Review: The best password managers for PCs, Macs, and mobile devices. June 18, 2014.
Beware Keyloggers at Hotel Business Centers. The U.S.
Secret Service is advising the hospitality industry to inspect computers made available to guests in hotel business centers, warning that crooks have been compromising hotel business center PCs with keystroke-logging malware in a bid to steal personal and financial data from guests. A DHS/Secret Service advisory dated July 10, 2014. In a non-public advisory distributed to companies in the hospitality industry on July 10, the Secret Service and the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) warned that a task force in Texas recently arrested suspects who have compromised computers within several major hotel business centers in the Dallas/Fort Worth areas.
Hotel business center computers see uptick in keylogger malware. More in News DefCon: You cannot 'cyberhijack' an airplane, but you ...
In a session at DefCon 22, speakers explained that it is not possible to hack a plane and take control of the aircraft, but creating some mischief is still possible. DefCon: Panel discusses diversty in security and just ... Hackers Attack Shipping and Logistics Firms Using Malware-Laden Handheld Scanners. China-based threat actors are using sophisticated malware installed on handheld scanners to target shipping and logistics organizations from all over the world.
The attack, dubbed "Zombie Zero," has been analyzed by cybersecurity solutions provider TrapX, a company formerly known as CyberSense. According to TrapX, the attack begins at a Chinese company that provides hardware and software for handheld scanners used by shipping and logistics firms worldwide to inventory the items they're handling. The Chinese manufacturer installs the malware on the Windows XP operating systems embedded in the devices. Additionally, the threat is also distributed via the company's support website, the security firm noted in its report (PDF). The scanners transmit the data they collect (origin, destination, value, contents, etc.) via the customer's wireless network. The malware used by the Zombie Zero attackers is highly sophisticated and polymorphic, the researchers said. Insurers struggle to get grip on burgeoning cyber risk market. No money, no problem: Building a security awareness program on a shoestring budget.
Implementing a security awareness program seems rather straightforward, until you actually start to implement one - factoring in things like resources and the people (users) to be trained.
Beef up your security and avoid being a victim on vacation this summer. How to recover files from a CryptoLocker attack, without paying! If you're new here, you may want to subscribe to the RSS feed, like us on Facebook, or sign-up for the free email newsletter which contains computer security advice, news, hints and tips.
Thanks for visiting! Here’s some genuine good news to brighten the day of anyone who has had their computer hit hard by one of the most pernicious threats to hit internet users for a long time. 92% of brands fail email security test. Posted on 06 August 2014.
The Online Trust Alliance (OTA), the non-profit with the mission to enhance online trust and empower users, announced the results of its 2014 Email Integrity Audit report, including its Email Trust Scorecard. Out of nearly 800 top consumer websites evaluated, OTA found only 8.3 percent of consumer facing web sites passed and thus 91.7 percent failed. The overwhelming majority of businesses and government agencies are not following adequate steps to help ensure consumers and business partners can discern if emails coming from their domain are genuine or forged.
The Scorecard measures the adoption of three critical email security protocols: Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting and Conformance (DMARC). The U.S. state of cybercrime takes another step back. When it comes to cybercrime, it seems no enterprise goes unscathed.
There are more breaches happening, the associated costs are rising, and business leadership grows increasingly concerned that information security remains a challenge that is out of control. Those are the headline findings of the 2014 U.S. State of Cybercrime Survey, an annual survey by CSO Magazine with help from the U.S.
Secret Service, the Software Engineering Institute at Carnegie Mellon University, and PwC. New Data Sheds Light on Shifting Cybercriminal Tactics - Microsoft Security Blog. New data released today suggests that the security mitigations that Microsoft has included in newer software has helped make malicious cyber acts more difficult for would-be attackers.
Effective security mitigations raise the cost of doing business for cybercriminals. The data also indicates that cybercriminals are increasingly utilizing deceptive tactics in their attempts to compromise systems. This is a key finding of our latest cybersecurity report, that we publish twice a year to help our customers, partners, and the broader cybersecurity community understand the tools, tactics and threats posed by cybercriminals. This knowledge is essential for IT and security professionals trying to better protect themselves and their organizations from cyber-attacks. 2014-05-05 Global Cost of Data Breach Increases by 15 percent, According to Ponemon Institute. Traverse City, MI - 05 May 2014: Today Ponemon Institute released its ninth annual Cost of Data Breach Study: Global Study, sponsored by IBM (NYSE: IBM).
According to the study of 314 companies spanning 10 countries, the average total cost of a data breach increased 15 percent in the last year to $3.5 million Local currencies were converted to U.S. dollars for comparison purposes.. The study also found that the cost incurred for each lost or stolen record containing sensitive and confidential information increased more than nine percent to $145. The ninth annual study involved the collection of detailed information about the financial consequences of a data breach. For purposes of this research, a data breach occurs when sensitive, protected or confidential data is lost or stolen and put at risk. All those interviewed are knowledgeable about their organization’s data breach and the costs associated with resolving the breach. Malware Breaks All Records in Q1 2014. If it feels like threats are snowballing out there, it’s not your gut deceiving you: malware creation has broken all records during the first quarter of the year, with a figure of more than 15 million new samples appearing for the period, and more than 160,000 new samples appearing every day.
Panda Security’s PandaLabs quarterly report for Q1 2014 has concluded that trojans are still the most abundant type of new malware, accounting for 71.85% of new samples created during Q1. Trojans are followed by worms, at 12.25%, and viruses, at 10.45%. Cybercrime shopping list study points to falling prices. 16 December 2013Last updated at 19:47 ET By Paul Rubens Technology reporter The price of a hacking victim's personal details are becoming cheaper to buy, says a study Fancy a bank account with $300,000 (£184,000) in it?
Want better passwords? Follow the lead of 1Password and make it easier for people. As the spate of password breaches continues, the challenge is how quickly news of each new attack fades into the background as noise. It makes it even harder to connect with people and convince them to take action. After the latest password breach, Nick Owen (@wikidsystems) (aside: did you read the interview with Nick), Kurt Wismer (@imaguid), and I engaged in a brief twitter conversation on the economics of password choice. FOCUS Magazine Online: Articles. As we conduct more and more business online, the digital world has become a hacker’s paradise. To combat the growing threat of cyber attacks, many companies are hiring chief information security officers (CISOs) whose main responsibility is to make sure data is secure.
Recent high-profile data breaches have demonstrated that it is not a role for the faint of heart. “We’re like sheep waiting to be slaughtered,” said David Jordan, the CISO for Arlington County in Virginia. “We all know what our fate is when there’s a significant breach.” IT research firm Gartner predicts that by 2020, 30 percent of Global 2000 companies will have been directly compromised by independent cyber activists or cyber criminals. Women Gain in Some STEM Fields, but Not Computer Science. A few weeks ago, I wrote about ways to get more women interested in computer science. One of the points that came up frequently in my reporting is that some other STEM fields (science, technology, engineering and mathematics) have actually been quite successful attracting more women. A report this week from the National Science Foundation lays out these trends nicely: Source: “Women, Minorities, and Persons with Disabilities in Science and Engineering,” National Science Foundation.
With 1.6 million smart phones stolen last year, efforts under way to stem the losses. Based on our latest nationally representative survey of adult Internet users, Consumer Reports projected that 1.6 million American consumers were victims of smart phone theft in 2012. A variety of possible solutions are being proposed by law enforcement and industry experts. Such theft is a major problem in big cities, law enforcement officials say. Fifty percent of the robberies committed in San Francisco, for example, are of mobile devices, according to San Francisco District Attorney George Gascon. Law enforcement, legislators, and the phone industry are working on a variety of solutions to reduce the number of victims. Inside The Massive Global Black Market For Smartphones. BYOD and Mobile Security Report 2013. 123456: Millions of Adobe hack victims used horrible passwords. 96% of businesses are unprepared for a cyber attack.
Cyber-Security Insurance Adoption Grows. Businesses are beginning to rank cyber-security risks as greater than natural disasters and other major business risks, and while only 31 percent of companies are insured against data breaches, a growing number of companies are exploring policies, according to the findings of a survey by Experian Data Breach Resolution and the Ponemon Institute. What kind of target are you? Is your organization a likely target for security attacks?
Upgrading to Windows 8.1: Your new OS survival guide. Study: The cost of cyber crime continues to rise. The Digital Age Of Cyber Insurance - Live Insurance NewsLive Insurance News. Best security tools for under $3,000. Top 20 Free Digital Forensic Investigation Tools for SysAdmins. Defending against web-based malware: Spot the smoke, don’t wait for fire.
Medical ID Theft Spreads - Watch out for Waterhole Web Attacks. Half of organizations targets of cyberattack in last year. After Twitter, NY Times hacks, top Internet brands remain at risk. Social engineering: Study finds Americans willingly open malicious emails. Rogue antivirus makes users an 'offer they can't refuse' Top Ten Tips for Companies Buying Cyber Security Insurance Coverage - Association of Corporate Counsel (ACC) XP's retirement will be hacker heaven.
Detect the undetectable: Start with event logs. DHS Grants Can Boost Cyber Preparedness. DHS Grants Can Boost Cyber Preparedness. Should you create a separate, supersecure network? Stop 80 percent of malicious attacks now. What else can Congress bungle? Their passwords, for starters. Security Response Publications, Internet Security Threat Report. Gartner's 2012 Magic Quadrant recognizes SafeNet's leadership position in Authentication.
Calif. attorney general: Time to crack down on companies that don't encrypt. CSIS: 20 Critical Security Controls. 5 Safeguards From 'Watering Hole' Attacks, Chinese Hackers. Why business is losing the war against cybercrime. Five steps to ultimate Firefox security. Cybercrooks target SMBs with new types of attacks. Know thy cyber enemy: Who's attacking and what they want. 5 hot security defenses that don't deliver. Welcome to San Francisco: Here's where the cellphone thefts are. New startups are prime targets for cyberattacks - May. 23, 2013. Cyberattacks devastated my business! - Hacked by Anonymous (1) Study Shows Cyber Attacks Target Small Businesses. Most Data Breaches Caused by Human Error, System Glitches. Too many CSOs ignore the reality of today's threats. New Survey Shows U.S. Small Business Owners Not Concerned About Cybersecurity; Majority Have No Policies or Contingency Plans.
Negligence and glitches create 64% of data breaches.