SecurityWeek

An unpatched vulnerability in Google’s Chrome web browser can be exploited to easily download videos streamed from websites such as Amazon Prime Video and Netflix.

As the enterprise security function matures, two things act as the main driving forces on strategic priority. As security leaders shuffle resources, organize budgets and plan their roadmap they must think about efficiency and effectiveness. These two things shape strategy and drive the timely allocation of precious resources.

Memory Scraping Point-of-Sale Malware Infects Hard Rock Hotel & Casino Las Vegas...Again.

DHS Proposal Requests Visitors Provide Social Media Account Names

Ransomware has been always considered a fast and efficient means for cybercriminals to make money, and a recent analysis of the latest CryptXXX variant proves this once again.

Researchers at TrapX have observed several hospital attacks where malicious actors disguised their sophisticated tools as old pieces of malware in an effort to avoid detection.

There’s a new player in the ransomware segment that appears to have been created by the actor behind the Dridex Trojan and the Locky ransomware, researchers warn.

Enterprise Security Teams Must Think More About How to Reduce Big Data Into Real-time Answers

Ransomware authors use various techniques to encourage victims to pay a ransom, and the actors behind a new threat called MIRCOP are employing an unusual one: the ransom note claims that the victim stole 48.48 Bitcoins. 

The U.S. Internal Revenue Service (IRS) announced last week that it has decided to shut down the electronic filing PIN tool on its website after detecting more automated attacks.

A researcher has discovered a vulnerability that could have been exploited to easily delete any video on Facebook. The social media giant released a temporary fix within a couple of hours after learning of its existence.

During a recent investigation of Point of Sale terminals (PoS) in restaurants across the United States, PandaLabs researchers stumbled upon PunkeyPOS, a piece of malware designed to access credit card data.

Germany-based time and frequency synchronization solutions provider Meinberg has released firmware updates for several of its NTP time servers to address three high severity vulnerabilities.

PayPal has addressed a vulnerability that could have been exploited by hackers to insert malicious images into payment pages.

The number of organizations whose customers are targeted by the Android banking Trojan known as “Marcher” has increased considerably over the past period, but PhishLabs researchers said the latest samples they have analyzed don’t target the United States.

I am a very practical guy. While I do appreciate industry thought leadership and can appreciate a new framework in a sea of frameworks once in awhile, I tend to always drift towards what is practical, achievable, productive and sellable to my internal organization. In my former role as a CISO, these characteristics were critical.

Following a couple of weeks of relative silence, the Locky ransomware appears ready to storm unprotected computers once again, with a new infection campaign observed on Tuesday, the same day that the Necurs botnet became active once again.

Microsoft to Solve Document Cloud Compliance and Visibility Issues With Azure Information Protection