Aggressive cloud adoption increases threat surface and makes it more difficult for infosec teams to keep track of what the business is doing. Donald Meyer, Head of Data Center and Cloud at Check Point Software, explains how infosec teams can more effectively mitigate risk without hampering business agility.
Source: Keeping the Business Safe Across Hybrid Cloud Environments – Dark Reading
A new wave of document attacks targeting inboxes do not require enabling macros in order for adversaries to trigger an infection chain that ultimately delivers FormBook malware.
Source: Word Attachment Delivers FormBook Malware, No Macros Required
Panera didn’t fix flaw for 8 months; 37 million records were allegedly exposed.
Source: Panera accused security researcher of “scam” when he reported a major flaw
It is a truth universally acknowledged in the infosecurity community, that giving away free USB sticks only leads to trouble. On countless occasions we’ve seen… #malware #taiwan #usbsticks
Source: Cybersecurity quiz winners rewarded with malware-infected USB sticks
The U.S. government has issued a rare technical alert, warning that attackers are continuing to compromise organizations across the energy sector, often by first
Source: Alert: Energy Sector Hacking Campaign Continues
During the Virus Bulletin closing keynote, Brian Honan urged the security industry to share more, victim-shame less and work harder to establish trust.
Source: Security Industry Failing to Establish Trust
A malware campaign utilizing bogus “HoeflerText” popup warnings is back in full swing targeting Google Chrome and Firefox browsers with Locky ransomware attacks and the NetSupport Manager RAT.
Source: ‘HoeflerText’ Popups Target Browsers With RAT and Locky Ransomware
GitLab fixed a vulnerability recently that could have opened its users up to session hijacking attacks.
Source: Session Hijacking Bug Exposed GitLab Users Private Tokens
Cyberwar has evolved from the theoretical to the ominous. TechRepublic went inside one of the defenders vs. hackers war games that’s helping countries prepare to defend themselves.
Source: Defending against cyberwar: How the cybersecurity elite are working to prevent a digital apocalypse – TechRepublic