The Security Daily

Technology

Symantec’s Woes Expose the Antivirus Industry’s Security Gaps

wired.com - This week, Google security researcher Tavis Ormandy announced that he’d found numerous critical vulnerabilities in Symantec’s entire suite of anti-virus products. That’s 17 Symantec enterprise prod...

Anatomy of an exploit: the Microsoft Word bug that just won’t die

nakedsecurity.sophos.com - A guest post by Graham Chantry of SophosLabs, the author of the paper that’s referred to here. Graham is an entertaining and well-informed writer, so we recommend it! If you’re a regular reader, yo...

Oculus CEO's Twitter gets Hacked; Hacker declares himself new CEO

thehackernews.com - Twitter account of another high profile has been hacked! This time, it is Facebook-owned virtual reality company Oculus CEO Brendan Iribe who had his Twitter account hacked Wednesday. Iribe is the ...

Facebook Malware: Tag Me If You Can

securelist.com - On the morning of 26th June, news of a phishing campaign hit the Israeli media. Thousands of Facebook users complained that they had been infected by a virus through their accounts after they recei...

One Crook Running over 120 Tech Support Scam Domains on GoDaddy

news.softpedia.com - A crook running several tech support scam operations has managed to register 135 domains, most of which are used in his criminal activities, without anybody preventing him from doing so, which show...

Meet Anonymous Without the Masks in this VICELAND Documentary

Shared by Securityblog

motherboard.vice.com - You know its name. You’ve heard its voice. And, so to speak, you’ve seen its face. The hacking group Anonymous has become a household name in the world of hacking and cybersecurity. The group’s sym...

Facebook has funds frozen in Brazil in another WhatsApp encrypted data dispute

Shared by Ophelia Chang

techcrunch.com - Around $6 million in Facebook’s Brazilian bank account has been frozen on court order in another dispute about encrypted data involving local police authorities and Facebook-owned messaging app Wha...

Stop saving credential tokens in text files

Shared by Robin

medium.com - You’ve probably experienced this behavior if you’ve ever used a Command Line Interface (CLI) for a SaaS service: You download the CLI. It asks you to login or generate an access token. It stores th...

Hummer Malware the No. 1 Mobile Trojan in the World

tripwire.com - The Android malware “Hummer” is now the number one mobile trojan in the world, finds researchers. Threat analysts at Cheetah Mobile Security Research Lab reveal in a blog post the extent to which H...

Why Ransomware Works: Arrival Tactics - TrendLabs Security Intelligence Blog

blog.trendmicro.com - Apart from understanding the ransomware tactics and techniques beyond encryption, it is equally important to understand how they arrive in the environment. Our recent analysis reveals that majority...

jsvine/waybackpack

github.com - waybackpack v0.3.2 Waybackpack is a command-line tool that lets you download the entire Wayback Machine archive for a given URL. For instance, to download every copy of the Department of Labor's ho...

Companies are embracing an enterprise-wide encryption strategy - Threat Brief

threatbrief.com - You are here: Home / Threat Brief / Companies are embracing an enterprise-wide encryption strategy Companies are embracing an enterprise-wide encryption strategy July 1, 2016 Tagged With: Cyber Sec...

Dating Website "Muslim Match" Hacked; Everything Leaked Online

Shared by Malwarebytes

hackread.com - A famous dating website “Muslim Match” has been hacked and as a result, personal data of more than 150,000 registered users has been leaked online. That’s not all, the hackers also leaked data incl...

Hutchinson Networks - Worldwide Solutions Delivered Locally

hutchinsonnetworks.com - Following on from the launch of Fabrix earlier this year, Hutchinson Networks are pleased to now announce the G2.0.0 release of the Fabrix platform. The G2.0.0 release brings a number of exciting n...

The first big Internet of Things security breach is just around the corner | ZDNet

Shared by Bev Robb

zdnet.com - There was a time when the only device you had connected to your network was a PC. Then laptops with a wireless connection came along -- then after that, smartphones and tablets. But the connected r...

Two flaws in Siemens SICAM PAS impact the energy industry

securityaffairs.co - Security experts from Positive Technologies that have reviewed the Siemens SICAM PAS (Power Automation System) solution have discovered two information disclosure vulnerabilities (CVE-2016-5848 and...

The CISO’s guide to security incident response

Shared by BrianHonan

blog.datagravity.com - If you’ve ever had a bad dream about work, you know how frustrating and emotionally draining it can be. It usually involves a normal situation that you face regularly, but something goes wrong, and...

SANS Penetration Testing | Getting the Most Out of Shodan Searches

Shared by SANS Pen Test

pen-testing.sans.org - Shodan is a search engine that takes a distinct departure from most Internet search engines. Instead of searching through content intentionally served up and delivered to web browsers, Shodan allow...

Industrial Control Systems: Next Frontier for Cyber Attacks?

tripwire.com - It’s safe to say that cybersecurity is a common issue for all industries. But what is the cybersecurity state of affairs for Industrial Control Systems (ICS), and why should we care? ICS monitor an...

Revealed: How criminals steal your card details and how to beat them

Shared by Kevin McPeak

mirror.co.uk - Card fraud – where criminals get hold of your details and then use them to take money out of your account – is big. And it's rising. Figures from Financial Fraud Action found losses from credit, de...

Why surveillance firm Blue Coat was granted a powerful encryption certificate?

securityaffairs.co - Once again we are here speaking about surveillance, security experts have discovered that the controversial firm Blue Coat Systems was granted  powerful encryption digital certificates. Blue Coat s...

Locky Variant Zepto Debuts with Big Spam Push

Shared by BrianHonan

threatpost.com - Ransomware called Zepto is raising concerns with security experts because of its close ties to the more mature and prolific Locky ransomware. Zepto was spotted about a month ago, but a recent wave ...

Judge decides we don’t have any right to privacy

nakedsecurity.sophos.com - It seems we now live in a world where everyone is free to snoop on everyone else to their heart’s content. If you connect your computer to the Internet, like billions of people, then you can’t expe...

RIG Exploit Kit Exposes Millions to SmokeLoader Backdoor

Shared by SecurityWeek

securityweek.com - The RIG exploit kit (EK), currently one of the most popular crimekits infecting systems around the world, was recently observed in a campaign that potentially impacted millions of users, exposing t...

Jenkins Remoting RCE II – The return of the ysoserial

Shared by Florian Roth

insinuator.net - Jenkins is a continuous integration server, widely used in Java environments for building automation and deployment. The project recently disclosed an unauthenticated remote code execution vulnerab...

Foxit Patches 12 Vulnerabilities in PDF Reader

threatpost.com - Foxit patched a dozen vulnerabilities in its PDF reader software this week, more than half of which could allow an attacker to directly execute arbitrary code on vulnerable installations of the pro...

As threats evolve, faster response times are essential - Help Net Security

helpnetsecurity.com - Two thirds of respondents to a global survey by the Business Continuity Institute reported that they had experienced at least one cyber incident during the previous twelve months, and 15% reported ...

The Brasil vs. Facebook standoff boosts the use of Telegram with criminals

Shared by SCMagazine

scmagazine.com - Brazil's insistence that WhatsApp and its parent Facebook turn over information sent over the messaging app is forcing criminals based in that country to find other secure ways communicate. That na...

LizardStresser botnets using webcams, IoT gadgets to launch DDoS attacks

Shared by bhconsulting

scmagazineuk.com - Lizard Squad's LizardStresser botnet rising in popularity as hackers and cyber-criminals increasingly look to it as a way of assimilating IoT devices for later DDoS attacks Lizard Squad's LizardStr...

Time to Cover Your Webcam: Why You Should Follow Zuckerberg's Lead

Shared by Norton

pastemagazine.com - Social media had a ball last week poking fun at Facebook CEO Mark Zuckerberg when a photo he released to celebrate Instagram reaching 500 million users showed his laptop in the background with mask...

BlackBerry is reportedly building three new Android phones

Shared by CNET

cnet.com - BlackBerry is going all-in on Android, and perhaps with more devices than we thought. BlackBerry is currently working on three new Android phones, according to Evan Blass, a journalist with an exce...

Free Wi-Fi connections put business travellers at risk - Kaspersky | ZDNet

Shared by Kaspersky Lab

zdnet.com - About 30 percent of senior business managers "have been hit by cybercrime while abroad", according to a survey of 11,850 employed individuals who had travelled abroad for business and leisure in th...

Assembly Language and Shellcoding on Linux « SecurityTube Training

Shared by Security Tube

securitytube-training.com - The SecurityTube Linux Assembly Expert (SLAE) aims to teach the basics of assembly language on the Linux platform from a security perspective and its application to writing shellcode, encoders, dec...

Javascript for Pentesters « SecurityTube Training

Shared by Security Tube

securitytube-training.com - Javascript for Pentesters will take you beyond alert(‘XSS’) and equip you to demonstrate advanced attacks such as Hijacking Forms, Logging Keystrokes, DOM manipulation etc. This course is Beginner ...

Setting up Two-Step Verification on your Amazon account

nakedsecurity.sophos.com - I admit I am not a fan of shopping, but if it has to be done, I vastly prefer to do it online. Nowadays the vast majority of my household purchases arrive in an Amazon box (apologies to my UPS deli...

Insider’s Guide To Minimizing The Impact of Ransomware

techworld.com - 4jV druuQ Insider's Guide To Minimizing The Impact of Ransomware 6 Step Plan for Comprehensive Data Protection This IT guide provides actionable steps to reduce the impact of ransomware or other ma...

“Beaver Gang Counter” malware ejected from Play Store

nakedsecurity.sophos.com - Thanks to Jagadeesh Chandraiah of SophosLabs for his work on this article. Here’s another cautionary tale from Google Play. The good news is that the malware in this story has now been removed by G...

Helping Enterprises Battle Ransomware

Shared by Trend Micro

bsminfo.com - Holistic approaches to cybersecurity threats helps protect data better. Ransomware is one of the latest, most dangerous forms of cyberattacks targeting vulnerable enterprises across industries from...

5 Reasons You Should Unplug While on Vacation - FabFitFun

Shared by McAfee

fabfitfun.com - Imagine yourself on a beach in a remote Pacific island, pina colada in hand. The breeze blows through your hair and you hear the waves crashing, birds chirping, and….your phone buzzing? Yep, accord...

My Activity: a tool to see what Google knows about you

Shared by SophosLabs

nakedsecurity.sophos.com - Well, let’s see… how deep is the ocean, and how high is the sky? Probably both are a bit tighter than the ever-expanding capacity of Google’s maw. Depending on which of its tools we use, Google kno...

Hacker Mindset: E-mail Is the Golden Ticket

Shared by Dejan Kosutic

tripwire.com - In my ongoing blog series “Hacker Mindset,” I’ll explore an attacker’s assumptions, methods and theory, including how information security professionals can apply this knowledge to increase cyber-v...

No Post, Video, Text, Photo or Email Is Worth A Life - Sue Scheff Blog

Shared by Sue Scheff

suescheffblog.com - posted by admin on Cell phone safety, Texting and driving Summer months bring a higher death rate for teen drivers. According to the Insurance Institute for Highway Safety (IIHS), the summer months...

Third Party Patch Roundup - June 2016

Shared by GFI Software

gfi.com - It’s hard to believe June is almost at an end and we are well into the hot Texas summer here at home. My week in beautiful Alaska at the beginning of the month is now only a cool (in both senses) m...

GDS to demand that all government websites go HTTPS from 1 October

Shared by TEAM CYMRU

v3.co.uk - All Government Digital Service (GDS) websites will be required to adopt HTTPS encryption from 1 October, according to new security guidelines, if they haven't done so already.  The sites will also ...

Why the cyber security skills gap shortage is a boardroom issue

Shared by (ISC)2

comparethecloud.net - The average cost of an online security breach for UK businesses is between £1.46 and £3.14 million. Worse still, in 2015 the industry reported a significant increase in the number of breaches in bo...

Nearly One-Third of Feds Unable to Detect an Insider Intrusion, Survey Says

nextgov.com - Almost one-third of federal IT professionals say they can't spot every unauthorized attempt to access files, a new survey finds.  Tripwire, an endpoint security company, surveyed 103 federal IT pro...

The Android Ransomware Threat has Quadrupled in Just One Year

tripwire.com - If you need any more evidence that ransomware has become a major problem, just look at how online criminals are busily developing attacks against platforms other than Windows. Yes, Windows continue...

Hackers are coming for your healthcare records -- here’s why

Shared by AlienVault

computerworld.com - Data stolen from a bank quickly becomes useless once the breach is discovered and passcodes are changed. But data from the healthcare industry, which includes both personal identities and medical h...

Home Computers Connected to the Internet Aren't Private, Court Rules

Shared by Binni Shah

eweek.com - Home Computers Connected to the Internet Aren't Private, Court Rules By Robert Lemos  |  Posted 2016-06-28 Print A judge in Virginia rules that people should have no expectation of privacy on their...

Enterprise Technology Spotlight: Security

news.verizonenterprise.com - Cybersecurity continues to be popular topic with the media. This week our top stories focus on human involvement in security breaches. A piece in SearchCompliance notes that human error is among th...

This site uses cookies for an optimal experience. We also allow third party cookies by trusted partners. By continuing to browse the site you are agreeing to our use of cookies. To learn more and disable some specific cookies, check our Privacy policy →