Avoiding Video Background Snafus: How to Hold Safe Meetings Online

Zoom mishaps have provided us with much comic relief while we’re trying to adjust to safe meetings online. We’ll never forget the lawyer who wasn’t really a cat and the boss who was a potato. Zoom backgrounds weren’t left out of the fun either. They gave us laughs, like the student who used Danny DeVito’s […]

The post Avoiding Video Background Snafus: How to Hold Safe Meetings Online appeared first on Security Intelligence.

Continue reading Avoiding Video Background Snafus: How to Hold Safe Meetings Online

Social Engineering: How to Keep Security Researchers Safe

Attacking the very people who work on stopping threat actors may seem like a bad idea. But some threat groups do go after people who’ve made a career doing vulnerability research. We’ll take a look at a recent social engineering attack campaign targeted at cyber defense experts. How can you and your employees avoid falling […]

The post Social Engineering: How to Keep Security Researchers Safe appeared first on Security Intelligence.

Continue reading Social Engineering: How to Keep Security Researchers Safe

What is Ghimob Malware?

A new Android malware strain ‘Ghimob’ is mimicking third-party mobile (mainly banking) apps to spy and steal user data when downloaded and installed. This Trojan virus steals data from users, primarily targeting online banking and cryptocurrency. As of the end of 2020, it is believed to siphon data from more than 153 apps by asking […]

The post What is Ghimob Malware? appeared first on Security Intelligence.

Continue reading What is Ghimob Malware?

Health Care Ransomware Strains Have Hospitals in the Crosshairs

The language of digital attacks shares a lot with the language of disease: ‘viruses’ ‘infect’ computers, and stopping their spread can be like trying to keep down a contagious disease. The two worlds also come together when threat actors attack using health care ransomware. When every minute could change the fate of a patient, preventing […]

The post Health Care Ransomware Strains Have Hospitals in the Crosshairs appeared first on Security Intelligence.

Continue reading Health Care Ransomware Strains Have Hospitals in the Crosshairs

Wake Me Up Before You Know Know … About the Latest Third-Party Data Breach

“It has gotten to the point, unfortunately, where they are so frequent and common these days, that it’s like, here we go again,” Christopher Sitter says when I asked him about the prospect of a third-party data breach. Sitter is the senior director of information security at Juniper Networks. He manages all things incident response-related — […]

The post Wake Me Up Before You Know Know … About the Latest Third-Party Data Breach appeared first on Security Intelligence.

Continue reading Wake Me Up Before You Know Know … About the Latest Third-Party Data Breach

Using the Threat Modeling Manifesto to Get Your Team Going

Secure software development requires a ‘shift left’ — paying attention to security and privacy early in the life cycle. Threat modeling is a very useful activity for achieving this goal, but for a variety of reasons, organizations struggle to introduce it. Last year, a group of industry and academy experts got together with the goal […]

The post Using the Threat Modeling Manifesto to Get Your Team Going appeared first on Security Intelligence.

Continue reading Using the Threat Modeling Manifesto to Get Your Team Going

A Look at HTTP Parameter Pollution and How To Prevent It

With HTTP Parameter Pollution (HPP) attacks, threat actors can hide scripts and processes in URLs. First discovered in 1999, this technique can also allow threat actors to pollute the parameters in the URL and the request body. This could lead to behavior changes in the app, such as cross-site scripting, privilege changes or granting unwanted […]

The post A Look at HTTP Parameter Pollution and How To Prevent It appeared first on Security Intelligence.

Continue reading A Look at HTTP Parameter Pollution and How To Prevent It

QR Code Security: What You Need to Know Today

QR codes are very common today, enough so that attackers are discovering ways of using them for profit. How can QR codes be used this way, and what can you do to boost QR code security and protect against these scams? What Are QR Codes Used For?  QR codes — short for “quick response codes” […]

The post QR Code Security: What You Need to Know Today appeared first on Security Intelligence.

Continue reading QR Code Security: What You Need to Know Today

E-Commerce Skimming is the New POS Malware

As the holiday shopping season shifts into high gear, the COVID-19 pandemic is accelerating an ongoing trend: shoppers are opting to buy online. Rather than flooding brick-and-mortar stores — and point-of-sale (POS) machines — with sales, studies suggest a high percentage of shoppers in 2020 will be using online options and e-commerce checkout pages. And, those checkout […]

The post E-Commerce Skimming is the New POS Malware appeared first on Security Intelligence.

Continue reading E-Commerce Skimming is the New POS Malware

Shadow IT: Addressing the Risks in Remote Work Environments

Shadow IT can cause big problems for cybersecurity. The trouble is in the name: these connections exist in the shadows outside of IT (information technology) and security personnel’s knowledge. So, what can IT leaders do to address it in a time of growing remote workforces? What is Shadow IT? Shadow IT consists of information technology […]

The post Shadow IT: Addressing the Risks in Remote Work Environments appeared first on Security Intelligence.

Continue reading Shadow IT: Addressing the Risks in Remote Work Environments