Why Defense Doesn’t Work

Now that football season has started, there will be a lot of discussion about why great defenses don’t win football games.  Defense is not enough in the realm of cybersecurity, either.  I recently attended a webinar put on by The Open Web Application Security Project (OWASP) featuring Mike Benkovich (@mbenko) that discussed this concept as it applied to the DevSecOps (or SecDevOps) or the secure development of web applications.  It is not enough to write code that works, it also ...

Continue Reading →
0

Weakest Cybersecurity Link – It’s Your Staff

coworkersAll the expensive high-tech cybersecurity goodies cannot prevent someone in your employ from clicking a malicious link in an email and opening a gateway to further network exploitation.  That is the findings of ProofPoint in The Human Factor Report 2015.  The discouraging point for those of us who advocate employee training as an important part of an overall cybersecurity strategy is that in spite of training, people are still more likely ...

Continue Reading →
0

Dyre Wolf Banking Malware Poses Threat To Your Bank Balance

Modern cyber criminals are using more sophisticated blended attacks to achieve some pretty spectacular monetary hauls.  The Dyre Wolf malware exploits is currently be combined with a spear-phishing approach, a telephone based social engineering middle, and a distributed denial of service (DDOS) attack on the back end to access corporate bank accounts and wire transfer large sums of money.  Originally uncovered by IBM’s security team in 2014, this exploit had netted on cyber-crime group over $1 million dollars.  The IBM ...

Continue Reading →
0

US Announces It’s Game Over For Zeus Kingpin

Bogachev Wanted posterThe Gameover Zeus and related Neverquest banking Trojan exploits are one of the most truly frightening security nightmares facing small businesses and individuals.  These exploits allow a remote attacker to join you on an online banking session, and then transfer funds from your account after you thought the session was over.

The US State Department has place a $3 million bounty on the head of Evgeniy Mikhailovich Bogachev, The criminal mastermind behind the Gameover ...

Continue Reading →
0

Drive-By Trojan Downloader Compromises Security

One of my collegues sent a link to a BBC article about the Sinowal Trojan horse , which is also known as Torpig and Mebroot. This trojan installs itself on victims’ computers when they simply visit certain web sites, and collects banking and credit card information and reports back to the what appear to be eastern European and Russian criminal gangs, such as the Russin Business Network. Links to the article are here.

Your best form of protection ...

Continue Reading →
0
Page 3 of 3 123