Scammers are blending W-2 phishing with wire fraud
During last year’s run-up to the US Tax Day, scammers mercilessly targeted companies’ payroll and human resources professionals, tricking them into handing over …
Uncloaking Tor Browser users with DRM-protected files
Digital Rights Management (DRM)-protected media files can be used to reveal Tor Browser users’ actual IP address and therefore possibly reveal their identity, …
New infosec products of the week: February 3, 2017
New approach to continuous Docker container security NeuVector’s solution for container security is itself a container. The application automatically learns and whitelists …
How to minimize the risk and impact of identity fraud
The number of identity fraud victims increased by sixteen percent (rising to 15.4 million U.S. consumers) in the last year, according to Javelin Strategy & Research. They …
Recommendations to help the security of ICS-SCADA systems
The use of long-range communication networks, and specially the Internet, has revolutionised ICS-SCADA systems and architectures. The use of network communication in these …
Egyptian civil society NGOs targeted with sophisticated phishing
In the last few months, a number of Egyptian civil society organizations, lawyers, journalists, and independent activists have been targeted with personalized and generic …
Cisco Prime Home flaw allows hackers to reach into people’s homes
Cisco has patched a critical authentication bypass vulnerability that could allow attackers to completely take over Cisco Prime Home installations, and through them mess with …
WordPress kept users and hackers in the dark while secretly fixing critical zero-day
Last week WordPress released the newest version (4.7.2) of the popular CMS, ostensibly fixing three security issues affecting versions 4.7.1 and earlier. What the WordPress …
Corporate insiders sell secrets and access on dark web
Dark web marketplaces have witnessed an increase of employees offering insider traders, fraudsters and hackers information, help or outright access to their company’s …
Identity fraud hits record high
The number of identity fraud victims increased by sixteen percent (rising to 15.4 million U.S. consumers) in the last year, according to Javelin Strategy & Research. …
AppSec teams facing resourcing issues that are making them vulnerable
A new Bugcrowd study of one hundred CISOs revealed that 94 percent are concerned about breaches in their publicly facing assets in the next 12 months, particularly within …
PCI SSC publishes best practices for securing e-commerce
Exponential online sales growth paired with the EMV chip migration in the US makes e-commerce payment security for merchants more important than ever before. As EMV chip …