In the aftermath of major hacks on Sony PlayStation and Epsilon, businesses experienced an explosion of Trojans and other malicious software that Microsoft says now account for one in every 14 downloads. Also in May, it was discovered that the source code for the infamous Zeus banking malware is now freely available for cyber crooks to download. Does this mean more cyber attacks on banks are coming? Here are some of the top endpoint security stories for May 2011. Continue reading this post…
The recent Epsilon security breach that resulted in millions of customer email addresses being compromised, brings to light something I’ve said before, but can’t emphasize enough: You can’t control everything your end-users are doing. What you can control is what they are causing.
While companies can educate and train end-users to be more mindful of dangerous phishing and social engineering attacks, the truth of the matter is people are people, and they are going to make mistakes. According to the InfoWorld article, “Report: End-user ignorance at Epsilon let hackers steal customer data,” in this particular case, a mistake made by one end-user in an email-based phishing attack effected many others simply because the user was connected to a larger network that stored millions of customer email addresses of big-name companies including Chase, Citi, Walgreens, Target, Disney Vacations, Fry’s and Eddie Bauer, to name a few. Continue reading this post…
Each year, several key topics emerge from RSA that get everybody thinking. This year was no different. From next-generation cyber security to the impact the cloud could have on the industry, every security professional today is thinking about how they’re going to protect their network from evolving cyber threats, regardless of the type of attack or operating platform. Here are some of the top endpoint security stories for February 2011. Continue reading this post…
The old adage of everything old is new again resurfaced last week as a new email worm reminiscent of the love letters and Anna Kournikova email worms from a decade ago infected systems around the globe. Using a Windows screensaver file containing malicious code, the “Here you have” virus pretends to offer links to PDF documents or videos before actually installing a worm on the user’s computer. Once on a system, the malware spreads by disabling antivirus programs and exploiting PC users’ address books. So far, organizations such as Google, NASA, ABC-Disney, Coca-Cola and Comcast have been hit.
Following the worldwide outbreak, Symantec, along with other antivirus companies, issued recommendations to help companies mitigate the threat and stop it from spreading Continue reading this post…
In Monday’s blog, “Why Rockefeller-Snowe’s Regulations Won’t Prepare The U.S. For Cyberwar,” security expert Richard Stiennon provides a straightforward analysis of why we can’t effectively regulate cyber security. In a nutshell, passing a new cyber security bill would do nothing to better prepare us for cyber attacks. What we need to do is beef up our defenses with accepted security practices. I couldn’t agree more.
Historically, legislation has proven to be woefully inadequate in preparing the U.S. for cyberwar. Why? Because there are no consequences. Continue reading this post…
Questions? Leads on topics? Ideas for improvement? Or just want to open up a dialog and chat with us about — whatever? We want to hear what you have to say!
All content copyright 2008–2009, CoreTrace Corporation. All trademarks are the property of their respective owners. CoreTrace, BOUNCER, and BOUNCER by CoreTrace are registered trademarks of CoreTrace Corporation. All rights reserved.