There are multiple versions of any given story and somewhere in the middle we find the truth. There has been a huge fuss online concerning the statements of this one FBI agent concerning ransomware. I fully expected the FBI to back away from his comments. That said, pragmatically, in the absence of decent backups and security controls, many organizations will find themselves leaning toward simply paying the bitcoins and walking away to fight another day.
Month: October 2015
CISA Passes Senate Without Addressing Privacy Concerns
This is yet another milestone as this legislation moves forward. It does seem a vague in terms of true usage and privacy definitions.
https://threatpost.com/cisa-passes-senate-without-addressing-privacy-concerns/115188/
Krebs – Cybersecurity Information (Over)Sharing Act?
There are a tremendous number of complex ideas to consider when debating this legislation. This article from Mr. Krebs is a good start to the conversation. I intend to add my two cents at a later date.
http://krebsonsecurity.com/2015/10/cybersecurity-information-oversharing-act/
Sophos Weekly Recap
New Android Marshmallow devices must have default encryption, Google says
This is a great move forward by Google and the Android OS.
Using Two-Factor Authentication for the Administration of Critical Infrastructure Devices
This article is a great reminder of the value of two-factor authentication and is well worth a read.
Emergency Adobe Flash Zero Day Patch Arrives Ahead of Schedule
Please patch accordingly. This is a known exploited threat.
https://threatpost.com/emergency-adobe-flash-zero-day-patch-arrives-ahead-of-schedule/115073/
Firefox beats Chrome and Tor in our trustworthy browser poll
There are certainly several nice plug-ins and options within Firefox that make this poll result worth noting. I am curious to watch the evolution of the Tor Browser as well. In another article read this morning, it is becoming quite clear that Microsoft will be doing everything in their power to upset this trend next year and move Edge up the list.
Sophos Weekly Recap
Report: Data Breaches Could Cost U.S. Healthcare Providers Over $300 Billion
Be afraid. Be very afraid. Medical records are the next credit card in terms of breached data.
