malware

Security Breaches: What To Watch For In 2013

By

Contrary to the predictions of many security experts, who argue that cloud exploits, mobile device attacks and all-out cyber war will be among the most likely data breach threats governments and enterprises will face in 2013, researchers for the Verizon Data Breach Investigations Report (DBIR) have reached a far different conclusion.

The most likely threats in 2013 will involve authentication attacks and failures, continued espionage and “hacktivism” attacks, Web application exploits and social engineering. Keep reading →

 /  Published January 7, 2013 at 11:00 AM

Verizon Data Breach Report Highlights Insider Vulnerabilities

By


A new report on data breaches and cyber crimes highlights a disturbing rate of intellectual property theft, much of which happens from within organizations, making it increasingly difficult to protect against across a range of industries.

The “Verizon 2012 Data Breach Investigations Report,” due to be released by Verizon on Wednesday, pulls together analysis from the U.S. Secret Service, the Dutch National High Tech Crime Unit, the Australian Federal Police, the Irish Reporting & Information Security Service and the Police Central e-Crime Unit of the London Metropolitan Police. Keep reading →

 /  Published October 23, 2012 at 10:00 PM

A CISO’s Thumb Drive Frustration

By

Recently I was with a CISO of a multi-billion dollar critical infrastructure provider in the private sector.

We were conducting a security scan and compiling a list of issues and areas that needed to be addressed as part of his overall security program. While at one of the facilities he received a notification that he shared with me. The message was that they had traced back the source of a breach that had occurred a few months back. Keep reading →

 /  Published September 17, 2012 at 3:00 PM

Cyber Intelligence: The Flame Intensifies

By

In a move that suggests the incendiary impact of malicious software, Iran has now publicly threatened the United States over the Flame malware incident that has gained worldwide attention in recent days.

Flame has been dubbed the “utlimate spy” and for good reason. Iran was the country hit the hardest by the state-of-the-art piece of malware. Keep reading →

 /  Published May 31, 2012 at 8:01 AM

Cyber Intelligence: Flame – The Swiss Army Knife Of Cyber Weapons

By

It happened again. A number of countries have been hit by what has been called the most sophisticated piece of malware seen to date.

The malware is called Flame – appropriate given the number of computers that have been burned by this latest cyber weapon. Keep reading →

 /  Published May 29, 2012 at 10:35 AM

Get Stupid: Dumb Devices Can Stop Cyberattacks – If The People Are Smart

By

On a fine spring day in the nation’s capital, I’m not the only one to succumb to the temptation to work from home instead of heading into an airless office building. But cybersecurity experts warn that when I log into the AOL server to upload this article, I’m also opening a door for malware and hackers.

With more and more federal workers working from home or on the road all the time, including in the Department of Defense, even as cyberattacks from foreign powers are on the rise, telecommuting has become a national security issue. The solution? Smarter people – using stupider computers. Keep reading →

 /  Published May 17, 2012 at 1:00 PM

Cyber Intelligence: Updated Attack Vector Emerges

By


An old attack vector has re-emerged with a twist. This time the attackers are patient, and have defined the attack process in a manner that will increase the effectiveness.

An email with a semi-customized subject matter is sent to a selected group of targets all sharing a similar interest – CYBERSECURITY. The email is about a job opening and has two attachments. The first attachment is labeled job description. If the email recipient is interested and clicks on the download – you guessed it – malware is downloaded and installed. The second attachment is for the recipients that want to unsubscribe. If you click on that download, yes once again malware is downloaded and installed. Keep reading →

 /  Published April 2, 2012 at 11:03 AM

Cyber Intelligence: Meeting The Challenge Of Cyber Defense

By

Day after day the threats we are exposed to in cyber space grow. Just recently Panda Security announced they processed their 200 millionth malware file. Just think about that for a moment, 200 million individual pieces of malware.

The company went on to say that cyber intelligence automatically detects, analyzes and classifies more than 73,000 new malware strains a day. That clearly illustrates the continuous change that goes on in the cyber threat environment. Keep reading →

 /  Published November 14, 2011 at 7:38 AM

Killing The Internet: Thoughts From DHS Security Summit

By

A few weeks ago, I was privileged to be a panelist on the panel, “Protection and the Moral Dilemma: Going Offline in the Name of Security”, the kickoff event of the DHS GFIRST summit in Nashville, Tennessee.

The panel itself included senior security experts from across the spectrum of the public sphere: DHS, the FBI, DoD, state government, and even well-known security author Winn Schwartau. Keep reading →

 /  Published September 2, 2011 at 1:45 PM

Cyber Intelligence: UK Report Finds Security Boils Down To Money

By

COMMENTARY:
When it comes to cybersecurity and assurance measures designed to protect sensitive digital assets few people would argue that the risks of attack and compromise has increased sharply over the past few years.

For example, computer security giant McAfee released their 2010 Q3 Threats Report and in it they reported that on average 60,000 new malware threats were identified each day. In their 2011 Q1 Threat Report 6 million unique pieces of malware were recorded. This was the most active quarter in malware history. These figures clearly indicate the severity of the current cyber threat. Keep reading →

 /  Published July 19, 2011 at 1:01 PM