A phishing kit is the back-end to a phishing attack. It's the final step in most cases, where the criminal has replicated a known brand or organization.
Steve Ragan |
07 Aug |
Read more
A recent study from Google and UC Berkeley examined the various ways accounts are compromised, and determined that phishing attacks – not data breaches – pose the most risk to users when it comes to lost access.
Steve Ragan |
14 Nov |
Read more
Researchers at Carbon Black examined the Ransomware market and discovered some interesting facts about the booming criminal economy. Mirroring some of the legal technology markets, such as those for software development, the market for Ransomware is dominated by unique custom solutions and turnkey offerings.
Steve Ragan |
20 Oct |
Read more
A researcher has released details on vulnerabilities in the Wi-Fi Protected Access II (WPA2) protocol, which he calls KRACK. Attacks taking advantage of the issues will work against all modern protected Wi-Fi networks. To put it another way, if a given device supports Wi-Fi it is likely impacted by the KRACK vulnerabilities.
Steve Ragan |
16 Oct |
Read more
Equifax, one of the largest credit bureaus in the U.S., said on Thursday that an application vulnerability on one of their websites led to a data breach that exposed about 143 million consumers. The breach was discovered on July 29, but the company says that it likely started in mid-May.
Steve Ragan |
08 Sep |
Read more
Cyber-attack maps can be fun to look at, but are they useful? As usual, when it comes to security context is key, so CSO looked at eight of the web's most popular cyber-attack maps. While the maps themselves are mostly eye candy with limited context, there are some creative ways they can be used.
Steve Ragan |
22 Aug |
Read more
Researchers at Trend Micro and Cisco's Talos have identified a new wave of phishing attacks leveraging CVE-2017-0199, a previously patched remote code execution vulnerability in the OLE (Windows Object Linking and Embedding) interface of Microsoft Office.
Steve Ragan |
16 Aug |
Read more
Computer infected by ransomware? Don't panic. Follow the step-by-step instructions in this video for your best shot of removing it and recovering your data.
Steve Ragan |
11 Aug |
Read more
Las Vegas. Hate it or love it, for seven days each year Sin City is the gathering place for BSides Las Vegas, Black Hat, and DEF CON. Combined, these events are arguably the largest security gathering in North America, with professionals and enthusiasts both in attendance. Here's how to get the most out of your trip to the desert this summer.
Steve Ragan |
07 Jul |
Read more
CIP is just one of 14 mandatory NERC standards that are subject to enforcement in the U.S. However, it gets a good deal of attention because this regulation is centered the cybersecurity of assets deemed to be critical to the power grid. But does earning CIP compliance remove existing security problems?
Steve Ragan |
30 Jun |
Read more
Google has pushed four new security features to enterprise users on G Suite, the search giant's hosted business offering. The new protections come shortly after Citizen Lab report exposed a Russia-linked Phishing and disinformation campaign using Google services, including Gmail.
Steve Ragan |
01 Jun |
Read more
Researchers at Check Point have discovered a flaw affecting several popular media players, which stems from how they process subtitles. If exploited, an attacker could gain remote access to the victim's system. It's estimated that nearly 200 million video players and streaming apps use the vulnerable software.
Steve Ragan |
23 May |
Read more
Security researcher Victor Gevers, co-founder of the GDI Foundation, a non-profit dedicated to making the internet safer, is urging administrators to check their MongoDB installations, after finding nearly two hundred of them wiped and being held for ransom.
Steve Ragan |
04 Jan |
Read more
Election hacking has become a key topic during this year's presidential elections, more so now that candidates and voters are being actively targeted by actors that are assumed to be acting with Russian support. In this modified edition of CSO Online's Hacked Opinions series, we explore the myths and realities of hacking an election, by speaking with a number of security experts.
Steve Ragan |
05 Oct |
Read more
Every time there's an election, the topic of hacking one comes to the surface. During a presidential election, that conversation gets louder. Yet, even the elections held every two years see some sort of vote hacking coverage. But can you really hack an election? Maybe, but that depends on your goals.
Steve Ragan |
05 Oct |
Read more