Saturday, July 20, 2019
IBM Security

How to Create an Effective Incident Response Plan

The complexity and precision of today’s cyberattacks may make you long for the simpler days of the Michelangelo virus. Add the sheer number of security alerts and false positives, and it’s easy to understand why incident response teams suffer...
IBM Security

Does Your Cloud Vendor Contract Include These Crucial Security Requirements?

Cloud adoption is on the rise: According to International Data Corporation (IDC)’s “Nine Ways to Maximize the Value of Cloud Contracts,” 52 percent of all companies are currently using cloud-based delivery models and an additional 27 percent have firm...
IBM Security

I Can’t Believe Mirais: Tracking the Infamous IoT Malware

Devices and networks are where cybercriminals go to find data and financial profit. But attacks on simpler connected devices can be devastating in their own ways and cause damage that can be just as complicated to repair and pay...
IBM Security

Enterprise Mobility Management Gets Personal

Enterprise mobility management (EMM) is now widely adopted, with more than three-quarters of enterprises deploying the technology, according to IDC survey data. However, there are still roadblocks to end user adoption and penetration of the technology in terms of...
IBM Security

The Expiration Date on Passwords Has Expired

Changing your passwords frequently sounds like commonsense advice, and has served as conventional wisdom in computer security for a long time. However, just because something is common doesn’t mean it makes sense. In fact, many experts believe forced, arbitrary password...
IBM Security

The Fine Art of Protecting Microsoft Office 365 Apps With Multifactor Authentication

The initials MFA, as every computer security professional knows, stand for multifactor authentication. The same initials also stand for Master of Fine Arts, and maybe that’s no accident. Protecting your organization’s internal systems and data against intrusion is indeed...
IBM Security

The Wild West Era Has Ended — What’s Next for Data Privacy?

While many have long viewed the digital space as a Wild West, cybersecurity and data breach regulations have existed for more than 15 years. Today, a host of new regulations, standards and frameworks is becoming the norm for organizations...
IBM Security

Threat Intelligence Is the SOC’s Road Map to DNS Security

Remember the nervousness and excitement you felt when you took your driving test? You had to practice for weeks, complete the required paperwork and study countless traffic signs. The latter is especially important because these signs are used to...
IBM Security

Why Security Incidents Often Go Underreported

If you saw a coworker browsing through a database they weren’t supposed to have access to, would you report it? What would you do if you accidentally clicked on a link in a phishing email? Most people would say they’d...
IBM Security

Take a Proactive Approach to the Darknet Threat

Imagine this scenario: Everyone in your accounts payable department receives an invoice for a service your organization uses frequently. The invoice appears legitimate and doesn’t set off any alarm bells, but is in fact loaded with malware purchased on...
IBM Security

The Cyber Kill Chain Is Getting Shorter As the Skills Gap Widens

The pressure keeps mounting for individuals with cyber skill sets as well as organizations that can’t afford or attract them as employees. At the same time, cybercriminals are consolidating the cyber kill chain by launching attacks more quickly through...
IBM Security

Why Cybercriminals Are Targeting Travel and Transportation

Cybercriminals must take vacations sometimes, but right now they are just as likely to be hacking the airline that would get them there or the hotel where they would stay. Last year, when a global airline carrier revealed that...
IBM Security

Mobile Device Management Evolves to Support New Device Use Cases

Mobile device management (MDM) technology has matured and is widely adopted across the enterprise. MDM now serves as a baseline management tool for organizations, supporting workers using smartphones, tablets and laptops for business use. While MDM technology has somewhat...
IBM Security

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

This is the third installment in a three-part series on the AVLay RAT discovered by IBM X-Force. Parts one and two explained how the researchers reverse engineered the malware. This installment will demonstrate how X-Force gained control of AVLay...
IBM Security

Your ‘Invisible Workforce’ Needs More Visibility in Security Planning

The cybersecurity workforce is becoming more invisible. Trends in employment and talent seeking for specialized skills are increasingly shifting organizational workloads from employees to nonemployees — such as freelancers, independent contractors, service providers, consultancies and agencies. But just like...

Cisco Patches Critical Flaw in Vision Dynamic Signage Director

Cisco this week released a security patch for the Vision Dynamic Signage Director, to address a Critical vulnerability that could allow attackers to execute arbitrary actions on the local system.  Tracked as CVE-2019-1917, the vulnerability was found in the REST...

The Great Hack: the film that goes behind the scenes of the Facebook data scandal

This week, a Netflix documentary on Cambridge Analytica sheds light on one of the most complex scandals of our time. Carole Cadwalladr, who broke the story and appears in the film, looks at the fallout – and finds ‘surveillance...
SecurityWeek

Scotland Yard Twitter and Emails Hacked

London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages. read more

Browser Extensions Scraped Data From Millions of People

Slack passwords, NSO spyware, and more of the week's top security news.
ZDNet

Hackers breach FSB contractor, expose Tor deanonymization project and more

SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.