Image A security firm has identified a new malware campaign on Careerbuilder.com, a popular job search website, in which attackers are using phishing and social engineering techniques in order to trick users into opening malicious documents. Image In a post published on its security blog,...

Image You know what I don’t want to talk about any more? Responsible disclosure. The problem is that, as old as that discussion is for information security, it and the adjacent topics, remain relevant for many other industries. Image There’s a good chance you caught the media coverage of a...

Image The Federal Bureau of Investigation (FBI) is assisting Rutgers University investigate the source of a second targeted attack that has crippled the university’s Internet in the past month. “The Federal Bureau of Investigation is assisting the university with its search,” agency spokeswoman Celeste Danzi explained on Wednesday. ...

Image Thirty thousand people; five hundred vendors; a clan of security practitioners seeking out safety in their ecosystem; a tribe of knowledge pursuing the opportunity to share best practice and thought leadership to increase likelihood of survival... my first RSA. Amit Yoran’s Keynote suggests that an evolution out of the Dark Ages...

Image Today, security engineers at Google announced the release of a new browser extension aimed to help users better protect their Google accounts against phishing attacks. Known as Password Alert, the free, open-source Chrome extension works by alerting users when they enter their passwords into any non-Google site. “Once you’ve...

Image In ages past, invading armies would poison the water source – usually a well – of a city in order to reduce the fighting capability of the enemy or to force the populace of a city under siege to surrender. This method was usually successful because an invader could have a devastating effect on a very large population with...

Image Plenty of people these days are prepared to augment their bodies with face furniture, piercings, rings and tattoos. But would you implant a chip in your hand to show how easy it is to exploit an Android phone? That's what former US navy petty officer Seth Wahle did, in an attempt to demonstrate how business networks could be...

Image Continuous monitoring is poised to do for information security what cloud deployment did for global productivity. Continuous monitoring not only has a role to play in preventing large-scale data breaches but it can also help compliance-sensitive organizations save money by facilitating long-term compliance continuity and...

Image Earlier this month, Lastline, a security firm that focuses on real-time analysis of advanced malware, issued a new report on the evolving landscape of evasive malware. Co-founder and chief scientist at Lastline Christopher Kruegel published the report as part of his presentation for RSA Conference 2015 entitled, “Evasive Malware...

Image General Keith Alexander, the former head of the National Security Agency (NSA), is concerned that the United States’ energy infrastructure is vulnerable to targeted attacks launched by sophisticated actors. “The greatest risk is a catastrophic attack on the energy infrastructure. We are not prepared for that,” he said. ...

Image This might be hard to believe, but it is true: 59 percent of data breaches are happening not because of some smart hacker who wants to do harm to your company but because of your own employees. In order to stop these incidents, you have to focus on two things (other than investing in new technology): set your internal processes...

Image Last time, we explored the story of Timothy Lance Lai, at one time a private tutor who was arrested for providing his former students with a keylogger, which they in turn used to change their grades. We now report on the story of Austin Alcala, a teenage hacker who infiltrated various American corporations and the United States...

Image After an action-packed week at RSA, we’re happy to say this year’s show didn’t disappoint, as it encouraged the information security community to “challenge today’s security thinking.” We saw consistent themes across many presentation topics, as well as vendors’ messaging, including one of the biggest issues seen in the recently...

Image On Saturday, the website and Twitter account of electric vehicle maker Tesla was compromised briefly, as well as CEO Elon Musk's Twitter account. The website was defaced after the DNS for TeslaMotors.com was redirected to another server hosting an image with various messages and faces of a few people. Image ...

Image It could be said that the proliferation of automation is the defining characteristic of the last 100 years. In almost every area of our lives, we’ve found a way to leverage technology to increase our efficiency, freeing us up for higher-order tasks… The things we like to do, the things that are hard, the things we’re good at. A...

Image Earlier this month, an explosion at a power station in Maryland caused outages at the White House, the Capital, and the State Department. The service interruption, which affected between 10,000 and 30,000 people, was caused by a 230-kilovolt transmission conductor that broke free from its support structure, according to NBC News...

Image According to a tech consultant, Facebook collects all writing that is entered into a text box and sends it to its servers regardless of whether a user chooses to publish it. In a post published on his blog, Príomh Ó hÚigínn explains that Facebook sends an HTML post request containing the text a user writes. He observed this...

Image Security researchers presenting at this week's RSA Conference in San Francisco, have uncovered a whole new compelling reason to switch off your phone. Skycure's Yair Amit and Adi Sharabani have demonstrated a startling vulnerability in iOS that can allow malicious hackers to crash any iOS device within range of a WiFi hotspot....

Image A security researcher has found that hackers used phishing emails to penetrate Sony Picture Entertainment’s computer networks last fall. Stuart McClure, CEO of computer security firm Cylance, says he analyzed a downloaded database of Sony emails and in the process discovered a pattern of phishing attempts. “We started to...

Image Last month, I participated in the Tripwire VERT cybersecurity Capture the Flag contest organized for infosec students with some awesome prizes: BSides Las Vegas & DEF CON 23 travel packages and more… I’m in! Even though I didn’t get that far, it was a great learning experience! The CTF started on March 27 when I got an email...