Image   Canada's largest Bitcoin exchange Cavirtex announced it will soon be shutting down its operations after a suspected security breach. Image In a statement made earlier this week, the Calgary-based company said it believed the compromise occurred on an older version of its database on...

Image Facebook is all about sharing. Users can share thoughts, photos and videos but now, Facebook is trying their hand at a new type of sharing: security threats. Last week, Facebook announced a new platform, called ThreatExchange, for organizations and security professionals to easily exchange cybersecurity threat information. The...

Image   In his 1983 Turing Award acceptance speech, "Reflections on Trusting Trust”, Ken Thompson popularized the concept of a compiler backdoor where the compiler not only inserts a backdoor during compilation of a program but also compiles in the code that inserts the backdoor when compiling itself. The core idea of his speech is...

Image   What's happened? An almighty furore has kicked off after it was discovered that for months Lenovo has been shipping PCs and laptops with software pre-installed that could compromise your security and privacy. What software? It's called Superfish, and it inserts adverts into webpages such as Google search results. In January, a...

Image We now appreciate the revelation that went public in February 2015 that international hackers circumvented what was supposed to be robust systems and defences, and managed to get away with an estimated $1 billion from a spectrum of around 100 banks located in 30 countries in what has been described as systemic cybercrime. With...

Image   Last summer, security researchers Karsten Nohl and Jakob Lell developed a malware program, dubbed ‘BadUSB,’ to prove the insecure development of USB devices. The pair of security researchers revealed how they managed to reprogram the firmware on removable USB drives to include malicious code, giving potential attackers the...

Image Last month, Michal Nemcok blogged about the lack of security in the Progressive Insurance diagnostic monitoring dongle. By hacking the monitoring device, someone may be able to gain access to and change the behavior of the car, itself. Now, this is serious stuff – vulnerabilities that might impact the operation of the thing that...

Image In early February, the White House released its 2015 National Security Strategy (NSS). Each NSS report is symbolic to the extent that it reveals the security issues the acting U.S. president intends to focus on for the coming months and years. While not constituting “hard,” actionable strategies, these documents help to...

Image A security firm has released a report in which it discusses how an advanced threat actor has been lodging malicious software into foreign target computers’ firmware for more than a decade. According to the report published by Kaspersky Labs, the threat actor, known as “The Equation Group,” uses multiple malware platforms on par...

Image I’ve been a finance professional for more than 25 years and spent the last 15 years in senior finance roles, mostly as a CFO of both public and private companies. Like many of you, I am often invited by business groups and professional service providers to attend thinly veiled networking events to get the attention of “C” suite...

Image I’ve been an iPhone user for quite a while... starting with the iPhone 4, I upgraded to the 4S, the 5, and, now, the 6. With the iPhone 6, I’ve spent a good deal of time investigating the features of iOS 8, something I didn’t do when I upgraded my iPhone 5 because it was already setup and ready to go. One of the features I...

Image A group of hackers were able to penetrate at least 30 financial institutions around the world and steal upwards of one billion dollars, making this attack one of the most advanced the world has yet seen. According to a report published by security firm Kaspersky Lab and sent to the New York Times, the cyber criminals, which have...

Image Haskell, an advanced purely functional programming language, has confirmed a security breach in its Debian Builds component. According to an advisory recently posted to Haskell’s blog, “`deb.haskell.org` is currently offline due to [its] hosting provider suspecting malicious activity.” The project’s security teams stated on...

Image Last week, we investigated the story of Vladmir Drinkman, a Russian hacker who assisted Albert Gonzalez, another notorious hacker, in breaching a number of American retailers and using customers’ stolen payment card credentials to unlawfully withdraw money from ATM machines around the world. With only three hackers remaining,...

Image   Image Source: Damballa State of Infections Report, Q4 2014 According to recent research, the average enterprise receives nearly 17,000 malware alerts per week; however, of these alerts, only 19 percent are considered reliable and a mere 4 percent are further investigated by security...

Image A new report indicates that the current malware infection rate for mobile devices is 0.68 percent, leading researchers to believe that at least 16 million devices were infected with malware at the end of 2014. Published by the Motive Security Labs division of the French telecommunications equipment company Alcatel-Lucent, the...

Image Anyone who has ever visited blog posts on the Forbes website has properly been irritated from time-to-time by its practice of displaying a "Thought of the Day" for a few seconds before it passes you onto the article that you actually wish to read. We all understand that Forbes has to make money like any other web publisher, but...

Image   It's not your identity they want, or even your credit card number. Those numbers are hard to exploit for quick cash. Banks and card companies have systems that quickly detect fraud. So, why go after an insurance company? Because it’s easy, and they can get away with really good stuff. What the Anthem hackers are after is your...

Image   The recent Anthem hack that may have compromised 80 million people’s personal health information reveals just how mainstream data breaches have become in recent years. In response to this rapidly evolving threat landscape, Boards of Directors (BoDs) and executives are now more aware of today’s cyber threats and how they might...

Image Attackers can use gaps in the X-Frame Options (XFO) support on Google’s Play Store web application to remotely install malware onto users’ Android devices. “A malicious user can leverage either a Cross-Site Scripting (XSS) vulnerability in a particular area of the Google Play Store web application, or a Universal XSS (UXSS)...