PINDROP BLOG

Month: July 2017

July 31, 2017 | Dennis Fisher
At DEF CON, Hacking Humans Takes Center Stage
LAS VEGAS–The man sits on the edge of a chair in a tiny, soundproof plexiglass booth. Overhead lights give his face a harsh white-yellow cast and illuminate the sweat popping out on his close-shaved head. The walls of the booth press in as he glances down at a small notebook and nods to a man on the…
Read More →
July 31, 2017 | Dennis Fisher
Trickbot Adds New Worm Capability
Malware authors and cybercrime gangs, like professionals in legitimate fields, watch their competition closely and take what works and add it to their own arsenals. The latest evidence of this comes in the form of a new function added to the Trickbot banking trojan that allows it to spread in worm-like fashion using SMB. That…
Read More →
July 28, 2017
New Report Shows Depth of Data Breaches Is Worse Than Before
More than six billion consumer records have been compromised in data breaches in just the first six months of this year. That number is higher than the mark for all of 2016, more evidence that attackers are continuing to ramp up their efforts to steal sensitive data. A new report out this week from Risk…
Read More →
July 28, 2017 | Dennis Fisher
On the Wire Podcast: Black Hat
Black Hat 2017 was an adventure, as it always is, and to help make sense of it all, Dennis Fisher sat down with friends from across the security community for a long conversation. The discussion with Robert Hansen, Jessy Irwin, Jennifer Leggio of Flashpoint, Mike Mimoso of Threatpost, Patrick Gray of Risky Business, and Fahmida…
Read More →
July 27, 2017 | Dennis Fisher
To Disclose or Not to Disclose
LAS VEGAS–The people in the security community are good at many things, but reaching consensus is not one of them. That is never more clear than when the topic is vulnerabilities and how to handle them. The last year has seen the publication of a couple of studies on vulnerability discovery and disclosure and how…
Read More →
July 27, 2017 | Dennis Fisher
On the Wire Podcast: Ronnie Tokazowski
The takedown of the AlphaBay and Hansa dark web marketplaces by law enforcement last week marked a shift in the way that the authorities approach these operations. Dennis Fisher sat down with Ronnie Tokazowski of Flashpoint to talk about the new tactics law enforcement is using to go after these markets and how the security community is…
Read More →
July 27, 2017 | Dennis Fisher
Broadpwn Bug Allows Phone Takeover With One WiFi Probe Request
LAS VEGAS–The vulnerability in Broadcom WiFi chips running in many iPhones and Android devices that both Apple and Google patched recently could be triggered with a simple probe request from a mobile access point, giving the attacker full control of the victim’s device. The bug, known as Broadpwn, is about as powerful as they come for…
Read More →
July 26, 2017 | Dennis Fisher
Attackers Can Take Over Your Local Car Wash From the Internet
LAS VEGAS–Researchers are continuing to find new and interesting ways to demonstrate the fragility and poor security of IoT devices, and the latest test bed is your local car wash. A weakness in the design of the software that runs a large number of automated car washes in the U.S can allow a remote attacker…
Read More →
July 26, 2017 | Dennis Fisher
Facebook CSO: It’s Time to Focus on Real Problems
LAS VEGAS–The security community needs to get back to solving real problems facing real users in the real world, Facebook’s CSO said, and the company is putting up a million dollars to help do that. Alex Stamos, the top security official at Facebook, said security professionals are spending too much time focusing on elaborate hacks…
Read More →
July 25, 2017 | Dennis Fisher
On the Wire Podcast: Patrick Wardle
Malware for the macOS platform is still unusual enough that new variants often draw detailed analysis from researchers, especially when they seem to have unusual capabilities. That’s the case with Fruitfly, which first emerged earlier this year and was seen targeting medical research facilities. Recently, a new variant popped up and it appears to have…
Read More →
Webinar: TACKLING THE 113% FRAUD INCREASE IN CALL CENTERS