A website used by Microsoft to challenge the U.S. federal government's policies on matters of privacy and surveillance has allegedly been hacked. According to ZDNet, Digital Constitution appears to have been modified at 9:15 pm EDT on Wednesday, with casino-related text -- including keywords used to garner greater search engine hits, such as "casino," ...

This week, I had the pleasure of sitting down with Graham Cluley, an award-winning security blogger on grahamcluley.com, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon’s. Graham has given talks about computer security for...

Several of Canada’s federal government websites were momentarily taken down Wednesday afternoon after reportedly being hit by a massive cyber attack. Canada's Treasury Board President Tony Clement later took to Twitter his confirmation that the government servers had experienced denial of service attacks, affecting Canada.ca, sencanada.ca, CSIS, and the...

Security researchers have discovered a flaw in the way mobile apps store data online, which is jeopardizing users' sensitive information, including passwords, door codes, and location data. According to Reuters, a team of German researchers studied as many as ten thousand mobile applications, which included social networking, medical, and banking apps,...

The mammoth rise in cybercrime has made organizations revise their application security strategy and implement new techniques to safeguard their software. This is largely because traditional security methodologies, such as Manual Testing and Web Application Firewalls (WAF), have been rendered irrelevant due to evolving hacking techniques. Unlike old...

The St. Louis Cardinals are facing an FBI investigation after team officials allegedly hacked into the computer systems of its rival – the Houston Astros. According to a report by The New York Times, the compromised internal network contained information of player personnel, including trade discussions,...

I have a love/hate affair with the term ‘Social Engineer.’ To me, this is the most professional and committed ‘job’ I have ever had. It has required training and endless education, and it has changed my life in nearly every aspect. But for some, the term is used for when a free warranty deal is obtained or a loved one is tricked into exposing a secret....

On Monday, online password manager LastPass announced it discovered “suspicious activity” on its network, leading to the compromise of users' email addresses, password reminders, server per user salts, and authentication hashes. The popular program alerted users in a blog post, stating that it had found no...

What more can be done about passwords? We tell users to choose unique, complicated passwords that contain a gallimaufry of bizarre characters - and they tell us they're impossible to remember, especially when they need to remember different passwords for the many different websites out there. We tell computer users to get help with remembering their...

Belgian's national privacy watchdog is suing Facebook for allegedly breaching both Belgian and European privacy laws for the way that it tracks the behavior of both members and non-members. According to EUobserver, this is the first time a European privacy commission has sued Facebook for its non-compliance with regards to privacy laws. Earlier this...

According to the 2015 Information Security Breaches Survey, a PwC study that I recently analyzed in an article for The State of Security, the number of denial of service (DoS) attacks has either dropped or remained stagnant for most UK corporations over the past year. Apparently, this decline has not stopped certain malicious actors from getting...

Germany has dropped an investigative probe into the alleged tapping of Angela Merkel's cellphone by the National Security Agency (NSA). According to BBC News, the office of federal prosecutor Harold Range said that not enough evidence had been obtained to justify legal action. Germany's decision to drop the probe marks the end of an incident that has...

What happens when users or employees take it upon themselves to decide what tech they want to use and how they want to implement it? From my vantage point, InfoSec faces a constant challenge of trying to keep up with threats, let alone stay one step ahead. But as the Internet of Things proliferates, and human nature takes its course, we cannot out...

Today’s evolving online threat landscape is challenging enterprises to make changes that will enhance their security. The threat of a data breach, for instance, is leading many organizations to invest in measures that will help protect their data. Even so, what intelligence is guiding these decisions remains uncertain. It is therefore an opportune...

An independent reviewer in the United Kingdom has called for a new "comprehensive" law to help define security services' online surveillance powers. According to BBC News, David Anderson QC, an independent reviewer of terrorism legislation, stated that a "clean slate" is needed in the approach to surveillance powers used by security services to combat...

Speculation is rife. The OPM hack will become a fascinating story if we ever actually learn the details – how exactly did attackers penetrate and exfiltrate millions of federal employee records? What weaknesses did they exploit, and how did they escalate access? More to the point, what protections could have or should have prevented the penetration or...

I would wager that most people who have an iPhone or iPad use the default Apple iOS Mail application, rather than a third-party app, to read their email. And if you're one of those people, you could be at risk from an unpatched vulnerability that could allow hackers to convincingly trick you into handing them your passwords. As The Register describes,...

Yesterday, Europol’s European Cybercrime Centre (EC3) announced the success of a joint international operation, leading to the arrest of 49 suspects of a massive cybercrime ring. In collaboration with several European countries, the criminal group was suspected of committing financial fraud by breaking into...

Today’s VERT Alert addresses 8 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expect to ship ASPL-618 on Wednesday, June 10th.   MS15-056 Internet Explorer Information Disclosure Vulnerability CVE-2015-1765 Multiple Elevation of Privilege Vulnerabilities ...

According to a report issued by Intel Security Group's McAfee Labs, ransomware has experienced a 165% increase in the first quarter of 2015. McAfee Labs Threats Report: May 2015 reveals that this increase has been fueled in part by the impression of underground criminals that victims in rich countries seem to be the most willing to make ransom payments....