Cybereason gains Lockheed Martin's Threat Intelligence to thwart cyberattacks

Given the recent sharp increase in cyberattacks of all kinds, IT operations driving enterprise scale networks need something that will effectively reduce their intelligence gathering problems and help to automate their response to be as fast as possible. What’s needed is the ability to identify and deal with attacks as they happen but there are[…]

Share

IBM offers advice on how to secure blockchain in the cloud

Cloud providers hosting blockchain secure transactions technology should take additional steps to protect the records, IBM says. IBM’s new framework for securely operating blockchain networks, released Friday, recommends that network operators make it easy to audit their operating environments and use optimized accelerators for hashing — the generation of numbers from strings of text — and[…]

Share

Toy maker Maisto’s website pushed growing CryptXXX ransomware threat

Attackers are aggressively pushing a new file-encrypting ransomware program called CryptXXX by compromising websites, the latest victim being U.S. toy maker Maisto. Fortunately, there’s a tool that can help users decrypt CryptXXX affected files for free. Security researchers from Malwarebytes reported Thursday that maisto.com was infected with malicious JavaScript that loaded the Angler exploit kit.[…]

Share

IDG Contributor Network: Rip up the script when assembling a modern security team

The advanced threats companies face require security teams have different characteristics than the backgrounds analysts typically have. However, most businesses hire security practitioners who have similar professional backgrounds and capabilities. Analysts usually have IT backgrounds, are taught to quickly resolve threats and work in an environment that doesn’t embrace speaking out when there’s a security[…]

Share

Supreme Court approves rule change that expands FBI computer search powers

The Supreme Court has adopted amendments to a rule to give judges the authority to issue warrants to remotely search computers whose locations are concealed using technology. The proposed move had been criticized by civil rights groups and companies like Google that said it threatened to undermine the privacy rights and computer security of Internet[…]

Share

Developers leak Slack access tokens on GitHub, putting sensitive business data at risk

Developers from hundreds of companies have included access tokens for their Slack accounts in public projects on GitHub, putting their teams’ internal chats and other data at risk. Slack has become one of the most popular collaboration and internal communication tools used by companies because of its versatility. The platform’s API allows users to develop[…]

Share

If I Were the Next CEO of Symantec – Redux

I just read a Bloomberg article, proclaiming that Symantec cut its quarterly revenue forecast and announcing that CEO, Michael Brown, will step down.  Unfortunately for Symantec, the company has had a revolving door of chief executives – four different individuals since 2008, and now onward to a fifth. When Symantec went through a similar CEO[…]

Share

ISIS cyberattack capabilities are unorganized, underfunded — for now

The U.S. and its allies should be concerned about cyberattacks from ISIS-affiliated groups, but the hackers are poorly organized and likely underfunded, at least in the short term, according to a new report. Several pro-ISIS hacking groups announced this month they are joining together to form the United Cyber Caliphate, but the groups seem to have[…]

Share

IDG Contributor Network: Government worst of all industries in cybersecurity, says report

“Government, we have a problem”—to paraphrase the crew of the 1970 moon flight reporting back on Apollo 13’s technical fault.  But it sounds about right to describe, in one line, the somewhat frightening state of U.S. government infrastructure—including that of NASA, which is the worst of the federal agencies—exposed recently in a report. Network infrastructure[…]

Share

Headaches likely to grow over auto cybersecurity concerns

The concerns around the cybersecurity of your car are likely magnify in the near term while experts try to figure out what can be done simply to eliminate risks. But while some short-term fixes may develop, forthcoming government auto cybersecurity standards won’t happen until at least 2018. Furthermore, technologies, such as message encryption and authentication,[…]

Share