I’m very proud to announce that the CoreTrace Bouncer application whitelisting solution is in the testing process to be certified to Common Criteria Evaluation Assurance Level (EAL) 3+. As we go through evaluation under the Canadian Common Criteria Evaluation and Certification Scheme (CCS), I’m completely confident that our platform will become the first application whitelisting solution to be certified to Common Criteria EAL 3+.
As a former Air Force Information Warfare Officer, I know the dangers today’s threat landscape poses to our critical infrastructure, government and military systems. ( Read More… )
I know this will come as a shock to all security experts, but our systems and networks are constantly under attack by an ever-expanding list of malware that threatens just about everything we do online — from working and shopping to communicating and governing. It’s true that hackers never sleep, which means that every corner presents a potential danger each time we go online. If we aren’t adequately prepared to protect the systems we rely on and get ahead of more harmful, targeted attacks, we will continue to fall victim to evolving cyber crimes that are out to exploit our systems to steal sensitive and proprietary information for personal gain, corporate espionage or international deception. We need to move to a modern, proactive security suite. ( Read More… )
Just when browsers have become more secure from cybercrime, hackers are turning their attentions to the people using them. According to the article, “Microsoft: One in 14 downloads is malicious,” social engineering attacks have blossomed into one of the most preferred criminal tactics to get users to download harmful Trojans. With the rate of about 1 in every 14 programs downloaded by Windows users being some type of malware, Alex Stamos, a founding partner with security consulting firm, Isec Partners, said if attackers can’t get passed tougher browser defenses, they’re adopting new tricks that prey on peoples’ poor decision making.
Today, there are a number of different social engineering techniques that cyber criminals are using to deliver malware to end users, including:
Email from a friend: Users get a message from a friend telling them to view a video. When the link asks to download some required software, they are actually downloading a malicious program.
( Read More… )
Visa has announced plans for a one-click payment system, or what it calls a “universal digital wallet,” to improve the online experience by simplifying the process of purchasing items across the Internet. While a single log-in and password will eliminate the burden of consumers having to re-enter personal and card information when buying items online or on mobile sites, as well as securely store their account information in one location, I’m not sure how much this answers critical questions around how financial institutions can better protect their networks and customers from a wave of new malware targeting bank accounts.
For example, last week security researchers said that the source code for one of the most notorious banking Trojans is now freely available over the Internet for any malware author interested in creating banking Trojans. In the article, “Zeus source code leaked means even more banking malware to hit the web,” the release of the complete source code for the Zeus botnet could open the floodgates for more complicated Zeus variants. With the Zeus kit available on several underground forums, Pierre-Marc Bureau, senior researcher at ESET, said this could lower the bar of entry for malware authors, giving even the most junior programmers free rein to create new Zeus variants. ( Read More… )
In February, Dan Teal discussed here on WhiteSpace why today’s Mac users have to change their way of thinking when it comes to malware attacks. Once operating with the mindset that malware writers were only interested in Windows systems, Mac users need to understand that there is a new trend emerging. As the number of Mac users continues to steadily increase, cyber criminals are expanding the types of systems and platforms they target.
That message was reaffirmed this week in the Wall Street Journal. In the article, “Time For Mac Users To Think About Viruses,” Ben Rooney makes the point that Mac lovers should no longer feel smug about not getting viruses, or at the very least begin thinking about virus protection. ( Read More… )