CDSA News
Who Really Hacked Sony? Cyber Security Researchers Say They Finally Know (Christian Science Monitor)
More than a year after the devastating Sony Pictures hack, a trio of cybersecurity firms claim to have pinpointed the culprits behind the breach that rattled Hollywood and invigor... More
The Lowdown on the Apple-FBI Showdown (Krebs on Security)
Many readers have asked for a primer summarizing the privacy and security issues at stake in the the dispute between Apple and the U.S. Justice Department, which last week convi... More
Malicious Web Sites Exploit Silverlight Bug that Can Own Macs and Windows (ARS Technica)
Malicious websites are exploiting a recently fixed vulnerability in Microsoft's Silverlight application framework to perform drive-by malware attacks on vulnerable visitor devices,... More
Breach Stats: Improving From Abysmal To Just Awful (Dark Reading)
IT organizations are getting better at identifying data breaches more quickly and breach statistics are seeing ever-so-slight improvements, according to two new reports out this we... More
Cybercrime Increases, but Companies are Unprepared (U.S. News & World Report)
Online crime is a fast-growing threat to companies, but two new surveys show executives are not taking enough steps to protect sensitive data. Results from the Global Economic C... More
Social Engineering Confirmed as Top Information Security Threat (Computer Weekly)
Social engineering became the top attack technique in 2015 for beating cyber security, replacing exploits of hardware and software vulnerabilities, according to a study by securi... More
What the White House Cyber Security Plan Says About the Internet of Things (Next Gov)
The White House’s new national action plan on cybersecurity, released earlier this month includes a nod to the so-called smart home -- and the vulnerabilities that could accomp... More
Weekend Vulnerability and Patch Report, February 28, 2016 (Citadel Information Group)
Important Security Updates Apple TV: Apple has released version 7.2.1 for Apple TV to fix at least 24 vulnerabilities, some of which are highly critical, reported in previous ver... More
CDSA Security Audits for Production & Post Production / Editorial
By Bryan Ellenburg As productions become more reliant on digital technologies and the use of the cloud, the importance of securing your production and post production spaces is at... More
MPAA-Hunted Popcorn Time Makes Surprise ‘Comeback’ (TorrentFreak)
Late last year the main Popcorn Time fork, operating from the PopcornTime.io domain name, shut down its website unexpectedly. The MPAA took credit for the fall announcing that i... More
‘Locky’ Crypto-Ransomware Rides in on Malicious Word Document Macro (ARS Technica)
Several security researchers have discovered a new type of malware that jumps onto the ransomware bandwagon, encrypting victims' files and then demanding a payment of half a bitcoi... More
IBM: Majority of CEOs Unwilling to Share Cybersecurity Information with Outsiders (ZD Net)
Some 68% of CEOs say they are unwilling to share their organisation's information on cybersecurity incidents with outsiders, highlighting the ongoing challenge of establishing bett... More
Five Ways Your Employees Sidestep Information Security Policies (Data on the Edge)
A good employee finds ways to overcome roadblocks and get the job done. But in the case of enterprise IT security, good employees may be your biggest threat. In fact, a recent Del... More
Five Exploit Trends Driving Attacks Today (Dark Reading)
As cybercriminals increasingly monetize their malware efforts, enterprise defenders need to recognize that the application layer has become the biggest battlefield in today's IT ri... More
Ten Most Common Web Security Vulnerabilities (Toptal)
For all too many companies, it’s not until after a breach has occurred that web security becomes a priority. During my years working as an IT Security professional, I have see... More
Recent Email Phishing Campaigns – Mitigation and Response Recommendations (U.S. CERT)
Between June and July 2015, the United States Computer Emergency Readiness Team (US-CERT) received reports of multiple, ongoing and likely evolving, email-based phishing campaigns ... More
Film Claims U.S. Hacked Iran’s Critical Infrastructure (Bank Info Security)
The United States hacked into Iran's military and civilian infrastructure as part of a secret program code-named "Nitro Zeus" that was designed to disable the country's critical in... More
This is Why People Fear the ‘Internet of Things’ (Krebs on Security)
Imagine buying an Internet-enabled surveillance camera, network attached storage device, or home automation gizmo, only to find that it secretly and constantly phones home to a va... More
Weekend Vulnerability and Patch Report, February 21, 2016 (Citadel Information Group)
Important Security Updates Avira Free Antivirus: Avira has released version 15.0.15.141 of its free Antivirus. Updates are available from Avira’s website. Dropbox: Dropbox h... More
Business E-mail Compromise: Don’t Be a Victim (Citadel Information Group)
Not too long ago, email scams were relatively easy to detect. They were often from unknown contacts and referenced bank or credit card information which was clearly incorrect. Some... More