Sofacy Threat Group Targets US Government

A cyberespionage group called Sofacy has launched a fresh attack against the US government, using a “new persistence mechanism” designed to help evade detection. The campaign involves sending government officials spear-phishing emails from the email address belonging to the ministry of foreign affairs of another nation, indicating that the sender’s account may have been compromised. Mark James, […]

Hackers Find 100+ Vulnerabilities At The Pentagon

Following the news that white hat hackers have found more than 100 vulnerabilities in the Pentagon’s infrastructure under its bug bounty program, Ken Gannon, security consultant at MWR InfoSecurity commented below. Ken Gannon, Security Consultant at MWR InfoSecurity: “A big part to take away from all of this is US Defense Secretary Ashton Carter’s statement saying that the […]

Four Out Of Five Enterprise Networks Show Evidence Of Malicious DNS Activity

Infoblox Inc. (NYSE:BLOX), the network control company, today announced results of the Infoblox Security Assessment Report for the first quarter of 2016, which finds that 83 percent—more than four out of five—of enterprise networks tested by Infoblox show evidence of malicious DNS activity. Infoblox, an industry leader in securing Domain Name System (DNS) infrastructure, offers […]

Expert Comments on DNC Breach

Following the news on the latest DNC breach, Costin Raiu, Director at Kaspersky Lab’s Global Research and Analysis Team, commented below. Costin Raiu, Director at Kaspersky Lab’s Global Research and Analysis Team: Kaspersky Lab is familiar with and detects the activities of both the Sofacy and CozyDuke APT groups, which are also known as Fancy Bear and Cozy Bear. One of the most […]

JTB Hack Underscores Need For Revamp Of Cybersecurity

Following the news that Japan’s largest travel agency JTB Corp having 7.93 million passport details, home and email addresses stolen by hackers, Guy Bunker, Senior Vice President at Clearswift commented below. Guy Bunker, Senior Vice President at Clearswift: “While the company can’t blame the employee for opening the email, the company is itself to blame and […]

Hackers Plagiarize Over 45 Million Records Home, Tech And Sports Forum

Following the news that 45 million accounts from home, tech and sport forums have been stolen after hackers infiltrated media company, VerticalScope, Jonathan Sander, VP of Product Strategy at Lieberman Software and Javvad Malik, Security Advocate at AlienVault commented below. Jonathan Sander, VP of Product Strategy at Lieberman Software: As more and more sites are breached […]

Data Breaches Cost An Average Of $4m Per Incident

The Ponemon Institute has found that data breach costs are rising, now reaching $4m per incident, Daniel Miessler at IOActive commented below about the relationship between data breaches and reputation damage. Daniel Miessler, Director of Advisory Services at IOActive: “The relationship between data breach and reputation damage (and then to lost revenue) is not as […]

New RAA Ransomware Uses Only JavaScript

A new type of ransomware has been discovered which, unlike other types, uses only JavaScript. IT security experts from Imperva, AlienVault, Lieberman Software and ESET discuss how big of a threat this is. Amichai Shulman, CTO and Co-Founder at Imperva: “Organizations should have good backup processes and real time file activity monitoring in place. The former […]

Why Channel Partners Can Benefit From ITOA

Securing an enterprise’s infrastructure is an increasingly complex task, but one that channel partners are able to address if they have the right skills and solutions portfolio. Managed security services also provide a key revenue opportunity for solution providers and can offer relief for customers that may not have the expertise or resources to tackle […]

One Time Passcodes Sent via SMS Intercepted And Used To Hack Accounts

Positive Technologies’ researchers able to compromise many popular social media sites by hacking SS7 network, intercepting an OTP, resetting passwords and taking ownership of accounts London (UK). Positive Technologies, a leading provider of vulnerability assessment, compliance management and threat analysis solutions, today confirmed its researchers have exploited a flaw in the SS7 protocol to intercept one […]