Google began sending out notices to site owners this month, reminding those who haven’t yet migrated from HTTP to HTTPS that in October their sites will be marked “NOT SECURE.”The warnings are directed to owners of HTTP pages that contain forms, specifically sites that include text input fields like <input type=”text”> or <input type=”email”>. The […]
Masses of Common Flaws Crack Open 55% of Corporate Networks
September 1, 2017
Corporate information systems became more vulnerable in 2016, even as user awareness regarding information security significantly decreased. That’s the word from Positive Technologies, which found in an overview of security audit findings that critical vulnerabilities were detected in 47% of investigated corporate systems last year. During audits, experts simulate how actual attackers (external and internal) […]
What is Net Neutrality and How to Voice Your Opinion?
August 31, 2017
What happens when cable and phone companies are left to their own devices? Federal Communications Commission (FCC) will soon stop accepting comments on Net Neutrality. There has been a lot of confusion amongst people who are either not technology savvy or not familiar enough with the ongoing debate. We spent years following the conversation and […]
Two years ago, VMware first began talking about the concept of the “Goldilocks Zone,” where the virtualization hypervisor sits at the ideal location in the network to improve enterprise security. At the VMworld event today in Las Vegas, VMware announced that its Project Goldilocks vision is at long last becoming generally available, under the product […]
Tech Firms Unite to Neutralize WireX Android Botnet
August 29, 2017
Black clouds on the internet do sometimes have a silver lining. Global attacks such as those from Mirai last year and WannaCry/NotPetya this year have fomented informal collaborative global responses — one of which happened this month when multiple competitive vendors collaborated in the research and neutralization of a major new botnet called WireX. The […]
SAP POS Flaw Allows Hackers to Change Pricing
August 28, 2017
A point of sale (POS) system from SAP is wide open—allowing anyone to go in and steal payment card data or, in a new cybercrime wrinkle, change prices on merchandise. According to ERPScan—which used the example of hacking in to change the price of a MacBook to $1—the SAP POS Xpress Server does not perform […]
Spammers Get to Work: Tuesday is Prime Time
August 27, 2017
All in a week’s work: According to new research from IBM X-Force, Tuesday is the biggest day for spam. It makes sense. Like any professional, spammers do their research and know Tuesday is a key day for email marketing—with 20% more opens than average, according to HubSpot. “Contrary to the stereotype, a cyber-criminal is not […]
Adware Spreading Via Social Engineering, Facebook Messenger
August 26, 2017
Attackers have taken to Facebook Messenger with a combination of social engineering and malicious JavaScript to spread adware, something that’s likely earning them a small chunk of change in the process. David Jacoby, a senior security researcher with Kaspersky Lab’s Global Research & Analysis Team, said he spotted an attack he believes is part of […]
More than 500 Android mobile apps have been removed from Google Play after it was discovered that an embedded advertising SDK could be leveraged to quietly install spyware on devices. The SDK, called Igexin, was developed by a Chinese company and may have been used to install malware that could, among other things, exfiltrate logs […]
DDoS Attacks on the Rise Again
August 24, 2017
DDoS attacks rose again in Q2 for the first time in almost a year as the black hats returned to tried-and-tested tools and techniques including PBot, Mirai and Domain Generation Algorithms (DGA), according to Akamai. The cloud delivery provider crunched data collected from over 230,000 servers in more than 1600 networks to compile its State […]