The advent of cloud computing has dramatically altered the technology structure of today’s companies – making it much easier and faster to deploy resources as needed. In the traditional model, application developers had to wait for IT to provision storage and compute resources; meanwhile, security and network teams were needed to make the resources accessible and compliant with company policies. The process often took weeks or even months. By contrast, cloud-based resources could be spun up in minutes, and new applications deployed in that same day, without IT or network security involvement.
Law enforcement in Moscow, with support from Group-IB, recently arrested a 32-year-old hacker, accused of taking part in stealing funds from customers of Russian banks using Android Trojans. At the height of their activity, the attackers reportedly siphoned between $1,500 to $8,000 dollars daily and leveraged cryptocurrency to launder the funds anonymously.
On June 6, developer Revived Games and publisher ACID were going to unleash the video game Active Shooter on the world. The game would let player experience a mass shooting from the point of the shooter or the SWAT team trying to take them down. Some people were understandably upset.
Posted under: Research and Analysis
Now that you understand the use cases for security monitoring, the next step in our journey is to translate those use cases to requirements for your strategic security monitoring platform. In other words, now that you have an idea of the problem(s) you need to solve, what capabilities do you need to address the use cases? And part of that discussion is inevitably what you don’t get from your existing security monitoring approach, since this research wouldn’t be very interesting if you were all peachy with your existing tools.
“Deterrence is particularly important in a case like this,” the judge said during the hearing. He rejected prosecutors call for a prison sentence of nearly 10 years, noting Baratov’s age and clean criminal record prior to his arrest. Baratov has been in custody since his arrest last year. He told the judge Tuesday that his time behind bars has been “a very humbling and eye-opening experience.” He apologized to those he hacked and promised “to be a better man” and obey the law upon his release. The judge said it is likely Baratov will be deported once he is released from prison.
Nearly three quarters of 96 agencies reviewed by federal officials have cybersecurity programs that are either “at risk” or at “high risk,” meaning “bold approaches” are needed to secure federal networks, according to the Office of Management and Budget.
The military used a combination of kinetic attacks, like missile strikes, with cyber operations, to fight ISIS in an important battle last year, a senior U.S. official revealed recently.
On Wednesday, June 13, at 11 a.m. PST/2 p.m. EST/7 p.m. GMT, @eWEEKNews will host its 68th monthly #eWEEKChat. The topic will be, “What’s Next for Cybersecurity?” It will be moderated by Chris Preimesberger, eWEEK’s editor of features and analysis.
As the Atlanta city government struggled to recover from March’s ransomware attack, cybersecurity personnel from U.S. banks huddled two miles from city headquarters to practice dealing with the same type of disruptive malware.
Key targets for cyber-attacks include software products, IoT-connected devices, and the data that gets exchanged across the networks. To best protect your assets and your customers’ privacy it’s critical you understand the potential threats, be up-to-date in the latest defensive techniques, and be prepared to stand vigilant against future attacks.
Today VMware has released the following new security advisory:
Whether it’s surveilling or deceiving users, mishandling or selling their data, or engendering unhealthy habits or thoughts, tech these days is not short on unethical behavior. But it isn’t enough to just say “that’s creepy.” Fortunately, a course at the University of Washington is equipping its students with the philosophical insights to better identify — and fix — tech’s pernicious lack of ethics.
The developers of one of the top-traded cryptocurrencies, EOS, say they’ve patched a critical vulnerability that reportedly could have compromised EOS’s entire forthcoming platform.
A sophisticated Chinese cybercrime group is using old, leaked computer code from a notorious cyber-arms dealer known as HackingTeam to breach thousands of companies, mostly based in Asia, according to new research by Israel cybersecurity firm Intezer.
We continue to research how proliferation of IoT devices affects the daily lives of users and their information security. In our previous study, we touched upon ways of intercepting authentication data using single-board microcomputers. This time, we turned out attention to wearable devices: smartwatches and fitness trackers. Or more precisely, the accelerometers and gyroscopes inside them.
Recent advances including digital currencies and the associated public transaction record blockchain have paved the way for an array of new financial activities. Cryptocurrencies like Bitcoin are beginning to be accepted as payment by major retailers, creating more concrete use cases and capabilities.
On Friday, the Federal Communications Commission sent a letter to Amazon CEO Jeff Bezos and eBay CEO Devin Wenig asking their companies to help remove the listings for fake pay TV boxes from their respective websites. These boxes often falsely bear the FCC logo, the letter informed, and are used to perpetuate “intellectual property theft and consumer fraud.”
FireEye has released GeoLogonalyzer, an open source tool that can help organizations detect malicious logins based on geolocation and other data.