Indian to pay $8.6 million in a penalty for launching Cyber Attacks on US University

An Indian origin man named Paras Jha, 22, of New Jersey has been asked to pay $8.6 million as the penalty for launching cyber attacks on a leading US University. The sentence was pronounced by Trenton Federal Court Judge Michael Shipp who asked the individual to serve 6 months House Arrest in addition to the pronounced monetary penalty. Paras Jha is accused of launching cyber attacks on a leading US University by creating click to fraud botnets, infecting thousands of IoT devices with malicious software. After the house confinement, Jha is also...

Read More

Cloud Security Company Qualys acquires Layered Insight

Foster City, Calif-based Cloud Security specialist ‘Qualys’ has made it official that it is going to acquire ‘Layered Insight’ technologies to help secure container related applications on its cloud platform. As Pleasanton based Layered Insight offers deeper visibility into applications running inside containers, Qualys wants to use those capabilities to help its users set policies, automate enforcement and detect data breaches during runtime- a feature available in serverless containers offered by other companies such as Amazon Fargate and Microsoft...

Read More

Cyber Attack news for the day

On October 31st, 2018 the third phase of the public hearing has started on the Cyber Attack related to SingHealth. And to surprise us all, some interesting facts came into light. This includes the reality that the senior manager and some senior staff members of the healthcare provider showed reluctance in disclosing the cyber incident to the world as they did not want to feel the pressure. It was revealed before the 4 member committee today that Mr. Ernest Tan Choon Kiat a senior IT manager of Integrated Health Information Systems’s (IHiS) -a technology...

Read More

It’s the Season of Lists – Time for a Meaningful Risk List

I attended the Cybersecurity Summit in Phoenix recently and presented on the topic of minimizing risk. There were some great conversations around the value of risk management within the cyber threat landscape. Here are some of my musings from the event. We are now at the forefront of a world of digital transformation. Beyond being a buzz word digital is part and parcel of...

Read More

Safest websites when it comes to Cyber Security

Dashlane, a New York-based mobile security provider conducted a survey recently and came to a conclusion that most of the popular websites are not well equipped when it comes to protecting their customer’s critical data with two-factor authentication. Note 1- 2FA or 2 Factor Authentication adds an extra layer of security protection to a service or account before a ‘login’ can be completed. It works commonly alongside a password when a 4 or 6 digit number is sent to a user via SMS, Email or Application in order to gain access. Companies like Google...

Read More

Fresh SamSam Ransomware attack campaign targets 67 organizations

SamSam Ransomware was found hitting organizations operating in the US again and this time mostly those belonging to healthcare. A survey conducted by Symantec discovered that at least 67 organizations were hit by the said data locking malware this year, with 61 of attacks reported in the US alone. Just a minute number of attacks were reported in France, Portugal, Ireland, Israel, and Australia. Traditionally, the SamSam ransomware spreading hacking group was seen hitting firms from all sectors till last year. But this year, hackers preferred mostly...

Read More

Employee infects US govt network with malware after visiting 9,000 porn sites

By Uzair Amir Due to the carelessness of an employee, who apparently was a porn fan, the network of the satellite imaging facility, the U.S. Geological Survey (USGS) at the EROS Center, South Dakota got infected with malware. An audit carried out by the U.S. Department of the Interior’s inspector general reportedly identified the extensive history of porn […] This is a post from HackRead.com Read the original post: Employee infects US govt network with malware after visiting 9,000 porn sites October 31, 2018 at 12:14...

Read More

Signal App’s New Privacy Feature Conceals Sender ID from Metadata

By Waqas Messaging apps are now becoming more and more secure to make it difficult or rather impossible for anyone to access your conversations. Switching to end-to-end encryption although offered a stronger layer of protection but still the unencrypted metadata like sender/receiver information, message sending time, etc., wasn’t secured enough and could be exploited by an attacker. […] This is a post from HackRead.com Read the original post: Signal App’s New Privacy Feature Conceals Sender ID from Metadata October 30, 2018 at 08:43...

Read More

Yes, a Data Breach Is Inevitable: Here’s Why and What You Should Do

Why data encryption is your last line of defense in a data breach The recent SingHealth breach is considered the worst attack in Singapore history, resulting in the loss of millions of private records and sensitive data. The leaked data not only affects SingHealth, but everyone else who’s had their data stolen. In this blog, we talk about why perimeter defense alone is not...

Read More

Data in Cloud is more exposed to Cyber Attacks than in organizations

Finally, the truth is out that the data stored in cloud storage platforms are more exposed to cyber attacks than the data stored in the server farms of organizations. Well, this was discovered in the latest survey made by McAfee. McAfee report divulges that the data stored in a cloud, SaaS collaboration and PaaS/IaaS platforms are prone to configuration mistakes which can expose data to cyber crooks. The conclusion was made after analyzing billions of events in various cloud deployments. The American security software company says that in today’s...

Read More

Google Adwords accounts are vulnerable to Cyber Attacks

An Auckland based SEO marketing agency has issued a warning to all digital marketing agencies operating in New Zealand and across the world that their Google Adwords accounts are vulnerable to cyber attacks. Kim Voon, the CEO of Insight Online- termed as a leader in SEO Marketing in New Zealand said yesterday that the money in some of the AdWords accounts is being siphoned off via digital campaigns organized by hackers. Mr. Kim said that his agency has already got a couple of reports where Google ads accounts were being hijacked and the links being...

Read More

MadoMiner Part 2 – Mask

This is a guest post by independent security researcher James Quinn.       If you have not yet read the first part of the MadoMiner analysis, please do so now.  This analysis will pick up where Part 1 left off, while also including  a brief correction.  The x64 version of the Install module was listed as identical to the x86 Install...

Read More

Highlights From Security Congress 2018 – And What to Look Forward To

New Orleans jazz band welcomes attendees to the city and declares (ISC)2 Security Congress 2018 open By David Shearer, CISSP, (ISC)² CEO When I made the decision two years ago to transform the annual (ISC)2 Security Congress into an independent event, I knew it would be a huge undertaking for our team, but I also understood the passion of our member base and that we had...

Read More

IBM acquiring Red Hat for a whopping $34 billion

By Waqas IBM (International Business Machine) is acquiring the world-renowned provider of open source cloud software Red Hat, Inc., for a whopping $34 billion, the news about the deal was announced on Sunday. IBM plans to pay $34 billion in cash for $190.00 per share. After the deal, Red Hat will join IBM’s Hybrid Cloud team while its CEO Jim Whitehurst will […] This is a post from HackRead.com Read the original post: IBM acquiring Red Hat for a whopping $34 billion October 29, 2018 at 11:24...

Read More

Spicing up the MSSP World

We love conducting  surveys at conferences. Not only do we gain insights from some of the smartest people in attendance, but we get a few extra minutes to mingle and get to know them better. So, while we were at SpiceWorld in Austin this year, we sought to capture thoughts on outsourcing security. Of the attendees, 380 participated in our survey to bring us the following...

Read More

Breached Records More Than Doubled in H1 2018, Reveals Breach Level Index

Break Down of the 2018 Breach Level Index Stats: • 18,525,816 records compromised every day • 771,909 records compromised every hour • 12,865 records compromised every minute • 214 records compromised every second Data breaches had a field day in 2018. According to the Breach Level Iindex, a database compiled by Gemalto to track publicly reported data breaches disclosed in...

Read More

Four ways to improve your home’s security with the IoT

Smart home security is a hot topic now. More and more homeowners are now looking to home security products to help secure their properties from a variety of threats – mainly burglary. They look to a multitude of options, from smart security cameras, to motion sensors, to microphones and more. Some of these can be effective, when used in the right scenarios, but this isn’t...

Read More

IBM Corp To acquire Red Hat Inc for $34 billion

IBM Corp officially disclosed on Sunday that it is going to acquire US Software Company Red Hat Inc for $34 billion. And as per the details available to our Cybersecurity Insiders, IBM is likely to pay $186- $190 per share in cash to bail out the debt-ridden proprietor of Linux software. According to the trade analysts, IBM’s latest acquisition will by far be the biggest acquisition for the maker of mainframe computers. Probably, Ginni Rometty’s (the Chief Executive of IBM) plan is to diversify his company’s technology hardware and consulting business...

Read More

Identiv to acquire Thursby Software Systems

California based Identiv Inc., formerly known as Identive Group Inc, has made it official that it is going to acquire mobile security offering company Thursby Software Systems. The financial details of the deal are yet to be known, but analysts say that the deal will strengthen the former’s logical access across smart cards and derived credentials on Apple iOS and Google Android devices. Thursby is known to offer solutions supporting BYOD and 2-factor authentication on mobile devices running on iOS and Android operating systems. The company has...

Read More