The Security Ledger

Report: Small, Stealthy Groups Behind Worst Cybercrimes

The Security Ledger - Thu, 11/15/2018 - 10:17am

A small group of cybercriminals are responsible for the most damaging cyberattacks--often with the help of state sponsorship. Still, low-level criminal activity on the dark web still poses the most widespread and immediate security threat, with cryptocurrency mining, ransomware and malware all on the rise, a recent report has found.

The post ...

Read the whole entry... »

Related Stories
Categories: The Security Ledger

Survey Finds Attacks Find Insecure IoT Devices

The Security Ledger - Wed, 11/14/2018 - 5:33pm

A survey finds vast differences in security practices linked to IoT devices in the enterprise, with attacks concentrating on insecure IoT endpoints. 

The post Survey Finds Attacks Find Insecure IoT Devices appeared first on The Security Ledger.

Related Stories
Categories: The Security Ledger

Nigerian ISP Hijacks Google Traffic, Sends It Through Russia and China

The Security Ledger - Tue, 11/13/2018 - 6:09pm

A small Nigerian Internet service provider (ISP) hijacked traffic meant for Google data centers on Monday, re-routing local traffic through China and Russia and making some hosted services temporarily unavailable for users.

The post Nigerian ISP Hijacks Google Traffic, Sends It Through Russia and China appeared first on The Security Ledger.

Related Stories
Categories: The Security Ledger

Podcast Episode 120: They Email Ballots, Don’t They?

The Security Ledger - Mon, 11/12/2018 - 8:11pm

In this week’s episode (#120): more than 100,000 U.S. voters submitted their ballots in the last presidential election via email in 2016. Despite that: hardly any attention has been paid to the security of email and online voting systems used by 32 states.

The post Podcast Episode 120: They Email Ballots, Don’t They? appeared first on ...

Read the whole entry... »

Related Stories
Categories: The Security Ledger

Bank Attacks Put Password Insecurity Back in the Spotlight

The Security Ledger - Thu, 11/08/2018 - 10:03pm

Two separate attacks on banks in the United States and Pakistan revealed this week highlight once again the inherent weakness of a security practice that relies on passwords or knowledge-based credentials to protect critical information. International bank HSBC said it was a victim of a credential-stuffing and became aware of unauthorized access...

Read the whole entry... »

Related Stories
Categories: The Security Ledger

Feds, Facebook Join Forces to Prevent Mid-Term Election Fraud

The Security Ledger - Tue, 11/06/2018 - 3:49pm

The U.S. government and social media firms took action to suspend bogus accounts ahead of Tuesday’s midterm elections. (Photo by Paul Roberts) Federal authorities, social media companies, and the U.S. military are on cybersecurity high alert for fraud, suspicious online activity or other security glitches that could cast a shadow on...

Read the whole entry... »

Related Stories
Categories: The Security Ledger

Podcast Episode 119: EFF on Expanding Researchers Rights and AT&T talks IoT Security Fails

The Security Ledger - Tue, 11/06/2018 - 3:32pm

In this episode of the podcast, #119: Electronic Frontier Foundation General Counsel Kurt Opsahl joins us to talk about the Coders’ Rights Project. Also: we speak with Senthil Ramakrishnan, a lead member of AT&T’s IoT Security group about that company’s plans to work with Ericsson to certify the security of IoT devices....

Read the whole entry... »

Related Stories
Categories: The Security Ledger

Managed Threat Hunting Bridges the Talent Gap

The Security Ledger - Sun, 11/04/2018 - 10:08am

Skilled operators make all the difference in incident response and threat hunting. With talent scarce (and expensive), however, managed threat hunting teams may be worth a look, writes Scott Taschler of the firm Crowdstrike. As we discussed in “Uncovering the Unknown Unknowns,” threat hunting is a critical discipline that more organizations...

Read the whole entry... »

Related Stories
Categories: The Security Ledger

Report: China Eyes IoT as Next Front of Cyber War on U.S.

The Security Ledger - Fri, 11/02/2018 - 6:30am

China is eyeing dominance of the Internet of Things (IoT) market and may use vulnerabilities in these technologies as the next front on its ongoing cyberwar with the United States, according to a new report.

The post Report: China Eyes IoT as Next Front of Cyber War on U.S. appeared first on The Security Ledger.

Related Stories
Categories: The Security Ledger

Sextortionist Campaigns Get Personal, Creative to Force Payouts

The Security Ledger - Wed, 10/31/2018 - 12:00pm

Two security firms warn of a flurry of "sextortion" campaigns recently that use new, creative and sometimes extreme methods that leverage personal information, sex-related activity and even death threats to spur victims to pay thousands in ransom fees to hackers.

The post Sextortionist Campaigns Get Personal, Creative to Force Payouts appeared...

Read the whole entry... »

Related Stories
Categories: The Security Ledger

Podcast Episode 118: White Hat Eye on the Gaming Guy

The Security Ledger - Mon, 10/29/2018 - 10:21pm

In this week’s episode, #118: modern computer games are like mini economies and that makes them a big target for hackers. We talk with four leading researchers from Bug Crowd about how even popular games fall down on security. Also: Srinivas Mukkamala, the CEO of RiskSense about how artificial intelligence and risk based approaches to securing...

Read the whole entry... »

Related Stories
Categories: The Security Ledger

Research: Russian Disinformation Campaigns Target African Americans

The Security Ledger - Thu, 10/25/2018 - 10:21am

Russian misinformation campaigns have been targeting African Americans in a number of ways to create division between left and right political agendas, create racial division and discord, and even suppress Black voter turnout, new research has found. Two recent reports outline how Russian information operations are crafting stereotypical online...

Read the whole entry... »

Related Stories
Categories: The Security Ledger

Report: Obvious Security Flaws Make ICS Networks Easy Targets

The Security Ledger - Wed, 10/24/2018 - 10:22am

Industrial control systems (ICSs) remain easy targets for nation-states actors because of security gaps such as plain-text passwords, direct Internet connections and weak anti-virus protections, a new report has found. The warnings about industrial control systems running on Windows XP are becoming a thing of the past; ICS administrators seem to...

Read the whole entry... »

Related Stories
Categories: The Security Ledger

Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats

The Security Ledger - Tue, 10/23/2018 - 5:16pm

In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. In the first segment, we talk with Thomas Harvey of the firm RMS about the problem of “silent cyber” risk to insurers and how better modeling of cyber incidents is helping to address that threat. In part II, we invite Chip Block of...

Read the whole entry... »

Related Stories
Categories: The Security Ledger