Ongoing coverage of the SolarWinds Orion attacks and useful resources, including analysis and indicators of compromise (IOC). Check back often for updates. [Read More]
Russian hacker Andrei Tyurin, who stole data from U.S. companies and information about over 100 million U.S. consumers, was sentenced to 12 years in prison [Read More]
A federal judge signed off on a deal that will allow Ticketmaster to pay a $10 million fine to escape prosecution over criminal charges accusing the company of hacking into the computer system of rival Songkick. [Read More]
The FBI has warned that individuals who launch swatting attacks have been hacking smart home devices to see and sometimes live-stream their pranks. [Read More]
A VPN service used by cybercriminals has been disrupted in a law enforcement operation that involved Germany, the Netherlands, France, Switzerland, and the US. [Read More]
Over the past year the buzz around tracking threat actors has been growing and in my opinion hitting the height of the hype cycle. Relying on behavior profiles alone is a great way to get an unwelcomed outcome.
The NSA tapping into our digital lives is a heinous breach of privacy, say those on the opposing team. I say, “meh.” Assume that everything you do and say is being watched and heard, always.
They always say in the investment world that cash is king. We are now seeing that in terms of cyber as well. Stealing cash, it’s even better than stealing money.
Understanding the various types of malicious actors targeting your networks, including their motivations and modus operandi, is key to identifying, expelling and expunging them.
When it comes to cybercrime, the police really can’t and aren’t going to protect residents of your town. The same goes for all towns and cities. Unless you’re talking a high six-figure theft, it's unlikely an officer will be assigned to your case.
In this second column in a two part series, Rod tackles the impact of the DNSChanger malware and simple solutions to counter similar DNS attacks on enterprises and major government agencies.
To effectively defend yourself against an enemy, you have to think like your adversary. Put yourself in their mind, their shoes. What’s the motive? How determined are they? Will they stop at a well-hardened network perimeter or move on to other tactics, including social engineering? Once you suffer a breach, how do you share your analysis?
The worlds of counter terrorism and fraud prevention should increase their ties. Systems that are already implemented in one world may be applied to the other. Solution providers and policy makers from both worlds need to meet up and share ideas, thoughts and experience for the benefit of both.
This week, we highlight a mix of tools and tool types that security researchers should have in their weapons in arsenal, including tools unveiled for the first time at the Black Hat conference.
Once a Software Vendor discovers that their software has been pirated, the gut reaction is to put an immediate stop to it. If piracy is discovered, it’s best to react, but don’t overreact. Be proactive, yet patient.