BeautifulPeople.com, you may remember, is a dating site that allows members to vote on hopeful enlistees based on their looks, ensuring that people who belong meet certain standards of both attractiveness and shallowness. It bills itself as “a dating site where existing members hold the key to the door.” Turns out, the site maybe should have put them in charge of server security, as well. The personal data of 1.1 million members is currently for sale on the black market, after hackers took it from an insecure database.
But the same security mistakes appear to be helping hackers steal data from cloud-based systems time and time again.
And it’s against that gloomy backdrop that a new report by the Cloud Security Alliance, “Identity Solutions: Security Beyond the Perimeter”, makes a worthwhile read.
The US has introduced a new tactic in its war against the Islamic State.
The Department of Defense's Cyber Command unit is mounting cyberattacks against the terrorist organization, the New York Times reported Sunday.
Cyberattacks are getting smarter and stealthier as criminals and nation states use a combination of complex techniques to evade detection. The accepted reality now is that traditional protection techniques that rely on static signatures – such as Anti-Virus (AV) – or take a narrow view and ignore vectors like fileless based attacks, are simply no match for today’s threat landscape. So where does this leave organisations trying to protect against new, ever evolving variants of malware or exploits?
Hackers behind the Bangladesh bank heist created malware to compromise the SWIFT financial system. Security researchers said the malware allowed attackers to modify a database logging the bank’s activity over the SWIFT network, to delete records of outgoing transfer orders and to intercept incoming transfer confirmation messages, and to manipulate both account balance logs and a printer used to make hard copies of the transfer orders.