I know this will come as a shock to all security experts, but our systems and networks are constantly under attack by an ever-expanding list of malware that threatens just about everything we do online — from working and shopping to communicating and governing. It’s true that hackers never sleep, which means that every corner presents a potential danger each time we go online. If we aren’t adequately prepared to protect the systems we rely on and get ahead of more harmful, targeted attacks, we will continue to fall victim to evolving cyber crimes that are out to exploit our systems to steal sensitive and proprietary information for personal gain, corporate espionage or international deception. We need to move to a modern, proactive security suite. Continue reading this post…
Just when browsers have become more secure from cybercrime, hackers are turning their attentions to the people using them. According to the article, “Microsoft: One in 14 downloads is malicious,” social engineering attacks have blossomed into one of the most preferred criminal tactics to get users to download harmful Trojans. With the rate of about 1 in every 14 programs downloaded by Windows users being some type of malware, Alex Stamos, a founding partner with security consulting firm, Isec Partners, said if attackers can’t get passed tougher browser defenses, they’re adopting new tricks that prey on peoples’ poor decision making.
Today, there are a number of different social engineering techniques that cyber criminals are using to deliver malware to end users, including:
Email from a friend: Users get a message from a friend telling them to view a video. When the link asks to download some required software, they are actually downloading a malicious program.
Continue reading this post…
Visa has announced plans for a one-click payment system, or what it calls a “universal digital wallet,” to improve the online experience by simplifying the process of purchasing items across the Internet. While a single log-in and password will eliminate the burden of consumers having to re-enter personal and card information when buying items online or on mobile sites, as well as securely store their account information in one location, I’m not sure how much this answers critical questions around how financial institutions can better protect their networks and customers from a wave of new malware targeting bank accounts.
For example, last week security researchers said that the source code for one of the most notorious banking Trojans is now freely available over the Internet for any malware author interested in creating banking Trojans. In the article, “Zeus source code leaked means even more banking malware to hit the web,” the release of the complete source code for the Zeus botnet could open the floodgates for more complicated Zeus variants. With the Zeus kit available on several underground forums, Pierre-Marc Bureau, senior researcher at ESET, said this could lower the bar of entry for malware authors, giving even the most junior programmers free rein to create new Zeus variants. Continue reading this post…
In February, Dan Teal discussed here on WhiteSpace why today’s Mac users have to change their way of thinking when it comes to malware attacks. Once operating with the mindset that malware writers were only interested in Windows systems, Mac users need to understand that there is a new trend emerging. As the number of Mac users continues to steadily increase, cyber criminals are expanding the types of systems and platforms they target.
That message was reaffirmed this week in the Wall Street Journal. In the article, “Time For Mac Users To Think About Viruses,” Ben Rooney makes the point that Mac lovers should no longer feel smug about not getting viruses, or at the very least begin thinking about virus protection. Continue reading this post…
Cloud computing has certainly taken its share of hits lately. Last month’s Amazon outage created a lot of chatter and analysis around the reliability and availability of cloud-based services. Despite what pretty much amounts to growing pains for cloud computing, most everyone agrees that businesses will continue pursuing cloud services for the many cost and competitive advantages that the cloud promises.
The one thing that these types of events bring to light is the importance of security with cloud providers. According to the recent article, “Symantec executives caution customers on cloud provider security,” as more and more businesses turn to cloud services, they need to hold their providers to the same security standards that they adhere to because they can still be liable if their data is breached.
Whether an organization’s business assets are on-premise or reside in the cloud, securing critical data needs to be the No. 1 priority. Continue reading this post…