Toms, Vice President and Curator, RSA Conference, to tell us more about the challenges involved in developing …
Building security into cloud native apps with NGINX
Companies like Airbnb, Uber and DoorDash, which have a cloud-based software infrastructure as one of their main enablers, are disrupting the hospitality, transportation and …