Cybercriminals are becoming more specialized as they try to extract the maximum value out of email account compromises, a new report by researchers at UC Berkeley and the security firm Barracuda Networks has found.
Hacks & Hackers
Episode 176: Security Alarms in Census II Open Source Audit. Also: The New Face of Insider Threats with Code42
Joe Payne the CEO of Code42 joins us to talk about how the challenge of data breach prevention is changing. And: we do a deep dive on the recent Census II audit of open source.
Spotlight Podcast: Breaking Bad Password Habits to Fight Advanced Threats
In this Spotlight edition of the Security Ledger podcast, Rachel Stockton of LastPass * joins us to discuss the myriad of challenges facing companies trying to secure users’ online activities, and simple solutions for busting insecure user behaviors to address threats like phishing, account takeover and more.
Firm Uncovers Major Cyber-Espionage Campaign Against Telcos
The security firm Cybereason has uncovered a persistent cyber espionage attack on telecommunications companies worldwide to steal data on high-profile users and then spy on them.
U.S. Customs Data Breach Is Latest 3rd-Party Risk, Privacy Disaster
A data breach of information belonging to the U.S. Customs and Border Patrol (CBP) that leaked photos of people and vehicles traveling over the United States border once again shows the risk associated with third-party access to sensitive or classified information. The breach–the result of a cyber attack on a third-party contractor who collected the images for the CBP–also raises issues of privacy and how much control and access should the government have over personally identifiable information, security experts said. News of the data leak broke widely on Monday, but CBP said said it actually occurred earlier. In an e-mail to Security Ledger, the agency said that on May 31, a subcontractor–revealed in reports to be Perceptics–transferred copies of license plate images and traveler images collected by CBP to the its company network without government knowledge or permission. Perceptics was soon after hit with a “malicious cyber-attack” that resulted in […]
