Month: September 2016

Chief Information Security Officers Should be Reporting to Chief Risk Officers http://ift.tt/2cAq8Mw In the “old days” the physical security team sat in a back room watching cameras on a bunch of CRT monitors and information security was part of the network administration group, tasked mostly with managing firewalls to keep the bad guys from breaking…

35,000 ARRIS Cable Modems At Risk From Firmware Dumper Bot http://ift.tt/2cy12iX News via Packet Storm http://ift.tt/1Fpvz7L September 15, 2016 at 08:18AM

Ammyy Admin Website Hacked, Drops Latest Cerber Ransomware http://ift.tt/2d2NyOY The popular website for remote desktop management tool Ammyy Admin has been compromised to distribute a malware for the seventh time in the past year. The security expert, MalwareHunterTeam, informed that the website stopped delivering the threat at around 6-8 PM yesterday evening. Threat Intel via…

6 steps for defending against DDoS attacks http://ift.tt/2cgi6v9 If your business hasn’t already faced a distributed denial-of-service (DDoS) attack, brace yourself: fake traffic is coming. Your DevOps team and IT service desk need an action plan to handle these threats. This article will take you step-by-step through the process of identifying, stopping, and responding to…

Recently Patched Drupal Flaw Exploited in the Wild http://ift.tt/2cAaLDV Attackers have been attempting to exploit a highly critical vulnerability in a third-party Drupal module. The flaw was addressed two months ago, but many website administrators have apparently still not applied the patches. The vulnerability affects the RESTful Web Services (RESTWS) module, which enables developers to…

AlessandroZ/LaZagne http://ift.tt/2cKEgrp AlessandroZ/LaZagne: Recover passwords, tasty, tasty, passwords Vulnerabilities via Ecstatic Security http://ift.tt/1TuVnt9 September 14, 2016 at 07:27PM

Fancy Bears’ – Hack Team http://ift.tt/2cwB9jK Fancy Bears’ – Hack Team: New levels hack-trolling… https://twitter.com/FancyBears Some strange references…could be nothing… fb999xz0ne13@yahoo.com fb999xz0ne13@mails.ws http://ift.tt/2cKEsas http://ift.tt/2cKFiDX http://ift.tt/2cwAYoH Vulnerabilities via Ecstatic Security http://ift.tt/1TuVnt9 September 14, 2016 at 12:28PM

What’s next for threat intelligence? – ITProPortal http://ift.tt/2cwANcY It seems that right now, everyone is talking about threat intelligence. Nearly every security vendor wants to get in on the action and the majority of security operations groups are either being told by their management to get on board with it, or they’ve attended various security…

Microsoft Patches Zero Day Flaw Used In Two Massive Malvertising Campaigns – Dark Reading http://ift.tt/2ct9HnV Microsoft Patches Zero Day Flaw Used In Two Massive Malvertising Campaigns Bug gave attackers a way to identify and avoid systems belonging to security researchers and vendors, Proofpoint says. Microsoft has patched a zero-day vulnerability in Internet Explorer that at…