Here is a fun Halloween themed article with some sound myth busting advice. Enjoy!
Month: October 2016
Sophos Weekly Recap
5 Signs Your Smartphone Has Been Hacked
As mobile devices continue to dominate our choice for Internet access, a significant increase in smartphone and tablet malware is inevitable. Along with this will come hijackings and botnet farming.
http://www.darkreading.com/endpoint/5-signs-your-smartphone-has-been-hacked/d/d-id/1327326
Millennials changing the face of cybersecurity
There are some very interesting stats in this article and, frankly, some painful truths. Our shift in mentality toward constant access and dependency on social media has weakened our overall security stance.
http://www.scmagazine.com/millennials-changing-the-face-of-cybersecurity/article/568679/
How To Build A Strong Security Awareness Program
This article provides some sound advice for anyone setting up or revising a security awareness program.
Over 80% of Employees Lack Security/Privacy Awareness – Report
This topic cannot come up enough. This issue cannot be addressed enough. The point cannot be made too often – End Users Need to be TRAINED!!!
http://www.infosecurity-magazine.com/news/over-80-of-employees-lack-security/
20 Endpoint Security Questions You Never Thought to Ask
IT Security professionals, network engineers and admins are looking for ways to tighten and strengthen every layer of the network to defend against threats. The end point has become ground zero for a variety of attacks, so as such the end point management, monitoring and control sector has experienced tremendous growth. These are some good questions to consider when evaluating products and developing a strategy.
14 million Locky ransomware emails sent in one day
Ransomware is far from dead. In fact, it seems to constantly cycle back in newer, more aggressive forms. Be diligent in your preparations. Have sound backups. Filter your DNS. Train your people.
http://www.scmagazine.com/14-million-locky-ransomware-emails-sent-in-one-day/article/568502/
Lawmakers Asking What ISPs Can Do About DDoS Attacks
This is an intriguing step by Senator Warner, and it poses several follow up questions. I am personally unsure how an ISP can govern the devices on the inside of any user’s home router or firewall. Obviously, from a technical perspective, certain outbound traffic from a home can be filtered, but it would be very difficult to determine the configuration or firmware version of the source device.
ISP’s, however, are capable of assisting in the fight against DOS and DDOS attacks, depending on the architecture of their infrastructure and the investments they are willing to make to build dynamic solutions for routing and “blackholing” malicious traffic.
I am glad to see this debate coming to the forefront and receiving some well-deserved attention. The answers, however, are not quite as clear as we would like them to be.
https://threatpost.com/lawmakers-asking-what-isps-can-do-about-ddos-attacks/121557/
Two-factor authentication (2FA) and why we do or don’t use it
This is an interesting read into the why’s and why not’s of multi-factor authentication usage. Enjoy.