Hiding Under the Covers
May 15th, 2013
“All warfare is based on deception” – Sun Tzu, The Art of War Attackers like stealth. Once they have compromised a system, one of their primary goals is to remain undetected. Initially, attackers used malware with pseudo Windows service names such as svchosts.exe, winlogin.exe, lsasss.exe, and others. Although these names appear to be innocuous, power [...]
Ten Bulletins This May Patch Tuesday; But Don’t Get Excited
May 14th, 2013
While 10 patches covering 33 vulnerabilities may seem like a high number, it isn’t all bad news for IT professionals this May Patch Tuesday. Only two of the 10 patches released today are critical and both impact Microsoft Windows and Internet Explorer. The two critical-rated patches address the IE 8 zero-day that made news after attacking a [...]
By: Chris Merritt - Dir. Solutions Marketing
Market Impact of a Data Breach
May 13th, 2013
In my Changeup post the other day, I mentioned that my colleague Paul Henry had saved an organization an estimated $10M (or roughly 15%) in market cap by showing that an intrusion had no material impact. That got me to thinking: what *is* the typical market impact of a breach? And furthermore, how good are [...]
By: Paul Zimski - IT Security Expert
BYOD or BYOT (Bring Your Own Threat)…The Case for Mobile Devices as Endpoints
May 7th, 2013
Lumension recently conducted a survey of more than 1,600 IT professionals on Linkedin regarding their thoughts on BYOD and mobile security. You can check it out here. There is a lot of interesting information in this survey, with one of the main takeaways was for these respondents’ organizations, BYOD is really all about end-user satisfaction [...]
By: Chris Merritt - Dir. Solutions Marketing
Changeup Information Sharing
May 6th, 2013
We were talking with the CIO of a major healthcare company the other day who told us that his day had gone sideways because of the re-emergence of the ChangeUp worm / Trojan. This was news to me. I mean, yes, I’m a little behind in my reading, but I’d not heard much about ChangeUp [...]
New School Cyber Crooks Using Old School Malware Tricks
April 29th, 2013
You can teach old crooks new tricks, but many cyber criminals are discovering that the old tricks are working just fine. Indeed, recent security headlines feature old school malware attacks, like the MiniDuke. And old school botnets with creative new names are bum rushing the Internet. At the same time, reflective memory injection (RMI) attacks, which blend [...]
CISPA, FISMA Passed the House. Now What?
April 24th, 2013
CISPA, the Cyber Intelligence Sharing and Protection Act, passed the US House of Representatives late last week and will move to the Senate for further debate. If this rings a bell, it should. Last summer, CISPA passed the House before stalling in the face of a Senate filibuster. Of course, it was not the only [...]
By: Chris Merritt - Dir. Solutions Marketing
ZIP Codes Are … PII?!
April 15th, 2013
Mr. ZIP (or Zippy to his friends) was born back in July 1963 and the soon-to-be 50-year-old is finally getting some privacy … in Massachusetts at least. The Massachusetts Supreme Court recently determined that under Mass. Gen. Laws, ch. 93, § 105(a), “personal identification information” includes a consumer’s ZIP code and decided that collecting such [...]
By: Chris Merritt - Dir. Solutions Marketing
Is Education Key to Closing the Door on Hackers?
April 11th, 2013
I read with interest an Op-Ed piece in the New York Times the other day by Marc Maiffret (founder and CTO of BeyondTrust) entitled “Closing the Door on Hackers.” [By the way, as I’ve mentioned before, it’s interesting to see cybersecurity in the mainstream news, which seems to be happening more and more these days.] [...]
Anatomy of Reflective Memory Attacks
April 10th, 2013
Ophiocordyceps unilateralis is a parasitical fungus that, beginning with a microscopic spore, infects a certain species of ant using a series of attacks, one building on the other until it controls the ant’s brain for its own bidding. The fungus can’t just land on the ant, consume it and reproduce. It needs to get inside the ant [...]
FREE Scanner
Free eBook
Over 48% of IT Directors say that mobile devices represent the greatest network security threat.
