Earlier this year, the FBI stated that the second most prominent scam on the internet is the wire fraud scam , whereby a CFO is sent a phishing message that is supposed to appear to come from the CEO, requesting an urgent transfer of funds. These attacks that are targeted toward the “big fish” in a company, usually the Chief Financial Officer, are known as “whaling” attacks. A recent conversation...

Truth be told, it's not been the best of weeks for Martin Shkreli. The former hedge fund manager made himself and his firm Turing Pharmaceuticals notorious earlier this year by raising the price of an AIDS treatment drug from $13.50 to $750 per tablet. That particular stunt resulted in Shkreli being dubbed "the internet's most hated man" , and you would think would be enough drama for one year...

The hacker group Phantom Squad has recently claimed responsibility for an alleged attack that caused problems for Xbox Live users. Earlier this month, Phantom Squad announced that they intended to take down Sony's PlayStation Network and Microsoft's Xbox Live gaming platforms for one week beginning on Christmas Day. “We are going to shut down Xbox live and PSN this year on christmas. And we are...

Circa 3000 BCE – The Sumerian language is dead. Why? Because as it’s often said, a language is just a dialect with an army, and the army had long vanished. A thousand or so years earlier, however, Sumerian was the first language to have a written form, and Sumerians wasted no time in developing tools – elaborately carved cylinder seals – to authenticate messages written in clay. Why? Perhaps...

A recent article by The Financial Times argues that boards should be looking to employ younger directors to tackle the cyber security “problem." Meanwhile, the EU has unveiled the proposed Network and Information Security Directive . Think about the psychology here, really… The more we raise the bar and levels of expectations, given the volume of frameworks created, legislation struck, regulations...

Optus, the second largest telecommunications provider in Australia, is investigating a data breach after customer data was leaked onto Freelancer.com. Australian news site Crikey reports that the breach occurred when an employee of the debt collection firm Arc Mercantile posted a spreadsheet containing the personal information of customers who owed Optus money to Freelancer.com. Arc Mercantile...

Phishing scams are a menace. According to the Verizon 2015 Data Breach Investigations Report , at least one in 10 people fall for phishing attacks. This rate of success spells trouble for businesses. Indeed, a report issued by the Ponemon Institute in August of this year found that the average organization could potentially spend up to $3.7 million annually in responding to phishing attacks. 48...

President Xi Jinping believes that the People's Republic of China should have the right to decide what to block and censor on the web. In his opening speech for the second World Internet Conference, which opened in Wuzhen, Zhejiang province on Wednesday, the Chinese president invoked national sovereignty, a principle enshrined in the Charter of the United Nations, as a notion that applies to all...

It is my privilege to have joined Tripwire as the company's Vice President of Sales for Europe, Middle East, and Africa (EMEA) earlier this Autumn. At this time, I would like to explain why ongoing developments in the security world influenced my decision to come aboard. So, let's jump right in. Why did I join Tripwire? First of all, EMEA – my area of focus in the company – is making some...

UK law enforcement has announced the arrest of an individual as part of its ongoing investigation into the hack against VTech, a provider of electronic learning products. On Tuesday, officers from the South East Regional Organized Crime Unit (SEROCU) published a statement in which they explain the status of their investigation. "A 21-year-old man was arrested this morning (15/12) in Bracknell on...

If your doctor walks into the exam room for your annual physical and listens to your heart, takes a quick look at your throat, and then gives a clean bill of health without asking many questions, a quick interaction might make you feel good if you’re not worried about your health. However, if you haven’t been feeling well, or if you are at risk for chronic disease, this superficial approach could...

At least 30 Twitter accounts received a disturbing message from the site late last week, warning that they may have been targeted by government or state-sponsored hackers. Canadian non-profit Coldhak, which focuses on privacy and freedom of speech issues, was one of the first to reveal that they had received the warning from Twitter, and included a screenshot of the message's contents: https:/...

For most retailers, the holiday season is easily the most profitable time of the year, bringing in huge crowds of shoppers the last couple weeks of the year. However, the much-anticipated holiday season is also notorious for being the season of hacking, as illustrated by several massive breaches during this time in previous years. Hence, retailers need to be on high alert, given the large volumes...

An interesting ruling was released by the Federal Trade Commission a few weeks ago. The ruling dealt with a case in which LabMD, a cancer research company, was accused of improperly protecting consumer data that, if disclosed, is likely to cause substantial consumer injury. The initial incident, which led to the FTC investigation, started back in 2008. The tortuous path that unfolded over the next...

A member of the hacking group NullCrew has pleaded guilty in federal court to having participated in at least seven targeted attacks between 2012 and 2014. Source: Softpedia On Tuesday, Timothy Justen French, 21, of Morristown, pleaded guilty to a single count of intentionally damaging a computer without authorization. The Washington Times reports that under a plea agreement to which French agreed...

Earlier this fall, a contributor to The State of Security explained that one of the greatest privacy and security challenges confronting our smartphones today are the apps we choose to install. He noted in his post how app developers often make money by harvesting data from users' devices and in turn selling this information to marketers. They also sometimes incorporate third-party libraries and...

Computer crime is a persistent challenge in the digital age, yet our collective understanding of it is skewed. Many would like to believe that people associated with criminal organizations or state-sponsored hacker collectives are the only people capable of devious behavior online. That is simply not the case. Individuals can perpetuate computer crime by not fully understanding the consequences of...

Microsoft is warning XBox Live users of possible man-in-the-middle (MitM) attacks after accidentally leaking users' private keys. In an advisory released on December 8th, Microsoft states that a a disclosed digital certificate could lead to spoofing attacks against users. "Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently...

Over the past 20 years, I have implemented many different security solutions – from IDS in the 90s to browser protection in 2014, and just about everything else in between. One thing that quickly became obvious during my time in information security is that security considerations are just one part of the equation for most organizations. Involving the departments who will be testing, managing and...

File Integrity Monitoring (FIM) has been around for a long time. In fact, Tripwire has been a pioneer in FIM since the early 1990s when Gene Kim released the first version of Tripwire. Monitoring for change enables you to know what changes were made, who made the changes, and the changes that occurred. This allows you to easily roll back to a known good configuration and contain any damage from...