How To Prevent And Remove Ransomware

ransomeware200Comparitech.com wrote a helpful post about Ransomeware. This continues to be a hot security topic hitting many of my customers. For those that don’t know, Ransomware is malware that encrypts your files and holds them for ransome requiring a bitcoin payment to unlock them. The original post can be found HERE.

While ransomware has existed since around 1989, in the form of the “AIDS” trojan which encrypted files on a hard drive and then demanded a payment of $189 to unlock them again, it is only in the last few years that it has become a significant and global threat. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Rigging Compromise – Rig Exploit Kit

malware_keyboard_idg-100311220-primary.idgeCisco’s security team Talos posted very interesting research on a common exploit kit known as RIG (previously known as Goon). The original post can be found HERE.

Exploit Kits are one of the biggest threats that affects users, both inside and outside the enterprise, as it indiscriminately compromises simply by visiting a web site, delivering a malicious payload. One of the challenges with exploit kits is at any given time there are numerous kits active on the Internet. RIG is one of these exploit kits that is always around delivering malicious payloads to unsuspecting users. RIG first appeared in our telemetry back in November of 2013, back then we referred to it as Goon, today it’s known as RIG.

We started focusing on RIG and found some interesting data similar to what we found while analyzing Angler. This post will discuss RIG, findings in the data, and what actions were taken as a result. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

Why Should You Consider Passing the SCYBER Exam?

Examtime1I wrote a post about a new SCYBER exam from Cisco on the Ciscopress (HERE) and informit (HERE) websites. Below is the first half of the post.

“Modern organizations rely on specialists to keep cyber criminals at bay. How can you demonstrate that you have the necessary skills to gain a desirable job in a security-related position? Joseph Muniz, co-author of Security Operations Center: Building, Operating, and Maintaining Your SOC, explains the value of achieving the Cisco SCYBER certification, which is designed around responding to cyber attacks.” Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (2 votes cast)

Ransom32 – First JavaScript-powered Ransomware affecting Windows, Mac and Linux

Ransom32Thehackernews.com posted a interesting article on a new ransomware that leverages JavaScript called Ransom32. The original post can be found HERE. Here’s New Year’s first Ransomware: Ransom32.
A new Ransomware-as-a-service, dubbed Ransom32, has been spotted that for the first time uses a ransomware written in JavaScript to infect Mac, Windows as well as Linux machines.

Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

China passes law to curtail encryption

data1Amarjit Singh posted on drchaos.com about how China just added a new law regarding how the Chinese government can request to view encrypted communications. The original post can be found HERE.

China has passed a new law that goes into effect that will January 1st. It requires technology companies to comply with government requests to help with viewing encrypted communications, including handing over encryption keys. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Healthcare Security: Improving Network Defenses While Serving Patients

CiscoHealth1Cisco posted a really good article on security for healthcare environments. Links can be found at the bottom of this post.

Safeguarding the privacy of patient information is critical for healthcare providers. However, Cisco has found that the industry’s security executives appear to have less understanding of the threats facing their organizations than executives in other industries. They also tend not to use the best tools for meeting security challenges. In the Cisco 2014 Security Capabilities Benchmark Study, we found that: Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

8 of the Nastiest Data Breaches of 2015

databreaches2015 has put together a great presentation on 8 of the nastiest data breaches of 2015.

It is easy to see why many security research firms are predicting even more of a crazier year in 2016. Looking at these breaches it is easy to see a shift towards more retail, Internet of Things, and mobile hacking.

Click HERE to see the Identacor slide show on 8 of the Nastiest Data Breaches of 2015.

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

5 Steps to Building and Operating an Effective Security Operations Center (SOC)

NewSOCBookCoverI posted about 5 Steps to Building and Operating an Effective Security Operations Center (SOC) on the Ciscopress (HERE) and informit (HERE) websites. The concepts come from my recent Cisco press book. Below is a the first part of the article and link to continue reading. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)