Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones
Posted on May 31st, 2019 by Responsible Cyber
Whatsapp has recently patched a severe vulnerability that was being exploited by attackers to remotely install surveillance malware on a few “selected” smartphones by simply calling the targeted phone numbers over Whatsapp audio call.Discovered, weaponized and then sold by the Israeli company NSO Group that produces the most advanced mobile spyware on the planet, the […]
Read More
Review: FireMon clears the clutter for network security policy management
Posted on May 31st, 2019 by Responsible Cyber
It’s kind of a paradox that as an organization’s network grows, they have to add more and more security appliances and programs to keep it safe, yet with increased complexity comes diminishing returns on those investments. What happens is that new security platforms implement new rules, which often conflict with or duplicate existing protections. And […]
Read More
Act fast to recover assets after cyber fraud
Posted on May 31st, 2019 by Responsible Cyber
Targeted scams that cause organizations to redirect payments is resulting in billions of dollars in losses each year, and often recovery of those lost assets is very difficult. In April 2019, for example, a church in Ohio was scammed out of $1.75 million after it came to light that it had been paying construction fees […]
Read More Germany Talking about Banning End-to-End Encryption
Posted on May 31st, 2019 by Responsible Cyber
Der Spiegel is reporting that the German Ministry for Internal Affairs is planning to require all Internet message services to provide plaintext messages on demand, basically outlawing strong end-to-end encryption. Anyone not complying will be blocked, although the article doesn’t say how. (Cory Doctorow has previously explained why this would be impossible.) The article is […]
Read More
What is the GDPR, its requirements and facts?
Posted on May 31st, 2019 by Responsible Cyber
Companies that collect data on citizens in European Union (EU) countriesl need to comply with strict new rules around protecting customer data. The General Data Protection Regulation (GDPR) sets a new standard for consumer rights regarding their data, but companies will be challenged as they put systems and processes in place to maintain compliance. Compliance will cause […]
Read More What a teen grade hacker’s confession can teach us
Posted on May 31st, 2019 by Responsible Cyber
by Lisa Vaas It’s hard to know whether to laugh or cry at a new column that Motherboard’s Vice started earlier this month. It’s called Scam Academy. Pull up a chair, students: Scam Academy is where you come to read about “schemes and cheats from within the high schools and colleges of America.” The authors […]
Read More
How to update your Spectre, Meltdown mitigations for the Retpoline mitigation
Posted on May 31st, 2019 by Responsible Cyber
The Spectre and Meltdown vulnerabilities discovered in January 2018 showed that weaknesses in CPUs were a potential attack vector. They allow a rogue process to read memory without authorization. Patches were rolled out along with bios updates from the manufacturer, but they came with a costly side effect: They degraded performance, especially on systems with […]
Read More The cryptominer that kept coming back
Posted on May 30th, 2019 by Responsible Cyber
by John E Dunn One of computer security’s special frustrations is the phenomenon of malware that keeps re-infecting a system no matter how many times defenders think they’ve cleaned it. This was the puzzle that recently confronted Sophos Support when it was called in to investigate the mystery of an internet-facing Apache Tomcat web server […]
Read More
4 tips for getting the most from threat intelligence
Posted on May 30th, 2019 by Responsible Cyber
There’s no doubt that threat intelligence is critical for any company trying to build a winning security strategy, but threat intelligence alone won’t provide much value. In addition to knowing about potential vulnerabilities or new emerging threats, you also need the expertise to manage the flow of information, and the means to act upon it. […]
Read More
5 ways compliance hurts security
Posted on May 30th, 2019 by Responsible Cyber
Most of us in the IT security business know that compliance isn’t the same as security. Compliance is an auditing, paperwork, checklist mentality. Security is a tactical, real-world cybersecurity, risk-reduction mentality. Compliance is “Do you have a patch management program that applies critical patches in a timely manner — yes or no?” Security is figuring […]
Read More