Editor's News

By Flashpoint Analysts Vitali Kremez, Paul Burbage, & Amina Bashir A crimeware kit dubbed the Rubella Macro Builder has recently been gaining popularity among members of a top-tier Russian hacking forum. Despite being relatively new and unsophisticated, the kit has a clear appeal for cybercriminals: it’s cheap, fast, and can defeat basic static antivirus detection. First offered for sale in late February for the relatively low price of $500 USD per month, the Rubella Macro...

Kaspersky Lab has published its report looking at botnet-assisted DDoS attacks for the first quarter of 2018. The company’s experts note an increase in activity by both old and new botnets, growth in the popularity of amplification DDoS attacks and the return of long-lasting (multi-day) DDoS attacks. In the first quarter of 2018, DDoS botnets attacked online resources in 81 countries. The countries experiencing the largest number of attacks were once again China, the US...

The Department for Work and Pensions is set to spend £14.73million to prepare for the EU’s incoming General Data Protection Regulation (GDPR). The spending will cover a programme of education and awareness activity for all staff, system remediation and a review of the existing records storage arrangements. The findings are contained in a new report from the Parliament Street think tank entitled GDPR: The Impact on Government, which was published yesterday. The policy paper examines the steps being taken by...

A new report by Cognizant’s Center for the Future of Work, Securing the Digital Future, reveals that, in the pursuit of digital transformation, organisations have overlooked one critical factor that could put all their transformation efforts - and even share prices- into jeopardy: cybersecurity. The research, which surveyed over 1,000 senior IT executives in 18 countries, found that only 9% of organisations have made cybersecurity a board-level priority. This is despite respondents acknowledging that digital...

Ever wondered what a DDoS attack sounds like? Well now is your chance to find out. In a new blog post, researchers from Imperva showcase of a recent project around the sonification of DDoS attacks. In the project, Imperva researchers turned web traffic into sound and transmitted the whole thing over internet radio, which to their surprise turned out to the very pleasant to the ear. In the project Imperva used shifts in volume to...

While many organisations are still in the early days of tearing down organisational silos to build DevOps teams and implementing continuous integration and continuous delivery (CI/CD) workflows, the benefits of streamlined, collaborative development approaches are clear: they enable organisations to bring more features and improvements to mar­ket faster. What is not so well understood is how application security is being includ­ed in these dynamic, fast-paced environments and how security testing tools and best practices must...

Global business value derived from artificial intelligence (AI) is projected to total $1.2 trillion in 2018, an increase of 70 per cent from 2017, according to Gartner, Inc. AI-derived business value is forecast to reach $3.9 trillion in 2022. The Gartner AI-derived business value forecast assesses the total business value of AI across all the organisation vertical sectors covered by Gartner. There are three different sources of AI business value: customer experience, new revenue, and...

In the wake of the Facebook and Cambridge Analytica data misuse, public attention around the importance of data privacy has been heightened. Yet, with only a month until the General Data Protection Regulation (GDPR) deadline comes into effect, 93 per cent of respondents to a new survey from business analytics leader SAS say they are not yet fully GDPR compliant. Less than half (49 per cent) of the global organisations surveyed reported that they expect to be compliant...

Companies risk falling foul of incoming GDPR regulations by relying on existing, piecemeal security measures, according to a new whitepaper published today by Aruba, a Hewlett Packard Enterprise company.   The majority of existing defences, which use pattern matching techniques to find threats, are unable to detect new attacks that use legitimate user credentials to access sensitive information, meaning that companies risk not be able to detect and report a breach within the 72 hours...

Since Mirai and its subsequent variants let the genie out of the bottle, DDoS attacks powered by the Internet of Things have become ubiquitous. As more and more IoT devices join the world’s networks – predicted by Gartner to be 24 billion by 2020 - so the potential for cybercriminals to recruit unsecured devices to botnets and wreak havoc through DDoS increases, and we see advanced multi-vector attacks that evolve in sophistication almost as fast...