Category Archives: Hot stuff

A five-year analysis of reported Windows vulnerabilities

Based on analysis of all disclosed Microsoft vulnerabilities in 2017, a new Avecto report shows a significant rise in the number of reported vulnerabilities. Last year, 685 vulnerabilities were found versus 325 vulnerabilities that were found in 2013. The removal of admin rights could mitigate 80% of all critical Microsoft vulnerabilities reported in 2017. Nearly all (95%) of critical vulnerabilities in Microsoft browsers could be mitigated by the removal of admin rights. The rise of … More

Tackling the insider threat: Where to start?

Many organizations still believe the definition of an insider threat is limited to a rogue employee purposefully leaking embarrassing information, or nuking a couple of systems when he or she quits and walks out the door with internal or customer data to take to a new job. But not all insider threats have to be malicious to cause an incident. Perhaps someone on your marketing team wasn’t aware of their regulatory obligations in handling customer … More

How to ensure your IT and security teams stay aligned amid digital transformation

Even for sensitive industries, the movement to cloud-based technologies is generally accepted as a cost-effective and efficient infrastructure strategy and immediate priority. The migration to more agile products are occuring in nearly every department and physical security is no exception. New technologies make it possible for video surveillance data to shift from on-premise to the cloud, and provide additional insights to support larger digital transformation goals. In order to succeed, however, CIOs will need to … More

The new gold rush: A look inside cryptocurrency fraud

Cybercriminals are flooding to the new world of cryptocurrencies looking to exploit the boom in interest and adoption of these electronic currencies, according to Digital Shadows. This new gold rush is creating a new frontier for professional cybercriminals moving away from less profitable techniques and exploits to make money on the back of the huge interest in these digital currencies. With over 1,400 cryptocurrencies in circulation, and new alternative coins – “altcoins” – emerging every … More

Researchers showcase automated cyber threat anticipation system

A group of researchers is trying to develop an automatic early warning system that should help defenders take preventative action before specific cyber attacks start unfolding. How does their system work? Their approach leverages the fact that preparation of cyber attacks often occurs in plain sight, discussed on online platforms and publicly accessible discussion forums. “The system monitors social media feeds of a number of prominent security researchers, analysts, and white-hat hackers, scanning for posts … More

Security in the enterprise: Things are looking up!

Cybersecurity is quickly becoming the number one business priority, says identity and access management company Okta. Based on the results of an analysis of authentication and verification events made through the company’s enterprise offerings between November 1, 2016 to October 31, 2017, security tools by Jamf, KnowBe4, DigiCert, Cisco, Mimecast, Sophos, and CloudFlare all ranked in the top 15 fastest growing apps for the first time. “Jamf, which provides software for managing and securing Apple … More

Cybercriminals stole $172 billion from 978 million consumers in the past year

Consumers are confident they’re safe online, but hackers have proven otherwise, stealing $172 billion from 978 million consumers in 20 countries in the past year, according to the 2017 Norton Cyber Security Insights Report. Globally, cybercrime victims share a similar profile: they are everyday consumers who use multiple devices whether at home or on the go, but have a blind spot when it comes to cyber security basics. This group tends to use the same … More

Meltdown and Spectre: To patch or to concentrate on attack detection?

Patching to protect machines against Meltdown and Spectre attacks is going slow, and the provided patches, in some instances, lead to more problems than just slowdowns. In fact, Intel has admitted that they have “received reports from a few customers of higher system reboots after applying firmware updates.” “Specifically, these systems are running Intel Broadwell and Haswell CPUs for both client and data center,” Navin Shenoy, general manager of Intel’s Data Center Group, confirmed. “We … More

Intel AMT security issue gives attackers complete control over a laptop

F-Secure reports a security issue affecting most corporate laptops that allows an attacker with physical access to backdoor a device in less than 30 seconds. The issue allows the attacker to bypass the need to enter credentials, including BIOS and Bitlocker passwords and TPM pins, and to gain remote access for later exploitation. It exists within Intel’s Active Management Technology (AMT) and potentially affects millions of laptops globally. The simple yet dangerous security issue The … More