Leaked NSA Exploits Can Now Hack Any Windows Version

information-leak

In response to the news that a security researcher has discovered that exploits stolen from the NSA last year have been tweaked to potentially impact all versions of Microsoft’s operating system back to Windows 2000, IT security experts commented below. Mark James, Security Specialist at ESET: “One of the problems with digital exploits is the […]

2018 Winter Olympics

Nation-state and criminal hackers are targeting the Winter Olympics at a rapidly increasing rate, raising fears of phishing scams, hacks and other disruptive attacks. Already, the US government has warned its citizens to remain vigilant when it comes to cybersecurity risks during the event in Pyeongchang. More recently, security firm McAfee has discovered malware that serves as the second-stage […]

Malicious Reddit Clone Tricking Users Into Handing Over Logins

A malicious Reddit spoof site (Reddit.co) is convincing users to hand over their usernames and passwords. What’s particularly dangerous about this site is that it actually shows up as secure in your browser (image attached), as it has a valid SSL Certificate. Security experts at Venafi and RSA Security commented below. Azeem Aleem, Director, Advanced Cyber Defence Practice […]

Jenx Using Grand Theft Auto To Recruit IoT Devices

Cybercriminals have been using a multiplayer option on Grand Theft Auto in order to infect IoT devices with a new botnet which has connections to the Satori botnet. According to a blog post by Radware researcher Pascal Geenens, the botnet uses the vulnerabilities CVE-2014-8361 and  CVE-2017-17215, which affect certain Huawei and Realtek routers. Terry Ray, CTO at Imperva commented […]

Final Fantasy DDoS Attack

DDoS on the Move

Final Fantasy XIV was hit with a DDoS attack yesterday according to the website. The technical difficulties experienced by players has since been remedied. Stephanie Weagle, Vice President at Corero commented below. Stephanie Weagle, Vice President at Corero: “Final Fantasy has been caught in the DDoS cross-hairs yet again. Online gaming companies are constantly under […]

Major WordPress Zero-Day Uncovered

In a new blog post, researchers from Imperva discuss a zero-day vulnerability in WordPress core that was just disclosed. The vulnerability allows an attacker to perform a denial of service (DoS) attack against a vulnerable application and exists in the modules used to load JS and CSS files. These modules were designed to decrease page-loading time, but […]

NHS Trusts Have Failed Cybersecurity Tests

With recent news that the NHS’s lost of thousands of patient records and documentation and are now failing cyber security tests, IT security experts commented below. Dr Guy Bunker, SVP of Products at Clearswift: “The news that the NHS shared 162,000 pieces of documentation with Capita is unfortunately not an isolated event. In fact, 37% of healthcare respondents in our […]

Palo Alto Networks Unveils Comprehensive Cloud Security Offering For All Major Cloud Providers

Cloud Security Working Group

Offers Consistent Security Across All Major Cloud Providers and Simplifies  Deployment and Management in Hybrid and Multi-Cloud Environments  Palo Alto Networks® (NYSE: PANW), the next-generation security company, will welcome more than 10,000 attendees to its Epic Cloud Security Event today, where the company will showcase how it is infusing new cloud capabilities into its Next-Generation Security Platform designed to […]

Hidden Data Channel In TLS

Data... The New Asset Class

Security researchers at Fidelis have published a proof-of-concept framework for a new covert channel for data exchange using the Transport Layer Security (TLS) protocol. The method leverages the public key certificate standard X.509 and could allow for post-intrusion C2 communication and data exfiltration without alerting network perimeter protections. Justin Jett, Director of Audit and Compliance […]

BusinessWire Cyber-Attack

U.S. Department of Justice Cyber Attack

In response to today’s Reuters report that global news distribution service BusinessWire, owned by Warren Buffett’s Berkshire Hathaway Inc., has been hit with a sustained distributed denial of service (DDoS) cyberattack that continued as of February 6, 2018, experts with Corero and Juniper Networks commented below. Stephanie Weagle, VP of Marketing at Corero Network Security: “Cyber attackers can quickly and easily launch a […]