You are viewing 'Security breach'

Hack the Vote

Chris Camejo

October 18, 2016 - Posted by Chris Camejo to Security Insight


The news has been rife with headlines about voting hacks, with the FBI revealing that state voter registration databases have been compromised and warning of ongoing attacks. Meanwhile, one of the major parties has already suffered two known breaches and WikiLeaks continues to post Clinton campaign emails on a regular basis. So far, signs are pointing to operators inside Russia as the culprits for all of the above.

Many of us in the information security... read more >

The SERT Q3 2015 Threat Report Overview

A look inside the Ashley Madison breach dump, and deploying a botnet from the attacker’s PoV

Jon-Louis Heimerl

October 29, 2015 - Posted by Jon-Louis Heimerl to Threat Intelligence

Q3 '15 Threat Report banner

The Solutionary Security Engineering Research Team (SERT) released its Q3 2015 Threat Report today.

As the source of 68% of all detected attacks and 51% of all detected malware, the United States is once again the most hostile source of cyberattacks. As we’ve seen in the past, this does not mean that the attackers are within the U.S., but they are using U.S. sites as their launching pads. The jump in reconnaissance activity seen in Q2 15 probably contributed to a 42% increase in cyberattacks during Q3. Detected malware, on the other hand, dropped by nearly 40% from what was seen during Q2 15. Malware detection and trends continue to vary widely from quarter to quarter, but one interesting trend is that the four top sources of malware accounted for 96% of all malware detected during Q3.

Yes, detected malware is down. That is, except for detected command and control... read more >

There’s No Hacking in Baseball

The first known, reported account of hacking in professional sports

Joseph (JB) Blankenship

June 16, 2015 - Posted by Joseph (JB) Blankenship to Security Insight

Baseball Hack

One Major League team hacked another one for competitive gain? Say it ain’t so, Joe.

Teams have often tried to steal the other team’s signs during a game to predict a play or a pitch. This has been part of baseball since its earliest days. Now, it seems that a team may have taken it to a new level. Corporate espionage may now be part of our national pastime.

It looks as if the first known instance of one professional sports team hacking another has been reported. According to a NY Times report, the St. Louis Cardinals are facing an F.B.I. inquiry due to the alleged hacking of the Houston Astros.

On June 16, 2015, the NY Times reported:

Investigators have uncovered evidence that Cardinals officials broke into a network of the Houston Astros that housed special databases the team had built,... read more >

What Will 2015 Mean for IT Security?

2015: Year of the ___?

Joseph (JB) Blankenship

January 06, 2015 - Posted by Joseph (JB) Blankenship to Security Insight

IT Security 2015

2014 is behind us. Depending on your perspective, 2014 is either known as “The Year of the Data Breach” or the “Year of the Undisclosed Vulnerability.”

According to the Identity Theft Resource Center, there were 761 breaches reported in the U.S. during 2014, with over 83 million records exposed in 2014 (as of December 23, 2014). This is an increase of over 25% over the same timeframe in 2013.

With the seemingly never-ending data breach announcements, the general public has started taking a “so what, it's just another data breach” kind of attitude about data breaches. It’s as if there is now almost an expectation that your data will end up in the... read more >

Understanding the Techniques for Social Engineering

A List of Do's and Don'ts

Brent White

October 21, 2014 - Posted by Brent White to Security Insight

social engineering

This blog was co-written by Solutionary Professional Security Services Consultants Brent White and Tim Roberts.

Employees return from lunch and swipe their badges across proximity readers at the main entrance and the side door leading from the smoking area. The chatter of multiple conversations via mobile and in-person merges with the oh-so-familiar beeps, accompanied by the green (or was it red) light and the routine motions of “badging in” is just that... routine.

The hacker observes discretely. He identifies the vulnerability. Adopting the guise of an employee, he raises his smartphone to his head and joins the line of tailgaters. He exploits the vulnerability.

The above scenario is constantly used by penetration testers, security consultants, disgruntled and... read more >

1 | 2 | 3 | 4 | 5 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)