Breaking down New York’s new cyber regulations
In late September, the New York Department of Financial Services (NY DFS) and Gov. Andrew Cuomo announced a series of new rules strengthening cybersecurity requirements for financial firms in the state of New York. Financial firms are treasure troves of private client data and one of the most sought after targets for attackers. In the…
China’s vague cybersecurity law has foreign businesses guessing
The most disturbing thing for foreign businesses facing China’s new cybersecurity law may just be how vague and broad it is. Under the new law, adopted on Monday and taking effect next June, it’s possible that any major company working in the country might be subject to “security reviews” from the Chinese government.
RASP rings in a new Java application security paradigm
Runtime Application Self Protection (RASP) is a next-generation cyber security technology designed to redress some of the weak points of application security. Unlike firewalls or code analysis, runtime-based technologies contain application data and contextual awareness, enabling them to be both precise and preemptive. In this article I introduce RASP. I’ll briefly compare RASP to other…
“Dirty COW” Linux Kernel Exploit Seen in the Wild
A new Linux kernel vulnerability disclosed on Wednesday allows an unprivileged local attacker to escalate their privileges on a targeted system. Red Hat said it was aware of an exploit in the wild. The vulnerability, discovered by Phil Oester, was sarcastically dubbed by some people “Dirty COW” due to the fact that it’s caused by…
US Bank Regulators Draft Rules For Financial Services Cybersecurity
US bank regulators are all set to issue new standards for banks to protect themselves from cyberattacks, reports Reuters. The proposal, expected to be finalized soon and binding on financial institutions with more than $50 billion assets, comes in the wake of US banks suffering serious losses from online thefts. When the rules come into…
Millennials A Growing Target Of IT Support Scams
New Microsoft-NCSA study finds that two out of three customers have been exposed to tech support scams in the last 12 months. More millennials are falling victim to tech support scams, surpassing senior citizens as the group most frequently tricked by fraudsters. This finding comes from a new study released by Microsoft and the National…
Breaking the OODA Loop!
The OODA loop is a well established concept often used in security which originated in the military. OODA stands for Observe, Orient, Decide, Act. OODA is an iterative process because after each action you need to observe your results and any new opposing action. The idea is that if you can consistently get to the…