Have you heard about RITA? Real Intelligence Threat Analysis is a an open source tool – a framework, actually – aimed at helping organizations find malicious activity on their network.
Developed by Black Hills Information Security, RITA does not detect malicious activity through signatures, but mainly through statistical analysis.
Another former national security official has spoken out forcefully against the FBI's quest to get Apple to write code to unlock the iPhone 5c used by San Bernardino mass shooter Syed Farook. Richard Clarke served as the National Security Council's chief counter-terrorism advisor to three presidents (George H.W. Bush, Bill Clinton, and George W. Bush) before becoming George W. Bush's special advisor on cybersecurity.
Google doubled the bounty it will pay for a successful exploit of its Chromebook laptop to US$100,000, sweetening the pot in hopes of drawing more attention from security researchers.
The larger reward is intended for someone who finds a persistent compromise of a Chromebook in guest mode, according to Google's security blog on Monday.
Hackers using tactics and tools previously associated with Chinese government-supported computer network intrusions have joined the booming cyber crime industry of ransomware, four security firms that investigated attacks on U.S. companies said.
Ransomware, which involves encrypting a target's computer files and then demanding payment to unlock them, has generally been considered the domain of run-of-the-mill cyber criminals.
Authorities are looking into the activities of a former Ofcom employee that decided it would be a good idea to take his old employer's data and provide it to the new company that hired him.
Ofcom, or the Office of Communications, is Britain's regulatory and competition authority for the broadcasting, telecommunications and postal industries. Because of role and attribution, Ofcom gathers in-depth data about all broadcasting institutions operating in the UK, through regular inspections and self-submitted reports.
The man behind Team GhostShell — the hacker collective behind some of the biggest cyber attacks in recent memory, including attacks on the FBI, NASA and the Pentagon as well as a leak that saw 2.5 million Russian “government, educational, academic, political and law enforcement” accounts compromised — is ready to come clean and face the music.
User-friendly and secure. Hardly anyone would pick either word to describe the vast majority of wireless routers in use today. So naturally I was intrigued a year ago when I had the chance to pre-order a eero, a new WiFi system billed as easy-to-use, designed with security in mind, and able to dramatically extend the range of a wireless network without compromising speed. Here’s a brief review of the eero system I received and installed a week ago.
A patch for a critical Java flaw released by Oracle in 2013 is ineffective and can be easily bypassed, security researchers warn. This makes the vulnerability exploitable again, paving the way for attacks against PCs and servers running the latest versions of Java.
The flaw, tracked as CVE-2013-5838 in the Common Vulnerabilities and Exposures (CVE) database, was rated by Oracle 9.3 out of 10 using the Common Vulnerability Scoring System (CVSS). It can be exploited remotely, without authentication, to completely compromise a system's confidentiality, integrity and availability.
Staminus Communications Inc., a California-based Internet hosting provider that specializes in protecting customers from massive “distributed denial of service” (DDoS) attacks aimed at knocking sites offline, has itself apparently been massively hacked.
An anonymous reader allegedly quoting an email from Code.org, claims that the database of the non-profit organization has been breached:
