CDSA News

Cybercrime: A Black Market Price List From The Dark Web (Dark Reading)

There's no better lesson in the mechanics of a free market than watching a black market at work. And in this era of cybercrime, there may be no better observational laboratory of b... More

FBI Already Called in to Unlock Another Murder Case with an iPhone (Naked Security)

Nothing breeds success like success. In the recent FBI-versus-Apple court case (you know which one we mean), the US judiciary ordered Apple to cook up an iPhone backdoor to sid... More

U.S. Used Tactic from Apple Encryption Fight in 60 Other Phone-Unlocking Cases (The Guardian)

The US government has used the same legal tactic it deployed in its encryption fight with Apple in more than 60 other phone-unlocking cases, according to a tally by a privacy wat... More

Without Information Security Processes, You are Flying Blind (CSO)

The aim of the Security Analogies Project is to help spread the message of information security and its importance in the modern world. By drawing parallels between what people a... More

Weekend Vulnerability and Patch Report, April 3, 2016 (Citadel Information Group)

Important Security Updates AVG Free Edition: AVG has released version 2016.0.7538 of its 64 and 32 bit Free Edition. Updates are available on AVG’s website. Evernote: Everno... More

Crooks Steal, Sell Verizon Enterprise Customer Data (Krebs on Security)

Verizon Enterprise Solutions, a B2B unit of the telecommunications giant that gets called in to help Fortune 500’s respond to some of the world’s largest data breaches, is ree... More

Eight tips for preventing ransomware (Naked Security)

Chances are you know someone, or some organization, who has suffered a ransomware attack – it could be your local police department, a small business, big hospital, or someo... More

Even Security Experts Fail to Spot Phishing Emails, Finds Report (SC Magazine)

An online phishing quiz conducted by Intel Security found that 97 percent of people failed to correctly identify all of the sample emails in the test. Intel Security tested 19,000... More

Cyber Insurance: Why is Growth Stymied? (Bank Info Security)

A dearth of actuarial data stymies the growth of the cyber insurance market, industry experts told Congress at a March 22 hearing. "Unlike fire insurance, [cyber] insurers do not ... More

Gmail’s Encryption Warning Spurs 25% Increase in Encrypted Inbound Emails (The Verge)

Google’s efforts to keep users safe might be forcing other email providers to make better security decisions. In February, the company started flagging unencrypted emails, allo... More

iOS Forensics Expert’s Theory: FBI Will Hack Shooter’s Phone by Mirroring Storage (ARS Technica)

Jonathan Zdziarski, a leading independent Apple iOS security researcher and forensics expert, has a theory about the FBI's newly discovered potential route into the iPhone 5C use... More

F.B.I. Clash With Apple Loosed a Torrent of Possible Ways to Hack an iPhone (New York Times)

For weeks, the United States government has said that the only way to open an iPhone used by a gunman in a mass shooting was to get Apple’s help, a position that set off a cl... More

Certified Ethical Hacker Web Site Caught Spreading Crypto Ransomware (ARS Technica)

For the past few days, including during the hour that this post was being prepared on Thursday morning, a major security certification organization has been spreading TeslaCrypt m... More

Weekend Vulnerability and Patch Report, March 27, 2016 (Citadel Information Group)

Important Security Updates Adobe Flash Player: Adobe has released version 21.0.0.197 to fix a performance issue. Updates are available from Adobe’s website. Apple iOS: Apple... More

Keylogger Hijacks Key Business Email Accounts (Computer World)

A new email-based attack campaign is targeting key employees from companies in the U.S., Middle East and Asia with the goal of compromising their computers and email accounts. Thi... More

Watch Out Gamers: Steam Stealer Malware is up and Running (Hack Read)

According to the researchers at Kaspersky Lab, Steam Stealer has provided a happy hunting ground for all malicious hackers. The low cost of Steam Stealer makes it accessible for ... More

Stagefright Variant ‘Metaphor’ Puts Millions of Samsung, LG and HTC Phones at Risk (Threat Post)

Millions of Android users are at risk of a new Metaphor exploit that can take over Samsung, LG and HTC phones in under 20 seconds. The hack gives attackers access to the targeted p... More

Malvertising Campaign Strikes Top Web Sites Worldwide (ZD Net)

Popular websites across the world fell prey to a malicious advertising campaign which sent unwitting visitors to the Angler exploit kit which serves TeslaCrypt ransomware. A numbe... More

Time to Rethink Mandatory Password Changes (FTC)

Data security is a process that evolves over time as new threats emerge and new countermeasures are developed. The FTC’s longstanding advice to companies has been to conduct risk... More

Security Certifications: The Alphabet Soup of the Information Security Profession (Security Intelligence)

Today’s information security professional has never been in greater demand. Employers hunt for the best in hopes of luring them away from their current position. Oftentimes, th... More