When Is a Data Breach a Data Breach?
Thu, 21 Mar 2019 10:30:28 +0000

A data breach remains a common headline in the news cycle. A different company, website or social network reports a security issue almost daily. If it feels like using the internet has become a risky endeavor, the feeling is accurate. But what exactly classifies an event as a data breach? The world wide web is […]… Read More

The post When Is a Data Breach a Data Breach? appeared first on The State of Security.

Is the Private or Public Cloud Right for Your Business?
Wed, 20 Mar 2019 11:06:10 +0000

It wasn’t a very long time ago when cloud computing was a niche field that only the most advanced organizations were dabbling with. Now the cloud is very much the mainstream, and it is rare to find a business that uses IT that doesn’t rely on it for a part of its infrastructure. But if […]… Read More

The post Is the Private or Public Cloud Right for Your Business? appeared first on The State of Security.

‘Bad Tidings’ Phishing Campaign Targeting Saudi Government Agencies
Wed, 20 Mar 2019 10:56:57 +0000

An ongoing phishing campaign code-named “Bad Tidings” has been targeting several Kingdom of Saudi Arabia government agencies for years. Researchers at Anomali Labs first detected the Bad Tidings campaign back in November 2016. Since then, the operation has targeted four government agencies in Saudi Arabia: the Ministry of Labor and Social Development, the Ministry of […]… Read More

The post ‘Bad Tidings’ Phishing Campaign Targeting Saudi Government Agencies appeared first on The State of Security.

New Sextortion Scam Tries to Scare Users with Fake CIA Investigation
Tue, 19 Mar 2019 11:36:10 +0000

Extortionists have launched a new sextortion scam campaign that leverages a fake Central Intelligence Agency (CIA) investigation to try to scare users. In an email I obtained from a wary user, the scammers pose as a fake CIA technical collection officer named Roxana Mackay. This character claims in the email that she’s found the user’s […]… Read More

The post New Sextortion Scam Tries to Scare Users with Fake CIA Investigation appeared first on The State of Security.

Cybersecurity ROI: An Oxymoron?
Tue, 19 Mar 2019 11:35:03 +0000

Return on investment: is it worth the money? That is the central question in deciding on any procurement. Demonstrating ROI on cybersecurity products is notoriously difficult and is one of the underlying reasons for the poor state of our nation’s cybersecurity posture. Ah, but here’s the rub: showing tangible ROI on cybersecurity products is difficult […]… Read More

The post Cybersecurity ROI: An Oxymoron? appeared first on The State of Security.

Smarter Vendor Security Assessments: Tips to Improve Response Rates
Tue, 19 Mar 2019 11:17:10 +0000

I have been on the receiving end of many vendor security assessments from customers and prospects.  Here are some tips to increase the likelihood that you’ll get a timely, usable response to the next vendor security assessment that you send out. Understand what data you will be providing One size doesn’t fit all. The level […]… Read More

The post Smarter Vendor Security Assessments: Tips to Improve Response Rates appeared first on The State of Security.

The Greatest of Rewards – Working with Integrity
Mon, 18 Mar 2019 13:15:52 +0000

There are many rewards to being a world class cybersecurity solutions provider at a time when demand for effective solutions is exponentially greater than the existing supply – and getting greater by the minute. But, perhaps the greatest reward is to be asked to model best practices and product capabilities for the greater good of […]… Read More

The post The Greatest of Rewards – Working with Integrity appeared first on The State of Security.

Like Football, Your Cybersecurity Defense Needs a Strong Offense
Mon, 18 Mar 2019 13:00:19 +0000

“The best defense is a good offense.” History credits Revolutionary War hero George Washington with being among the first to vocalize this concept, later famously echoed by heavyweight boxing champ Jack Dempsey and football god Vince Lombardi. And it’s easy to see what they mean. The idea is that being proactive—going on the offense instead […]… Read More

The post Like Football, Your Cybersecurity Defense Needs a Strong Offense appeared first on The State of Security.

Spam Campaign Uses Recent Boeing 737 Max Crashes to Push Malware
Mon, 18 Mar 2019 10:58:49 +0000

A spam campaign is using two recent crashes involving Boeing 737 Max aircraft to distribute malware to unsuspecting users. Discovered by 360 Threat Intelligence Center, a research division of 360 Enterprise Security Group, the campaign sends out attack emails that come from “info@isgec.com” with the subject line “Fwd: Airlines plane crash Boeing 737 Max 8.” […]… Read More

The post Spam Campaign Uses Recent Boeing 737 Max Crashes to Push Malware appeared first on The State of Security.

Attackers Sending Fake Copyright Infringement Notices to Instagram Users
Fri, 15 Mar 2019 21:55:04 +0000

Digital attackers are targeting high-profile Instagram users with fake copyright infringement notifications in a bid to hijack their accounts. Detected by Kaspersky Lab, this scheme begins when an Instagram influencer receives an email notification informing them that their “account will be permanently deleted for copyright infringement.” The email notice looks official in that it uses […]… Read More

The post Attackers Sending Fake Copyright Infringement Notices to Instagram Users appeared first on The State of Security.

How Easy Is It to Spoof a Caller ID?
Fri, 15 Mar 2019 10:00:04 +0000

Caller ID spoofing has become a real nuisance with machines and scammers hiding behind a number that they are not authorized to use. This creates the need to prevent illegitimate calls from using random numbers. In the meantime, have you ever wondered how easy it is to spoof a caller ID? What software is needed? […]… Read More

The post How Easy Is It to Spoof a Caller ID? appeared first on The State of Security.

Attackers Sending Out Fake CDC Flu Warnings to Distribute GandCrab
Thu, 14 Mar 2019 14:25:28 +0000

Digital attackers are sending out fake flu warnings that appear to come from the U.S. Center for Disease Control (CDC) in order to distribute GandCrab ransomware. An attack begins when a user receives a fake CDC email. The sender field claims that the email came from “Centers for Disease Control and Prevention.” But a closer […]… Read More

The post Attackers Sending Out Fake CDC Flu Warnings to Distribute GandCrab appeared first on The State of Security.

US Senators say it shouldn’t be a secret when they’ve been hacked
Thu, 14 Mar 2019 12:23:27 +0000

Federal agencies and companies are required by law to disclose breaches, but Congress is under no such obligation - meaning that the public may have no idea that their political representatives have been hit.

It's time this changed.

The post US Senators say it shouldn’t be a secret when they’ve been hacked appeared first on The State of Security.

Understanding Vulnerability Scoring to Help Measure Risk
Wed, 13 Mar 2019 13:36:31 +0000

Understanding vulnerability scoring can be a daunting task, but a good starting point is first understanding risk and being able to distinguish risk from a vulnerability. Both have been used interchangeably throughout the years. A vulnerability is some aspect of a systems functioning, configuration or architecture that makes the resource a target of potential misuse, […]… Read More

The post Understanding Vulnerability Scoring to Help Measure Risk appeared first on The State of Security.

The Power of Vulnerability Management: Are You Maximizing Its Value?
Wed, 13 Mar 2019 12:52:47 +0000

Tripwire has been in the business of providing vulnerability management solutions with IP360 for about 20 years. With over 20,000 vulnerabilities discovered last year alone, vulnerability management continues to be an important part of most security plans. And most organizations agree. In a recent survey, 89 percent of respondents said that their organizations runs vulnerability […]… Read More

The post The Power of Vulnerability Management: Are You Maximizing Its Value? appeared first on The State of Security.

Kathmandu Notifies Customers of Security Incident Involving Its Website
Wed, 13 Mar 2019 11:15:43 +0000

Outdoor apparel and equipment retail chain Kathmandu said it’s in the process of notifying customers about a security incident involving its website. On 13 March, Kathmandu released a notification disclosing how the company became aware of the security incident between 8 January and 12 February. At some point during that time, an unauthorized third party […]… Read More

The post Kathmandu Notifies Customers of Security Incident Involving Its Website appeared first on The State of Security.

VERT Threat Alert: March 2019 Patch Tuesday Analysis
Wed, 13 Mar 2019 03:58:46 +0000

Today’s VERT Alert addresses Microsoft’s March 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-821 on Wednesday, March 13th.  In-The-Wild & Disclosed CVEs CVE-2019-0754 This CVE describes a Denial of Service vulnerability that could cause a target system to stop responding when code is executed on the […]… Read More

The post VERT Threat Alert: March 2019 Patch Tuesday Analysis appeared first on The State of Security.

New Sextortion Scam Says Adult Sites Infected Victims with Malware
Tue, 12 Mar 2019 18:27:51 +0000

A new sextortion scam is informing victims that their computers suffered a malware infection after they visited an adult website. In this latest ruse, digital criminals claim that they infected a user with malware after they visited a child pornography website. They then say that they leveraged that infection to capture compromising video footage of […]… Read More

The post New Sextortion Scam Says Adult Sites Infected Victims with Malware appeared first on The State of Security.

Why You Need to Align Your Cloud Strategy to Your Business Goals
Tue, 12 Mar 2019 10:30:37 +0000

Your company has decided to adopt the Cloud – or maybe it was among the first ones that decided to rely on virtualized environments before it was even a thing. In either case, cloud security has to be managed. How do you go about that? Before checking out vendor marketing materials in search of the […]… Read More

The post Why You Need to Align Your Cloud Strategy to Your Business Goals appeared first on The State of Security.

Cybersecurity Hygiene: Not a Dirty Little Secret for Long
Mon, 11 Mar 2019 16:10:38 +0000

In October 2018, FICO (a consumer credit scoring specialist) began scoring the cybersecurity of companies based upon a scan of internet facing vulnerabilities. FICO grades companies using the same scoring that is familiar with consumer credit. These metrics are then used to compare security risks against competitors. This announcement has the potential to be a […]… Read More

The post Cybersecurity Hygiene: Not a Dirty Little Secret for Long appeared first on The State of Security.


rssfeedwidget.com