True Cybersecurity Means a Proactive Response

Posted on April 6th, 2019 by Responsible Cyber

Successful, secure organizations must take an aggressive, pre-emptive posture if they want true data security. Cybercriminals are always works in progress. Their knowledge and ability to bypass security systems are constantly advancing. As they gain knowledge, they develop and implement sophisticated impersonation methods that are proving increasingly adept at evading detection and gaining access to […]

Read More

Malware Installed in Asus Computers through Hacked Update Process

Posted on March 30th, 2019 by Responsible Cyber

Kaspersky Labs is reporting on a new supply chain attack they call “Shadowhammer.” In January 2019, we discovered a sophisticated supply chain attack involving the ASUS Live Update Utility. The attack took place between June and November 2018 and according to our telemetry, it affected a large number of users. […] The goal of the […]

Read More

CAs Reissue Over One Million Weak Certificates

Posted on March 24th, 2019 by Responsible Cyber

Turns out that the software a bunch of CAs used to generate public-key certificates was flawed: they created random serial numbers with only 63 bits instead of the required 64. That may not seem like a big deal to the layman, but that one bit change means that the serial numbers only have half the […]

Read More

Why Phone Numbers Stink As Identity Proof — Krebs on Security

Posted on March 24th, 2019 by Responsible Cyber

Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities. At the same time, when you lose control over a phone number — maybe it’s hijacked by fraudsters, you got separated or divorced, or you were way late on […]

Read More

Businesses Increase Investments in AI and Machine Learning

Posted on March 15th, 2019 by Responsible Cyber

More than three-quarters of IT pros say they feel safer for having done so, according to a new report. Artificial intelligence (AI) and machine learning (ML) are buzzwords in the cybersecurity industry as companies try to keep up with an expanding threat environment. That is reflected in a new study from Webroot, which found 73% […]

Read More

Review: Bitglass manages the mobility monster

Posted on March 14th, 2019 by Responsible Cyber

It’s no secret that most businesses and organizations work better when they embrace mobility. The old formula of having droves of suited workers sitting at their desks from nine to five every day, typing away with desktop computers or even older technology simply doesn’t hold up in today’s always on, always connected world. Modern workers […]

Read More

There May Be a Ceiling on Vulnerability Remediation

Posted on March 14th, 2019 by Responsible Cyber

Most organizations are doing all they can to keep up with the release of vulnerabilities, new research shows. Security has no shortage of metrics — everything from the number of vulnerabilities and attacks to the number of bytes per second in a denial-of-service attack. Now a new report focuses on how long it takes organizations […]

Read More

Researchers Propose New Approach to Address Online Password-Guessing Attacks

Posted on February 22nd, 2019 by Responsible Cyber

Recommended best practices not effective against certain types of attacks, they say. Automated online password-guessing attacks, where adversaries try numerous combinations of usernames and passwords to try and break into accounts, have emerged as a major threat to Web service providers in recent years. Next week, two security researchers will present a paper at the […]

Read More

‘Formjacking’ Compromises 4,800 Sites Per Month. Could Yours Be One?

Posted on February 20th, 2019 by Responsible Cyber

Cybercriminals see formjacking as a simple opportunity to take advantage of online retailers – and all they need is a small piece of JavaScript. For a while, it was ransomware. Then it was cryptojacking. Now researchers point to formjacking as the latest threat-of-the-moment and means for hackers to get quick cash. Cybercriminals have turned to […]

Read More

Mitigating the Security Risks of Cloud-Native Applications

Posted on February 6th, 2019 by Responsible Cyber

While containers can create more secure application development environments, they also introduce new security challenges that affect security and compliance. Containers represent the most significant computing advancements for enterprise IT since VMware introduced its first virtualization product, Workstation 1.0, in 1999. They enable organizations to build, ship, and run applications faster than ever, fueling the […]

Read More