In This Section


Category: Hacking

June 6, 2017
Hack the DHS Program Gets Support in the House
A Senate bill that would allow hackers to go after the networks at the Department of Homeland Security as part of a bug bounty program now has a companion piece of legislation in the House of Representatives. Last week, two senators introduced a bill that would create a pilot bug bounty program at DHS, similar…
Read More →
June 1, 2017
OneLogin Warns of Breach at U.S. Data Center
Security firm OneLogin, which provides single sign-on and other identity and authentication products, has suffered a data breach that it says likely affects all of its customers served by its data center in the United States. In an email sent to customers, the company said that customer data was possibly compromised, but it didn’t specify…
Read More →
May 31, 2017
You May Soon Be Able to Hack the DHS
A pair of senators wants to give hackers a chance to take a swing at the Department of Homeland Security’s networks and internal systems through a broad bug bounty program. A proposed bill introduced in the Senate Friday would build on the foundation of the Hack the Pentagon program that the Department of Defense ran…
Read More →
May 26, 2017
RoughTed Malvertising Campaign Bypasses Ad Blockers
A long-running, multi-faceted, malvertising campaign has been found using a technique that enables the sites involved to bypass the protections of ad blockers. Malvertising campaigns can take a lot of different forms and they often involve multiple layers of compromised or malicious sites and lots of redirections. Some campaigns are connected to malware operations and…
Read More →
May 25, 2017
Active-Defense Bill Now Allows Destruction of Data, Use of Beacon Tech
A bill that would allow victims of cybercrime to use active defense techniques to stop attacks and identify attackers has been amended to require victims to notify the FBI of their actions and also add an exemption to allow victims to destroy their data once they locate it on an attacker’s machine. The Active Cyber Defense…
Read More →
May 25, 2017
Serious Samba Flaw Threatens Networks
There is a severe, remotely exploitable vulnerability in many versions of the Samba software that has been siting unnoticed for seven years. The vulnerability is trivial to exploit and there is proof-of-concept exploit code available for it, making it even more dangerous. The Samba maintainers have released a patch for the flaw, and researchers are warning customer…
Read More →
May 24, 2017
DDoS Attacks Continue to Grow in Intensity, Shorten in Length
In a new report, Imperva researchers shed some light on how DDoS attacks are evolving and becoming at once more complex and briefer. In the first quarter of this year, 80 percent of all attacks lasted less than an hour with 90 percent of all network layer attacks lasting less than 30 minutes, compared to only 78 percent…
Read More →
May 23, 2017
Researchers Find Deeper Links Between WannaCry and Lazarus Group
The links between the WannaCry ransomware and the Lazarus group, which is believed to be responsible for several high-profile attacks, are deeper and more substantial than previously thought, according to new evidence unearthed by security researchers. The Lazarus group is a hacking team tied to North Korea that researchers have linked to a number of…
Read More →
May 22, 2017
Decryption Tools Help Turn Tide Against WannaCry
As the WannaCry ransomware campaign stretches on into its second week, researchers have had more and more success developing tools to help users decrypt the files on infected PCs. Last week, French researcher Adrien Guinet released a tool called Wannakey that could recover the private keys used to encrypt files on Windows XP machines. The…
Read More →
May 19, 2017
WannaCry is the Future of Ransomware
We knew this was coming. We’ve known for years that a ransomware attack on the scale of WannaCry was not just possible, but probable. What we didn’t know was that when it came it would involve a vulnerability discovered by the NSA, an exploit developed by the NSA, and a backdoor written by the NSA.…
Read More →
Introducing Pindrop® Express – Authenticate without compromise.