Top IT Security Bloggers

  • InfoSec 2017: how to protect yourself against the next WannaCry

    Sophos - Naked Security
    What made WannaCry different from other ransomware attacks? We explain how it happened - and look at what lessons we've learned
  • UK cops arrest man picked out by automatic facial recognition software

    Graham Cluley
    In our pursuit of greater security, we must not throw away our fundamental human rights for privacy.
  • How The Intercept might have helped unmasked Reality Winner to the NSA

    Graham Cluley
    The Intercept might have unwittingly helped unmask Reality Winner, a government contractor who allegedly leaked a NSA document about Russian hacking to the news outlet.
    David Bisson reports.
  • Two cheers for Google’s native Chrome ad-blocker

    Sophos - Naked Security
    With more and more of us resorting to blocking the ads that turn websites into the digital equivalent of Piccadilly Circus's neon landscape, we look at what Google's move to control adverts in Chrome means
  • InfoSec 2017: a look at the family album of ransomware

    Sophos - Naked Security
    Here's SophosLabs' guide to what's been happening in the families of ransomware in the past six months
  • Criminals increasingly using malvertising to direct victims to exploit kits

    Symantec Security Response Blogs
    Once popular exploit kit redirection campaigns see a significant decline as redirection through malvertising increases



    Publish to Facebook: 


    No






    Twitter Card Style: 
    summary


    The exploit kit scene these days strongly resembles a sinking ship—with very few survivors, struggling to keep themselves afloat.
    read more
  • Following the Money Hobbled vDOS Attack-for-Hire Service

    Krebs on Security
    A new report proves the value of following the money in the fight against dodgy cybercrime services known as "booters" or "stressers" -- virtual hired muscle that can be rented to knock nearly any website offline.

    Last fall, two 18-year-old Israeli men were arrested for allegedly running a vDOS, perhaps the most successful booter service of all time. The pair were detained within hours of being named in a story on this blog as the co-proprietors of the service (this site would later suffer a three-day outage as a result of an attack that was alleged to have been purchased in retribution for my reporting on vDOS).

    That initial vDOS story was based on data shared by an anonymous source who had hacked vDOS and obtained its private user and attack database. The story showed how the service made approximately $600,000 over just two of the four years it was in operation. Most of those profits came in the form of credit card payments via PayPal.

    But prior to vDOS's takedown in September 2016, the service was already under siege thanks to work done by a group of academic researchers who teamed up with PayPal to identify and close accounts that vDOS and other booter services were using to process customer payments. The researchers found that their interventions cut profits in half for the popular booter service, and helped reduce the number of attacks coming out of it by at least 40 percent.
  • Victim Machine has joined #general: Using Third-Party APIs as C&C Infrastructure

    Trend Micro - Security Intelligence
    Imagine a well-experienced security analyst at a major company going through his normal routine of checking logs at the end of the workday. A quick look at the company’s security solution logs reveal nothing too peculiar or alarming — except for one thing: a higher than normal amount of traffic to the office’s newly introduced third-party chat platform.
    He doesn’t give this much thought. After all, the company’s been pushing to have the chat platform as the main office communication tool, so it makes sense that there’d be more traffic than usual.  The security analyst calls it a day and goes home.
    One the way home, however, he gets an alert: The security scanner has detected a potential security issue. He returns to the office, and finds what appears to be the cause: A machine was flagged downloading known malicious files, which were then caught by the company’s security solution. Again, nothing too strange, but he decides to investigate just what triggered the malicious behavior.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Victim Machine has joined #general: Using Third-Party APIs as C&C Infrastructure
  • Victim Machine has joined #general: Using Third-Party APIs as C&C Infrastructure

    TrendLabs - Malware Blog
    Imagine a well-experienced security analyst at a major company going through his normal routine of checking logs at the end of the workday. A quick look at the company’s security solution logs reveal nothing too peculiar or alarming — except for one thing: a higher than normal amount of traffic to the office’s newly introduced third-party chat platform.
    He doesn’t give this much thought. After all, the company’s been pushing to have the chat platform as the main office communication tool, so it makes sense that there’d be more traffic than usual.  The security analyst calls it a day and goes home.
    One the way home, however, he gets an alert: The security scanner has detected a potential security issue. He returns to the office, and finds what appears to be the cause: A machine was flagged downloading known malicious files, which were then caught by the company’s security solution. Again, nothing too strange, but he decides to investigate just what triggered the malicious behavior.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Victim Machine has joined #general: Using Third-Party APIs as C&C Infrastructure

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release