Over 20,000 Suffer As U.S. Marine Corps Hit By Data Breach

News has surfaced that the U.S. Marine Corps has suffered a data leak, impacting 21,426 people. Personal data including bank accounts numbers, social security numbers, credit card information and mailing addresses were all exposed after an unencrypted email with an attachment containing personal confidential information was sent to the wrong email distribution list. Paul Edon, […]

CA Veracode On “Spring Break” New Vulnerability For Web Apps

In response to the news that new “Spring Break” critical remote code execution (RCE) vulnerability, which is affecting Pivotal Spring frameworks including Spring Boot, the world’s most popular framework for building web applications, Chris Wysopal, CTO at CA Veracode commented below. Chris Wysopal, CTO at CA Veracode: News of “Spring Break” – the critical remote code execution (RCE) vulnerability (CVE-2017-8046) affecting projects in Pivotal Spring […]

WeChat Becomes More Censored By Government In China

Dr Johannes Ullrich, Dean of Research at SANS Institute commented below, regarding the recent added censorship WeChat has undergone in mainland China. It addresses how sophisticated censorship and control is possible at scale, as well as the complexities of such censorship in our globally connected environment. Dr Johannes Ullrich, Dean of Research at SANS Institute: […]

New Ransom Angle To Memcached Server Attacks

After multiple reports of massive DDoS attacks using memcached servers were detailed this week by researchers including Imperva and Akamai, a new development involving ransomware demands was also published Thursday by Cybereason. Nick Bilogorskiy, Cybersecurity Strategist at Juniper Network, commented below, and provided a supporting screenshot from the Shodan search engine.  , Cybersecurity Strategist at Juniper Network: “It is a […]

Open Source Code Flaws

A new study by Sonatype reports that one in eight open source components used to create applications contain flaws. Michael Patterson, CEO at Plixer commented below. Michael Patterson, CEO at Plixer: “There is inherent risk associated with using open source code for the development of IoT devices. By definition, an open source platform is influenced […]

Next Possible DDoS Attack That Could Cause A Major Internet Blackout

A report out from Harvard University reveals that there could be a large-scale Internet outage similar to the Dyn outage in 2016. *  The report points to the centralization of DNS which could translate into a single point of failure during a Denial-of-Service attack and could result in significant Internet outages for organizations. Sean Newman, […]

Expanded Equifax Breach

Following the news that the Equifax breach affected millions more consumers than originally reported, bringing the total to almost 147.9 million people – almost half the US population. Matt Dircks, CEO at Bomgar commented below. Matt Dircks, CEO at Bomgar: “The seemingly ever-growing extent of the Equifax breach should serve as a reminder that companies cannot afford […]

Less Than A Third Of Global Healthcare Organisations Remain Untouched, As Data Breaches Rise Across The Industry

2018 Thales Healthcare Data Threat Report reveals pressures to drive digital transformation, while maintaining the security of sensitive information   Thales, a leader in critical information systems, cybersecurity and data security, today announces the results of its 2018 Thales Data Threat Report, Healthcare Edition, revealing only 30% of global healthcare organisations have remain untouched by a data […]

German Government Hacked

Russian hacker group APT28 are accused of planting malware in the German government’s networks for as long as a year. Previously, Russian hackers also hacked the German government in 2015. The attack is allegedly done by the same hackers that targeted Hillary Clinton’s 2016 campaign. This cyberattack is evidence of a long line of cyber […]

New Research On Threats And Threat Groups Targeting ICS In 2017 (Dragos)

Fight against Application and Network level Attacks

New research findings from industrial cybersecurity firm Dragos indicate that in 2017, at least five highly sophisticated threat groups focused on attacking industrial control systems (ICS), and that targeted attacks become more common.  Ray DeMeo, Chief Operating Officer at Virsec commented below. Ray DeMeo, Chief Operating Officer at Virsec: “There has been a sharp increase in attacks targeting ICS in the […]