Climbing the Security Maturity Ladder in Cloud
These five steps will insure that you achieve the broadest coverage for onboarding your most sensitive workloads. Astute CIOs are actively migrating to public cloud to take advantage of scalability, flexibility and inherent security at a lower cost. As Rob Alexander, CIO Capital One, said at the AWS re:Invent 2015 conference in Las Vegas, “We…
U.S. Warns of North Korea’s ‘Hidden Cobra’ Attacks
The United States Computer Emergency Readiness Team (US-CERT) released a technical alert on Tuesday on behalf of the DHS and the FBI to warn organizations of North Korea’s “Hidden Cobra” activities, particularly distributed denial-of-service (DDoS) attacks. The threat actor dubbed by the U.S. government “Hidden Cobra” is better known in the infosec community as Lazarus…
Flying Under the Radar: How Hackers Use Protection Strategies for Attack
It’s a recurring theme in sports movies, war stories and crime stories alike: In order to defeat the enemy, one must think like the enemy. This approach has been taken – oftentimes quite successfully – in an array of settings, including the cybersecurity realm. Security researchers are constantly working to pinpoint and better understand the…
Building Upon Trump’s Executive Order on Cybersecurity
Just days after President Trump signed his executive order on cybersecurity, the massive WannaCry attack dominated the news cycle. The assault infiltrated 150 countries, penetrating national networks and infrastructure. A breach of such international scale has rightly raised questions about government preparedness for digital warfare. In answering these concerns, Trump’s executive order should not be…
Fireball: Adware with potential nuclear consequences
Advertising can sometimes be annoying — and sometimes it can be malicious. Businesses that make their money selling advertisements sometimes go too far trying to make sure you see their ads. Recently researchers found that one such business — a big digital-marketing agency — went as far as installing adware on 250 million computers running…
IDG Contributor Network: “Security should be invisible”
In the world of security startups, there are those crazy ones. As that Apple ad goes, they are the misfits, the rebels, the troublemakers. The round pegs in the square holes. The ones who see things differently. They’re not fond of rules. And they have no respect for the status quo. Society should celebrate entrepreneurs…
After a cyberattack, companies remain vulnerable. What CIOs can do to protect their brands
Here’s a security scenario that’s all too common: A company suffers from a cyberattack, then responds to it promptly and alerts its customers, warning them to change their passwords. But the company remains vulnerable through the very means it uses to alert those customers: Email. In fact, attackers can exploit that vulnerability using email that…
How computer security pros hack the hackers
The long, awkward silence is always the first sign that a previously over-confident hacker realizes he’s suddenly become the victim. It happens every time. The malicious hacker had been firing his “ion cannon” at my network address trying to overwhelm my home computer and internet connection. I had sent him an email the day before…
Healthcare industry continues to struggle with software security
67% of medical device manufacturers and 56% of healthcare delivery organizations (HDOs) believe an attack on a medical device built or in use by their organizations is likely to occur over the next 12 months. According to the results of a recent survey, roughly one third of device makers and HDOs are aware of potential…
WannaCry: Are you safe?
A few days ago saw the beginning of the Trojan encryptor WannaCry outbreak. It appears to be pandemic — a global epidemic. We counted more than 45,000 cases of the attack in just one day, but the true number is much higher. What happened? Several large organizations reported an infection simultaneously. Among them were several…