• img February 22, 2018

Cryptojacking Attack Found on Los Angeles Times Website

A security researcher found Coinhive code hidden on a Los Angeles Times’ webpage that was secretly using visitors’ devices to mine cryptocurrency.   This post was originally published on https://threatpost.com/feed/. https://blacklakesecurity.com/cryptojacking-attack-found-on-los-angeles-times-website/

Read More
  • img February 22, 2018

Trend Micro fixes serious vulnerabilities in Email Encryption Gateway

Trend Micro has plugged a bucketload of vulnerabilities in its Email Encryption Gateway, some of which can be combined to execute root commands from the perspective of a remote unauthenticated attacker. The Trend Micro Encryption for Email Gateway (TMEEG) is a Linux-based software solution/virtual appliance that provides the ability to perform the encryption and decryption […]

Read More
  • img February 22, 2018

Intel releases Spectre 2 microcode updates for Kaby Lake, Coffee Lake, Skylake

Intel has released to OEMs a new set of Spectre firmware updates. They include microcode for Kaby Lake, Coffee Lake, and Skylake processors. “This represents our 6th, 7th, and 8th Generation Intel Core product lines as well as our latest Intel Core X-series processor family. It also includes our recently announced Intel Xeon Scalable and […]

Read More
  • img February 22, 2018

What if defenders could see the future? Many clues are out there

Malware sophistication is increasing as adversaries begin to weaponize cloud services and evade detection through encryption, used as a tool to conceal command-and-control activity. To reduce adversaries’ time to operate, security professionals said they will increasingly leverage and spend more on tools that use AI and machine learning, reported in the 11th Cisco 2018 Annual […]

Read More
  • img February 22, 2018

How organizations are confronting escalating third-party cyber risk

Based on in-depth interviews with security executives from 30 participating organizations across multiple industries, RiskRecon revealed how companies are managing the security risks of their complex digital supply chains and sensitive business partnerships. Researchers identified vendor-neutral capability sets comprising common, emerging, and pioneering practices that firms have implemented to manage third-party security risk. “Enterprise risk […]

Read More