And it finally has a name…Edge. I am very curious about Microsoft’s new browser and the cross functional features that have been rumored along with some needed security features.
http://thehackernews.com/2015/04/Microsoft-Edge-Windows10-Browser.html
Month: April 2015
Cisco Offers Free Decryption Tool For Ransomware Victims
This is a good article detailing the good and bad news surrounding ransomware and some of the free tools that have been developed to help victims decrypt their data.
Hacking WordPress Website with Just a Single Comment
Given the millions of sites this vulnerability potentially affects, it certainly warrants review and investigation. Here is to hoping WordPress provides a timely patch. In the interim, it is certainly wise to monitor and control the comment posts to any sites you manage running these versions of the CMS.
http://thehackernews.com/2015/04/WordPress-vulnerability.html
The Four Most Common Evasive Techniques Used by Malware
It is always important to know your enemy, even when that enemy is malicious code looking to wreak havoc and steal data. This article from Tripwire details several of the ways malware evade detection or deletion.
RSA 2015 Video: Four Cloud Mistakes to Avoid
Great video from the team at Akamai concerning 4 cloud security issues to avoid.
8 Security Practices to Use in Your Employee Training and Awareness Program
I believe this is some very solid advice across the board concerning user awareness training material. Please review and apply where applicable.
Sophos Weekly Recap
What You Missed at BSidesSF 2015 – Day 2
I am spending the week in San Francisco for BSidesSF and RSA and was at a few of these sessions yesterday. The content was strong and well worth the time investment. Not to mention, doughnuts were provided. Enjoy this recap from Tripwire!
http://www.tripwire.com/state-of-security/off-topic/what-you-missed-at-bsidessf-2015-day-2/
Sophos Weekly Recap
Security researcher barred from United Airlines flight after hack tweet
Let me begin by saying that Chris Roberts made a couple of bad, though humorous choices when he decided to tweet in jest about compromising on-board systems on an airplane. That said, the threats he has detailed in his various public and private sessions are legitimate and should be addressed with great haste and vigor. I believe United is largely overreacting to his comments and overstating the capabilities of their in-flight security controls. This is certainly an intriguing conversation to follow in the coming weeks and months.
Virtual Sweater Vest 