Get ready for biggest year yet in cybercrime. We have learned over the last few years that hackers have honed their penetration skills to the point that any targeted company can easily become a victim. Most business owners have accepted that being connected to the Internet means that they can and probably will be compromised regardless of the defensive measures taken. It is more than just a game of probability. Every company in every country that is connected to the Internet will definitely get compromised but, how, when and what will be taken is the big question. Today, it seems that most business owners are willing to take the chance and they probably have to in order to stay competitive.
With the recent formal notice to Microsoft by France’s National Data Protection Commission (CNIL), it is apparent that Microsoft is taking too many liberties with user data.
Mike Patterson, founder and CEO security analytics firm Plixer, noticed that even after disabling everything he could find to stop this data transfer, some form of metadata is still sent to Microsoft every 5 minutes.
Further research found that:
In addition to Microsoft Windows 10, Patterson’s research also found that electronics company Plantronics and antivirus firm McAfee are doing this, too:
Tune into this webinar to get a look at how the research was conducted, exactly what information these companies take from you and why the practice of DIGing (Dubious Information Gathering) is bigger than cybercrime.
Cisco has swung into action to combat a hacker group's exploitation of vulnerabilities in its firmware. The group, known as the "Shadow Brokers," released online malware and other exploits it claimed to have stolen from the Equation Group, which is believed to have ties to the United States National Security Agency.
An association of state officials has published an open letter that seeks to strengthen public confidence in the electoral process, in light of research that has raised questions about the security of voting machines.
Email is a communication standard that is almost 50 years old. It is the number one vector that cybercriminals use to hack into our computers and it is a hugely outdated and unwieldy tool for modern communication.
As ransomware activity has continued to increase across every industry over the last year, BitSight researchers found the education sector has been bullied by the highest rates of attack while having the least protected systems among the sectors researchers observed.
Cisco released a security advisory for another vulnerability exposed by the Shadow Brokers' cyberweapons dump, which is currently being used to exploit affected systems.
Security researcher Bruce Schneier spotted a series of DDoS attacks which may be part of a larger effort to learn how to take down the internet on a national or even global scale.
Unknown attackers have been testing the defenses of companies that run critical parts of the Internet, possibly to figure out how to take them down, cybersecurity expert Bruce Schneier warned Tuesday.
The massive breach at the U.S. Office of Personnel Management (OPM), announced in June 2015, might have been prevented had the agency followed basic cybersecurity guidelines, according to the findings of a congressional investigation.
Plixer Director of IT & Services Tom Pore discusses the benefits of the Plixer & Gigamon joint solution.
While President Obama said we can still defuse a potential cyber arms race, some experts believe we are already in such competition or already past it and in open conflict.
(Page 6) The complexity of College campus computer networks combined with the number of users and the need for unrestrained access, opens the door for hackers to try their skills. Unlike business owners who can make decisions on what is and isn’t blocked from the internet, colleges and universities must operate a bit differently. These schools in many cases are essentially internet service providers for their students who access very few resources on the local network. Almost every web site they visit and email they receive is from a source that resides outside the LAN.
You would think - if the greater internet community has learned anything leading up to the Internet of Things (IoT) wave of products, it is that security needs to be built into the device from the get-go, but for some vendors, this hasn’t happened. With recent headlines including a serious vulnerability affecting over 120 D-Link products and an IoT botnet launching 400Gbps DDoS attack, it is clear that consumers are on their own when it comes to securing IoT devices. Who should be held liable for the internet attacks being launched from the IoT devices in our homes, our cars or even in our bodies?
Cybercrooks have put together Hitler-themed ransomware that simply deletes files on encrypted PCs.
In 2005, cybercrime cost the average company $24,000. In 2015, the average cost jumped to $1.5 million. Certainly some of that is due to inflation – everything costs more today – but the skyrocketing costs are also in line with the overall increase in cybercrime. According to BTB Security, in 2005, there were only four data breaches that affected more than 30,000 records, compared to 26 breaches in 2015. That still seems like a low number, but how about this: In total records compromised, the numbers went from 44 million to 190 million.
A recently discovered hack on NASA data that exposed username and password information of the agency’s employees is actually a copy of information that was exposed in 2013, according to NASA. “NASA officials have looked into the alleged data hack recently posted to a website where such information is shared publicly, and confirmed that the data set is, in fact, a duplicate of a 2013 post on this same website,” the NASA Office of Communications told MeriTalk.
When we purchase something new, in most cases there is an unspoken understanding about the transaction. For example, if it is food, you can read what is in it and purchase it. If you don’t end up liking the taste, it probably won’t kill you. If we buy a car, it is assumed that it will meet all safety standards. If we purchase a widget of some sort for a specific purpose, it will do what it advertises else we will return it for a refund. When it comes to software, the rules are generally the same; however, there seems to be an emerging twist in the market: data theft.
Companies are taking liberties with your data in all new ways. Some to provide a better service or software experience most to sell you more and other we just don’t know. Joining the conversation is Michael Patterson, CEO of Plixer to shed some light on the situation.
If you're a professional hacker looking for the victim of your next big heist, one thing you are going to do is cover your tracks. Eliminating the evidence is a primary concern in many criminal activities. In the physical world, it is finger prints, bullet casings, blood, hair, camera footage, etc. In the virtual world of cyber crime, it largely all comes down to logs. Criminals want to find, delete or alter them and the gate keepers want to save, archive and protect them from the bad guys. After the theft has occurred, if there is going to be any tracking down of the assailant, it will come down to how well the organization has archive and protected the logs and traffic patterns.