Business email compromise (BEC) attacks are relentlessly attacking businesses with no let-up in sight. BEC attacks have traditionally used CEOs and CFOs as their foils, pretending to be them and getting people to wire money to the hackers. The oil and gas industry was targeted by a single individual using old generic malware readily […]
Continue reading → [DISPLAY_ACURAX_ICONS]A report presented this month at the 2017 Usenix Workshop on Offensive Technologies was pretty offensive – and not in the way they meant in the workshop title. Offensive security is what spies do – go out and attack a system. The report demonstrated a proof of concept attack that would work if someone took […]
Continue reading → [DISPLAY_ACURAX_ICONS]In the ongoing Wikileaks Vault 7 series of leaks, there is a new leak called ExpressLane. According to the documents released by Wikileaks, the CIA offers a partnership with other law enforcement and government agencies in which those partners can share biometric data such as fingerprints with the CIA. The CIA does this by offering […]
Continue reading → [DISPLAY_ACURAX_ICONS]I have come to a realization that I’m not very fond of, but in the world of security vs. convenience, security has to prevail. As we start having more and more smart things around us – from dishwashers to smart phones, we need to consider whether the manufacturer and/or distributor is committed to our security. […]
Continue reading → [DISPLAY_ACURAX_ICONS]Do you have a written incident response program? Do the people who are part of it – the outside legal team, crisis communications team, forensics team, for example – know they are part of it? Are contracts signed with outside service providers – or at least providers periodically reviewed and selected vendor already approved? Has […]
Continue reading → [DISPLAY_ACURAX_ICONS]According to a KPMG survey of Financial Times 350 companies, 68% of the Boards have not received any training to deal with a cyber incident. This means that WHEN – and not if – a significant cyber event occurs, the board will have no plan in place to deal with it. This is distinct from […]
Continue reading → [DISPLAY_ACURAX_ICONS]