SecurityWeek

What is the point of analysis anyway?  Perhaps this sounds like a bit of a shocking or radical question, but I’d argue that it is one that sorely needs to be asked -- and answered.  What do I mean by that?  Allow me to elaborate.

Trend Micro said that it recently analyzed a cyber attack that used a remote access Trojan (RAT) known as Lost Door." While Lost Door is not new malware, it easily customizable and consequently "can be hard to detect and protect against, posing a challenge to IT administrators."

Researchers at Palo Alto Networks have come across a new malware family that appears to have been used by an Iran-based threat actor in targeted espionage operations since 2007.

Researchers have discovered several vulnerabilities in the popular image processing suite ImageMagick, including a serious remote code execution flaw that has been exploited in the wild.

"Bozkurt Hackers" Behind Qatar National Bank Breach Could Leak Data From Second Bank

Mike Hanley, Director of Duo Labs at Duo Security, joins Ryan Naraine on the podcast to talk about the state of security in the healthcare sector and why hospitals are such a prime target for ransomware attacks.

The OpenSSL Project released on Tuesday versions 1.0.2h and 1.0.1t to patch several vulnerabilities that can be exploited for denial-of-service (DoS) attacks, arbitrary code execution and traffic decryption.

Microsoft is speeding ahead with plans to deprecate support for older SHA1-based certificates in the upcoming Windows 10 Anniversary Update due this summer.

Lansing Board of Water & Light Hit By Ransomware Attack

A team of researchers from the University of Michigan and Microsoft conducted an analysis of a smart home platform from Samsung-owned SmartThings and discovered vulnerabilities that could be exploited for remote attacks. SmartThings says it has taken steps to address the flaws, but downplayed the risk.

Largest and Longest Running ICS Cyber Security Conference Opens Registration for 2016 Event

Unless you’ve just awakened from a multi-year coma, you know all about the growth in cybercrime. It’s not just the crime that’s exploding—so is board awareness, technology investment, proactive intelligence gathering, news coverage, conferences and more.  But one of the fastest growing trends in cyber crime seems to be the adoption of mythical names. 

Nikita Kuzmin, a 28-year-old Russian national who created the notorious Gozi banking Trojan, has been sentenced to time served and ordered to pay nearly $7 million.

Google’s May 2016 security update for the Android operating system patches a total of 40 vulnerabilities, including many rated critical and high severity.

The world of virtual currencies was stunned Monday when Australian entrepreneur Craig Wright claimed to be the creator of the Bitcoin.

Paris-based start-up Sqreen announced that it has raised a $2.3 million seed round to ship app 'protection-as-a-service'. This service "provides every developer a simple way to get the security their applications deserve," the company says.

Researchers from Fox-IT have discovered a new attack vector for ransomware aimed at the enterprise. The attack itself is not new, but the combination of this attack combined with persistence and network analysis prior to activating the ransom is new to Fox-IT.

A serious vulnerability found in PwnedList could have been exploited to gain access to millions of account credentials collected by the service.

London - Australian entrepreneur Craig Wright on Monday identified himself as the creator of Bitcoin following years of speculation about who invented the pioneering digital currency. Wright was named by three media outlets -- the BBC, The Economist and GQ magazine -- and posted a blog on his website.

CERT/CC has published an advisory detailing the vulnerabilities uncovered by a researcher in February while trying to find security holes in one of Facebook’s servers.