OTX Trends Part 1- Exploits

January 16, 2018 | Chris Doman
January 8, 2018 | Chris Doman

A North Korean Monero Cryptocurrency Miner

AlienVault labs recently analysed an application compiled on Christmas Eve 2017. It is an Installer for software to mine the Monero crypto-currency. Any mined currency is sent to Kim Il Sung University in Pyongyang, North Korea.The Installer copies a file named intelservice.exe to the system. The filename intelservice.exe is often associated with…

January 5, 2018 | Javvad Malik

Things I Hearted this Week 5th Jan 2018

The opening of movies sets the tone for the rest of the film. Within the first few minutes you usually get an idea of the characters, whether it's a slow suspense, a drama, or action flick.If the first few days of 2018 are any indication, the IT Security world has kicked off with a dizzying Michael Bay-esque opening action…

Get the latest security news in your inbox.

Subscribe via Email

January 4, 2018 | Kate Brew

What’s More Important, the Red Team or the Blue Team

I ran a poll before the holidays, to understand the InfoSec community's thoughts and attitudes on Red Teaming versus Blue Teaming a bit better. As you likely know, Red Teamers are those who non-maliciously "attack" a company, and Blue Teamers are the defenders. We've had some interesting blogs on this topic, and for a very positive…

January 3, 2018 | Mike Duffy

Fileless Attacks are Driving Up Security Complexity & Costs

If you feel like it’s getting harder and more expensive to protect your company from cyber attacks, you’re not alone. From streamlined startups to global enterprises, organizations in every industry are feeling the crunch as the threats they’re facing rapidly evolve.The Ponemon Institute’s 2017 State of Endpoint Security Risk report provides a…

January 2, 2018 | Javvad Malik

I Am Dave

This cartoon has been making the rounds on the internet for a long time. It depicts how all security technologies and efforts can be undone by “Dave” the ‘stupid user’. I can’t think of many (well no) real industries that treat their users, peers, and customers with the same level of disdain.Imagine…

December 29, 2017 | Javvad Malik

Things I Hearted this Week – 29th December 2017

And here we are, the last week of 2017! Congratulations for making it through and thank you for sticking with us. I really enjoy pulling together these weekly recaps, and I hope you enjoy them and find them informative.This week has been a quiet week as people seem to be in constant limbo as to whether they should be working…

December 27, 2017 | Dane Boyd

Why Healthcare Security Awareness Training Doesn’t Work (And What to Do About It)

The last five years have seen a meteoric rise in the number of cyberattacks targeting healthcare organizations.Why? Because healthcare organizations boast some of the lowest security budgets of any industry, and personal healthcare records are worth a fortune on the dark web.Don’t believe me? Try this: Threats actors can make between $285,000 - $1.7 million from a single…

December 22, 2017 | Javvad Malik

Things I Hearted this Week 22nd December 2017

But we’ve always done (in)security this wayBeing an operator for the Twitter account for any large brand can be challenging and tough at the best of times. But it can be even more so when faced with security questions.When security experts on Twitter questioned NatWest_help why the homepage wasn’t secure the Bank…

December 20, 2017 | CryptoCypher

Building Personal Brand: From One InfoSec Student to Another

Finding employment opportunities as a student is challenging, this is no new fact. Students are consistently facing troubles with seeking internships and co-op opportunities. I myself am a student, and I have found a solution that has been seemingly effective for career development thus far: personal branding. Personal branding helps students compensate for the work experience that we just haven…

December 19, 2017 | Bob Covello

My Password Pal

“Sorry pal, my password is Spring2017. Deal with it.”Someone said those words to me the other day.  As an InfoSec professional, I’ve have grown accustomed to this type of indignant proclamation.  My jaw no longer drops to the table anymore when I hear folks speaking this way, but I still have trouble…

December 18, 2017 | Laureen Hudson

Agile Development, Agile Documentation

I remember when software documentation was linear and waterfall. No, really.Those were the days. Software was architected, designed, coded, the code was frozen… (I can totally hear you laughing from there. Shhhhh), and then it was documented. You’d buy disks, in boxes, with actual books included. Printed. On paper.…and then we had to spend…

December 15, 2017 | Javvad Malik

Things I Hearted This Week 15th December 2017

Continuing the trend from last week, I’ll continue trying to put a positive spin on the week’s security news.Why? I hear you ask. Well, I’ve been mulling over the whole optimist thing, and glass half full analogy and it does work wonders. Side note, a tweet about half full / empty glasses and infosec…

Watch a Demo ›