The Increasing Use of Mobile Spyware Apps

Never in human history has there been a platform for tracking, eavesdropping, reconnaissance, and surveillance like the smartphone.  With the right malware or phone store app, a marketing company, suspicious spouse, parent, nation-state cyber-spy, or your own government or law enforcement agency can easily spy on anyone carrying a smartphone.  Mobile devices often provide a bridge between a target’s personal life and professional ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


The Ransomware Victim that Hacked Back and Got the Keys to the Kingdom

The idea of hacking back against those who hack you has been called a lot of things. The terms “goofy idea” and “illegal” are some we’ve heard. But for a ransomware victim in Germany, you can add the words “sweet revenge.” And not ...

Continue Reading →
0

Own an E-Commerce Business? Here’s How to Secure Customer Data

A guest post from From Siege Media

Data breaches are more or less becoming commonplace. In the last several years, companies the likes of Under Armour, Home Depot, Equifax, and even Target have fallen victim to ruthless cyber-attacks, resulting in the loss of profit, reputation, and customers. 

This obviously has a huge affect ...

Continue Reading →
0

Dealing With The Insider Threat

As cybersecurity professionals, we spend a lot of time and effort keeping outsiders off our network, and out of our servers and information repositories.  The good news is that today’s defensive solutions work pretty well, and we are largely successful defending threats from outsider the network perimeter.

Insider threats are a bigger concern.  There have been several high profile insider ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Shock Treatment: First Disruptive Cyber Attack Hits the U.S. Power Grid 

Firewalls crashing, communications lost, and the realization that this was not a technology failure of the U.S. power grid. It was a first-of-its-kind cyber-attack that reveals the risks of our increasingly connected infrastructure. The North American Electric Reliability Corporation (NERC) revealed details of the new ...

Continue Reading →
0

Corporate Execs Fear the Phish

A recent report says that 75% of corporate executives believe what 100% of cybersecurity professionals know:  phishing emails represent the greatest cyber-threat to business computer systems and networks.  Humans are still the weakest link in the cybersecurity chain.  Cybersecurity awareness training and simulated phishing testing is seen as the most effective way to improve detection and avoidance in employees.  To be truly effective training frequency should happen quarterly, but often ...

Continue Reading →
0

When Penetration Testing Goes Wrong

When I am speaking or training, and the subject turns to penetration testing, I make certain to explain to the class or audience that nearly everything a pen-tester does violates federal laws.  For starters, there is the Computer Fraud and Abuse Act.  There are many other computer laws at both the federal and state levels.

Penetration testing takes a vulnerability assessment to the ...

Continue Reading →
2
Page 32 of 107 «...10203031323334...»