Mac Malware Reaches New Highs
Two new malware threats in a week this past month, plus others in January, brings the 2017 Mac malware count up to 6 – and growing. On Valentine’s Day, Mac users got a special “treat” in the form of new malware. That same week, there were signs of yet another piece of malware looming. These threats…
20 Questions for SecOps Platform Providers
Security operations capabilities for the masses is long overdue. Here’s how to find a solution that meets your budget and resources. The security operations platform is quickly emerging as a favorite talking point for 2017, even for organizations that do not find themselves with an expansive budget to improve their security maturity and posture. Of…
Addressing pain points in governance, risk and compliance
In this day and age, it seems as though every business has some form of alphabet soup or acronym salad that shapes the decisions they make as it pertains to their information security programs. Between data privacy laws, regulations on the financial industry, calls for a healthcare focused cybersecurity framework, and regular updates to the…
Former Sysadmin Sentenced to Prison for Hacking Industrial Facility
A man has been sentenced to 34 months in prison and three years of supervised release for hacking into the systems of pulp and paper company Georgia-Pacific, the Department of Justice announced on Friday. Based in Atlanta, Georgia-Pacific is one of the world’s largest manufacturers and distributors of paper products. The company has more than…
Yahoo Explains Cookie Forgery Related To Two 2016 Breaches
Yahoo’s recent update on forged cookies is in relation to two, not three, security breaches announced last year. Yahoo has provided further clarification on the cookie forging activity related to data breaches disclosed in September and December of last year.
The Era Of Data-Jacking Is Here. Are You Ready?
As data in the cloud becomes more valuable, the cost of weak security will soon be higher than many organizations can bear. Here’s why. The past few months have seen a deluge of attacks on database deployments in production environments. Victor Gevers, an ethical hacker and founder of GDI Foundation, broke news about attacks on…
US legislation revived to curb warrantless geolocation tracking
U.S. legislators have reintroduced bills that would place curbs on warrantless access by the government to electronically generated geolocation information of Americans, including on the use of cell-site simulators that can capture cellphone data. Bicameral legislation introduced Wednesday, called the Geolocation Privacy and Surveillance Act, aims to create clear rules for when law enforcement agencies…
IaaS Creating New Variant of Shadow IT
Organizations cannot rely on commercial off-the-shelf (COTS) software to fulfil all their IT requirements: almost all companies develop their own custom apps. The majority of these apps, whether internal or internet-facing, currently run on datacenters owned or operated locally. By the end of 2017 this will change — the majority of enterprise custom apps will…
The Interconnected Nature Of International Cybercrime
Flashpoint analysts monitoring a top-tier Russian hacking forum recently observed an actor who goes by the pseudonym “flokibot,” developing a Trojan known as “Floki Bot.” While the malware uses source code from the ZeuS Trojan, the actor reinvented the initial dropper process injection to instead target point-of-sale (PoS) terminals. The Floki Bot Trojan is not…
Enhancing Enterprise Security for Ransomware Detection
Ransomware is a profitable business model for cyber criminals with 2016 payments closed at the billon dollar mark. According to a recent survey by IBM, nearly 70% of executives hit by ransomware have paid to get their data back. Those survey results do not include smaller organizations and consumers who are also paying to get their data…