Tag: Attack

Insights From Verizon’s Data Breach Investigations Report

In early spring, while many people are anticipating the return of warm weather and blue skies, the information security industry is looking forward to the release of Verizon’s annual Data Breach Investigations Report (DBIR). Published since 2008, DBIR is a data security reference guide, playbook and bible. Global in scope, the report analyzes thousands of confirmed data breaches and security incidents, sorts out the trends, and provides best practice guidance that informs the industries’ approach to cyberthreats and digital security. This year’s report includes the obligatory alarming statistics, among the most eye-opening being that in 60 percent of investigated incidents attackers were able to compromise a target network within minutes. Equally interesting, the majority of the 79,790 incidents and 2,122

Read More »
Attack

Huge Development In Cyber Espionage Tech

The United States has reportedly managed to develop a method that allows it to permanently embed surveillance and malware tools in computers and networks around the world, according to Kaspersky Lab, a Russian cybersecurity firm. Kaspersky presented its research at a conference in Mexico Monday night. They have dubbed the creators of this technique the “Equation Group,” and have broadly hinted that it is tied to the U.S National Security Agency and its military partner, United States Cyber Command, due in part to a similarity between Stuxnet – the computer worm that disabled about 1,000 centrifuges in Iran’s nuclear enrichment program – and the new malware platform. But the Equation’s level of sophistication makes Stuxnet seem like child play, according

Read More »
Attack

Securing Billions of Smart Things

There are roughly 25 billion smart devices and objects busily gathering data and beaming information back to their respective motherships (and business partners).  That’s up from 7 billion things a mere five years ago. And five years from now? The consensus is 50 billion things will be interconnected, merrily gathering data, and making our lives easier/transforming the world into a marketer’s magic kingdom. The US Federal Trade Commission (FTC) has signaled its strong interest in bringing privacy enforcement to the so-called Internet of Things (IoT), with the release of its “voluntary standards” report this week.  We put those two works inside quotes because while the standards are voluntary right now, it’s a safe bet that they will be used in

Read More »
Attack

FBI WARNS OF SPEAR-PHISHING INCREASE

The FBI’s IC3 says spear-phishing attacks are targeting multiple industries, and that the end goal is to steal IP or compromise banking credentials. “Cyber-criminals target victims because of their involvement in an industry or organization they wish to compromise,” the IC3 states. “Recent attacks have convinced victims that software or credentials they use to access specific websites need to be updated. The e-mail contains a link for completing the update.” This threat is nothing new to the IT Security Auditors at BAI Security. Michael Bruck, a founding partner at BAI Security, explained “For many years we’ve seen widespread weaknesses in social engineering with end-users and since their workstations are very often riddled with exploitable vulnerabilities, this combination makes for a

Read More »