One of England’s biggest police forces has revealed that more than one in five of its computers runs on Windows XP.
The popular PC cleanup tool, CCleaner has been hijacked by hackers in the latest widespread malware attack. The hack, identified by security researchers at Cisco Talos, found that anyone who downloaded or updated the CCleaner app between mid-August to mid-September also potentially downloaded malware without realising.
The credit monitoring company Equifax has revealed a breach exposed the personal details of up to 143 million Americans.
A recent survey conducted by the Financial Times (FT) revealed that just four FTSE 100 companies had board members under the age of 40. Though perhaps this is unsurprising when we think about a traditional corporate hierarchy, the implications of an older board that does not have the digital threat landscape at the top of their agenda could result in a security headache.
Just like Thanksgiving and Christmas, Black Friday and the subsequent Cyber Monday have firmly established themselves in the US calendar. With online retailers having worldwide reach we are also seeing Black Friday and Cyber Monday being adopted by retailers around the globe. With huge savings to be made and shoppers swept up in the frenzy of the holiday season it is also a prime time for cybercrime.
During August members of the InfoSec community leave the comfort of their ergonomic desks and head out into the Nevada desert on a spiritual pilgrimage to Las Vegas. This mass movement is no coincidence, the draw is clear with Black Hat, DEF CON, BSides Vegas and the Star Trek Convention all occurring within a week. If you have an interest in offensive security, protecting data or ensuring your car cannot be remotely hijacked, Las Vegas is the place to be in August.
Time and time again, we see that traditional defenses have failed to stop cyber attacks. According to Gartner, 40% of businesses say they have battled attempts to shut down their network and delete files, such as the recent attack on a French TV station.
Malware is an ever evolving field and as such security should be seen as a journey not a destination. One of the latest malware evolutions is the practice of Malvertising where attackers place malicious content in seemingly innocent adverts. When the user views the page the advert is loaded and the malware attempts to exploit the machine.
Just like fashion, malware goes through trends and comebacks, so let's take a look at what's 'in' this season. Anyone involved in IT in the 1990's will remember a few things; plaid shirts, floppy disks and macro viruses. Although I can't envisage the former two making a comeback any time soon, macros are definitely back on the InfoSec agenda, something Microsoft has been highlighting recently.
The InfoSec community has gone into overdrive in the last few days dealing with the 'Shellshock' bug. There is good reason for this, millions of systems around the globe are vulnerable to this bug which lets attackers run code on that system.