Improve IT security: Start with these 10 topics

You want to be more responsible about IT security in your organization, but where do you start? May I suggest your first step be understanding these topics more thoroughly. This is list isn’t exhaustive. It’s only a beginning: 1. DNS and DNSSEC: The biggest games in cyber war are hitting DNS providers. DNS can be[…]


IBM deploys machine learning to bolster online banking security program

Behavioral biometrics that uses machine learning is behind new features being added to IBM’s Trusteer Pinpoint Detect platform, which financial institutions use to head off crooks who may have stolen the username and password of legitimate account holders. The new feature looks for anomalies between legitimate users’ normal mouse gestures and those of the current[…]

Shadow Brokers leak list of NSA targets and compromised servers

The Shadow Brokers are back, releasing message 5 – trick or treat. This time, instead of releasing Equation Group exploit tools, the group dumped a list of servers allegedly compromised by the NSA-linked Equation Group. As usual, the Shadow Brokers included a slaughtered-English rambling message which primarily focused on the upcoming elections. One portion reads:[…]

17 essential tools to protect your online identity, privacy

Make no mistake: Professional and state-sponsored cybercriminals are trying to compromise your identity — either at home, to steal your money; or at work, to steal your employer’s money, sensitive data, or intellectual property. Most users know the basics of computer privacy and safety when using the internet, including running HTTPS and two-factor authentication whenever[…]

Joomla websites attacked en masse using recently patched exploits

Attackers are aggressively attacking Joomla-based websites by exploiting two critical vulnerabilities patched last week. The flaws allow the creation of accounts with elevated privileges on websites built with the popular Joomla content management system, even if account registration is disabled. They were patched in Joomla 3.6.4, released Tuesday. Hackers didn’t waste any time reverse engineering[…]

FBI doesn't have a warrant to review new emails linked to Clinton investigation

After seeing reports that the Justice Department is “furious” at FBI Director Comey for telling Congress about new emails potentially related to Hillary Clinton’s private email server and if she disclosed classified information, the Clinton campaign “made it personal” and accused Comey of a smear campaign. Comey, ironically the same FBI guy who recommended no[…]

Hacking forum cuts section allegedly linked to DDoS attacks

An online hackers’ forum has deleted a section that allegedly offered paid distributed denial-of-service attacks, following last Friday’s massive internet disruption. will be shutting down the “Server Stress Testing” section, the site’s admin Jesse “Omniscient” LaBrocca said in a Friday posting. “I do need to make sure that we continue to exist and given[…]

Companies complacent about data breach preparedness

The likelihood that companies will experience a security incident continue to rise every year. While most organizations have put a data breach preparedness plan in place to combat such incidents, most executives aren’t updating or practicing the plan regularly, according to study released earlier this month. “When it comes to managing a data breach, having[…]

New Windows code injection method could let malware bypass detection

Security researchers have discovered a new way that allows malware to inject malicious code into other processes without being detected by antivirus programs and other endpoint security systems. The new method was devised by researchers from security firm Ensilo who dubbed it AtomBombing because it relies on the Windows atom tables mechanism. These special tables[…]

Security apps you need on your new Pixel

Google’s new Pixel phone Image by Google All the brand new features of the Pixel will not protect it from increasingly frequent security threats: each user should take necessary precautions in order to protect their data, passwords or any sensitive online transactions. A new smartphone is also an attractive one-stop location for hackers who’d like[…]

IDG Contributor Network: How the government can help businesses fight cyber attacks

When a criminal robs a store, the police visit the scene, conduct an investigation and try to bring the perpetrator to justice. What happens when a criminal breaches that same store’s server and makes off with its customer’s credit-card numbers? I’d argue that the response to the physical crime would be much greater and effective[…]