Category: CyberSecurity

CyberSecurity

Iran Used “Triton” Malware to Target Saudi Arabia: Researchers

The recently uncovered malware known as “Triton” and “Trisis” was likely developed by Iran and used to target an organization in Saudi Arabia, according to industrial cybersecurity and threat intelligence firm CyberX. FireEye and Dragos reported on Thursday that a...

/ December 15, 2017

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of December 11, 2017 –

If you read my weekly blog or follow me on Twitter, you know that I’m a huge sports fan. Unfortunately, when you don’t live in the town of your favorite team, you can be subject to blackout rules. So, my...

/ December 15, 2017

Facebook Releases New Certificate Transparency Tools

Following the release of the Certificate Transparency Monitoring utility in December 2016, Facebook has decided to release new tools for developers using the Certificate Transparency framework. Last year’s tool was designed to provide access to data collected through Facebook’s own...

/ December 15, 2017

Study Examines Value of Data

IP is Valued Above Email but Below PII, Survey Finds In mitigating an asset-risk by risk transfer (such as an insurance policy), the value of the asset is directly related to the cost of the transfer (the insurance premium). The...

/ December 15, 2017

New “PRILEX” ATM Malware Used in Targeted Attacks

Trend Micro security researchers recently discovered a highly targeted piece of malware designed to steal information from automated teller machines (ATMs). Dubbed PRILEX and written in Visual Basic 6.0 (VB6), the threat was designed to hijack a banking application and...

/ December 15, 2017

Nigerian Sentenced to Prison in U.S. for BEC Scams

A Nigerian national has been sentenced by a United States court to 41 months in prison for his role in business email compromise (BEC) scams, the Department of Justice announced on Thursday. The scammer, David Chukwuneke Adindu, was arrested by...

/ December 15, 2017

Synaptics to Remove “Keylogger” Functionality From Drivers

Synaptics says recent reports inaccurately characterized a debugging tool found in its touchpad drivers as a keylogger, but the company has decided to remove the functionality from its products. Earlier this month, a researcher reported finding what appeared to be...

/ December 15, 2017

Hackers Target Security Firm Fox-IT

Fox-IT, the Netherlands-based cybersecurity firm owned by NCC Group, revealed on Thursday that it had been the victim of a man-in-the-middle (MitM) attack made possible by DNS records getting changed at its third-party domain registrar. The incident took place back...

/ December 15, 2017

How to Make Adversaries Work Harder, While We Work Smarter, in 2018

2018 Should Not Be Another Year Where Attackers Continue to Exploit the Known It sounds somewhat disheartening, but 2017 may go down in history as “the year of exploiting the known.” From the WannaCry campaign to the Equifax breach to the...

/ December 14, 2017

Google Details How It Protects Data Within Its Infrastructure

Google has decided to share detailed information on how it protects service-to-service communications within its infrastructure at the application layer and the the system it uses for data protection. Called Application Layer Transport Security (ALTS), the technology was designed to authenticate communication...

/ December 14, 2017