This is a threat advisory for Thomas Cook Ltd. Mobile Apps & Website

This report provides an analysis of TPM Genie. TPM Genie is a serial bus interposer which has been designed to aid in the security research of Trusted Platform Module hardware. The tool demonstrates that a man-in- the-middle on the TPM serial bus can undermine many of the stated purposes of the TPM such as measured boot, remote attestation, sealed storage, and the hardware random number generator.

This is a transcript of a February 2018 US Senate meeting that discussed Data Security and the hacking community.

This short article discusses why a marriage between WAF and DDoS is a good idea.

This report deals with mobile healthcare apps and their ability to be easily hacked.

GAO was asked to report on the major breach that occurred at Equifax in 2017. This report (1) summarizes the events regarding the breach and the steps taken by Equifax to assess, respond to, and recover from the incident and (2) describes actions by federal agencies to respond to the breach.

This report discusses the security concerns that have arisen about the new technology, blockchain.

In order to find out more about the challenges and threats businesses are encountering, Kaspersky Lab, together with B2B International, has conducted a study entitled Corporate IT Security Risks Survey 2016. We asked more than 3,000 representatives of small and medium-sized companies how they manage to cope with cryptomalware in the constantly changing landscape of cyber threats.

This paper was written to help Enterprises prioritize cyber security activities in real time based on potential financial loss.

Distributed denial of service (DDoS) attacks continue to grow in frequency, sophistication and bandwidth. Due to a recent SANS survey, 378 security and network managers reveal that they are experiencing more frequent and sophisticated DDoS attacks These and other trends are discussed in the rest of this report.

This report focuses the vulnerability that they call “Eavesdropper.” The Eavesdropper vulnerability is due to the hardcoding of credentials in mobile apps that are using the Twilio Rest API as well as some using the Twilio SDK. This vulnerability exposes massive amounts of current and historic data, including sensitive call and messaging data.

This report summarizes the threat landscape seen in 2017 and gives some clear recommendations for the future.

This paper takes a look at the cities of Germany, and the cyber threats that occurred there.

This paper explores threats like coin-mining attcks, spike in software supply-chain attacks, the ransomware business, the drop in zero days, and the rise in mobile malware.

Ixia recently commissioned Dimensional Research to conduct a survey of cloud users to understand their top concerns about managing cloud operations. This report provides details about their findings.

This monthly report details Application Security obvservations from March 2018.

From the Report, “This newsletter introduces the latest ransomware trends and best practices for ransomware response using the AhnLab MDS (Malware Defense System). "

This guide gives specific recommendations to use during your development process. The descriptions of attacks and security recommendations in this report are not exhaustive or perfect, but you will get practical advice that you can use to make your apps more secure.

Get detailed cloud security insights about DDoS and web application attack trends observed across the Akamai Intelligent Platform™ for Q1 2016. Highlights include: 1) A 23% increase in DDoS attacks and a 26% increase in web application attacks, compared with Q4 2015, setting new records for the number of attacks in the quarter 2) The rise in repeat DDoS attacks, with an average of 29 attacks per targeted customer – including one customer who was targeted 283 times 3) The continued rise in multi-vectored attacks (56% of all DDoS attacks mitigated in Q1 2016), making mitigation more difficult

This report is a kind of dossier on the hacker community. It lets you in to their world, to know their mindset, and thoughts on the bug bounty community.

This paper outlines the current state of play in political warfare, identifies emerging threats, and proposes potential policy responses. It argues for greater information sharing mechanisms between trans-Atlantic governments and the private sector, greater information security and transparency, and greater investments in research and development on AI and computational propaganda. As authoritarian regimes seek to undermine democratic institutions, Western societies must harness their current— though fleeting—competitive advantage in technology to prepare for the next great leap forward in political warfare.