This is a good recap and review from the team at WeLiveSecurity and ESET.
http://www.welivesecurity.com/2016/06/27/security-review-5-common-reasons-corporate-data-loss/
Month: June 2016
Ransomware Attacks May Trigger Breach Notifications
This is an interesting read in terms of the definition of a breach and how that affects a patient. It truly hits on the often forgotten corner of the CIA Security triad – Availability. We tend to focus exclusively on Confidentiality, but the inability to access data in a timely manner is often as if not more important.
https://www.onthewire.io/ransomware-attacks-may-trigger-breach-notifications/
Mobile Ransomware attack on the rise, report
The article discusses a fear many of us have – the spread of ransomware to the mobile device. Many individuals are more bound to and reliant on their smartphones and tablets than they are to their desktops and laptops and servers. We need to address the threat and be prepared.
http://www.scmagazine.com/mobile-ransomware-attack-on-the-rise-report/article/506541/
Data Left Behind on Two-Thirds of Drives Sold on eBay
The statistics in this article are not unexpected. In fact, many organizations completely overlook proper media disposal when developing their security procedures. Aside from traditional HHD’s and SSD’s, organizations should also consider proper disposal of hard drives and memory associated with printers and multi-function devices.
http://www.infosecurity-magazine.com/news/data-left-behind-two-thirds-drives/
Microsoft to make saying no to Windows 10 update easier
Should the tagline for the article post be “Kudos to Microsoft” or “About Darn Time”. I am leaning toward the latter, but regardless, it is good the process has been simplified.
http://www.zdnet.com/article/microsoft-to-make-saying-no-to-windows-10-update-easier/
3 Ideas to Help Create Phishing Awareness
This is great advice when planning out your strategy to curb the dangers of phishing in your organization.
DDoS Attack Powered by 25,000 CCTV Cameras
At the end of the day, computing power is computing power, so leveraging CCTV systems to launch an attack makes sense. Proper system hardening often stops at the systems with which we are most comfortable or the systems that fall under some compliance or regulatory requirement. But this article demonstrates a painful truth – all computer systems are vulnerable and all pose a threat if we do not secure, update, patch and harden them appropriately.
http://www.infosecurity-magazine.com/news/ddos-attack-powered-by-25000-cctv/
How 154M U.S. voter records will affect Americans’ security – industry reacts
Make no mistake – the American people are surveyed, profiled and data mined continuously during every political season. This year’s presidential election is a particularly active season, and as this article states, this data is not terribly perishable and clearly not well protected. These issues need to be addressed on a variety of levels.
Sophos Weekly Recap
Krebs – How to Spot Ingenico Self-Checkout Skimmers
This is an interesting article on both a personal and professional level in terms of identifying and avoiding fraud. Enjoy!
http://krebsonsecurity.com/2016/06/how-to-spot-ingenico-self-checkout-skimmers/
Virtual Sweater Vest 