Month: May 2017
Sophos Weekly Recap
Samba exploit – not quite WannaCry for Linux, but patch anyway!
This is not quite as significant a risk as the WannaCry outbreak, but still worth attention. Please review your SAMBA deployments and adjust accordingly.
Sophos News in Brief
Credential-Stuffing Threat Intensifies Amid Password Reuse
Here is some additional motivation to stop the reuse of credentials across multiple services and websites.
With Billions Spent on Cybersecurity, Why Are Problems Getting Worse?
I agree with the message of this article and specifically endorse the truth that real, effective cyber security begins with your employees. That said, the fact cannot be overlooked that good technology is being purchased, but is not being properly or consistently used. Add to this the fact that technologies are being purchased as point solutions for compliance requirements, but not leveraged across all the other valuable data sets within the organization.
Schneier – The Future of Ransomware
This is an interesting essay by Bruce Schneier discussing the future of ransomware in the context of the Internet of Things. Enjoy!
C-Level Represents Biggest Mobile Security Risk
Near continuous use of mobile devices is certainly a concern for C-level employees, but do not take security awareness for granted. Though individuals in these high ranking positions should be more aware than most of the cyber risks they face, they may not leverage that knowledge and take the right steps to protect themselves. Continue to educate all employees including your C-suite. Use that time honored adage from the back of your shampoo bottle – Train / rinse / repeat!
(ISC)2 Weekly Security Headlines
After WannaCry, EternalRocks digs deeper into the NSA’s exploit toolbox
Here is some new and even scarier motivation to get your patching up to date. The bad guys are only getting started in their efforts to leverage these exploits.