Connected home solutions adoption remains limited
Adoption of newer connected home solutions is still at the early adopter phase, according to Gartner. The survey, of nearly 10,000 online respondents in the U.S., the U.K. and Australia during the second half of 2016, found that only about 10 percent of households currently have connected home solutions. Connected home solutions consist of a…
Fighting attackers in the era of data jacking
What we saw in the last few months is a rise in reports on database systems, new database technologies that are essentially being compromised; and where attackers will hack into a database, encrypt the data or sometimes delete or do something to the data, and essentially leave a message where they ask you for not…
Wikileaks, CIA documents and some sober thoughts
So, my less than favorite topic found itself at the top of my reading list today. Wikileaks released a treasure trove of documents today that purport to outline all manner of CIA related operations. After I got passed the “what the actual…” moment, I had to pause. On social media and various news outlets there…
The Role of the Security Intelligence Analyst and the Three Main Elements of Cybersecurity
In the modern security operations center (SOC) model, the security intelligence analyst (SIA) represents a core role. In my opinion, it is one of the most important roles in the field of the cybersecurity. Customers often ask me what the role of the SIA actually is. The SIA is responsible for protecting the organization against…
Shamoon-Linked “StoneDrill” Malware Allows Spying, Destruction
Researchers at Kaspersky Lab have come across a new and sophisticated piece of malware that can be used for both cyber espionage and wiping an infected computer’s storage. Dubbed “StoneDrill,” the malware has been linked to the notorious Shamoon 2 and Charming Kitten, aka Newscaster and NewsBeef, a threat actor believed to be located in…
Temporary Fix Available for Windows GDI Vulnerability
A temporary fix is available for the Windows Graphics Device Interface (Windows GDI) vulnerability that was disclosed a couple of weeks ago. The flaw was initially discovered by Mateusz Jurczyk, an engineer with Google’s Project Zero team, in March 2016, along with other issues in the user-mode Windows GDI library (gdi32.dll). Microsoft attempted to resolve…
Adware vs. Ad Fraud: Viva la Difference!
Both earn their money in the advertising trade but they each have very different means of operation and targets. Adware and ad fraud are in basically the same business, and neither care very much how they make money as long as it keeps pouring in. But there are some major differences. To understand these differences…
Enable self-healing endpoint security with Application Persistence
There’s lots of malware there today. The first thing it does when it executes, tries and disable the AV client on the endpoint. Application Persistence, through our Persistence technology, allows you to ensure that if something were to happen to that – we’ll just use the AV as an example – AV product, the firmware…
Fileless Powershell malware uses DNS as covert communication channel
Targeted attacks are moving away from traditional malware to stealthier techniques that involve abusing standard system tools and protocols, some of which are not always monitored. The latest example is an attack dubbed DNSMessenger, which was analyzed by researchers from Cisco Systems’ Talos team. The attack starts with a malicious Microsoft Word document distributed through…
Rockstar Games Launches Public Bug Bounty Program
Rockstar Games this week launched a public bug bounty program through HackerOne, after running it in private mode for more than nine months. On the program’s page, the company reveals that the minimum bounty for successful vulnerability submissions is $150, but that researchers can get higher rewards, depending on the severity and complexity of the…