Key trends for risk-prone behavior in the workforce
Businesses are ill prepared for the high-risk, high-growth mindset of the GenMobile workforce, creating alarming disparity around security practices in the corporate world. …
Compromised credentials haunt cloud app usage
Netskope found that more than seven out of ten uploads from users with compromised accounts are to apps with a “poor” rating in the Netskope Cloud Confidence …
Misconfigured DNS servers may leak domain info, warns US-CERT
US-CERT is urging administrators of Domain Name System servers to check whether their machines are misconfigured to respond to global Asynchronous Transfer Full Range (AXFR) …
Former lottery infosec head accused of hacking computers to buy winning ticket
The former head of information security at the Multi-State Lottery Association (MUSL), who was arrested in January 2015, stands accused of having tampered with the computer …
18-year-old bug can be exploited to steal credentials of Windows users
A new technique for exploiting an 18-year-old bug in Windows Server Message Block (SMB), which would allow attackers to intercept user credentials, had been uncovered by …
Main sources of data breaches: Phishing, RAM scrapers, web app insecurity
US telecom giant Verizon has published its 2015 Data Breach Investigations Report, which is based on an analysis of nearly 80,000 security incidents, including more than 2,100 …
Attackers use deceptive tactics to dominate corporate networks
Cyber attackers are infiltrating networks and evading detection by hijacking the infrastructure of major corporations and using it against them, according to Symantec. …
The key challenges to timely incident response
Security professionals are inundated with security incidents, averaging 78 investigations per organization in the last year, with 28 percent of those incidents involving …
A look at emergent threats and their influence
Analyzing Dell data sources and the 2014 threat landscape, their new report found a surge in point-of-sale (POS) malware, increased malware traffic within encrypted (https) …
Cloud security: CA conducts advanced research
CA Labs is conducting research and development for innovative solutions to address security challenges in multi-cloud environments. Horizon 2020 awarded a contract to the …
CoinVault ransomware: Retrieve data without paying the criminals
Victims of the CoinVault ransomware have a chance to retrieve their data without having to pay the criminals, thanks to a repository of decryption keys and a decryption …
Attackers can easily crack Belkin routers’ WPS PINs
A considerable number of routers manufactured by US-based Belkin use a flawed method for creating PINs for Wi-Fi Protected Setup (WPS), making them easily discoverable by …