Comparitech.com wrote a helpful post about Ransomeware. This continues to be a hot security topic hitting many of my customers. For those that don’t know, Ransomware is malware that encrypts your files and holds them for ransome requiring a bitcoin payment to unlock them. The original post can be found HERE.
While ransomware has existed since around 1989, in the form of the “AIDS” trojan which encrypted files on a hard drive and then demanded a payment of $189 to unlock them again, it is only in the last few years that it has become a significant and global threat. Continue reading →
Cisco’s security team Talos posted very interesting research on a common exploit kit known as RIG (previously known as Goon). The original post can be found HERE.
Exploit Kits are one of the biggest threats that affects users, both inside and outside the enterprise, as it indiscriminately compromises simply by visiting a web site, delivering a malicious payload. One of the challenges with exploit kits is at any given time there are numerous kits active on the Internet. RIG is one of these exploit kits that is always around delivering malicious payloads to unsuspecting users. RIG first appeared in our telemetry back in November of 2013, back then we referred to it as Goon, today it’s known as RIG.
We started focusing on RIG and found some interesting data similar to what we found while analyzing Angler. This post will discuss RIG, findings in the data, and what actions were taken as a result. Continue reading →
Amarjit Singh posted on drchaos.com about how China just added a new law regarding how the Chinese government can request to view encrypted communications. The original post can be found HERE.
China has passed a new law that goes into effect that will January 1st. It requires technology companies to comply with government requests to help with viewing encrypted communications, including handing over encryption keys. Continue reading →
Cisco posted a really good article on security for healthcare environments. Links can be found at the bottom of this post.
Safeguarding the privacy of patient information is critical for healthcare providers. However, Cisco has found that the industry’s security executives appear to have less understanding of the threats facing their organizations than executives in other industries. They also tend not to use the best tools for meeting security challenges. In the Cisco 2014 Security Capabilities Benchmark Study, we found that: Continue reading →
I posted about 5 Steps to Building and Operating an Effective Security Operations Center (SOC) on the Ciscopress (HERE) and informit (HERE) websites. The concepts come from my recent Cisco press book. Below is a the first part of the article and link to continue reading. Continue reading →