The Internet is fragile. This summer, the world saw governments trying to shut down the Internet as thousands rallied for democracy in the Middle East. We also saw rioters use the Internet in the UK to coordinate attacks on the innocent. The San Francisco transit system, BART shut off Internet access in hopes to prevent nefarious hacker groups from disrupting the mass transit system. However,.
CVE-2015-0240 is a critical security flaw in Samba that resides in the smbd file server daemon and can be exploited by a malicious Samba client remotely. Linux administrators urge to update their systems due to the discovery of a critical vulnerability the open source Linux-and-Windows-compatibility software Samba. The vulnerability in Samba, coded as CVE-2015-0240, affects versions.
Security researchers from iSight and Invincea uncovered a highly sophisticated data exfiltration APT. However, the target of the attack was not company that was compromised; it was that site’s users. Forbes.com, one of the most highly trafficked websites in the world, was compromised and used to spread malware to site visitors. Similarly to other website attacks reported in recent months,.
Data breaches continue to hit the news yet are only a fraction of what is being reported. Some recent ones are Sony (more on this HERE … and yes I saw The Interview because of the press behind this) and Anthem (more on this HERE). The reasons why organizations don’t report a breach vary from the fear of having critical infrastructure confiscated (which today usually isn’t the case.
The people at Propublica.org wrote a really cool piece on the creature of GPG, Enigmail and GPG4Win Werner Koch (original post can be found HERE). Until recently, Werner has been the one man band behind developing and maintaining a few versions of free email encryption software applications. Large organizations and governments tend to dump funds into spying and cyber defense yet can’t.
Another week, another hack. A group of cybercriminals used phishing attacks to install remote access toolkits (RATs) and steal over $300 million from banks and other financial institutions (source: http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html) Using RATs is not new, and common method cybercriminals use. We had an in-depth look at njRAT and the Sweet.
Imagine your are watching your favorite tv show and start chatting about sensitive subjects. Those things could be leaked through your TV according Samsung’s warning about users of their smart TVs. Thats right, the TV that suppose to be providing entertainment is also listening for commands … BUT ALWAYS LISTENING. Joey Muniz, The Security Blogger, wrote a great article looking if our.
Yesterday, another cyber espionage group with Russian roots made it to the New York Times headlines again courtesy of FireEye and a new report they published. FireEye did a pretty good job on attribution and giving some technical indicators; however, they neglected to reference previous work on this threat actor from companies like PWC, TrendMicro, ESET and others. See more at: Click here.
It should come as no surprise that another major data breach is in the headlines. Anthem, the nation’s second largest insurance provider, may have had as many as 80 million personal records compromised. There are several factors that make this breach notable. Primarily, it is the first major health insurance breach of its scale. The largest breach prior was the loss of over 4 million.