Author Archives: The Cyber Security Place

Could a shutdown ignite insider threats?

The 35-day government shutdown may be on a brief hiatus, but with the temporary deal to fund federal departments slotted to end on Feb. 15, many government workers are worried

The post Could a shutdown ignite insider threats? appeared first on The Cyber Security Place.

The Journey to Data Integrity

In 2017, ‘Fake News’ was crowned word of the year thanks in part to a deteriorating relationship between politicians and the media. Claims and counterclaims could be challenged without the

The post The Journey to Data Integrity appeared first on The Cyber Security Place.

Printer-related security risks on the rise

Businesses that are relying heavily on print are putting themselves at plenty of unnecessary risk.Businesses that are relying heavily on print are putting themselves at plenty of unnecessary security risk, a new

The post Printer-related security risks on the rise appeared first on The Cyber Security Place.

Why cybersecurity education matters

The shortage of qualified cybersecurity personnel is visibly apparent with the number of unfilled cybersecurity roles on the rise.Research shows cyber incidents have increased significantly since 2017 and according to a recent

The post Why cybersecurity education matters appeared first on The Cyber Security Place.

GDPR: Not Heavy Handed Yet, But Driving Data Breaches Into The Open

With the European Union’s landmark General Data Protection Regulation (GDPR) now in place a bit more than eight months, it seems that at least one of its messages has had

The post GDPR: Not Heavy Handed Yet, But Driving Data Breaches Into The Open appeared first on The Cyber Security Place.

The inside track on protecting intellectual property (IP)

Dr Darren Williams, CEO and Founder of BlackFog, discusses the need for firms to protect their IP from cyber attack and provides advice on how to stop hackers from removing

The post The inside track on protecting intellectual property (IP) appeared first on The Cyber Security Place.

Phishing, Humans Root of Most Healthcare Attacks

Across healthcare organizations in the US, malicious actors are successfully leveraging phishing attacks to initially gain access to networks, according to findings from the 2019 HIMSS Cybersecurity Survey published by the Healthcare Information

The post Phishing, Humans Root of Most Healthcare Attacks appeared first on The Cyber Security Place.

Cyber Security Risk in Retail and How to Handle It

Hackers and their tactics are continually evolving but one thing remains the same: retailers are prime targets for a cyber-attack. This is such a widespread issue that in nearly every

The post Cyber Security Risk in Retail and How to Handle It appeared first on The Cyber Security Place.

Attackers repackage popular Android VPN app with Triout malware

Triout malware was first detected in August 2018 which infected Android applications and had spyware capabilities such as recording phone calls and text messages, and more. Recently, the malware was

The post Attackers repackage popular Android VPN app with Triout malware appeared first on The Cyber Security Place.

New cryptomining malware removes other malware from Linux, then latches onto systems

A script capable of deleting known Linux malware and coin mining software in systems has been discovered by Trend Micro.  It then downloads a cryptocurrency-mining malware as well as install

The post New cryptomining malware removes other malware from Linux, then latches onto systems appeared first on The Cyber Security Place.

Advanced Customer Verification – Are You Ready For That?

Fraud is on the rise and attacks made by cybercriminals are becoming more sophisticated. Basic identity proofing is no longer effective, so it’s time for turning the clunky process into

The post Advanced Customer Verification – Are You Ready For That? appeared first on The Cyber Security Place.

Senators Urge Security Audit of Foreign VPNs

Two US senators have called for an urgent investigation into whether foreign-owned Virtual Private Networks (VPNs) represent a risk to national security. Ron Wyden and Marco Rubio signed a joint

The post Senators Urge Security Audit of Foreign VPNs appeared first on The Cyber Security Place.

Don’t Leave Your Doors Open – Secure Your APIs Now

APIs are the glue that enable two systems to share data or functionality and work together to create new business opportunities, drive integrations, and speed overall development in the process.

The post Don’t Leave Your Doors Open – Secure Your APIs Now appeared first on The Cyber Security Place.

Large Firms: What Role for the Group CISO?

The role of the CISO and their reporting line seems to be a continuing topic of discussion amongst cyber security professionals.The same title often hides a large diversity of roles,

The post Large Firms: What Role for the Group CISO? appeared first on The Cyber Security Place.

Cybercriminals leverage Google Translate to hide their phishing sites

Attackers are using a new technique that uses Google Translate to hide the real domain of their phishing sites. This phishing technique works more effectively in mobile devices when compared

The post Cybercriminals leverage Google Translate to hide their phishing sites appeared first on The Cyber Security Place.

AI, cloud and security — top priorities for enterprise legal departments

A report released today indicates that legal professionals are at the forefront of piloting emerging technologies, such as AI and cloud, in the enterprise. Are you surprised? Legal departments are

The post AI, cloud and security — top priorities for enterprise legal departments appeared first on The Cyber Security Place.

Ransomware Sees Further Decline, Banking Trojan Use Steps Up

Ransomware accounted for one tenth of 1% of all malicious email content in Q4, according to a new threat report from Proofpoint. It’s Q4 threat report found that banking trojans accounted

The post Ransomware Sees Further Decline, Banking Trojan Use Steps Up appeared first on The Cyber Security Place.

The Benefits of Correctly Deploying a PKI Solution

With new threats to data emerging every day, public key infrastructure (PKI) has become an increasingly larger part of enterprises’ information security and risk management strategies. Research has found that 43% of

The post The Benefits of Correctly Deploying a PKI Solution appeared first on The Cyber Security Place.

Cyber risk management: There’s a disconnect between business and security teams

Business managers want real-time cyber risk management metrics, but cybersecurity teams can only deliver technical data and periodic reports. That gap needs to close.A few years ago, cybersecurity professionals often

The post Cyber risk management: There’s a disconnect between business and security teams appeared first on The Cyber Security Place.

Denial-of-Service and Man-in-the-middle vulnerabilities found in Smart scale IoT device

An IoT device analyzed by researchers was found to have four security flaws that could allow attackers to perform denial of service (DoS) and man-in-the-middle(MITM) attacks.  The device’s associated mobile

The post Denial-of-Service and Man-in-the-middle vulnerabilities found in Smart scale IoT device appeared first on The Cyber Security Place.

Best Practices for Choosing Good Security Questions

Security questions can add an extra layer of certainty to your authentication process. Security questions are an alternative way of identifying your customers when they have forgotten their password, entered

The post Best Practices for Choosing Good Security Questions appeared first on The Cyber Security Place.

8 months of GDPR: 59,000+ reported breaches, 91 fines

A little over eight months have passed since the EU General Data Protection Regulation (GDPR) became enforceable, but it’s becoming clear that sweeping data breaches under the carpet has become

The post 8 months of GDPR: 59,000+ reported breaches, 91 fines appeared first on The Cyber Security Place.

Converged IT and OT to Advance Security Maturity

The convergence of IT, operational technology (OT) and industrial internet of things (IIoT) has raised concerns about cybersecurity, safety and data privacy for many organizations, according to a new Ponemon Institute study. Released

The post Converged IT and OT to Advance Security Maturity appeared first on The Cyber Security Place.

Safer Internet Day: Are you where you think you are?

Safer Internet Day is an excellent opportunity for users of all kinds to brush up on their cyber safety knowledge — although security practice should be maintained on all days, it

The post Safer Internet Day: Are you where you think you are? appeared first on The Cyber Security Place.

Speak Up Malware Targets Linux, Mac in New Campaign

Linux servers are the target of a new crypto-mining campaign in which a malware dubbed “Speak Up” implants a backdoor Trojan by exploiting known vulnerabilities in six different Linux distributions, according

The post Speak Up Malware Targets Linux, Mac in New Campaign appeared first on The Cyber Security Place.

Business Continuity/Disaster Recovery – Hoping for the Best, Prepared for the Worst, and Unsurprised by Anything in Between

As a member of the IT team for Reed Exhibitions United States for the past five years, starting as a help desk analyst and now, a security analyst, I have

The post Business Continuity/Disaster Recovery – Hoping for the Best, Prepared for the Worst, and Unsurprised by Anything in Between appeared first on The Cyber Security Place.

Phishing has become the root of most cyber-evil

Phishing has become the top cause of data breaches. But with employee education and the right tools, such breaches can be prevented.Companies spend a huge amount of time and billions

The post Phishing has become the root of most cyber-evil appeared first on The Cyber Security Place.

Cybercriminals Have Your Business In Their Crosshairs And Your Employees Are In Cahoots With Them

Thus begins the ransomware email that could spell utter doom for your business. Think it can’t happen to you? You may want to think again. Cybercrime is big business. According

The post Cybercriminals Have Your Business In Their Crosshairs And Your Employees Are In Cahoots With Them appeared first on The Cyber Security Place.

Hacker behind Collection #1 credential database identified

The threat actor was believed to be working on this breach for over two to three years. Known by the pseudonym ‘C0rpz’, it was hinted that there was more than

The post Hacker behind Collection #1 credential database identified appeared first on The Cyber Security Place.

Employees are Cyber Secure in Theory, But Not in Practice [Infographic]

Across the world, cybersecurity has moved from the shadows to center stage, due to increasing malware attacks and the soaring cost of resultant damages [predicted to rise to $6 trillion annually

The post Employees are Cyber Secure in Theory, But Not in Practice [Infographic] appeared first on The Cyber Security Place.

A Hackers Take On Blockchain Security

One of the leading factors of the blockchain—aside from the obvious decentralization—is the high level of security behind it. It’s not uncommon to hear people claim that it is “unhackable.”

The post A Hackers Take On Blockchain Security appeared first on The Cyber Security Place.

Execs Remain Weak Link in Cybersecurity Chain

Despite their high-ranking positions, senior executives are reportedly the weak link in the corporate cybersecurity chain with a new report from The Bunker, which finds that cyber-criminals often target this known

The post Execs Remain Weak Link in Cybersecurity Chain appeared first on The Cyber Security Place.

Can AI Become Our New Cybersecurity Sheriff?

Two hospitals in Ohio and West Virginia turned patients away due to a ransomware attack that led to a system failure. The hospitals could not process any emergency patient requests. Hence,

The post Can AI Become Our New Cybersecurity Sheriff? appeared first on The Cyber Security Place.

New Mac Malware Steals Cookies, Cryptocurrency & Computing Power

Dubbed CookieMiner on account of its cookie-stealing capabilities, this newly discovered malware is believed to be based on DarthMiner, another recently detected Mac malware that combines the EmPyre backdoor and

The post New Mac Malware Steals Cookies, Cryptocurrency & Computing Power appeared first on The Cyber Security Place.

Matrix Ransomware: A Threat to Low-Hanging Fruit

In its 2019 Threat Report, Sophos predicted a rise in targeted ransomware attacks. According to new research, Matrix, a copycat targeted ransomware that is flying under the radar, is one such threat that

The post Matrix Ransomware: A Threat to Low-Hanging Fruit appeared first on The Cyber Security Place.

Email Attacks Increasingly Using Compromised Accounts

Hackers are realising that it’s easier to defraud someone if you’re using a legitimate email address, rather than creating one yourself. With that in mind, they’re increasingly using compromised emails

The post Email Attacks Increasingly Using Compromised Accounts appeared first on The Cyber Security Place.

Cisco Router Vulnerability Gives Window into Researchers’ World

In late January, researchers found a vulnerability in Cisco RV320 and RV325 routers — routers aimed at the needs of small businesses and remote offices. Cisco quickly released a software

The post Cisco Router Vulnerability Gives Window into Researchers’ World appeared first on The Cyber Security Place.

Airbus Suffers Data Breach, Some Employees’ Data Exposed

European airplane maker Airbus admitted yesterday a data breach of its “Commercial Aircraft business” information systems that allowed intruders to gain access to some of its employees’ personal information. Though

The post Airbus Suffers Data Breach, Some Employees’ Data Exposed appeared first on The Cyber Security Place.

Healthcare Cybersecurity Preparedness Tops HHS Priority List

Recently, the U.S. Department of Health & Human Services (“HHS”) issued guidance for healthcare cybersecurity best practices.  As required under the Cybersecurity Act (CSA) of 2015, this four-part guidance was generated by a Task

The post Healthcare Cybersecurity Preparedness Tops HHS Priority List appeared first on The Cyber Security Place.

5 New Year’s Resolutions for Your IoT Security Strategy

A new year has arrived, and with it comes the opportunity to make all kinds of transformations to help your business. No matter how you navigated the dangerous threat landscape

The post 5 New Year’s Resolutions for Your IoT Security Strategy appeared first on The Cyber Security Place.

How deception changes the rules of engagement in cyber security

Carolyn Crandall, Chief Deception Officer at Attivo Networks, explores how deception techniques can provide not only early detection of malicious activity but also an invaluable insight into an attacker’s methods.Deception

The post How deception changes the rules of engagement in cyber security appeared first on The Cyber Security Place.

Data security being left behind in digital transformation

Some companies looking to digitally transform are trying to run before walking, putting themselves and their customers at grave cybersecurity risks.Some companies looking to digitally transform are trying to run

The post Data security being left behind in digital transformation appeared first on The Cyber Security Place.

Pepper IoT: Smart devices aren’t so bright when it comes to security

Smart devices aren’t very intelligent when it comes to protecting user privacy and handling security, according to a report by Internet of Things platform and service provider Pepper IoT and cybersecurity

The post Pepper IoT: Smart devices aren’t so bright when it comes to security appeared first on The Cyber Security Place.

Most IT Pros Share and Reuse Passwords: Report

Nearly two-thirds (63%) of IT professionals are more concerned about data privacy and security than they were two years ago, but their poor online practices continue to drive cyber-risk, according

The post Most IT Pros Share and Reuse Passwords: Report appeared first on The Cyber Security Place.

2019 predictions – the year ahead for cybersecurity

2018 was a roller-coaster year for the tech industry – lots of big court cases and high-profile data privacy disagreements.2018 was a roller-coaster year for the tech industry – lots

The post 2019 predictions – the year ahead for cybersecurity appeared first on The Cyber Security Place.

Zero-day vulnerability in ‘Total Donations’ plugin could allow attackers to take over WordPress sites

The zero-day affects all versions of Total Donations plugin, a commercial plugin that is used to gather and manage donations. The plugin’s code contains several design flaws that inherently expose

The post Zero-day vulnerability in ‘Total Donations’ plugin could allow attackers to take over WordPress sites appeared first on The Cyber Security Place.

WordPress’ WSOD protection feature appears half-baked, Garners security doubts

Experts suggest that WordPress’ new feature ‘White Screen Of Death (WSOD) Protection’ can be altered to block security plugins from functioning. The feature is expected to release with WordPress 5.1

The post WordPress’ WSOD protection feature appears half-baked, Garners security doubts appeared first on The Cyber Security Place.

The Story of Manuel’s Java RAT

During the last weeks, the Cybaze-Yoroi ZLab researchers identified infection attempts aimed to install RAT malware directed to the naval industry sector. The malicious email messages contained a particular Adwind/JRat variant

The post The Story of Manuel’s Java RAT appeared first on The Cyber Security Place.

1 in 8 Businesses Are Destroyed by Data Breaches. Don’t Be a Statistic

I have frequently stated that one of the leading causes of business failures is poor cash flow management. According to a study by US Bank, 82% of all businesses that

The post 1 in 8 Businesses Are Destroyed by Data Breaches. Don’t Be a Statistic appeared first on The Cyber Security Place.

More Money, More Worries About Cyber Risk

Executives at financial services companies are increasingly concerned about risks, but as technology becomes more integrated in managing financials, more executives say that cybersecurity is increasingly becoming the most important

The post More Money, More Worries About Cyber Risk appeared first on The Cyber Security Place.

11 Expert Takes On Data Privacy Day 2019 You Need To Read

The Council of Europe agreed that January 28 should be declared European Data Protection Day back in 2007; two years later the U.S. joined in with the Data Privacy Day

The post 11 Expert Takes On Data Privacy Day 2019 You Need To Read appeared first on The Cyber Security Place.

New Ransomware strain ‘hAnt’ targets Bitcoin mining rigs

The infected mining rigs include Antminer S9 and T9 devices used for Bitcoin mining and Antminer L3 rigs used for Litecoin mining. Security experts noted that hAnt comes hidden inside

The post New Ransomware strain ‘hAnt’ targets Bitcoin mining rigs appeared first on The Cyber Security Place.

Unpatched Vulnerabilities Exposes Businesses To Hackers

Are organizations keeping software up to date and maintaining security patches on a scheduled basis? The answer may shock you. According to Veracode’s latest research, most businesses will not patch critical security

The post Unpatched Vulnerabilities Exposes Businesses To Hackers appeared first on The Cyber Security Place.

Implementing ISO 27001 and Avoiding Potential GDPR Consequences

With the increase in cyber-attacks and information security breaches – 72% of large UK firmsidentified an information security breach in 2018, a rise from 68% from 2017 – the importance of protecting both

The post Implementing ISO 27001 and Avoiding Potential GDPR Consequences appeared first on The Cyber Security Place.

The Devil You Know – How Idioms Can Relate to Information Security

The Mirriam-Webster dictionary defines the idiom “better the devil you know than the devil you don’t” as “it is better to deal with a difficult person or situation one knows

The post The Devil You Know – How Idioms Can Relate to Information Security appeared first on The Cyber Security Place.

How to Bulletproof Your Business Data Against Breaches in 2019

Over the past year, and even before then, many services have either fallen prey to hackers or suffered from accidental data breaches and leaks. Legislators are now cracking down, passing

The post How to Bulletproof Your Business Data Against Breaches in 2019 appeared first on The Cyber Security Place.

Code vulnerabilities mean banks are leaving customers open to more outages

Outages at TSB and HSBC illustrate the problem:  any bank attempting to simultaneous update and preserve their current IT infrastructure,  without downtimes or service disruption, faces a monumental task.  Now, Veracode’s

The post Code vulnerabilities mean banks are leaving customers open to more outages appeared first on The Cyber Security Place.

National Data Privacy Day Is Wishful Thinking

You have to have a supreme sense of irony, or be in major denial, to call Monday, Jan. 28, Data Privacy Day. Given the current state of big data collection

The post National Data Privacy Day Is Wishful Thinking appeared first on The Cyber Security Place.

Two Elasticsearch Databases Found Unprotected

After news broke that an Elasticsearch server belonging to several online casinos was left without a password, independent security researcher Bob Diachenko discovered another unprotected Elasticsearch database from AIESEC, a global, youth-run nonprofit. Click

The post Two Elasticsearch Databases Found Unprotected appeared first on The Cyber Security Place.

Cybercriminals increasingly taking aim at businesses

2018 has been the year when cryptominers first dethroned ransomware as the most prevalent threat due to a meteoric spike in Bitcoin value in late 2017, then slowly trailed off

The post Cybercriminals increasingly taking aim at businesses appeared first on The Cyber Security Place.

Debunking conventional wisdom to get out of the security and privacy rut

Given the unprecedented rate of technological change, the dizzying news cycle, and an always-on social media mentality, it may be surprising to learn that when it comes to security and

The post Debunking conventional wisdom to get out of the security and privacy rut appeared first on The Cyber Security Place.

What sets visionary businesses apart? Running multiple digital initiatives at scale

Organisations can take a giant leap by partnering within their ecosystems to gain access to complementary skills and resources.What does it take to succeed in digital transformation? What does it take

The post What sets visionary businesses apart? Running multiple digital initiatives at scale appeared first on The Cyber Security Place.

Should enterprises delay efforts to remediate most vulnerabilities?

Companies today appear to have the resources needed to address all of their high-risk vulnerabilities. The research demonstrates that companies are getting smarter in how they protect themselves from today’s

The post Should enterprises delay efforts to remediate most vulnerabilities? appeared first on The Cyber Security Place.

Mis-valuation of data poses a huge threat to businesses

A business must fully understand the value of its data if it is to protect it properly. IT Security safeguards corporate data. It’s a widely accepted practice and commonplace in

The post Mis-valuation of data poses a huge threat to businesses appeared first on The Cyber Security Place.

New requirements for the secure design and development of modern payment software

The PCI Security Standards Council (PCI SSC) published new requirements for the secure design and development of modern payment software. The PCI Secure Software Standard and the PCI Secure Lifecycle (Secure SLC)

The post New requirements for the secure design and development of modern payment software appeared first on The Cyber Security Place.

Mining malware evades agent-based cloud security solutions

Cloud infrastructures are a growing target for threat actors looking to mine cryptocurrency, as their vast computational power allows them to multiply the mining malware’s effect. Keeping its presence from being noticed

The post Mining malware evades agent-based cloud security solutions appeared first on The Cyber Security Place.

Risk managers see cybersecurity as the biggest threat to business

Sword GRC canvassed amost 150 risk managers from highly risk-aware organizations worldwide for their opinions. Overall, cybersecurity was seen as the biggest risk to business by a quarter of organizations. Click here

The post Risk managers see cybersecurity as the biggest threat to business appeared first on The Cyber Security Place.

Why Compliance Does Not Equal Security

A company can be 100% compliant and yet 100% owned by cyber criminals. Many companies document every cybersecurity measure and check all appropriate compliance boxes. Even after all that, they

The post Why Compliance Does Not Equal Security appeared first on The Cyber Security Place.

Security in an IoT World: Your Big Data Problem is Getting Bigger

It’s that time of year for prediction articles and the number has become almost overwhelming. This year, one of the trending topics I’ve noticed is the growth in Internet of

The post Security in an IoT World: Your Big Data Problem is Getting Bigger appeared first on The Cyber Security Place.

2018 Proved Highest Funding Year for Cybersecurity

Despite a 28% decrease in cybersecurity startups during 2017, global venture capital funding for cybersecurity rebounded with record high investments, according to Strategic Cyber Ventures. Though last year saw $5.3 billion

The post 2018 Proved Highest Funding Year for Cybersecurity appeared first on The Cyber Security Place.

Lessons From Some Of The World’s Largest Data Breaches, And The Way Forward

“What I did 50 years ago is 4,000 times easier to do today because of technology,” says Frank Abagnale, 70-year-old FBI security consultant and former con man. His exploits as a check

The post Lessons From Some Of The World’s Largest Data Breaches, And The Way Forward appeared first on The Cyber Security Place.

6 Best Practices For Increasing Security In AWS In A Zero Trust World

Enterprises are rapidly accelerating the pace at which they’re moving workloads to Amazon Web Services (AWS) for greater cost, scale and speed advantages. And while AWS leads all others as

The post 6 Best Practices For Increasing Security In AWS In A Zero Trust World appeared first on The Cyber Security Place.

Encryption is key to protecting information as it travels outside the network

A new Vera report reveals stark numbers behind the mounting toll of data breaches triggered by cybercrime and accidents. One of the most recognized and mandated security controls, installed encryption tools protect

The post Encryption is key to protecting information as it travels outside the network appeared first on The Cyber Security Place.

Cyber risk management and return on deception investment

This article is fifth in a five-part series being developed by Dr. Edward Amoroso in conjunction with the deception technology team from Attivo Networks. The article provides an overview of

The post Cyber risk management and return on deception investment appeared first on The Cyber Security Place.