IBM deploys machine learning to bolster online banking security program

Behavioral biometrics that uses machine learning is behind new features being added to IBM’s Trusteer Pinpoint Detect platform, which financial institutions use to head off crooks who may have stolen the username and password of legitimate account holders. The new feature looks for anomalies between legitimate users’ normal mouse gestures and those of the current[…]

Share

Shadow Brokers leak list of NSA targets and compromised servers

The Shadow Brokers are back, releasing message 5 – trick or treat. This time, instead of releasing Equation Group exploit tools, the group dumped a list of servers allegedly compromised by the NSA-linked Equation Group. As usual, the Shadow Brokers included a slaughtered-English rambling message which primarily focused on the upcoming elections. One portion reads:[…]

Share

17 essential tools to protect your online identity, privacy

Make no mistake: Professional and state-sponsored cybercriminals are trying to compromise your identity — either at home, to steal your money; or at work, to steal your employer’s money, sensitive data, or intellectual property. Most users know the basics of computer privacy and safety when using the internet, including running HTTPS and two-factor authentication whenever[…]

Share

Joomla websites attacked en masse using recently patched exploits

Attackers are aggressively attacking Joomla-based websites by exploiting two critical vulnerabilities patched last week. The flaws allow the creation of accounts with elevated privileges on websites built with the popular Joomla content management system, even if account registration is disabled. They were patched in Joomla 3.6.4, released Tuesday. Hackers didn’t waste any time reverse engineering[…]

Share

FBI doesn't have a warrant to review new emails linked to Clinton investigation

After seeing reports that the Justice Department is “furious” at FBI Director Comey for telling Congress about new emails potentially related to Hillary Clinton’s private email server and if she disclosed classified information, the Clinton campaign “made it personal” and accused Comey of a smear campaign. Comey, ironically the same FBI guy who recommended no[…]

Share

Hacking forum cuts section allegedly linked to DDoS attacks

An online hackers’ forum has deleted a section that allegedly offered paid distributed denial-of-service attacks, following last Friday’s massive internet disruption. HackForums.net will be shutting down the “Server Stress Testing” section, the site’s admin Jesse “Omniscient” LaBrocca said in a Friday posting. “I do need to make sure that we continue to exist and given[…]

Share

Companies complacent about data breach preparedness

The likelihood that companies will experience a security incident continue to rise every year. While most organizations have put a data breach preparedness plan in place to combat such incidents, most executives aren’t updating or practicing the plan regularly, according to study released earlier this month. “When it comes to managing a data breach, having[…]

Share

New Windows code injection method could let malware bypass detection

Security researchers have discovered a new way that allows malware to inject malicious code into other processes without being detected by antivirus programs and other endpoint security systems. The new method was devised by researchers from security firm Ensilo who dubbed it AtomBombing because it relies on the Windows atom tables mechanism. These special tables[…]

Share

Security apps you need on your new Pixel

Google’s new Pixel phone Image by Google All the brand new features of the Pixel will not protect it from increasingly frequent security threats: each user should take necessary precautions in order to protect their data, passwords or any sensitive online transactions. A new smartphone is also an attractive one-stop location for hackers who’d like[…]

Share

IDG Contributor Network: How the government can help businesses fight cyber attacks

When a criminal robs a store, the police visit the scene, conduct an investigation and try to bring the perpetrator to justice. What happens when a criminal breaches that same store’s server and makes off with its customer’s credit-card numbers? I’d argue that the response to the physical crime would be much greater and effective[…]

Share