IoT security: Defending a young industry from attack
As the IoT industry matures, it’s safe to say we’re well past “early adopter” phase and seeing broader development and deployment. While the prospect of a more established and stable IoT environment is exciting, we’re not there yet. What we are seeing is that the space is showing its youth, and along with it, its…
Easy-to-exploit rooting flaw puts Linux computers at risk
The maintainers of Linux distributions are rushing to patch a privilege escalation vulnerability that’s already being exploited in the wild and poses a serious risk to servers, desktops and other devices that run the OS. The vulnerability, tracked as CVE-2016-5195, has existed in the Linux kernel for the past nine years. This means that many…
From Chasing Alerts to Hunting Threats: What Makes an Effective SOC is Evolving
Whether you call it a SOC, a CSOC, a Cyber Defense Center, or something else, security operation centers have the same fundamental mission – to help organizations detect, analyze, respond to, report on, and prevent cyber security incidents. But what it takes to do that effectively has changed in this ever-evolving threat landscape, putting an…
Backdoor Uploaded to WordPress Sites via eCommerce Plugin Zero-Day
A zero-day vulnerability in an ecommerce plugin for WordPress has been exploited by cybercriminals to upload backdoors to affected websites, researchers warned. The ideal scenario for profit-driven hackers is to find and exploit security holes in plugins installed on hundreds of thousands or millions of websites. However, targeting a large number of less popular applications…
Millennials A Growing Target Of IT Support Scams
New Microsoft-NCSA study finds that two out of three customers have been exposed to tech support scams in the last 12 months. More millennials are falling victim to tech support scams, surpassing senior citizens as the group most frequently tricked by fraudsters. This finding comes from a new study released by Microsoft and the National…
Breaking the OODA Loop!
The OODA loop is a well established concept often used in security which originated in the military. OODA stands for Observe, Orient, Decide, Act. OODA is an iterative process because after each action you need to observe your results and any new opposing action. The idea is that if you can consistently get to the…
Microsoft Researchers Release Anti-Reconnaissance Tool
Microsoft researchers have released a new tool designed to help security teams protect corporate networks by making it more difficult for attackers to conduct reconnaissance. The tool, dubbed “NetCease,” was developed by Itai Grady and Tal Be’ery of the Microsoft Advanced Threat Analytics (ATA) research team. NetCease has been made available on Microsoft’s TechNet Gallery,…
Internet Routing Security Effort Gains Momentum
More than 40 network operators agree to filter routing information, prevent IP address-spoofing, and to work together to thwart Internet traffic abuse and problems. Cyber-criminals and nation-state hackers routinely hide behind phony IP addresses to mask their location and identity, but an Internet initiative that seeks to thwart that and other malicious and inadvertent traffic…
IKANOW 2.0 Delivers First Customizable Information Security Analytics Platform
Reston, VA — IKANOW today announced the first fully customizable information security analytics platform with enterprise scalability and multi-tenancy. There are many packaged solutions that claim big data analytics capabilities but simply don’t meet the scalability requirements of large enterprises nor do they allow for easy customization that companies need. Built on open sources technologies,…
Video: Take Back Control of Your Information Security
The numbers are staggering. PWC reported there were 60 million information security attacks on enterprises last year and CyberEdge Group found over 70% of all companies were breached. The attack surface has expanded rapidly as the number of managed devices increased another 72% over 2014 according to Cisco. According to IBM and CSO, the typical…