Threat Intelligence |
Sponsored by |
|
The threat level has never been higher for organizations charged with protecting valuable data. In fact, as recent headlines will attest, no company or agency is completely immune to targeted attacks by persistent, skilled adversaries. The unprecedented success of these attacks against large and well-equipped organizations around the world has led many security executives to question the efficacy of traditional layered defenses as their primary protection against targeted attacks. more
Security researchers Mathy Vanhoef and Frank Piessens have detected a major vulnerability in the WPA2 protocol that secures all protected Wi-Fi networks. more
The Internet Society has released an announcement setting out its views on the development of policy to address the balance between security and privacy. From an Internet perspective and in the context of the growing threat vector from hacking, targeted cyber attacks on networks and individuals, and surveillance, the Internet Society's approach to the development of cyber security policy initiatives is based on the following key considerations. more
According to the latest Infrastructure Security Report by Arbor Netowrks, the Internet architecture and operations is about to face a perfect storm with the convergence of issues including IPv4 to IPv6 migration, implementation of DNS Security Extensions (DNSSEC) and to 4-byte ASNs (used for inter-domain routing on the Internet). "Any one of these changes alone would constitute a significant architectural and operational challenge for network operators; considered together, they represent the greatest and potentially most disruptive set of circumstances in the history of the Internet, given its growth in importance to worldwide communications and commerce," says the report.
more
A few months ago, there was a lot of discussion that despite its claims, Zoom did not actually offer end-to-end encryption. They're in the process of fixing that, which is good, but that raises a deeper question: why trust their code? (To get ahead of myself, this blog post is not about Zoom.) If Zoom has the key but doesn't abuse it, there isn't a problem, right? Let's fast-forward to when they deploy true end-to-end encryption. Why do we trust their code not to leak the secret key? more
ICANN has announced a new hire, Mark Jardina – an expert in global security and health and safety as Vice President of Security Operations. more
"Beijing vowed on Tuesday to use all necessary means, including military ones, to wipe out subversion and attempts to undermine its sovereignty in cyberspace," Zhuang Pinghui reporting in South China Morning Post. more
Reported today on BBC: "Police chiefs are urging people looking for work during the recession to be alert to online scams that trick them into laundering money. The Serious Organised Crime Agency (Soca) says websites are currently being used to recruit 'money mules'. The 'mules are ordinary people who send and receive payments through their bank accounts to facilitate business." Neil Schwartzman has also informed us of a related report by RSA FraudAction Research Lab based on several months of tracking various reshipping scams engineered by online fraudsters. more
According to a new study conducted by the nonprofit membership association of certified cybersecurity professionals (ISC)2, women now represent 24% of the cybersecurity workforce. more
A number of websites owned and operated by the United States Congress are recovering from a three-day DNS attack. more
How can our threat intelligence platform deliver more? This is a question many business professionals employing threat intelligence practices are asking themselves as their companies continue to fall short against the machinations of modern-day cybercriminals. The truth is that while threat intelligence is certainly not a silver bullet, organizations often make a mistake when they opt for a platform without considering several important factors that can help them evaluate the market better and deploy the practice more effectively. more
In a blog post published today on Microsoft's website, company President and Chief Legal Officer, Brad Smith, has raised concerns over escalating cyberattcks over the past year and the need for a Digital Geneva Convention. more
Many cyber attacks against companies today go unreported, and more still are undetected... Timing and context are everything. The faster a company identifies a problem, and the faster and deeper it is understood and its relevance to the business, the more effectively the company can respond. We call this squeezing the cyber response curve. This two-part post will discuss the current state of cyber threats, what the cyber response curve is and its impact your organization and how you can effectively squeeze this curve to improve attack response. more
"Tech companies like Snapchat and Skype's owner Microsoft are failing to adopt basic privacy protections on their instant messaging services, putting users' human rights at risk," says Amnesty International. more
Structured Query Language (SQL) continues to be quite relevant today. Many organizations still use SQL database systems, and it still ranks as the top in-demand language in tech job postings -- even in 2020. Companies are also increasing their analytics and business intelligence efforts, where SQL skills come in as quite handy. SQL queries allow you to pull key information from databases quickly. more