Interesting release from Malwarebytes regarding a new type of ransomware that targets Mac systems. This goes to show that Macs can be infected with malware and most likely will continue to be a focus for malicious attacks as Apple wins marketshare. Yes, Windows based systems have more known malware in the wild however, Macs are not necessarily more secure as many people believe. The original article can be found HERE. Credit due to Jerome Segura (@jeromesegura), senior security researcher at Malwarebytes and the rest of his team.
For years, Windows users have been plagued by ransomware demanding several hundred dollars to unlock their computers. Continue reading →
Controlling who and what access your network is a critical element to keep your resources safe from malicious threats. Network Admission Control (NAC) solutions like the Cisco Identity Services Engine (ISE) can police who and what is permitted network access as well as enforce policy for those devices. Examples would be permitting an administrator with a government furnished Windows 7 laptop access to VLAN 10, which holds internal servers, while provisioning a marketing professional’s iPad with VLAN 20 access, which is limited to Internet and email through the use of ACLs. Continue reading →
Today’s threat landscape is loaded with malicious websites, malware and other risks that attack users every nanosecond of the day. There isn’t a single product available that can guarantee protection from cyber threats. Older solutions leveraging static technologies such as signatures are not good enough. The best approach for dealing with advanced threats is continuously monitoring the entire network through layering security technologies. Continue reading →
Most Security solutions leverage a combination of signature and behavior based technology (more HERE). This worked in the past however today these solutions are not good enough regardless if you layer multiple products that are built upon similar scanning methods. There are many ways to bypass point Security products such as throttling behavior and masking the known fingerprint of the attack code. A example of a technique used to hide malware from popular Anti-Virus packages is leveraging Dynamic Obfuscation software.
Free file sharing services such as LimeWire, FrostWire and UTorrent in most forms is illegal (note: there are legal sources however this post is focusing on file-sharing of pirated content). The cost of music, software and other applications are becoming more expensive to accommodate lost revenue caused by piracy spread through file sharing. As the price goes up to make up lost revenue, more people join file sharing networks. It’s a vicious cycle. There is however a more important reason besides ethics, law and cost to not be involved with file sharing services. Like my mother use to say … “nothing is free in this world”. Most of the pirated goods from file sharing you believe are free actually come at a very high price to your system and privacy. Continue reading →
Today’s Internet is a dangerous place. Imagine a small village with law and order surrounded by a wall keeping out miles of ungoverned ruthless territory. Most known websites surfed daily by your users make up a small percentage of the total Internet. The remaining 80% or more of uncategorized websites are contaminated with Botnets, malware and short-lived websites targeting your users. Many of these malicious websites are embedded in trusted sites such as social networks by hiding in advertisements or silly links posted by your friends. The best protection for this threat vector is limiting Internet usage to trusted websites and monitoring those websites for malicious applications. Continue reading →
Here is a post from my friend Aamir Lakhani’s blog about RSA NetWitness. The original can be found at Cloud Centrics (http://www.cloudcentrics.com/). Really good post on NetWitness.
RSA NetWitness is a unique solution that captures, store and analyze network data traffic. This gives you the able to see exactly what comes in and goes out of the network in real time . In simple terms, RSA offers to you a Network CCTV. Not only that, NetWitness also allows you to see the traffic in action as it reconstructs the data that flows through the network into its original format according to its own type or application. This helps you strengthen your security measures by taking appropriate action. On top of that, since all traffic is captured and stored, you will be able to go back to a particular period of time and conduct historical data analysis. Nothing escapes undetected. Continue reading →
How secure is your home or corporate network? Many administrators believe they are protected behind layers of security solutions such as firewalls, IPS/IDS appliances, endpoint security products, content filters, SIEMs, etc. Regardless of your investment in security technology there will always be risk, which dramatically increases as soon as people are included in the equation. One way to verify your risk level is to become the hunter rather than hunted by scanning all traffic on your network for malicious behavior. You may be surprised to find an unpatched server leaking sensitive information through hidden ports or bots hidden on your personal computer phoning home in the middle of the night! Continue reading →
Some people believe people behind Cyber Crime are disgruntled teenage hackers looking to cause chaos for fun. In some cases that may be however the majority of Cyber Crime is performed by well-funded organized criminals. Yes, I’m talking about the godfather like people who robbed banks and distributed narcotics on the street corner prior to the computer age. Organized crime realized it’s faster to automate an attack against millions of virtual targets rather than physically deal with criminal activity. Who is really behind Cyber Crime and how do they operate? Lets take at look at a case study of popups to understand the Cyber Crime organization. Continue reading →