Yes, malware commonly targets the Windows operating system. But if you limit malware analysis to Windows OS, you're leaving gaping vulnerabilities, says Christopher Kruegel of Lastline Inc. Here's how to maximize your analysis.
One common limitation of malware analysis is that organizations focus too much of their...
Spear phishing is the common trigger to many of the most popular - and successful - targeted attacks. How can organizations improve their defenses? Jon Clay of Trend Micro tells how to better spot and stop spear phishing.
As defense stategies become stronger year after year, it seems as though the prevalence of malware is growing proportionately, projected to exceed $2 trillion by 2019 - a four-fold increase in the cost of security breaches over 2015.Posing a threat to every industry, profession, and company, malware not only...
U.S. prosecutors have unsealed an indictment against an Iranian man charged with trying to extort entertainment company HBO for $6 million in bitcoins. The case marks a rare public naming of someone accused of cyber extortion, which poses an increasing risk for all organizations.
It's frightening what criminals can buy on the dark web. But it's even scarier that they may be buying your own security certificates to use against you. Venafi recently sponsored a six-month investigation into the sale of digital code signing certificates on the dark web. Conducted with the Cyber Security Research...
Identity and Access Management (IAM) programs are becoming increasingly essential to securing critical systems and data; last year, companies spent $7 billion on IAM, most on protecting user credentials, but almost nothing protecting keys and certificates, the credentials that identify and authorize machine-to-machine...
As certificate counts within the average organization rise to tens of thousands, it has become exponentially harder to manage them effectively. Many organizations turn to their certificate authorities (CAs) to protect the keys and certificates that each CA issues. The basic tools CAs provide are certainly a step up...
Is your organization exposed to an attack that misuses SSH keys?
You know that your organization is using SSH to safeguard privileged access. But you may not realize that your SSH keys could be vulnerable to insider and cyber threats.
The majority of those we surveyed didn't. Results from a 2017 study show that...
A recently published 2017 survey of over 400 security professionals in the U.S., U.K. and Germany measured how well their organizations implemented security controls for SSH keys. The results show that most organizations are underprepared to protect against SSH-based attacks, with fewer than half following industry...
Take control of your SSH keys to minimize your risk of intrusion
SSH keys provide the highest level of access rights and privileges for servers, applications and virtual instances. Cyber criminals want this trusted status and invest considerable resources into acquiring and using SSH keys in their attacks.
Even...
SSH is used for secure administrative access, but what happens if it's not secure? Despite the sweeping access SSH keys grant, including root access, most are not as tightly controlled as their level of privilege requires.
If your organization doesn't know which administrators or SSH keys have access to which...
Clearly, adherence to HIPAA, NIST and other regulators in healthcare is paramount, but that does not mean that your organization isn't vulnerable to cybercrime hacking. When the average breach is worth $3.62 million with $380 per patient record compromised (as per Ponemon's 2017 Cost of
a Data Breach Report), the...
During the past year alone, we've witnessed a number of devastating cyber attacks, from the massive Equifax breach to the seemingly never-ending Yahoo! breach.
The 2nd annual Inside the Mind of a Hacker report was created to shed light on the makeup of the bug hunting community and gain insight and understanding into...
Microsoft Office 365 is so ubiquitous-with more than 100 million monthly active subscribers-that it's almost become part of our identities. Cybercriminals have taken notice-and Office 365 has become a breeding ground for an increasing number of highly sophisticated attacks.
Asaf Cidon, VP Content Security at...
In May 2017, the Singapore Government cut direct access to the Internet from its internal systems. This is a policy that is already adopted by Korean banks, many U.S. and U.K. military establishments, as well as the Japanese government. This is to protect government-owned computer systems from potential cyber threats...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.