Taking Advantage of Network Segmentation in 2019

Overview Security is and will always be top of mind within organizations as they plan out the year ahead. One method of defense that always deserves attention is network segmentation. In the event of a cyberattack, segmented networks will confine the attack to a specific zone – and by doing so, contain its impact by preventing attackers from exploiting their initial access to move deeper into the network. By segmenting…

January 16, 2019
Read More >>

2019 Predictions: What Will Be This Year’s Big Trends in Tech?

2018 was a year that saw major developments in machine learning, artificial intelligence and the Internet of Things, along with some of the largest scale data breaches to date. What will 2019 bring, and how can businesses prepare themselves for the technological developments to come over the next twelve months? Data security  More than any other year, 2018 has cemented the importance of keeping data secure online, with many high-profile…

January 16, 2019
Read More >>

Why Zero Tolerance Is the Future for Phishing

Our Testing Data Shows You’re Letting Me Hack You Every Time Phishing just doesn’t get the love it deserves in the security community. It doesn’t get the headlines, security staff time, or dedicated attention that other, more flashy threat vectors get. Certainly, high-impact malware variants that sweep the globe, get their own cool logos and catchy names command respect. But at the end of the day, phishing attacks are really…

January 9, 2019
Read More >>

Universities Beware! The Biggest Security Threats Come from Within the Network

Higher Education networks have become incredibly complex. Long gone are the days where students connected desktop computers to ethernet cables in their dorm rooms for internet. Now students can access the school’s wireless network at anytime from anywhere and often bring four or more devices with them on campus. Expecting to use their smartphones and gaming consoles for both school related and personal matters, they rely on constant internet connectivity….

January 8, 2019
Read More >>

IAST Technology Is Revolutionizing Sensitive Data Security

Unauthorized access to sensitive data, also known as sensitive data leakage, is a pervasive problem affecting even those brands that are widely recognized as having some of the world’s most mature software security initiatives, including Instagram and Amazon. Sensitive data can include financial data such as bank account information, personally identifiable information (PII), and protected health information (i.e., information that can be linked to a specific individual relating to their…

January 8, 2019
Read More >>

Cybercriminals Hide Malware Commands in Malicious Memes

Trend Micro security researchers have discovered a new piece of malware that receives commands via malicious memes its operators published on Twitter.  The method used to conceal malicious commands is called steganographyand has long been abused by cybercriminals to hide malicious payloads inside files in order to evade security solutions. Several years ago, security researchers observed the technique being abused in exploit kitand malvertising campaigns. The use of social media platforms such as…

January 3, 2019
Read More >>

Miori IoT Botnet Targets Vulnerability in ThinkPHP

A recent variant of the Mirai botnet is targeting a remote code execution (RCE) vulnerability in the ThinkPHP framework, Trend Micro security researchers warn. Dubbed Miori, the threat leverages a relatively new exploit that was published on December 11, and which targets ThinkPHP versions prior to 5.0.23 and 5.1.31. Other actors might also target ThinkPHP for their nefarious purposes, a recent surge in events related to the ThinkPHP RCE suggests.  Miori,…

January 3, 2019
Read More >>

IT security Predictions for 2019 – Verifying Trust

Making predictions in the information security space is always an interesting yet challenging task. The very nature of cybersecurity, with the velocity of vulnerabilities and new threat actor coalitions along with the shifting regulatory environment, requires organisations to stay vigilant and informed. Although we are at a point where new technologies such as AI and ML are grabbing a lot of the attention, a major change for 2019 onwards is…

December 19, 2018
Read More >>

Vote for Blockchain [Voting]

While the internet has been around for nearly two decades, our society has failed to devise a reliable, fraud-proof way to implement a digital voting system. As it stands, our current election process is not particularly conducive to the act of casting a vote. Many people refuse to take the time off on a weekday in order to make it to their polling centers. Furthermore, finding a polling place can…

December 19, 2018
Read More >>

Conflicted External Auditors at Heart of Equifax Data Breach

The US House Committee on Government Oversight and Reform published the results of its investigation into the Equifax breach, calling it “entirely preventable.” The report highlighted multiple problems, but two issues stand out: overall incompetence by Equifax’s IT security staff, and a reliance on “legacy” systems literally from the 1970’s. What has not been discussed, however, is the fact that since 2011 Equifax held third party certification to ISO 27001, the international…

December 13, 2018
Read More >>