Users must recognize that they are taking a significant risk when connecting directly to the Internet. The new Menlo Security State of The Web report reveals that nearly half (46%) of the Internet’s top 1 million web sites, as ranked by Alexa, are risky.
The San Francisco Bay Area was enjoying a US Thanksgiving holiday weekend when ransomware hit its municipal transportation agency, locally known as Muni. Over 900 office computers were affected, with Muni data locked up as the hacker demanded 100 bitcoins, or roughly $73,000, which the San Francisco Municipal Transportation Agency (SFMTA) never considered paying, according to the San Jose Mercury News.
This is intended to be a little tongue in cheek for readers, however it’s been written to provoke discussion on how organizations continue to do the same things they have done for the last 15 years without thinking.
Across the Asia Pacific, cyber security communities are sharing information about malicious actor techniques from other regions, in hopes of avoiding copycat attacks. In one case, data theft from a US government agency exploit was foiled when individual users repeatedly asked IT to have their malware-ridden laptops re-imaged. It turns out, it wasn’t just malware that was the security issue – the malware was a cover up for a sophisticated ring of insider data-stealing activities. Each time the externally-based ring leader thought their data stealing attempts might be discovered, the malware was inflicted on internal users to force a reimage and cover their tracks.
In medical terms, Patient Zero is loosely defined as the first human infected by a new or recently discovered viral or bacterial outbreak. The term has found its way into the IT security lexicon where its corollary is the first individual to be infected by a new malware strain, or the first victim in a phishing campaign.
A new and rapid growth trend during the U.S. political season is that various treasure troves of leaked documents now await the masses on the Internet, including via sites like WikiLeaks and "Guccifer 2.0’s” latest Wordpress blog.
Recently, I’ve been speaking with a lot of CISOs, security industry veterans, and analysts about risk.
Las Vegas has a tendency to overload all of your senses. Similarly Black Hat, too, has the effect of inducing information overload on nearly every participant.