Understanding the Primary Threats and Security Concerns to Container Environments

Regular readers of The State of Security should now have a general understanding of why organizations need security for their containers. But they still might be a bit fuzzy on the specifics. In particular, they might still be unclear on the types of threats they need to address as well ... Read More
Greenwich University Fined £120,000 by ICO for “Serious” Security Breach

Greenwich University Fined £120,000 by ICO for “Serious” Security Breach

The Information Commissioner’s Office (ICO) fined the University of Greenwich £120,000 for a “serious” security breach of personal data. On 21 May, the United Kingdom’s Information Commissioner announced the fine. It’s the first time the ICO has levied such a penalty against a university under the Data Protection Act 1998 ... Read More
PCI DSS Version 3.2.1 Published by PCI Security Standards Council

PCI DSS Version 3.2.1 Published by PCI Security Standards Council

The Payment Card Industry Security Standards Council (PCI SSC) published a minor revision to version 3.2 of its Data Security Standard (PCI DSS). On 17 May, PCI SSC published PCI DSS version 3.2.1. The purpose of the update was to clarify organizations’ use of the Standard and when they would ... Read More

5 Common DevOps Transition Mistakes to Avoid

When transitioning to a DevOps model, organizations must remember that people are essential to a successful switchover. It’s people who must learn new workflows, collaboration techniques, and tools during the move. This process will cause at least some disruption over a period as long as two years. Needless to say, ... Read More
Malware Actors Targeting North Korean Defectors Using Facebook and Google Play

Malware Actors Targeting North Korean Defectors Using Facebook and Google Play

Security researchers found that hackers are using both Google Play and Facebook to actively target North Korean defectors with malware capable of stealing their information. McAfee Mobile Research Team discovered that the Sun Team hacking group is using Facebook to share links with North Korean defectors. At the time of ... Read More
Federal Jury Convicts Operator of “Scan4You” Counter Antivirus Service

Federal Jury Convicts Operator of “Scan4You” Counter Antivirus Service

A federal jury convicted one of the digital criminals responsible for operating the notorious “Scan4You” counter antivirus (CAV) service. On 16 May, the Department of Justice released a press release announcing a Virginia federal jury’s conviction of Ruslans Bondars, 37, on one count of conspiracy to commit wire fraud, one ... Read More
Cryptojacking Affected a Quarter of Organizations in the Cloud, Finds Report

Cryptojacking Affected a Quarter of Organizations in the Cloud, Finds Report

Cryptojacking attacks affected a quarter of organizations in their cloud environments, found a recent cloud security report. In RedLock’s Cloud Security Trends, researchers with the security firm’s Cloud Security Intelligence (CSI) team discovered that 25 percent of organizations had suffered cryptojacking incidents in the cloud. This rate marked a 300 ... Read More

Signal Patches Code Injection Bug that Enabled Remote Code Execution

Signal patched a code injection vulnerability that by some means of exploitation enabled attackers to achieve remote code execution. The security team for the encrypted communications app, a program which has been available for both Android and iOS since November 2015, published a fix for the bug just hours after ... Read More

The FBI’s 10 Most-Wanted Black-Hat Hackers – #5, #4 and #3

This week in Tripwire’s countdown of the FBI’s 10 most-wanted black-hat hackers, we name three hackers bound together in digital crime: Wen Xinyu, Huang Zhenyu and Sun Kailiang. The suspects made headlines in May 2014 when the United States Department of Justice indicted five suspected Chinese nationals for allegedly committing ... Read More

Chili’s Restaurants Suffered Payment Card Data Security Incident

Some Chili’s restaurant locations suffered a data security incident that might have compromised customers’ payment card details. Brinker International, a Dallas-based multinational hospitality industry company which operates 1,600 Chili’s restaurants, said it learned of the incident on 11 May. It provided additional details about the event in a press release: ... Read More
Loading...