The ‘Opsec Fail’ That Helped Unmask a North Korean State Hacker

How Park Jin Hyok - charged by the US government for alleged computer crimes for the Sony, Bank of Bangladesh, WannaCry cyberattacks - inadvertently blew his cover via email accounts.

Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware

Attack against the Metropolitan Police Department was disrupted before malware could be sent to additional systems.

6 Security Training Hacks to Increase Cyber IQ Org-Wide

Move beyond generic, annual security awareness training with these important tips.

US Approves Cyber Weapons Against Foreign Enemies

The White House is changing the rules on its use of digital weapons to fight adversaries targeting US networks.

Apple’s dropping Back To My Mac Remote Access. Here’s an Alternative, Currently Discounted.

Apple is dropping the Back To My Mac remote access feature, and in a recent support document they urge you to be prepared by looking for alternatives.

RemotePC by iDrive is a full-featured remote access solution that lets you connect to your work or office computer securely from anywhere, and from any iOS or Android device. Right now, their 50 computer package is 90% off or just $6.95 for your 1st year. So if you need an alternative to Back To My Mac, or have been thinking about remote access, now is a good time to consider RemotePC. Learn more about it here.

To read this article in full, please click here

Data Manipulation: How Security Pros Can Respond to an Emerging Threat

Industry leaders are scrambling to address the issue, which will take new thinking to overcome.

Executive Branch Makes Significant Progress As DMARC Deadline Nears

The DHS directive on email security has an approaching deadline that most departments in the executive branch might actually meet.

Back to the ol’ spam-fighting drawing board

Pilot fish returns from an extended holiday weekend to find his inbox full of spam -- and for once, dozens of the messages seem to be related.

"I was curious, so I didn't delete all 50 of them right away," says fish. "The first one was obviously spam -- a 'Hi, do you remember me, can we talk?' message with a phishing link.

"But the first reply was from an autoresponder at a legal-services company: Thank you for your email. You have reached the email inbox for... Please let us know if you have any questions."

The next message is from another autoresponder, replying not to the spam but to the first autoresponder: Thank you for contacting us. This is an automated response confirming the receipt of your ticket. Our team will get back to you as soon as possible.

To read this article in full, please click here

Think Like An Attacker: How a Red Team Operates

Seasoned red teamers explain the value-add of a red team, how it operates, and how to maximize its effectiveness.

Retail Sector Second-Worst Performer on Application Security

A "point-in-time" approach to PCI compliance could be one reason why so many retailers appear to be having a hard time.