In my last post, I briefly summarized the evolution of network security. I will now discuss how network security strategies are no longer meeting the needs of organizations' increasingly complex IT environments. A Different Strategy Technological innovation has changed the nature of the network itself. No longer are employees limited to their...

Sometimes you could be forgiven for thinking that the incessant overuse of the word ‘disruptive’ these days could do with some, well, disrupting of its own. So much is written, presented and marketed around apparently ‘disruptive’ use of technologies like AI, IoT and of course blockchain, when much of it could perhaps be better described as...

You probably remember the massive iCloud breach in 2014 that resulted in compromised celebrity photos spreading through the internet like wildfire. That egregious invasion of privacy caused great embarrassment and damage to the reputations of nearly 100 A-list stars. Fortunately, these bad deeds did not go unpunished. In 2016, two men were brought to...

In November 2016, the security community first learned of a series of attacks known as "Shamoon 2." The campaign has launched three waves as of this writing. In the first wave, bad actors infected an organization in Saudi Arabia with Disttrack. This trojan used a wiper component to overwrite protected parts of a system, including the Master Boot...

A spam campaign is personalizing its emails with the recipient's name and address so that more people will feel inclined to open the malicious attachment. Sophos Labs has seen several versions of this scam pop up in recent weeks. But although the text differs across samples, all the emails generally follow the same format. The scam email includes...

If there's one day of the year when everyone has their guard up, it's April Fool's Day. After all, who can put their hand up and say that they have never been duped by an April Fool's trick? Some of the classic April Fool's stunts have gone down in history, such as the BBC's news report from 1957 showing the annual spaghetti harvest in Switzerland....

Network security has been around almost as long as we’ve had networks, and it is easy to trace the various elements of network security to the components of networking that they try to mitigate. Over the past 30-35 years or so, the expansion of networking, especially the increased reliance on the Internet both as an avenue for commerce and as the...

Otherwise known as the measuring stick by which your GDPR compliance will be assessed, the six core principles of the GDPR are the basic foundations upon which the regulation was constructed. Unquestionable and pure in nature, they are rarely acknowledged for one simple reason: five of the six have no real application in helping you in peddling...

Not too long ago, a client of ours who had just released a dynamic new cybersecurity awareness course told me how blown away he was with the response they were getting. His inbox was full of compliments, and his colleagues wanted to duplicate his training success in their own departments. He recounted how employees stopped him in the hallway to...

The private IP space defined by RFC 1918 contains almost 18 million IP addresses. A customer was interested in having me do host discovery on this entire space for their private IP space. This is interesting data for network owners because it: Increases awareness to the size of the network attack surface, such as the number of accessible hosts...

The FBI issued an alert to the healthcare industry warning of criminal actors actively targeting anonymous File Transfer Protocol (FTP) servers to access protected health information (PHI) and personally identifiable information (PII). According to the FBI’s Cyber Division, attackers are compromising such information from medical and dental entities...

"Covert Channel [Wikipedia]: a covert channel is a type of computer security attack that creates a capability to transfer information objects between processes that are not supposed to be allowed to communicate by the computer security policy." Today, in a world where the hacking techniques are getting more and more sophisticated and security...

This is my first blog in an ongoing “It’s Not Rocket Science” series featuring articles on Information security. "Security is not an absolute, it's a continuous process and should be managed as such. Security is about risk reduction, not risk elimination, and risk will never be zero. It's about employing the appropriate security controls that best...

Security is a complex and connected web. Though there are many different categories within the all-encompassing field of security, there are still certain lessons that translate across the disciplines. Physical security can largely be seen as a manifestation of the ethereal elements of cyber security. Both the digital and the physical worlds of...

The security community has seen multiple high-profile incidents targeting industrial control systems (ICS) over the past few years. No one can forget Christmas 2015, when a threat actor linked to the Russian government sent spear-phishing emails to the Western Ukrainian power company Prykarpattyaoblenergo. Those messages were laced with BlackEnergy, a...

According to recent research, the majority of Android devices are running security patches that are months old, leaving users vulnerable to attacks. Mobile security company Skycure released the findings of its Q4 2016 Mobile Threat Intelligence Report, revealing that over 70 percent of Android phones lack the latest security patches. The company...

A pastry crimper is accused of swindling a retired divorcee out of £35,000 as part of a dating scam. Aysha Begum arriving outside Truro Crown Court. (Source: Cornwall Live) Authorities have accused 27-year-old Aysha Begum, of Hendra Road, St Dennis, St Austell of having spent £35,126.19 knowing that...

The Russian author of the notorious Citadel malware which infected over 11 million PCs and stole an astonishing $500 million from bank accounts has pleaded guilty to his crimes. 29-year-old Mark Vartanyan, who went by the online handle of "Kolypto", was arrested in the Norwegian town of Fredrikstad in 2015 at the request of the FBI. His extradition...

Cerber ransomware is infecting unsuspecting users via malspam emails sent out by the "Blank Slate" attack campaign. Blank Slate is known for sending out attack emails with two defining characteristics. First, the emails don't come with any message text. Second, they don't contain any information that gives away the nature of their attachments. Even...

As I discussed in a previous blog post, a key security control known as file integrity monitoring (FIM) helps organizations defend against digital threats by monitoring for unauthorized changes to their system state. But that's only half the battle. A change could be authorized but still create new security risk. Organizations need to watch for these...