Feels like a Cyber Security Groundhog’s Day
While nobody has a crystal ball for what’s coming this year, I think we can all agree tough security lessons were learned in 2017. From Yahoo indicating that every one of its 3 Billion email accounts (that’s a B) was exposed in a breach to some pretty serious hacking tools believed to have been developed…
Cisco Aware of Attacks Exploiting Critical Firewall Flaw
Cisco informed customers on Wednesday that it has become aware of malicious attacks attempting to exploit a recently patched vulnerability affecting the company’s Adaptive Security Appliance (ASA) software. No other information has been provided by the networking giant, but it’s worth noting that aproof-of-concept (PoC) exploit designed to cause a denial-of-service (DoS) condition on devices running…
The Time to Focus on Critical Infrastructure Security is Now
The world has once again been reminded that the threat of cyber attacks on critical infrastructure systems remains very real. Last month, Britain’s defense secretary, Gavin Williamson, iterated that Russia held the potential for wide disruption and “thousands of deaths” through such attacks. His announcement was the latest indication of increased chatter regarding attacks on critical infrastructure,…
What Super Bowl LII Ads Can Teach You about Privileged Account Security
It is the day after Super Bowl LII, and sadly, Patriots fans did not wake up savoring the good feeling of their sixth Super Bowl win with Tom Brady. In our household, there is now a temporary ban on sports radio until talk of this Super Bowl dies down over the airwaves. Although the game…
Macro-less malware: The cyclical attack
Last year, attackers linked to the Russian hacking group APT28 (sometimes called Fancy Bear) started hacking like its 1999 with Microsoft Word-based malware that doesn’t trigger security warnings along the way. These types of attacks are called “macro-less malware” because they bypass the security warnings added to Microsoft Office programs in response to traditional macro…
The Price of Cybercrime: 9 Years in One Case, 6 Months in Another
Travon Williams, 33, was sentenced by the District Court for the Eastern District of Virginia to 9 years in jail for his role in a credit card fraud and identity theft scheme. For more than two years, Williams led a gang that purchased thousands of stolen credit and debit card numbers from the dark web….
The future of smartphone security: Hardware isolation
Mobile spyware has become increasingly more ubiquitous in corporate networks and devices. In a 2017 study, Check Point has found that out of the 850 organizations that they queried, 100% had experienced a mobile malware attack at least once in the past. To date, most cybersecurity companies have focused either on software-only or built-in hardware…
How do your IT complexity challenges compare to those of other CIOs?
A global survey of 800 CIOs conducted by Vanson Bourne reveals that 76% of organizations think IT complexity could soon make it impossible to manage digital performance efficiently. IT complexity is growing The study further highlights that IT complexity is growing exponentially; a single web or mobile transaction now crosses an average of 35 different technology systems…
Innovative organizations build security into their cloud strategy
Businesses are increasingly evolving their security strategy to advance their cloud strategy. Based on research and interviews with industry practitioners, Hurwitz & Associates sees clear evidence that balancing velocity and security in the cloud starts with adopting new approaches to security. “Customers are increasingly depending on cloud computing to support the need for business agility and speed of transformation….