Tag Archives: Advanced Malware

PREPARING FOR YOUR DATA BREACH

Author: Chris Cronin, ISO 27001 Auditor Most InfoSec professionals don’t want to think about becoming the next victim of a major data breach to make the headlines. And yet when faced with another major data breach it is a time when Executive Management and security teams reflect on their own insecurities. The latest breach is being […]

All Done with Shellshock? Get Ready for the Next One.

Why read another article on the Shellshock bug when there have been a number of well-written articles and blog posts on it? Because almost all of the articles and blogs are talking about the bug itself, how it can be exploited, and how much of the Internet is open to it. However, what you should […]

“The Walking Dead” and Windows XP

The IT world is preparing for one of its highest profile deaths on April 8th, 2014. Microsoft will be discontinuing security updates and technical support for Windows XP and its variants. Microsoft will not mourn, as their call to action is to migrate off of one of its most popular consumer operating systems in history.

Malware Defense is About Strategy before it’s About Technology

I’m one of those fortunate information security professionals who plays both sides of the technology defense game: I’m your incident response guy and your preventive technologies guy. When I’m working with a company after they’ve been breached I can see pretty quickly what defenses they were missing that allowed the breach in the first place, […]

PHEATS OF PHISHING – Will you be prepared when it happens to you?

Author: Todd Becker, PCI QSA, ISO 27001 Auditor Phishing is by no means a new topic in today’s news. But the increasing complexity and targeted nature of attacks have evolved to a level of sophistication that is even phooling knowledgeable members of the IT community. The end result could just be embarrassing, but it could also […]

NEXT-GEN MALWARE DEFENSE

‘Malware’ has come a long way. From merely annoyance applications coded by bored engineering students for notoriety all the way to professionally developed stealth applications for financial gains and stealing state secrets. According to Verizon’s 2012 Data Breach Investigations Report, 69% of the breaches were attributed to malware infections. The business impact of such Advanced Malware […]

Security awareness training is more important than ever.

Can’t state it often enough.  Security awareness training is more important than ever.  Many of the incidents we respond to are caused by malware being downloaded by users.  Once it’s in your network, it’s only going to propagate.  It’s like a bad roach infestation.

10 Years of Malware and Threats

Again, from a Dark Reading article, Microsoft Studies 10 Years of Malware and Threats.  Microsoft, in celebration of the 10-year anniversary of the launch of its Trustworthy Computing Initiative, published a special edition of its Security Intelligence Report.  They looked at the past 10 years and how the threat landscape has evolved.