The stolen cards are part of a cache of five million accounts put up for sale on the Dark Web in mid-September.
Phishing Remains Top Cyberattack Vector in 2017
Employees are most often victims of spoofing and impersonation (67%).
Volumetric Attacks and the IoT Dominate DDoS Scene
Also, 75% of attacks employed blended, multi-vector approaches in Q2.
Federal Employees Overwhelmingly Support NIST CSF Mandate
Trump’s mandate for agencies to adopt the Obama-era Cybersecurity Framework is a hit among federal workers.
Police: Buying Fake Goods Online Can Lead to ID Theft
City of London Police says over 4,000 sites were created using stolen IDs
Advanced Package Management in Kali Linux
The Advanced Package Tool (APT) is how programs, libraries, documentation, and even the kernel itself are installed and managed on Kali and other Debian-based derivatives. APT often works so well that many users don’t pay any particular attention…
#ISC2Congress: FBI Calls for a Rational Non-Emotional Approach to Risk and Security
The information security industry needs to adopt rational models rather than emotional ones for risk management, according to the Deputy Assistant Director of the FBI, Donald Freese.
BankBot Resurfaces in Google Play with New Tricks
It calls itself Jewels Star Classic—in an effort to be conflated with a legitimate mobile game called simply Jewels Star.
Deloitte Hack Exposes Confidential Email for World’s Largest Companies—Report
The attackers hit the global email server via a hacked administrator account lacking two-factor authentication.
Hyperbole in Breach Reporting
While reading the news this morning about yet another successful data breach, I couldn’t help but wonder if the hyperbole used in reporting about data breaches is stifling our ability to educate key stakeholders on what they really need to know.
Today…