Posted by Trevan Marden on Oct 20, 2017

Grab your coffee and read up on today's top information security stories and articles from around the web:

• FBI to DDoS Victims: Please Come Forward - Data Breach Today
• DMARC Not Implemented by Most Federal Agencies: Report- SecurityWeek
• Employees Sue Home Health Provider After Phishing Breach - Bank Info Security
• Locky Ransomware Spam Infects via Microsoft Office - Healthcare Info Security

Posted by Trevan Marden on Oct 19, 2017

Grab your coffee and read up on today's top information security stories and articles from around the web:

• Anatomy of a spambot - ComputerWorld
• No Patches for Vulnerabilities in Linksys Wireless Routers - SecurityWeek
• DOJ examines controversial new 'hack back' bill - CyberScoop

Posted by Trevan Marden on Oct 18, 2017

Grab your coffee and read up on today's top information security stories and articles from around the web:

• Google's Advanced Protection helps high-risk internet users - cnet
• Researchers Say Faulty Code Jeopardizes Encryption Keys - Data Breach Today
• DHS Imposes Email Security Measures on Federal Agencies - Data Breach Today
• Microsoft already published a KRACK fix, Apple and Google are working on it - TechCrunch
• Clinic Pays Ransom After Backups Encrypted in Attack - Data Breach Today

Posted by Trevan Marden on Oct 17, 2017

Grab your coffee and read up on today's top information security stories and articles from around the web:

• What You Should Know About the ‘KRACK’ WiFi Security Weakness - Krebs on Security
• Serious Crypto-Flaw Lets Hackers Recover Private RSA Keys Used in Billions of Devices - The Hacker News
• Blood Test Results Exposed in Cloud Repository - Data Breach Today

Posted by Neil Weitzel on Oct 16, 2017

Chances are the content of this article traversed some wireless network prior to being displayed on the device you are using (or prior to being printed out for you hard copy purists).  However, today we learned the WPA2 (WiFi Protected Access II), is vulnerable to key reinstallation attacks.  For the past 14 years, WPA2 has been considered the industry standard for maintaining a secure wireless network for personal and enterprise connectivity. What makes this newly released vulnerability different than the recent security headlines is this attack is not leveraging unpatched software or a company’s implementation of technology.  This attack actually exposes flaws in the protocol specification (standard) itself; meaning all implementations of the standard are (likely) also vulnerable.

Posted by Trevan Marden on Oct 16, 2017

Grab your coffee and read up on today's top information security stories and articles from around the web:

• Severe WiFi security flaw puts millions of devices at risk - Engadget
• WiFi Security Shredded via KRACK Attack - BankInfoSecurity
• Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping - Ars Technica
• Mobile phone companies appear to be providing your number and location to anyone who pays - TechCrunch
• Payment Cards Stolen in Pizza Hut Website Hack - SecurityWeek

Posted by Trevan Marden on Oct 13, 2017

Grab your coffee and read up on today's top information security stories and articles from around the web:

• IRS reportedly suspends $7.2 million Equifax contract - cnet
• Equifax Credit Assistance Site Served Spyware - Krebs on Security
• Equifax rival TransUnion also sends site visitors to malicious pages - Ars Technica
• Klobuchar urges DHS to ensure no Kaspersky software is on U.S. election systems - CyberScoop
• Hyatt Hotels Suffers International Payment Card Data Breach - Healthcare Info Security

Posted by Trevan Marden on Oct 12, 2017

Grab your coffee and read up on today's top information security stories and articles from around the web:

• Impersonating iOS Password Prompts - Schneier on Security
• Equifax website hacked again, this time to redirect to fake Flash update - Ars Technica
• T-Mobile customer data plundered thanks to bad API - Ars Technica
• North Korean Threat Actors Probe US Electric Companies - DarkReading

Posted by Trevan Marden on Oct 11, 2017

Grab your coffee and read up on today's top information security stories and articles from around the web:

• Equifax Hackers Stole Info on 693,665 UK Residents - Krebs on Security
• Equifax hack included nearly 11 million US driver’s licenses - TechCrunch
• Trump’s DOJ tries to rebrand weakened encryption as “responsible encryption” - Ars Technica
• Microsoft Patches Office Zero-Day Used to Deliver Malware - SecurityWeek

Posted by Trevan Marden on Oct 10, 2017

Grab your coffee and read up on today's top information security stories and articles from around the web:

• SiteLock: Website Attacks Surged 186% in Q2 - DarkReading
• Changes in Password Best Practices - Schneier on Security
• Hey Alexa – Show Me Whitelisted Malware - InfoSec Island
• Shadow cloud apps pose unseen risks - CSO