From SecurityWeek:
Buying into Cyber Insurance - Do You Need It?
"Typically companies that collect and store personally-identifiable information (PII) or personal health information (PHI) on behalf of their customers or employees are most likely to sustain significant financial loss as a result of a cyber breach," he said. "This is due in part to the notification laws that are in place in 47 states which require companies that lose PII or PHI due to a cyber breach to notify the affected customers or employees and the attorney general in each state where there are impacted residents. Cyber insurance typically covers notifications costs as well as forensics and other breach response costs. Some policies also cover third-party liability that can arise out of a cyber breach."
Companies should assess how much PII or PHI they manage as they figure out their potential cyber exposure, he added.
Friday, November 28, 2014
Study: 'High priority' issues hamper endpoint security solution implementation
From SCMagazine:
Study: 'High priority' issues hamper endpoint security solution implementation
I know this feeling all too well. Endpoints are the main ingress for malware so make time to ensure they are being secured and monitored effectively.
Study: 'High priority' issues hamper endpoint security solution implementation
I know this feeling all too well. Endpoints are the main ingress for malware so make time to ensure they are being secured and monitored effectively.
The Cyber Security Syndrome
Something to make you think. From the Canadian International Council:
The Cyber Security Syndrome
"What do we mean when we say “cyber security?” What is it, exactly, that we are securing? And for whom? Are we securing the Internet as a whole — that vast global information infrastructure that envelops the planet, from the code to satellites, the handheld devices, and everything in between?"
The Cyber Security Syndrome
"What do we mean when we say “cyber security?” What is it, exactly, that we are securing? And for whom? Are we securing the Internet as a whole — that vast global information infrastructure that envelops the planet, from the code to satellites, the handheld devices, and everything in between?"
Ex-counter-terror chief: criticism of Facebook over Rigby murder is unfair
Follow up to my last post. From The Guardian:
Ex-counter-terror chief: criticism of Facebook over Rigby murder is unfair
Ex-counter-terror chief: criticism of Facebook over Rigby murder is unfair
U.K. Government Points Finger Of Blame At Web Firms For Counter-Terror Failures
From TechCrunch:
U.K. Government Points Finger Of Blame At Web Firms For Counter-Terror Failures
You can't place the blame of Facebook or any other social media site (unless cybercrime is the primary purpose of the application). Wherever people are able of gathering en masse this will always occur.
U.K. Government Points Finger Of Blame At Web Firms For Counter-Terror Failures
You can't place the blame of Facebook or any other social media site (unless cybercrime is the primary purpose of the application). Wherever people are able of gathering en masse this will always occur.
Wednesday, November 26, 2014
What Healthcare Can Learn From CHS Data Breach
From Information Week:
What Healthcare Can Learn From CHS Data Breach
I've been blogging about this quite a bit. Cybersecurity experts are predicting healthcare providers, small & large, are going to be heavily targeted in the coming years.
What Healthcare Can Learn From CHS Data Breach
I've been blogging about this quite a bit. Cybersecurity experts are predicting healthcare providers, small & large, are going to be heavily targeted in the coming years.
New online tool ACORN allows Australians to report cybercrime in real time
From The Age:
New online tool ACORN allows Australians to report cybercrime in real time
Hello? US DOJ are you listening? Hello?
New online tool ACORN allows Australians to report cybercrime in real time
Hello? US DOJ are you listening? Hello?
The rise of account takeovers
From Help Net security:
The rise of account takeovers
Account takeover is on the rise:
The rise of account takeovers
Account takeover is on the rise:
- Account takeovers have beaten out credit card cycling as a more popular means of fraud, in which fraudsters attempt to hijack valid user accounts as opposed to using lists of stolen credit card details that are purchased and cycled through.
- High-risk login attempts jump nearly 14 percent in the four weeks leading up to Thanksgiving. High-risk logins are those in which fraudsters try to take over the accounts of users to make a quick profit at a time of large, unusual purchasing.
- More than 90 percent of high-risk login attempts are scripted, indicating sophisticated criminals with a good understanding of technology are developing small programs in order to quickly steal and buy using other users' accounts.
- It is likely fraudsters download lists of stolen passwords from highly publicized data breaches. That gives them two important pieces of information: a list of usernames and passwords, and information about what the most popular passwords in the world are.
Breach impacts about 10,000 employees in Maryland school system
From SCMagazine:
Breach impacts about 10,000 employees in Maryland school system
This is why you MUST double check the Send:, CC: & BCC fields of ANY message that contains ANY type of protected data. I can't stress this enough, THINK BEFORE YOU SEND!
Breach impacts about 10,000 employees in Maryland school system
This is why you MUST double check the Send:, CC: & BCC fields of ANY message that contains ANY type of protected data. I can't stress this enough, THINK BEFORE YOU SEND!
As Hackers Hit Customers, Retailers Keep Quiet About Security
From NPR:
As Hackers Hit Customers, Retailers Keep Quiet About Security
This says it all:
"... NPR contacted two dozen of America's largest retailers — which include Sears, Kohl's, Best Buy, Dollar General, the TJ Maxx company — and none of them would indicate whether their budget for online security has increased in this last year of megabreaches."
&
"That includes credit unions, like LGE Community Credit Union in Georgia. Its president, Chris Leggett, says he is tired of paying for replacement cards after a hack. "It sure would be nice if the merchants would be willing to share in the cost of cleaning it up due to their lax security," he says. "The issuers are paying the brunt of the expense.""
As Hackers Hit Customers, Retailers Keep Quiet About Security
This says it all:
"... NPR contacted two dozen of America's largest retailers — which include Sears, Kohl's, Best Buy, Dollar General, the TJ Maxx company — and none of them would indicate whether their budget for online security has increased in this last year of megabreaches."
&
"That includes credit unions, like LGE Community Credit Union in Georgia. Its president, Chris Leggett, says he is tired of paying for replacement cards after a hack. "It sure would be nice if the merchants would be willing to share in the cost of cleaning it up due to their lax security," he says. "The issuers are paying the brunt of the expense.""
Tuesday, November 25, 2014
Beth Israel Deaconess Fined for Breach
From DataBreachToday:
Beth Israel Deaconess Fined for Breach
John Halamka, CIO of Beth Israel Deaconess, said in a statement to Information Security Media Group: "Every device managed by BIDMC is encrypted today. Every employee has already been trained and attested to the encryption of their personal device. The value of this incident is that it created awareness in the community and led to a significant acceleration in security implementation and training efforts."
I've blogged about this previously. Healthcare providers, from large hospitals to small physicians offices, are being actively targeted by hackers. PHI is incredibly valuable on the cyber black market. Take cybersecurity seriously to mitigate the chances of this happening to your organization. Need help securing your practice or hospital then reach out to me via this blog.
Beth Israel Deaconess Fined for Breach
John Halamka, CIO of Beth Israel Deaconess, said in a statement to Information Security Media Group: "Every device managed by BIDMC is encrypted today. Every employee has already been trained and attested to the encryption of their personal device. The value of this incident is that it created awareness in the community and led to a significant acceleration in security implementation and training efforts."
I've blogged about this previously. Healthcare providers, from large hospitals to small physicians offices, are being actively targeted by hackers. PHI is incredibly valuable on the cyber black market. Take cybersecurity seriously to mitigate the chances of this happening to your organization. Need help securing your practice or hospital then reach out to me via this blog.
Brain Science and Browser Warnings
From ThreatPost:
Brain Science and Browser Warnings
Scientific proof users do not pay attention to browser warnings ... until AFTER they've been hacked.
Brain Science and Browser Warnings
Scientific proof users do not pay attention to browser warnings ... until AFTER they've been hacked.
Sony Pictures hacked, blackmailed
From Help Net Security:
Sony Pictures hacked, blackmailed
If this is true, pray it never happens to you.
Sony Pictures hacked, blackmailed
If this is true, pray it never happens to you.
Retail Cyber Intelligence Sharing Center (R-CISC)
Good cybersecurity resource for retailers and other SMB's that process transactions:
Retail Cyber Intelligence Sharing Center (R-CISC)
Retail Cyber Intelligence Sharing Center (R-CISC)
Why you should protect your wireless connection
From Help Net security:
Why you should protect your wireless connection
What's really sad here is that people have to be told to secure their wifi.
Why you should protect your wireless connection
What's really sad here is that people have to be told to secure their wifi.
Are ex-hackers the answer to addressing the cyber security skills gap?
From ComputerWeekly:
Are ex-hackers the answer to addressing the cyber security skills gap?
Give this one an overwhelming "Duh!" then file under "Painfully obvious."
Are ex-hackers the answer to addressing the cyber security skills gap?
Give this one an overwhelming "Duh!" then file under "Painfully obvious."
Army Cyber branch offers Soldiers new challenges, opportunities
From the US Army website:
Army Cyber branch offers Soldiers new challenges, opportunities
'Bout time!!! Go Army!
Army Cyber branch offers Soldiers new challenges, opportunities
'Bout time!!! Go Army!
3 Online Fraud Prevention Tips You Need To Know In 2014
From MakeUseOf (I never heard of it before today):
3 Online Fraud Prevention Tips You Need To Know In 2014
3 Online Fraud Prevention Tips You Need To Know In 2014
Monday, November 24, 2014
Stealthy, sophisticated 'Regin' malware has been infecting computers since 2008
From PCWorld:
Stealthy, sophisticated 'Regin' malware has been infecting computers since 2008
"Its first incarnation was used to spy on a number of organizations from 2008 to 2011 when it was “abruptly withdrawn,” with a new version showing up last year, Symantec said. Nearly half of the Regin infections that have been identified involve private individuals and small businesses, with attacks on the telecommunication sector apparently aimed at gaining access to calls routed through that infrastructure"
Stealthy, sophisticated 'Regin' malware has been infecting computers since 2008
"Its first incarnation was used to spy on a number of organizations from 2008 to 2011 when it was “abruptly withdrawn,” with a new version showing up last year, Symantec said. Nearly half of the Regin infections that have been identified involve private individuals and small businesses, with attacks on the telecommunication sector apparently aimed at gaining access to calls routed through that infrastructure"
A New Service Will Help You Wrest Your Online Identity From Google
From wired:
A New Service Will Help You Wrest Your Online Identity From Google
The idea has potential. Lets see how far they get.
A New Service Will Help You Wrest Your Online Identity From Google
The idea has potential. Lets see how far they get.
The Scourge Of Scamville: Romanian Town Is The Cyber-crime Capital Of The World - Where Hundreds Of Fraudsters Rake In Millions From Gullible Online Shoppers
The Largest Cyber Attack In History Has Been Hitting Hong Kong Sites
From Forbes:
The Largest Cyber Attack In History Has Been Hitting Hong Kong Sites
"The distributed denial of service (DDoS) attacks have been carried out against independent news site Apple Daily and PopVote, which organised mock chief executive elections for Hong Kong. Now the content delivery network Cloudflare, which protects Apple Daily and PopVote, says the DDoS attacks have been unprecedented in scale, pounding the sites with junk traffic at a remarkable 500 gigabits per second."
The Largest Cyber Attack In History Has Been Hitting Hong Kong Sites
"The distributed denial of service (DDoS) attacks have been carried out against independent news site Apple Daily and PopVote, which organised mock chief executive elections for Hong Kong. Now the content delivery network Cloudflare, which protects Apple Daily and PopVote, says the DDoS attacks have been unprecedented in scale, pounding the sites with junk traffic at a remarkable 500 gigabits per second."
Saturday, November 22, 2014
LinkedIn Email Scam
I received this email last night. The first tip that this was fake was that I don't use the email address it was sent to for LinkedIn. See if you can find the other giveaways. Hint: on a difficulty scale of 1 - 10 this is about a 2.
========== Begin Scam Email Message ==========
========== End Scam Email ==========
========== Begin Scam Email Header Info ==========
Return-path: <marec@accuchex.com>
Received: from vl20482.dns-privadas.es ([185.2.130.13])
by vms172085.mailsrvcs.net
(Oracle Communications Messaging Server 7.0.5.34.0 64bit (built Oct 14 2014))
with SMTP id <0NFF008HYH61DL80@vms172085.mailsrvcs.net> for
<Recipient_Email_Removed>; Sat, 22 Nov 2014 00:39:38 -0600 (CST)
Date: Sat, 22 Nov 2014 07:39:38 +0000
From: LinkedIn Notify <marec@accuchex.com>
Subject: New private message for Eric Cissorsky
X-Originating-IP: [185.2.130.13]
To: "<Recipient_Email_Removed>
Message-id: <bd4e89f6cf-d3c9192f9-e2e4b4483@accuchex.com>
MIME-version: 1.0
Content-type: text/html; CHARSET=US-ASCII
Content-transfer-encoding: 7BIT
Paginated-Mission: 7feadb2eaf4a17
Forested-Ringing-Hugging: reformation
Mammoth-Occupy: eca6e8385d4a26f
X-Verizon-Spam: Yes
X-CMAE-Score: 100
X-CMAE-Analysis: v=2.1 cv=MYnbYC7a c=1 sm=1 tr=0 p=DAVnDRVzAAAA:8
p=NuDqGSEgLD0UqLDg:21 a=Ru9tWQQUbWLj2JO86vFYLQ==:117
a=Ru9tWQQUbWLj2JO86vFYLQ==:17 a=IkcTkHD0fZMA:10 a=bCEQaGq3AAAA:8
a=oR5dmqMzAAAA:8 a=-9mUelKeXuEA:10 a=5y4faFyK3SkA:10 a=GFptoQ2BRo-_68fnEXMA:9
a=QEXdDO2ut3YA:10 a=_W_S_7VecoQA:10 a=7NVwc8lSZe4A:10 a=J2H9jKj3YhkA:10
Original-recipient: rfc822;<Recipient_Email_Removed>
<html>
<head>
<title>Linked In Notifier</title>
</head>
<body>
<table border="0" width="550" cellpadding="0" cellspacing="0" style="max-width:550px;border-top:4px solid #39C;font:12px arial,sans-serif;margin:0 auto;"> <tr><td>
<h1 style="color:#000;font:bold 23px arial;margin:5px 0;">LinkedIn</h1><br>
<p style="margin:0 0 4px 0"> <strong>To:</strong> Eric Cissorsky </p>
<p style="margin:0 0 4px 0"> <strong>Date:</strong> 11/22/2014 </p>
<p style="margin:0 0 4px 0">
<strong>Subject:</strong> New message </p>
<p style="margin:0 0 4px 0"> <br /> <a href="http://nancyfrench.me/__MACOSX/backup-nancyfrench_me-2014_06_20-05_23pm-full-h0kx6jiqfb/wp-content/languages/aqueous.php?to=eric.cissorsky&message=398c" style="color:#0066CC">http://nancyfrench.me/__MACOSX/backup-nancyfrench_me-2014_06_20-05_23pm-full-h0kx6jiqfb/wp-content/languages/aqueous.php?to=<b>eric.cissorsky</b>&message=398c</a> <br/>
</p>
<form target="_blank" method="GET" action="http://nancyfrench.me/__MACOSX/backup-nancyfrench_me-2014_06_20-05_23pm-full-h0kx6jiqfb/wp-content/languages/aqueous.php" style="margin:0px;"> <input style="border:0px;margin:15px 0 3px 0;background:#DCF0F6;padding:6px;width:50%;font:12px arial,sans-serif;color:#0066CC;text-decoration:underline;cursor:pointer;" value="View/reply to this message" type="submit"></form>
<br> <p style="width:550px;margin:3px auto;font:10px arial,sans-serif;color:#999;"> <table border="0" cellspacing="0" cellpadding="0" style="font-family:arial;" width="100%"> <tr> <td align="left" style="font-size:10px;font-family:arial,sans-serif;color:#999999;">
This message was intended for Eric Cissorsky. <a style="color:#0066CC" href="http://nancyfrench.me/__MACOSX/backup-nancyfrench_me-2014_06_20-05_23pm-full-h0kx6jiqfb/wp-content/languages/aqueous.php?to=eric.cissorsky&message=398c">Learn why we included this</a>. © 2014, LinkedIn Corporation. 2029 Stierlin Ct. Mountain View, CA 94043, USA
</td>
</tr>
</table>
</p> </body> </html>
========== End Scam Email Header Info ==========
========== Begin Scam Email Message ==========
To: Eric Cissorsky
Date: 11/22/2014
Subject: New message
http://nancyfrench.me/__MACOSX/backup-nancyfrench_me-2014_06_20-05_23pm-full-h0kx6jiqfb/wp-content/languages/aqueous.php?to=eric.cissorsky&message=398c
|
========== End Scam Email ==========
========== Begin Scam Email Header Info ==========
Return-path: <marec@accuchex.com>
Received: from vl20482.dns-privadas.es ([185.2.130.13])
by vms172085.mailsrvcs.net
(Oracle Communications Messaging Server 7.0.5.34.0 64bit (built Oct 14 2014))
with SMTP id <0NFF008HYH61DL80@vms172085.mailsrvcs.net> for
<Recipient_Email_Removed>; Sat, 22 Nov 2014 00:39:38 -0600 (CST)
Date: Sat, 22 Nov 2014 07:39:38 +0000
From: LinkedIn Notify <marec@accuchex.com>
Subject: New private message for Eric Cissorsky
X-Originating-IP: [185.2.130.13]
To: "<Recipient_Email_Removed>
Message-id: <bd4e89f6cf-d3c9192f9-e2e4b4483@accuchex.com>
MIME-version: 1.0
Content-type: text/html; CHARSET=US-ASCII
Content-transfer-encoding: 7BIT
Paginated-Mission: 7feadb2eaf4a17
Forested-Ringing-Hugging: reformation
Mammoth-Occupy: eca6e8385d4a26f
X-Verizon-Spam: Yes
X-CMAE-Score: 100
X-CMAE-Analysis: v=2.1 cv=MYnbYC7a c=1 sm=1 tr=0 p=DAVnDRVzAAAA:8
p=NuDqGSEgLD0UqLDg:21 a=Ru9tWQQUbWLj2JO86vFYLQ==:117
a=Ru9tWQQUbWLj2JO86vFYLQ==:17 a=IkcTkHD0fZMA:10 a=bCEQaGq3AAAA:8
a=oR5dmqMzAAAA:8 a=-9mUelKeXuEA:10 a=5y4faFyK3SkA:10 a=GFptoQ2BRo-_68fnEXMA:9
a=QEXdDO2ut3YA:10 a=_W_S_7VecoQA:10 a=7NVwc8lSZe4A:10 a=J2H9jKj3YhkA:10
Original-recipient: rfc822;<Recipient_Email_Removed>
<html>
<head>
<title>Linked In Notifier</title>
</head>
<body>
<table border="0" width="550" cellpadding="0" cellspacing="0" style="max-width:550px;border-top:4px solid #39C;font:12px arial,sans-serif;margin:0 auto;"> <tr><td>
<h1 style="color:#000;font:bold 23px arial;margin:5px 0;">LinkedIn</h1><br>
<p style="margin:0 0 4px 0"> <strong>To:</strong> Eric Cissorsky </p>
<p style="margin:0 0 4px 0"> <strong>Date:</strong> 11/22/2014 </p>
<p style="margin:0 0 4px 0">
<strong>Subject:</strong> New message </p>
<p style="margin:0 0 4px 0"> <br /> <a href="http://nancyfrench.me/__MACOSX/backup-nancyfrench_me-2014_06_20-05_23pm-full-h0kx6jiqfb/wp-content/languages/aqueous.php?to=eric.cissorsky&message=398c" style="color:#0066CC">http://nancyfrench.me/__MACOSX/backup-nancyfrench_me-2014_06_20-05_23pm-full-h0kx6jiqfb/wp-content/languages/aqueous.php?to=<b>eric.cissorsky</b>&message=398c</a> <br/>
</p>
<form target="_blank" method="GET" action="http://nancyfrench.me/__MACOSX/backup-nancyfrench_me-2014_06_20-05_23pm-full-h0kx6jiqfb/wp-content/languages/aqueous.php" style="margin:0px;"> <input style="border:0px;margin:15px 0 3px 0;background:#DCF0F6;padding:6px;width:50%;font:12px arial,sans-serif;color:#0066CC;text-decoration:underline;cursor:pointer;" value="View/reply to this message" type="submit"></form>
<br> <p style="width:550px;margin:3px auto;font:10px arial,sans-serif;color:#999;"> <table border="0" cellspacing="0" cellpadding="0" style="font-family:arial;" width="100%"> <tr> <td align="left" style="font-size:10px;font-family:arial,sans-serif;color:#999999;">
This message was intended for Eric Cissorsky. <a style="color:#0066CC" href="http://nancyfrench.me/__MACOSX/backup-nancyfrench_me-2014_06_20-05_23pm-full-h0kx6jiqfb/wp-content/languages/aqueous.php?to=eric.cissorsky&message=398c">Learn why we included this</a>. © 2014, LinkedIn Corporation. 2029 Stierlin Ct. Mountain View, CA 94043, USA
</td>
</tr>
</table>
</p> </body> </html>
========== End Scam Email Header Info ==========
Friday, November 21, 2014
IRS ID Protection
The IRS provides some excellent resources to guard against or report ID Theft. To prevent a fraudulent tax filing set up a PIN for yourself &/or spouse.
IRS Identity Protection
IRS Identity Protection
OCR Audits: Don’t Fall Victim To Past Mistakes
From InformationWeek:
OCR Audits: Don’t Fall Victim To Past Mistakes
If you are a healthcare provider you need to take this seriously. Whether you choose to have your internal IT staff or an outside consultant is up to you. The first thing you need is a comprehensive risk assessment. When done properly that will tell you, among many other things, where your Personal Health Information (PHI) is stored. Once you have done that you can begin securing it.
Remember PHI is much more valuable than SSN's or CC numbers. Don't fool yourself and think you're too small for a hacker to be interested in. They may not be interested in you but they are very interested in your patient data.
OCR Audits: Don’t Fall Victim To Past Mistakes
If you are a healthcare provider you need to take this seriously. Whether you choose to have your internal IT staff or an outside consultant is up to you. The first thing you need is a comprehensive risk assessment. When done properly that will tell you, among many other things, where your Personal Health Information (PHI) is stored. Once you have done that you can begin securing it.
Remember PHI is much more valuable than SSN's or CC numbers. Don't fool yourself and think you're too small for a hacker to be interested in. They may not be interested in you but they are very interested in your patient data.
Attackers Using Compromised Web Plug-Ins in CryptoPHP Blackhat SEO Campaign
From ThreatPost:
Attackers Using Compromised Web Plug-Ins in CryptoPHP Blackhat SEO Campaign
Look I'm no angel but this is the chance you take when you download pirated software.
Attackers Using Compromised Web Plug-Ins in CryptoPHP Blackhat SEO Campaign
Look I'm no angel but this is the chance you take when you download pirated software.
Most Targeted Attacks Exploit Privileged Accounts
From ThreatPost:
Most Targeted Attacks Exploit Privileged Accounts
I would tend to agree with this. I have seen far too many organizations who have regular users in the Local Admins group and grant Domain Admin privileges to whomever asks for them. This is par for the course in most SMB's.
Whenever possible the Principle of Least Privilege should always be used. No matter what line of business you are in only the people who actually require escalated privileges should have them. Even then the scope of that privilege should be as narrow as possible. This even applies to the C-level. No employee should be able to access anything that is not required for them to do their job.
Most Targeted Attacks Exploit Privileged Accounts
I would tend to agree with this. I have seen far too many organizations who have regular users in the Local Admins group and grant Domain Admin privileges to whomever asks for them. This is par for the course in most SMB's.
Whenever possible the Principle of Least Privilege should always be used. No matter what line of business you are in only the people who actually require escalated privileges should have them. Even then the scope of that privilege should be as narrow as possible. This even applies to the C-level. No employee should be able to access anything that is not required for them to do their job.
How Splitting A Computer Into Multiple Realities Can Protect You From Hackers
From Wired:
How Splitting A Computer Into Multiple Realities Can Protect You From Hackers
Joanna Rutkowska is fairly well known in InfoSec circles. I remember when Blue Pill was first discussed. If this Qubes OS works as promised, and I have no doubt it will, it will be a novel concept for both business and consumer computing. Just think, if one OS is compromised you just delete it and start from a new image or restore point. There would be no consequences for any of the other virtual machines running on the OS. Very cool, cutting edge stuff.
How Splitting A Computer Into Multiple Realities Can Protect You From Hackers
Joanna Rutkowska is fairly well known in InfoSec circles. I remember when Blue Pill was first discussed. If this Qubes OS works as promised, and I have no doubt it will, it will be a novel concept for both business and consumer computing. Just think, if one OS is compromised you just delete it and start from a new image or restore point. There would be no consequences for any of the other virtual machines running on the OS. Very cool, cutting edge stuff.
Using company devices for personal activities leads to data loss
From Help Net Security:
Using company devices for personal activities leads to data loss
Key findings include:
Using company devices for personal activities leads to data loss
Key findings include:
- 75% of respondents use their work-provided computer for non-work activities
- Overall, 90% have at least some understanding of their company’s policy on usage and follow it to at least some degree
- 8.5% completely disregard company IT policy on approved use of company computers for non-work activities
- Nearly a third (31%) of those surveyed have had to get their IT department to fix their computer after an issue occurred as a result of innocent non-work use, while 6% had to do the same due to questionable use (porn, torrents, etc.)
- 10% have lost data and/or intellectual property as a result of the disruption caused by the outage.
IE "Unicorn" bug actively exploited in the wild
From Help Net Security:
IE "Unicorn" bug actively exploited in the wild
If you haven't updated your system(s) do so now.
IE "Unicorn" bug actively exploited in the wild
If you haven't updated your system(s) do so now.
FBI: Cyber’s Most Wanted
The US FBI's list of top 10 cyber most wanted. If you can find them there's a reward.
Cyber’s Most Wanted
Cyber’s Most Wanted
How to delete your old, embarrassing, now-much-easier-to-find tweets
From Sophos Naked Security:
How to delete your old, embarrassing, now-much-easier-to-find tweets
Just a thought, maybe you shouldn't tweet certain things that could come back to bite you in the ass? If your tweets are public or your boss follows you, think twice about using hashtags like #hatemyboss or #hungoveratwork, these could end with what I like to refer to as a "resume generating event." Stop & think before you tweet.
How to delete your old, embarrassing, now-much-easier-to-find tweets
Just a thought, maybe you shouldn't tweet certain things that could come back to bite you in the ass? If your tweets are public or your boss follows you, think twice about using hashtags like #hatemyboss or #hungoveratwork, these could end with what I like to refer to as a "resume generating event." Stop & think before you tweet.
Thursday, November 20, 2014
VA fails cybersecurity audit for 16th consecutive year
From The Washington Post:
VA fails cybersecurity audit for 16th consecutive year
WTF?!?!?! How can you fail an audit for 16 years in a row? This could never happen in the private sector. Our vets deserve A. the best medical care (the VA has failed on that) and B. the best ID theft and other cybersecurity insurances (failed on that one too) we can offer.
“I was disappointed, and I know the team was disappointed given the significant time and effort we applied this year,” Warren said, according to the article. “But we are going to continue to drive on this. We are going to continue to push so that we move forward on the rigorous, disciplined plan the team has put together so that when the audit team shows up next year, they will continue to see the constant improvement they recognized even this past audit season.” YOU WERE DISAPPOINTED??? What effort? What time? What about the vets who served this country with honor only to have their ID's, PII, PHI etc... stolen because you FAILED. Failure is not an option VA Chief Information Officer Stephen Warren!!!
In the private sector this stuff is taken VERY SERIOUSLY! If you fail an audit there are SERIOUS CONSEQUENCES! I'm getting so fired up here that I have to stop writing lest I digress into the realm of unprofessionalism.
To all the vets who read this or my blog in general - Thank you for your service. You deserve the best and I'm sorry you're not getting it.
VA fails cybersecurity audit for 16th consecutive year
WTF?!?!?! How can you fail an audit for 16 years in a row? This could never happen in the private sector. Our vets deserve A. the best medical care (the VA has failed on that) and B. the best ID theft and other cybersecurity insurances (failed on that one too) we can offer.
“I was disappointed, and I know the team was disappointed given the significant time and effort we applied this year,” Warren said, according to the article. “But we are going to continue to drive on this. We are going to continue to push so that we move forward on the rigorous, disciplined plan the team has put together so that when the audit team shows up next year, they will continue to see the constant improvement they recognized even this past audit season.” YOU WERE DISAPPOINTED??? What effort? What time? What about the vets who served this country with honor only to have their ID's, PII, PHI etc... stolen because you FAILED. Failure is not an option VA Chief Information Officer Stephen Warren!!!
In the private sector this stuff is taken VERY SERIOUSLY! If you fail an audit there are SERIOUS CONSEQUENCES! I'm getting so fired up here that I have to stop writing lest I digress into the realm of unprofessionalism.
To all the vets who read this or my blog in general - Thank you for your service. You deserve the best and I'm sorry you're not getting it.
Spam Nation: Cybercrime and spam are far bigger security threats than you think
From TechRepublic:
Spam Nation: Cybercrime and spam are far bigger security threats than you think
This is essentially a review of Brian Krebs new book "Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door". I have yet to read it although with Christmas right around the corner it is on my Christmas wish list. That being said, after reading this article I would place this book in the "must read" category for any IT security professional.
Spam Nation: Cybercrime and spam are far bigger security threats than you think
This is essentially a review of Brian Krebs new book "Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door". I have yet to read it although with Christmas right around the corner it is on my Christmas wish list. That being said, after reading this article I would place this book in the "must read" category for any IT security professional.
New encryption technology hits nerve with DOJ
From Fox News:
New encryption technology hits nerve with DOJ
I see both sides of this debate. However, if the NSA and others weren't gathering bulk data en masse Apple & Google wouldn't need to resort to these measures.
New encryption technology hits nerve with DOJ
I see both sides of this debate. However, if the NSA and others weren't gathering bulk data en masse Apple & Google wouldn't need to resort to these measures.
Russia Hacking Site Spying Webcams Worldwide: Britain
From SecurityWeek:
Russia Hacking Site Spying Webcams Worldwide: Britain
I've blogged about this site previously. This is just plain creepy. If you have made your video internet accessible please make sure, at the very least, you change the default password.
Russia Hacking Site Spying Webcams Worldwide: Britain
I've blogged about this site previously. This is just plain creepy. If you have made your video internet accessible please make sure, at the very least, you change the default password.
Advanced Variant of "NotCompatible" Android Malware a Threat to Enterprises
From SecurityWeek:
Advanced Variant of "NotCompatible" Android Malware a Threat to Enterprises
"NotCompatible.C is distributed through spam campaigns and compromised websites. The attackers are not leveraging any exploits, but instead rely on social engineering to trick potential victims into installing the threat on their mobile devicese. One of the distribution campaigns observed by Lookout used the classic "security update" ruse.
Advanced Variant of "NotCompatible" Android Malware a Threat to Enterprises
"NotCompatible.C is distributed through spam campaigns and compromised websites. The attackers are not leveraging any exploits, but instead rely on social engineering to trick potential victims into installing the threat on their mobile devicese. One of the distribution campaigns observed by Lookout used the classic "security update" ruse.
According to the security firm, the cybercriminals have acquired compromised websites and accounts in bulk. In one of the spam runs seen by researchers, only Yahoo accounts had been used. In a different campaign, the attackers used only compromised AOL accounts."
2014-11-20 Link of the Day: 15 (FREE!) security tools you should try
Here's 15 free security tools from Network World:
15 (FREE!) security tools you should try
15 (FREE!) security tools you should try
Any/all products/services are provided for informational purposes only. The author does not endorse any single product.
Use these products/services at your own risk.
8 cybercrime trends that will shape IT
From Help Net Security:
8 cybercrime trends that will shape IT
These predictions come from Websense a company whose predictions tend to be accurate. Here's an overview:
1. The healthcare sector will see an increase in data stealing attack campaigns (I blogged about this yesterday)
2. Attacks on the Internet of Things (IoT) will focus on businesses, not consumer products.
3. Credit card thieves will morph into information dealers.
4. Mobile threats will target credential information more than the data on the device.
5. New vulnerabilities will emerge from decades-old source code.
6. Email threats will take on a new level of sophistication and evasiveness.
7. As companies increase access to cloud and social media tools, command and control instructions will increasingly be hosted on legitimate sites.
8. There will be new (or newly revealed) players on the global cyber espionage/cyber war battlefield.
8 cybercrime trends that will shape IT
These predictions come from Websense a company whose predictions tend to be accurate. Here's an overview:
1. The healthcare sector will see an increase in data stealing attack campaigns (I blogged about this yesterday)
2. Attacks on the Internet of Things (IoT) will focus on businesses, not consumer products.
3. Credit card thieves will morph into information dealers.
4. Mobile threats will target credential information more than the data on the device.
5. New vulnerabilities will emerge from decades-old source code.
6. Email threats will take on a new level of sophistication and evasiveness.
7. As companies increase access to cloud and social media tools, command and control instructions will increasingly be hosted on legitimate sites.
8. There will be new (or newly revealed) players on the global cyber espionage/cyber war battlefield.
Overwhelming optimism for information security in 2015
From Help Net Security:
Overwhelming optimism for information security in 2015
"Survey findings from the survey include:
I just hope this level of confidence doesn't lead to a false sense of security, lax security processes & a failure to perform due diligence on suspected incidents.
Overwhelming optimism for information security in 2015
"Survey findings from the survey include:
- Despite 68% of all respondents feeling their organization is more likely to be the target of a cyberattack next year, 94% are optimistic that their organization's ability to prevent data breaches will improve in 2015.
- The types of threats that organizations are most concerned about in 2015 are Advanced Persistent Threats (APTs) (65%), targeted malware attacks (61%) and spear phishing attacks (42%). Companies fear mobile threats (22%) least.
- Respondents see speed and prioritization as important to fortifying cyber defenses in 2015. When asked what their company needs to do next year to prevent it from becoming the next data breach headline.
- 95% of security staffers believe senior management will be more responsive to their team's security recommendations in 2015, suggesting that CISOs are becoming more successful at driving improvements in enterprise cybersecurity."
I just hope this level of confidence doesn't lead to a false sense of security, lax security processes & a failure to perform due diligence on suspected incidents.
"Rotten stinking hovel" hotel charges couple £100 for bad Trip Advisor review
From Sophos Naked Security:
"Rotten stinking hovel" hotel charges couple £100 for bad Trip Advisor review
UN-BELIEVE-ABLE! Way to run a SMB, "fine" your customers for bad reviews instead of actually addressing the problems.
"Rotten stinking hovel" hotel charges couple £100 for bad Trip Advisor review
UN-BELIEVE-ABLE! Way to run a SMB, "fine" your customers for bad reviews instead of actually addressing the problems.
Wednesday, November 19, 2014
Websense Warns Doctors to be on High Alert for 2015 Cyber Blitz
From Info Security Magazine:
Websense Warns Doctors to be on High Alert for 2015 Cyber Blitz
Healthcare providers have the most valuable data on the market. A personal health record is worth much more than a SSN or CC number as it usually contains at least a SSN as well as other pertinent info that can be used to commit ID theft. Also, health insurance info can be used to obtain healthcare services without the affected individual learning it has occurred for some time.
Fraudulent purchases made on a credit card will appear on the victims latest statement. The back & forth between the provider and insurer can take quite some time to straighten out. Healthcare fraud may take months or even years for the victim to discover because of the amount of red tape involved in patient billing.
If your organization, or medical practice, retains this type of data you need to take cybersecurity very seriously. Do not think for one nanosecond you're too small. Healthcare records, regardless of the size of the organization they originate from, are a very valuable commodity in the cyberunderworld.
Websense Warns Doctors to be on High Alert for 2015 Cyber Blitz
Healthcare providers have the most valuable data on the market. A personal health record is worth much more than a SSN or CC number as it usually contains at least a SSN as well as other pertinent info that can be used to commit ID theft. Also, health insurance info can be used to obtain healthcare services without the affected individual learning it has occurred for some time.
Fraudulent purchases made on a credit card will appear on the victims latest statement. The back & forth between the provider and insurer can take quite some time to straighten out. Healthcare fraud may take months or even years for the victim to discover because of the amount of red tape involved in patient billing.
If your organization, or medical practice, retains this type of data you need to take cybersecurity very seriously. Do not think for one nanosecond you're too small. Healthcare records, regardless of the size of the organization they originate from, are a very valuable commodity in the cyberunderworld.
FTC Seeks Public Comment on Second AgeCheq, Inc., Proposal for Parental Verification Method Under COPPA Rule
From the FTC:
FTC Seeks Public Comment on Second AgeCheq, Inc., Proposal for Parental Verification Method Under COPPA Rule
"The Federal Trade Commission is seeking public comment on a proposed verifiable parental consent method that AgeCheq, Inc., has submitted for Commission approval under the agency’s Children’s Online Privacy Protection Rule.
Under the rule, online sites and services directed at children under 13, and general audience sites or services that knowingly collect, use, or disclose personal information from children under 13, must obtain permission from a child’s parents before collecting personal information from that child. The rule lays out a number of acceptable methods for gaining parental consent, but also includes a provision allowing interested parties to submit new verifiable parental consent methods to the FTC for approval."
FTC Seeks Public Comment on Second AgeCheq, Inc., Proposal for Parental Verification Method Under COPPA Rule
"The Federal Trade Commission is seeking public comment on a proposed verifiable parental consent method that AgeCheq, Inc., has submitted for Commission approval under the agency’s Children’s Online Privacy Protection Rule.
Under the rule, online sites and services directed at children under 13, and general audience sites or services that knowingly collect, use, or disclose personal information from children under 13, must obtain permission from a child’s parents before collecting personal information from that child. The rule lays out a number of acceptable methods for gaining parental consent, but also includes a provision allowing interested parties to submit new verifiable parental consent methods to the FTC for approval."
FTC Scam Alert: FTC cracks down on tech support scams
From the FTC:
FTC cracks down on tech support scams
Bottom line - NEVER EVER UNDER ANY CIRCUMSTANCES WHATSOEVER GIVE CONTROL OF YOUR COMPUTER TO SOMEONE ELSE
FTC cracks down on tech support scams
Bottom line - NEVER EVER UNDER ANY CIRCUMSTANCES WHATSOEVER GIVE CONTROL OF YOUR COMPUTER TO SOMEONE ELSE
Subscribe to:
Posts (Atom)