The Threat Model of 2017
The threat model is one of the most basic tools IT professionals use to analyze security incidents and scenarios. It is the first stop along the security path where potential hazards can be identified and quantified. Threat models involve judgments about which threats are important to a particular situation. An automated tool that simply lists…
65% of social engineering attacks compromised employee credentials
Social engineering is having a notable impact on organizations across a range of industrial sectors in the US. In fact, 60 percent of surveyed security leaders say their organizations were or may have been victim of at least one targeted social engineering attack in the past year, and 65 percent of those who were attacked…
Ransomware success creates apathy towards traditional antivirus software
In the last 12 months, 48 percent of organizations across the globe have fallen victim to a ransomware campaign, with 80 percent indicating that they’ve suffered from three or more attacks, according to a global survey conducted by Vanson Bourne. In response to ransomware attacks, 67 percent of businesses globally have increased IT security spending,…
Encryption ransomware hits record levels
The amount of phishing emails containing a form of ransomware grew to 97.25 percent during the third quarter of 2016 up from 92 percent in Q1. PhishMe’s Q3 2016 Malware Review identified three major trends previously recorded throughout 2016, but have come to full fruition in the last few months:
Fake executive social media accounts threaten enterprises
New research has uncovered numerous duplicative Twitter and LinkedIn accounts among Fortune 500 leaders, raising concerns about potential security vulnerabilities. Analysts at BrandProtect reviewed profiles for the 54 CEOs at Fortune 500 companies using Twitter and the 187 CEOs using LinkedIn. Of these CEOs, 19 percent were represented online by multiple Twitter accounts, while 9…
Thousands of WordPress sites with malware highlight need for comprehensive security
While everyone was worrying about the holiday influx of POS malware, a cyber criminal group quietly exploited a plug-in vulnerability with the mysterious SoakSoak malware and infected at least 100,000 sites utilizing WordPress’s content management system. Researchers with security firm Sucuri discovered the malware campaign in mid-December, noting that it leveraged a flaw within a…
Traveling on business? Beware of targeted spying on mobile
Corporate spying is a real threat in the world of cyber war. Employees traveling on behalf of their company could create opportunities for sophisticated adversaries to take sensitive corporate data. This is especially true if they are not careful with their mobile devices. The targeted malware attack It may sound like something out of a…
Tesco Bank hack shows that attackers continue to follow easy money
What happens when nearly 9,000 accounts at a financial institution experience fraudulent activity and clients have nearly £2.5 million stolen? People notice. The bank notices and shuts down activity, raising a chilling question for financial institutions: “Is this the new normal for banking in the age of cyber crime?” As we continue to learn more…
Increasing number of financial institutions falling prey to cyber attacks
66.2 percent of financial organizations faced at least one cyber-security attack in the last year, according to MetricStream Research. The report, based on a survey conducted in July 2016, features the perspectives of C-level information security professionals in over 60 banking and financial services firms across the globe. The respondents represented financial enterprises of multiple…