The Crime-as-a-Service business model
A service-based criminal industry is developing, in which specialists in the virtual underground economy develop products and services for use by other criminals. This …
Seagate Surveillance HDD features recovery services
Seagate released a dedicated surveillance HDD featuring Seagate Rescue services. Engineered specifically for surveillance and video analytics applications, the Surveillance …
CloudFlare offers free SSL encryption
Web performance and security company CloudFlare today launched Universal SSL, making Secure Socket Layer (SSL) encryption available to anyone at no cost. “Yesterday …
Bash Shellshock bug: More attacks, more patches
As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it …
PoS vendor confirms Jimmy John’s breach was their fault
Signature Systems, the PoS system vendor that has been named as the likely point of origin of the Jimmy John’s payment data breach, has confirmed that the attacker(s) …
WordPress vulnerability database
Back in 2012, the fine folks behind the BruCON conference announced that from the 2013 edition of their popular event, a special budget will be allocated for supporting …
Trust in the cloud is at an all-time low
Data security and trust in cloud-based services are a rapidly growing concern for IT decision makers within large organizations, according to a new global study from BT. While …
Week in review: Bash Shellshock bug, jQuery.com compromise, and a replacement for TrueCrypt
Here’s an overview of some of last week’s most interesting news and articles: Behavioral analysis and information security In this interview, Kevin Watkins, Chief …
Bash “Shellshock” bug: Who needs to worry?
As expected, attackers have begun exploiting the GNU Bash “Shellshock” remote code execution bug (CVE-2014-6271) to compromise systems and infect them with …
Malvertising attack techniques dissected
At Virus Bulletin 2014, Bromium presented a research report that highlights the severe risk of malicious ad networks infecting end users. This research provides a real-world …
Making one organization’s incident everyone’s defense
The Financial Services Information Sharing and Analysis Center (FS-ISAC), an organization focused on sharing critical cyber security threat information worldwide, and The …
Phishers go after unprecedented breadth of targets
Apple is the most phished brand in the world, accounting for 17 percent of all phishing reports sampled and analyzed from the first half of 2014, say the results of the new …
Featured news
Resources
Don't miss
- Why I’m done calling humans the weakest link
- TeamPCP’s attack spree slows, but threat escalates with ransomware pivot
- Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)
- Why risk alone doesn’t get you to yes
- ShipSec Studio brings open-source workflow orchestration to security operations