Steve Ragan

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.

Recent articles by Steve Ragan

Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data

Anonymous posted 3,400 records, containing what are claimed to be Brickcom customer email addresses, names, usernames, and passwords.
Workers Don't Trust Employers with Personal Data: Survey

In a study of 3,000 employees globally, Aruba Networks discovered that 45-percent of European workers and 66-percent of Americans fear the loss of personal data due to their workplace. These
Root SSH Key Compromised in Emergency Alerting Systems

The private SSH key used in firmware images prior to version 2.0-2 of Monroe’s DASDEC-I and DASDEC-II has been compromised.
Morningstar Data Breach Impacted 184,000 Clients

Morningstar recently disclosed that a data breach occurred last year that impacted 184,000 of its customers.
Microsoft to Patch Seven Flaws in July's Patch Tuesday

Microsoft has posted its advanced notification for July 2013's Patch Tuesday, which will include six critical patches and one rated as important.
OpenX Addresses New Security Flaws with Latest Update

OpenX, the open source ad serving platform, patched two flaws last week, after they were discovered by Geneva, Switzerland’s High-Tech Bridge.
Ubisoft Breached: Users Urged to Change Passwords

Ubisoft, the studio behind some widely popular games such as Assassin’s Creed and the Far Cry series, disclosed that they have suffered another security incident on Tuesday, and are urging users to reset their account passwords.
Anonymous Targets Anti-Anonymity B2B Firm Relead.com

Anonymous claims to have leaked the customer database of Relead.com, a service that helps websites convert anonymous visitors into actual sales leads by examining their IP information.
Flaws Found In ZRTPCPP Library Used to Encrypt Mobile Apps

Mark Dowd, co-founder of Azimuth Security, disclosed details of vulnerabilities he discovered in the ZRTPCPP library, which is a core component for many secure phone applications.
Atlassian's Crowd SSO Software Remains Vulnerable Despite Patches

A technical advisory from Command Five, an Australian security consultancy, has outlined the recently patched flaws in Atlassian’s Crowd Single Sign-on (SSO) software package.
Department of Defense Contractors Gain New Whistleblower Protections

The Pentagon has said that new whistleblower protections for Department of Defense (DoD) contractors will go into effect July 1.
Activist Group Targets Istanbul Admin Portal - Claims to Have Erased Debts

RedHack, a Turkish collective of activists and hackers, has claimed responsibility for the discovery of authentication issues within the portal used by the Istanbul Special Provincial Administration.
Citadel Variant Targets International Users With Automatic Localization

Researchers at Trusteer have discovered a new variant of the Citadel Trojan that includes regional-based HTML injections that match language.
Mobile Attacks Will Continue to Increase and Grow More Sophisticated: Juniper Networks

In its 2013 Mobile Threats Report, Juniper Networks outlines the trends and the year-over-year growth of the mobile malware market, including the fact that criminals are making a tidy profit as a result of their efforts.
Organizations Confident in Sending Sensitive Data to the Cloud Despite Security Fears

A growing number of organizations are pushing sensitive and confidential data into the cloud with confidence, despite concerns over data protection.
Ten Questions Every Business Should Ask Before Developing a Cloud Security Policy

Given the growing need to protect data, cloud security policy development is a crucial first step in the process, but it isn’t as easy as it seems.
'PinkStats' Malware Used in Attacks Against South Korea, Others

Researchers from Seculert have shared details on "PinkStats", malware behind a string of attacks used by several Chinese-speaking groups to target different worldwide organizations and nation-states.
Compromised Yahoo! Accounts Used to Spread Android Trojan

In a recent campaign stemming from compromised Yahoo! accounts, users to visited the spammed link via a PC would see health-product related spam. For those who access the link on an Android device, are hit with the "NotCompatible Trojan".
Technical Problems, Not Cyberattacks Caused Iranian Oil Network Outage

The head of IT at the NIOC, Ahmad Tavallaei, posted to the Iranian Oil Ministry’s website that a technical problem – not a cyberattack – was the cause of network problems, which eventually led to a temporary shutdown.
Firm Offers HTML5 As a Means to Protect Data

Mobile Helix says “Link” offers enterprise managers a open HTML 5 app development and delivery platform that will unlock productivity while protecting data.
Symantec Discovers New Ransomware for Android

Researchers at Symantec have detected a new type of Ransomware that targets mobile devices, and comes masked as an Anti-virus application.
Online SAP Deployments Widely Susceptible to Attack

During his talk earlier this month at RSA Conference Asia Pacific 2013, Alexander Polyakov, CTO of ERPScan, disclosed that there are thousands of unpatched and thus insecure SAP deployments online today, all over the world.
Researcher to Demonstrate Hollywood Style Attack at BlackHat

A vulnerability researcher will be at Black Hat this summer with a presentation that will include a proof-of-concept attack against network surveillance cameras that is usually reserved for the movies.
Malicious Campaign Targeting Government Security News Hit Dozens of Sites

Government Security News, and more than 60 other sites were victimized by an attack attempted to infect visitors to the sites with malware.
Misplaced Security Confidence Keeping Organizations at Risk: McAfee

In a recent survey, out of 58% of the organizations that suffered a breach in the last year, only 24% of them said they recognized it within minutes.

SECURITYWEEK NETWORK:

Security Experts:

Steve Ragan

Recent articles by Steve Ragan

SecurityWeek Daily Briefing

Popular Topics

Security Community

Stay Intouch

About SecurityWeek