%term

Deobfuscating a Malicious Word Document

Jan 5, 2021 By Nicolas Mohnblatt In ThreatSpike

Visual Basic (VB) and its derivatives – VBA and VBScript – are common attack vectors when targeting Windows systems. These languages allow users and attackers alike to complete security-sensitive tasks such as accessing the internet, running command-line instructions and editing the Registry.

Read Post

ThreatSpike

Read more about Deobfuscating a Malicious Word Document

Why are mobile devices so attractive for scammers?

Jan 5, 2021 By Lookout In Lookout

Bad guys attack your tablets and smartphones because they hold very sensitive data from our personal lives and from work. Aaron Cockerill and Mike Banic from Lookout talk about why its so lucrative for attackers to send phishing messages to your mobile devices.

View Video

Lookout

Read more about Why are mobile devices so attractive for scammers?

Productivity app users are more likely to be phished. Why?

Jan 5, 2021 By Lookout In Lookout

We're all very accustomed to sharing Office 365 or Google Workspace content with each other. Watch Aaron Cockerill and Mike Banic of Lookout discuss why this makes us more vulnerable to phishing.

View Video

Lookout

Read more about Productivity app users are more likely to be phished. Why?

SolarWinds Orion API LFI

Jan 5, 2021 By Cyberint Research In Cyberint

Supplementing the SolarWinds Security Bulletin released in mid-December 2020, detailing a suspected nation-state threat actor introducing a backdoor into SolarWinds Orion versions 2019.4 HF5, 2020.2 and 2020.2 HF1, this bulletin provides an update based on recent observations in late December 2020 and early January 2021.

Read Post

Cyberint

Read more about SolarWinds Orion API LFI

NIST SP 800-128 - Because Patching May Never Fix Your Hidden Flaws

Jan 5, 2021 By Bob Covello In Tripwire

Over the last few years, the idea of patching systems to correct flaws has graduated from an annoying business disruption to a top priority. With all of the notorious vulnerabilities that can wreak total havoc, the time it takes to patch becomes a minor inconvenience when weighed against both the technical challenges and possible regulatory penalties of not patching.

Read Post

Tripwire

Read more about NIST SP 800-128 - Because Patching May Never Fix Your Hidden Flaws

Why is mobile anti-phishing so difficult?

Jan 5, 2021 By Lookout In Lookout

Aaron Cockerill and Mike Banic of Lookout talks about how Lookout overcomes mobile-specific challenges to provide a comprehensive anti-phishing solution.

View Video

Lookout

Read more about Why is mobile anti-phishing so difficult?

Mobile interface make it easy scammers to phish you

Jan 5, 2021 By Lookout In Lookout

With a smaller screen, developers are forced to create simplified interfaces on your tablets and smartphones. But this also makes it easy for scammers to hide telltale signs of a phishing link. Aaron Cockerill and Mike Banic of Lookout talks about why we're more vulnerable to phishing when using a mobile device.

View Video

Lookout

Read more about Mobile interface make it easy scammers to phish you

Key Elements of a Cybersecurity Strategy

Jan 5, 2021 By Tripwire In Tripwire

The Verizon Payment Security Report is a must-read for data security professionals, and the 2020 report is no exception. The theme of this year's report is 'Strategy.' In this quick video, Tripwire's Sr. Manager of R&D Anthony Israel-Davis digs a little deeper into the overarching theme—what strategy means when it comes to cybersecurity.

View Video

Tripwire

Security

Read more about Key Elements of a Cybersecurity Strategy

Phishing discovers phishing campaign targeting mobile banking users

Jan 5, 2021 By Lookout In Lookout

On Feb. 14, 2020, Lookout Phishing AI discovered a phishing campaign targeting customers via SMS messaging to lure them to fake websites of well-known Canadian and American banks.

View Video

Lookout

Read more about Phishing discovers phishing campaign targeting mobile banking users

Automation Made Easy: What's New with Splunk Phantom

Jan 5, 2021 By Olivia Courtney In Splunk

The Splunk Security Team is excited to share some of the new and enhanced capabilities of Splunk Phantom, Splunk’s security orchestration, automation and response (SOAR) technology. Phantom’s latest update (v4.10) makes automation implementation, operation and scaling easier than ever for your security team.

Read Post