Top IT Security Bloggers

  • Is your website or blog at risk from this ImageMagick security hole?

    Sophos - Naked Security
    You might not have heard of ImageMagick, but you may very well have used it anyway...
  • Advertising company given access to 1.6 million NHS patient records

    Graham Cluley
    The name of the advertising company?
    You may have heard of it. It's Google.
  • ‘Thou shalt not steal’: Hackers violate the 8th commandment

    Trend Micro - Cloud Security Blog
    Cyber criminals have smitten the Denver Archdiocese in a recent data breach.
  • Cyber crime results in real punishment

    Trend Micro - Cloud Security Blog
    A recent conviction of a proven cyber criminal is showing just how serious prosecutors are taking hacking.
  • Targeted malware attack spends decade sliding under the radar

    Graham Cluley
    Researchers have uncovered a cybercrime operation that spent close to a decade infecting targets with dozens of previously unknown malware variants.
    David Bisson reports.
  • Get FREE threat intelligence on hackers and exploits with the Recorded Future Cyber Daily [Sponsor]

    Graham Cluley
    Many thanks to the great folks at Recorded Future, who are sponsoring my writing this week.
    Recorded Future provides deep, detailed insight into emerging threats by automatically collecting, analyzing, and organizing billions of data points from the Web.
    And now, with its FREE Cyber Daily email all IT security professionals can access information about the top trending threat indicators - helping you use threat intelligence to help make better decisions quickly and easily.
    Which means that you will be able to benefit from a daily update of the following:

    Information Security Headlines: Top trending news stories.
    Top Targeted Industries: Companies targeted by cyber attacks, grouped by their industries.
    Top Hackers: Organizations and people recognized as hackers by Recorded Future.
    Top Exploited Vulnerabilities: Identified vulnerabilities with language indicating malcode activity. These language indicators range from security research (“reverse engineering,” “proof of concept”) to malicious exploitation (“exploited in the wild,” “weaponized”).
    Top Vulnerabilities: Identified vulnerabilities that generated significant amounts of event reporting, useful for general vulnerability management.

    Infosec professionals agree that the Cyber Daily is an essential tool:
    "I look forward to the Cyber Daily update email every morning to start my day. It’s timely and exact, with a quick overview of emerging threats and vulnerabilities. For organizations looking to strengthen their security program with threat intelligence, Recorded Future’s Cyber Daily is the perfect first step that helps to prioritize security actions." - Tom Doyle, CIO at EBI Consulting.
    So, what are you waiting for?
    Sign up for the Cyber Daily today, and starting tomorrow you’ll receive the top trending threat indicators.

    If you’re interested in exclusively sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.
  • Lost Door RAT: Accessible, Customizable Attack Tool

    Trend Micro - Security Intelligence
    We recently came across a cyber attack that used a remote access Trojan (RAT) called Lost Door, a tool currently offered on social media sites. What also struck us the most about this RAT (detected as BKDR_LODORAT.A) is how it abuses the Port Forward feature in routers. Using this feature enables remote systems to connect to a specific computer or service within a private local-area network (LAN). However, when used maliciously, this feature allows remote attackers to mask their activities in the network and avoid immediate detection. Because this RAT is easy to customize, even knowledge of the indicators of compromise (which may change as a result) may not be sufficient in thwarting the threat. Easily customizable RATs like Lost Door can be hard to detect and protect against, posing a challenge to IT administrators.
    Its maker, “OussamiO,” even has his own Facebook page where details on his creation can be found. He also has a dedicated blog (hxxp://lost-door[.]blogspot[.]com/) where tutorial videos and instructions on using the RAT is found. Any cybercriminal or threat actor can purchase and use the RAT to launch attacks.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Lost Door RAT: Accessible, Customizable Attack Tool
  • Lost Door RAT: Accessible, Customizable Attack Tool

    TrendLabs - Malware Blog
    We recently came across a cyber attack that used a remote access Trojan (RAT) called Lost Door, a tool currently offered on social media sites. What also struck us the most about this RAT (detected as BKDR_LODORAT.A) is how it abuses the Port Forward feature in routers. Using this feature enables remote systems to connect to a specific computer or service within a private local-area network (LAN). However, when used maliciously, this feature allows remote attackers to mask their activities in the network and avoid immediate detection. Because this RAT is easy to customize, even knowledge of the indicators of compromise (which may change as a result) may not be sufficient in thwarting the threat. Easily customizable RATs like Lost Door can be hard to detect and protect against, posing a challenge to IT administrators.
    Its maker, “OussamiO,” even has his own Facebook page where details on his creation can be found. He also has a dedicated blog (hxxp://lost-door[.]blogspot[.]com/) where tutorial videos and instructions on using the RAT is found. Any cybercriminal or threat actor can purchase and use the RAT to launch attacks.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Lost Door RAT: Accessible, Customizable Attack Tool
  • Fraudsters Steal Tax, Salary Data From ADP

    Krebs on Security
    Identity thieves stole tax and salary data from payroll giant ADP by registering accounts in the names of employees at more than a dozen customer firms, KrebsOnSecurity has learned. ADP says the incidents occurred because the victim companies all mistakenly published sensitive ADP account information online that made those firms easy targets for tax fraudsters.
  • WhatsApp blocked by judge for failing to hand over data

    Sophos - Naked Security
    The messaging service estimates that 100 million users have been temporarily blocked from using Brazil's most popular app. Again.

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place