Here’s an overview of some of last week’s most interesting news and articles:
751 domains hijacked to redirect visitors to exploit kit
An unknown attacker has managed to modify the name servers assigned to 751 domains, which resulted in some visitors to the hijacked domains being redirected to a site hosting the Rig Exploit Kit and delivering the Neutrino Bot.
Getting the most out of your SIEM investment
The challenge is SIEM systems are inherently reliant on human analysts to investigate and determine whether an event flagged by a rule merits any further investigation.
Swiss users targeted with Windows, macOS banking Trojan
Swiss users are once again hit with emails delivering banking malware, for both Windows and macOS systems. Trend Micro researchers believe the campaign to have been mounted by the threat actors behind Operation Emmental, who have been targeting users based in Switzerland for at least four years.
Exposed Verizon customer data could be a shortcut for hijacking many online accounts
Chris Vickery, director of cyber risk research at UpGuard, has discovered more sensitive information exposed on an unprotected “bucket” on an Amazon AWS server. This time it includes – among other things – the names, phone numbers, and account PINs of some 14 million Verizon customers.
Review: Acunetix 11
Acunetix is one of the biggest players in the web security arena. The European-based company released the first version of their product back in 2005, and thousands of clients around the globe use it to analyze the security of their web applications. They recently unveiled Acunetix version 11, so we’ve decided to take it for a spin.
Telegram-based Katyusha SQL injection scanner sold on hacker forums
SQL injection flaws are easy to detect and easy to exploit, and automated tools like the Katyusha Scanner make the first step of finding vulnerable websites even easier and less dependent on the attacker’s skill.
BEC scams: How to avoid them and how to fight back
Traditional security measures fall short of detecting these type of deceptive emails because they work by looking for known signs of bad behaviour instead for good behaviour.
Dark web market Alpha Bay was shut down by law enforcement
Dark web black market Alpha Bay went offline on June 5, leaving users to wonder whether its operators did it and ran off with their money. Reassurances that the market will be back online shortly rang hollow, and the Wall Street Journal revealed on Thursday that the market was shut down in a coordinated action by law enforcement agencies in the US, Canada, and Thailand.
How a museum protects some of the world’s finest pieces of art
After an internal audit revealed the limitations of Thyssen-Bornemisza Museum’s existing (analog) camera surveillance system, as well as a server that has been installed all of twenty years ago and a lack of a redundant data storage system, Miguel Angel Molina, the museum’s Security Manager, decided that the time has come for an upgrade.
Could e-discovery pros fill the insatiable demand for cybersecurity talent?
One niche subset of the legal technology community is not only ripe, but actively preparing for a career transition that sets them on a course toward a future in cybersecurity. These are e-discovery professionals.
EternalBlue vulnerability scanner statistics reveal there are exposed hosts worldwide
After the recent massive WannaCry ransomware campaign, Elad Erez, Director of Innovation at Imperva, was shocked at the number of systems that still sported the Microsoft Windows SMB Server vulnerabilities that made the attack possible. So, he decided to do something about it: he created Eternal Blues, an easy-to-use vulnerability scanner that he made available for download for free.
How Magecart attackers monetize stolen payment card info
Don’t let cybercrime hold your innovation to ransom
It’s no secret that innovation is vital to stay ahead of the competition. However, it cannot come at the expense of business continuity.
Constant availability: Mission-critical business data challenges
In today’s world, consumers expect businesses to be always-on, but 24/7/365 availability – for both data and applications – comes with specific information security challenges.
PoS malware hits food kiosks, steals payment card info
PoS malware can lurk in the most unexpected of places, and some have recently been found in the payment kiosks by US-based vendor Avanti, stealing payment card information.
Event-driven architecture to become essential skill
Because CEOs are focused on growth via digital business, CIOs should focus on defining an event-centric digital business strategy and articulate the business value of event-driven architecture.
UK executives badly informed about where data is stored compared to other countries
When it comes to data compliance matters, one in five business decision makers within the UK admit they do not know which compliance regulations their company is subject to, while a worrying number do not believe the forthcoming GDPR applies to them.
What will it take to improve the ICS patch process?
A patch might very well crash the system, and in the ICS/SCADA world reliability and uptime are the number one priority.
New infosec products of the week: July 14, 2017
A rundown of infosec products released last week.