Election officials in swing states Florida, Ohio, and Pennsylvania among those who report Russian state-sponsored attackers targeted their systems.The US Department of Homeland Security notified election officials in all 50 states on Friday, informing 21 that their states had been targeted by Russian state-sponsored cybercriminals during the 2016 election ca

Wired has a story about a possible GPS spoofing attack by Russia: After trawling through AIS data from recent years, evidence of spoofing becomes clear. Goward says GPS data has placed ships at three different airports and there have been other interesting anomalies. "We would find very large oil tankers who could travel at the maximum speed at 15 knots," s

By Andrew Hay, Co-Founder and CTO, LEO Cyber Security. I speak at a lot of conferences around the world. As a result, people often ask me how I manage the vast number of abstracts and security call for papers (CFPs) submissions. So I thought I’d create a blog post to explain my process. For lack of a better name, let’s call it the Hay CFP Management Method.

By Jason Gu, Veo Zhang, and Seven Shen We have disclosed this security issue to Google, who verified that they have protections in place against ZNIU courtesy of Google Play Protect. The Linux vulnerability called Dirty COW (CVE-2016-5195) was first disclosed to the public in 2016. The vulnerability was discovered in upstream Linux platforms such as Redhat,

The RedBoot ransomware encrypts files on the infected computer, replaces the Master Boot Record and then modifies the partition table. Malware Blocker researcher discovered a new bootlocker ransomware, dubbed RedBoot, that encrypts files on the infected computer, replaces the Master Boot Record (MBR) of the system drive and then modifies the partition table.

United Cyber Caliphate members stopped trying to develop their own hacking and communication tools and used to search them into the criminal underground. According to Kyle Wilhoit, a senior security researcher at DomainTools, who made a speech at the DerbyCon hacking conference in US, ISIS members stopped trying to develop their own hacking and communication

The Adobe product security incident response team (PSIRT) accidentally published a private PGP key on its blog, once discovered the issue it quickly revoked it. On Friday, the Adobe PSIRT updated its Pretty Good Privacy (PGP) key and published the new public key on the blog post. The new key should have been valid until September 2018, but something strange

The accountancy firm Deloitte announced it is has been targeted by a sophisticated hack that compromised its global email server. Today the accountancy firm giant Deloitte revealed that is has been targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients. According to The Guardian that first reporte

In health care, cyberthreats pose a substantial risk to patient safety, systems of care and business continuity. The security of electronic medical information has a tremendous impact on data access, which directly affects quality of care, patients’ rights to privacy and the professional standing of health care organizations. Practitioners can only mak

Many people in the security industry today grew up watching “Star Trek,” from the original episodes to Next Generation, Deep Space Nine, Voyager, Enterprise and the many other series that followed. In anticipation of the upcoming “Star Trek: Discovery” series, we thought it would be a good time to remind our readers that, beyond the e

Endpoint attacks can come from any direction and many sources. Just consider the reported vulnerabilities found in Apache Struts and the damage caused by WannaCry and Petya. Companies need to stay one step ahead of endpoint attacks, but they struggle due to a lack of visibility of endpoint status, the complexity of investigations and ineffective remediation.

The latest SecurityIQ update includes nine new security awareness modules for healthcare professionals, and custom course notifications to help you increase program completion rates. Read on for complete release details. 9 New Security Awareness Modules for Healthcare Professionals Staying compliant with HIPAA and PPI regulations just became simpler wi

IntroductionFor most of us, “hacking” is a word that conjures up images of frustration and even fear. Hackers have become much bolder, threatening companies of all sizes, and even entire government agencies. Their attacks have become much more sophisticated and harder to detect, let alone defeat.To defeat a hacker, one must be able to think like a hack

IntroductionInterested in boosting your career potential? The project management professional (PMP) credential from the Project Management Institute (PMI) can give you the leg up you want. This certification shows you have the knowledge necessary to manage projects of all sizes and scopes, to determine where breakdowns in processes might be occurring,

The industry rewards cutting corners rather than making software safe. Case in point: the Equifax breach. There is plenty of blame to go around after the Equifax incident, and I'm not trying to be an apologist for the credit rating company. The problem is that the wrong incentives are driving software development. Unless we change the incentives, security wi