Crowdfunding campaign to buy stolen NSA hacking tools from Shadow Brokers

The idea of crowdfunding to raise enough money to buy NSA-linked hacking tools from the Shadow Brokers is picking up steam and making some people steam. The price tag for getting hold of stolen Equation Group hacking tools is 100 Zcash. When I started the article about the Shadow Brokers revealing details about its June[…]


Top 5 misconceptions of IoT network and device security

Security in multiples Image by Shutterstock The Internet of Things (IoT) describes an interconnected system of standalone devices, which communicate and transfer data within the existing internet infrastructure, providing greater insight and control over elements in our increasingly connected lives. With an estimated 30 billion connected devices to be deployed across the globe by 2020,[…]

How to conduct an IoT pen test

Penetration testing was much like taking a battering ram to the door of the fortress. Keep pounding away and maybe find a secret backdoor to enter through. But what happens if pieces of the network are outside of the fortress? With the flurry of Internet of Things devices, is it harder to conduct a pen[…]

IDG Contributor Network: Network analysis can find malware before it strikes

Network traffic analysis should be used more in the fight against malware. That’s because pointers show up on the network “weeks and even months” in advance of new malicious software being uncovered, scientists from the Georgia Institute of Technology explain in an article on the school’s website. The researchers, who have been studying historic network[…]

Gravityscan, keeping WordPress sites safe

If your website, in common with roughly 25% of all websites, is running WordPress then it’s pretty much certain that it’s being constantly attacked. WordPress is to hackers what raw meat is to jackals because unless sites are assiduously maintained, they quickly become vulnerable to a huge number of exploits. The root cause of this[…]

Cisco: Secure IoT networks, not the devices

With networking pros unable to trust the security of Internet of Things devices, Cisco says they should focus on implementing network-based security protections that limit the blast radius of IoT security breaches. This week Cisco unveiled a new package named IoT Threat Defense at the company’s IoT World Forum in London.  IoT Threat Defense combines[…]

IDG Contributor Network: Educating the public about security – are we doing it all wrong?

In 2016 consumers were exposed to a larger number of high profile data breaches than any year previously. According to the Breach Level Index, 1,792 data breaches led to almost 1.4 million data records being compromised worldwide, an increase of 86% compared to 2015. Identity theft was the leading type of data breach last year,[…]

Netgear added data collection 'feature' to NightHawk R7000 routers; disable it

Netgear makes some popular routers, but do you really want the company behind your model of router to collect data such as your IP address and MAC address? If the answer is no, then you need to disable the ‘analytics’ data collection. Netgear’s NightHawk R7000 router, dubbed as “best-selling” and “top-rated” router on Amazon, is[…]

Splunk on SOAPA (part 1)

I’ve written a lot about ESG’s security operations and analytics platform architecture (SOAPA).  SOAPA is happening because enterprise organizations are surrounding SIEM with lots of other security analytics and operations tools to accelerate incident detection and response.  As this occurs, many organizations are actively integrating these technologies together with the goal of building an end-to-end,[…]