The laudable aim of the National Institute of Standards and Technology (NIST) is to build a common language through a set of best practices and security principles that any organization can apply to combat cybercrime. We’ve looked at what NIST’s Cybersecurity Framework can do for you. We’ve also drilled a little […]
World Cyber News
Russian Cyber Hacks on U.S. Electoral System Far Wider Than Previously Known
Russia’s cyberattack on the U.S. electoral system before Donald Trump’s election was far more widespread than has been publicly revealed, including incursions into voter databases and software systems in almost twice as many states as previously reported. To read the original article: https://www.bloomberg.com/news/articles/2017-06-13/russian-breach-of-39-states-threatens-future-u-s-elections
Iranian hackers gains prowess in cyber world
Iranian hackers probably linked sponsored by the Iranian government has targeted organizations in the United States, the Middle East, and Asia, marking an exponential rise in Iranian cyber-spying. According to a report released by a private cybersecurity firm, FireEye, the Iranian hacking group is targeting companies involved in the petrochemical […]
Malware Slipped into CCleaner Could Steal PC User Data
Anyone who’s recently downloaded CCleaner, a PC optimization tool developed by London-based Piriform, should update the software immediately to avoid malware that was inserted into one version of the program. It’s uncertain how the malware was slipped into CCleaner, a utility program that Piriform said has been downloaded some 2 […]
a-PATCH-e: Struts Vulnerabilities Run Rampant
Equifax confirmed the attack vector used in its data breach to be CVE-2017-5638, a vulnerability patched last March 2017 via S2-045. The vulnerability was exploited to gain unauthorized access to highly sensitive data of approximately 143 million U.S. and 400,000 U.K. customers, as well as 100,000 Canadian consumers. This vulnerability was first disclosed in March, almost immediately followed by publicly […]
SEC Discloses Hackers Made Off With Data From Its Filing System
he U.S. Securities and Exchange Commission disclosed late Wednesday night that hackers breached its online filing system and may have made « illicit gain through trading. » The SEC, the agency responsible for regulating the financial securities industry, gave few details about the hack, saying only that it involved a software « vulnerability » […]
Russia targeted election systems in 21 states, successfully hacking some
On Friday, the Department of Homeland Security notified nearly half of the U.S. states that their election systems were targeted by Russia-affiliated hackers in an attempt to influence the 2016 election. In most of the states targeted, the hackers were engaged in preliminary activities like scanning. In other states hackers […]
NotPetya cyber-attack cost TNT at least $300m
Delivery company FedEx says a recent cyber-attack cost its TNT division about $300m (£221m). The company was one of several to have its computer systems severely disrupted by the NotPetya ransomware outbreak in June. Company executives also acknowledged TNT had yet to fully restore all its IT operations and was […]
Major cyber-attack will happen soon, warns UK’s security boss
A “category one” cyber-attack, the most serious tier possible, will happen “sometime in the next few years”, a director of the National Cybersecurity Centre has warned. According to the agency, which reports to GCHQ and has responsibly for ensuring the UK’s information security, a category one cybersecurity incident requires a national […]
Locky is coming: Ransomware campaign uses Game of Thrones-themed scripting variables
A Lannister always pays his debts. And you, too, may have to pay up if you become infected with Locky ransomware, delivered in an email distribution campaign that uses Game of Thrones references in its scripting variables. In a company blog post on Friday, PhishMe intelligence analyst Victor Cornell describes recently discovered Locky threat campaign, noting that the […]