David Geer

Author Archives: David Geer

Advances in multifactor authentication (MFA) technologies

Enterprises authenticate users based on their knowledge, possession, or inherence of some evidence that they are the party with the given right of access. Some experts see the context of the user’s authentication such as the time, their network IP and device, and their location as the fourth factor of authentication.Stephen Cobb, senior security researcher at ESET says you can assure greater security with each additional factor of authentication that you add.MFA is more important than ever as attackers are increasingly breaking into accounts that use single-factor authentication and sometimes even those with two factors. In one example, attackers tried to get the second factor by using phishing texts that asked users to send over their tokens.To read this article in full or to leave a comment, please click here

Advances in multifactor authentication (MFA) technologies

Enterprises authenticate users based on their knowledge, possession, or inherence of some evidence that they are the party with the given right of access. Some experts see the context of the user’s authentication such as the time, their network IP and device, and their location as the fourth factor of authentication.Stephen Cobb, senior security researcher at ESET says you can assure greater security with each additional factor of authentication that you add.MFA is more important than ever as attackers are increasingly breaking into accounts that use single-factor authentication and sometimes even those with two factors. In one example, attackers tried to get the second factor by using phishing texts that asked users to send over their tokens.To read this article in full or to leave a comment, please click here

Securing risky network ports

Data packets travel to and from numbered network ports associated with particular IP addresses and endpoints, using the TCP or UDP transport layer protocols. All ports are potentially at risk of attack. No port is natively secure.“Each port and underlying service has its risks. The risk comes from the version of the service, whether someone has configured it correctly, and, if there are passwords for the service, whether these are strong? There are many more factors that determine whether a port or service is safe,” explains Kurt Muhl, lead security consultant at RedTeam Security. Other factors include whether the port is simply one that attackers have selected to slip their attacks and malware through and whether you leave the port open.To read this article in full or to leave a comment, please click here

Securing risky network ports

Data packets travel to and from numbered network ports associated with particular IP addresses and endpoints, using the TCP or UDP transport layer protocols. All ports are potentially at risk of attack. No port is natively secure.“Each port and underlying service has its risks. The risk comes from the version of the service, whether someone has configured it correctly, and, if there are passwords for the service, whether these are strong? There are many more factors that determine whether a port or service is safe,” explains Kurt Muhl, lead security consultant at RedTeam Security. Other factors include whether the port is simply one that attackers have selected to slip their attacks and malware through and whether you leave the port open.To read this article in full or to leave a comment, please click here

How to respond to device and software backdoors inserted or left by vendors

It’s bad enough when black hat hackers insert malicious backdoors into systems and software after vendors/makers have sold these into the marketplace. It is another matter when the vendors who create these devices and programs unwittingly or purposely leave backdoors inside their products.With IHS forecasting an influx of 30.7 billion IoT devices by 2020 and 75.4 billion by 2025, additional products that could house vendor backdoors will flood the enterprise, multiplying the risks of these kinds of security holes.To read this article in full or to leave a comment, please click here(Insider Story)

10 greatest inside security risks

Internal threatsImage by ThinkstockLast year was the worst on record for information security incidents, and the majority of those were due to inside sources, many studies agree. Prime suspects are employees and contractors with privileged user access, says Sam Elliott, director of security product management at Bomgar. Elliott warns that these 10 employees could be your greatest internal security threat.To read this article in full or to leave a comment, please click here

10 greatest inside security risks

Internal threatsImage by ThinkstockLast year was the worst on record for information security incidents, and the majority of those were due to inside sources, many studies agree. Prime suspects are employees and contractors with privileged user access, says Sam Elliott, director of security product management at Bomgar. Elliott warns that these 10 employees could be your greatest internal security threat.To read this article in full or to leave a comment, please click here

6 of the most effective social engineering techniques

Social engineering is the strongest method of attack against the enterprise’s weakest vulnerability, its people. Criminal hackers recognize this fact. In 2015, social engineering became the No. 1 method of attack, according to Proofpoint’s 2016 Human Factor Report.These successful social engineering methods often use phishing and malware. But deceptive information assailants have more tools and approaches to draw on than these.That’s why CSO covers six of the most effective social engineering techniques that attackers use both on and off the internet, providing insights into how each one works, what it accomplishes, and the technologies, methods, and policies for detecting and responding to social saboteurs and keeping them at bay.To read this article in full or to leave a comment, please click here(Insider Story)

6 of the most effective social engineering techniques

Social engineering is the strongest method of attack against the enterprise’s weakest vulnerability, its people. Criminal hackers recognize this fact. In 2015, social engineering became the No. 1 method of attack, according to Proofpoint’s 2016 Human Factor Report.To read this article in full or to leave a comment, please click here(Insider Story)

Ransomware picks off broader targets with greater severity

If you thought it was bad when the FBI reported last year that ransomware was on the rise, you should read the forecasts for this year. According to SonicWall’s most recent Annual Threat Report, “ransomware attacks grew 167 times since 2015, from 3.8 million in 2015 to 638 million in 2016.”This year, TrendMicro sees a 25-percent growth in the number of new ransomware families available for use in breaches. Reports of the encroachment of ransomware on government, law enforcement, critical infrastructure, and health and safety are already climbing.To read this article in full or to leave a comment, please click here

Ransomware picks off broader targets with greater severity

If you thought it was bad when the FBI reported last year that ransomware was on the rise, you should read the forecasts for this year. According to SonicWall’s most recent Annual Threat Report, “ransomware attacks grew 167 times since 2015, from 3.8 million in 2015 to 638 million in 2016.”This year, TrendMicro sees a 25-percent growth in the number of new ransomware families available for use in breaches. Reports of the encroachment of ransomware on government, law enforcement, critical infrastructure, and health and safety are already climbing.To read this article in full or to leave a comment, please click here

How to get your infrastructure in shape to shake off scriptable attacks

According to F-Secure’s The State of Cyber Security 2017 report, criminal hackers perform most cyber-attacks using basic, scriptable techniques against poorly maintained infrastructure. This will continue as long as there are loads of attack scripts and plenty of poorly secured networks.The number of attack scripts is climbing as elite hackers continue to create these scripts and sell them to others, says Itzik Kotler, CTO and Co-Founder, SafeBreach. There doesn’t seem to be any stopping this trend.CSO examines scriptable attacks and the part of the problem that you can control: getting your infrastructure in shape to shrug off these breaches.To read this article in full or to leave a comment, please click here

How to get your infrastructure in shape to shake off scriptable attacks

According to F-Secure’s The State of Cyber Security 2017 report, criminal hackers perform most cyber-attacks using basic, scriptable techniques against poorly maintained infrastructure. This will continue as long as there are loads of attack scripts and plenty of poorly secured networks.The number of attack scripts is climbing as elite hackers continue to create these scripts and sell them to others, says Itzik Kotler, CTO and Co-Founder, SafeBreach. There doesn’t seem to be any stopping this trend.CSO examines scriptable attacks and the part of the problem that you can control: getting your infrastructure in shape to shrug off these breaches.To read this article in full or to leave a comment, please click here

How to protect your data, your vehicles, and your people against automotive cyber threats?

Modern vehicles increasingly connect to the rest of the world via short range wireless technologies such as Wi-Fi and Bluetooth, wired interfaces such as OBD-II and USB, long range wireless communications such as 4G and the coming 5G for internet, and services such as OnStar, LoJack, and Automatic, to name only some. That world includes your enterprise and the criminal hackers and cyber carjackers who want to undo your data, your corporate fleets, and your people.The costs of their attacks include exposure of personal identifiable information and private data, and exposure or destruction of valuable intellectual property, according to Eric Friedberg, co-president at Stroz Friedberg. Loss of life in the midst of vehicle destruction/collision weighs heavily as a potential personal, professional, and corporate cost, as well.To read this article in full or to leave a comment, please click here(Insider Story)

How to protect your data, your vehicles, and your people against automotive cyber threats?

Modern vehicles increasingly connect to the rest of the world via short range wireless technologies such as Wi-Fi and Bluetooth, wired interfaces such as OBD-II and USB, long range wireless communications such as 4G and the coming 5G for internet, and services such as OnStar, LoJack, and Automatic, to name only some. That world includes your enterprise and the criminal hackers and cyber carjackers who want to undo your data, your corporate fleets, and your people.To read this article in full or to leave a comment, please click here(Insider Story)

How to wake the enterprise from IoT security nightmares

The IoT security market will reach a valuation of $36.95 billion by 2021, says data from a Marketsandmarkets.com analyst report. Where the cyber security mayhem grows, so flows the security market money.In 2017, experts predict that gaping IoT security holes will lead to the destruction of critical infrastructure and increases in competitive intelligence gathering and intellectual property theft. 2017 will see more DDoS attacks of the magnitude that brought down the Dyn Domain Name System service and many high-profile web domains with it.To read this article in full or to leave a comment, please click here(Insider Story)

Free security tools to support cyber security efforts

There are more free information security tools out there than you can highlight with a fist full of whiteboard pointers. While many are trial ware-based enticements designed to lure decision makers to purchase the pricey premium counterparts of these freebies, many are full-blown utilities. A few important categories include threat intelligence tools, tools to build security in during the development stage, penetration testers, and forensics tools.Threat intelligence tools include AlienVault’s Open Threat Exchange, which collects and shares online threat intelligence as well as the Hailataxii and Cymon.io threat exchanges. There are a variety of SAST (Static Application Security Testing) tools for security testing software applications that developers write using different languages whether C/C++, Ruby on Rails, or Python. For penetration testing, we present the Nmap Security Scanner and the broadly useful Wireshark network protocol analyzer. Specific forensics products include the GRR remote forensic framework, and Autopsy and SleuthKit, which analyze hard drives and smartphones, and the Volatility Foundation’s open source framework for memory analysis/forensics.To read this article in full or to leave a comment, please click here(Insider Story)

Free security tools to support cyber security efforts

There are more free information security tools out there than you can highlight with a fist full of whiteboard pointers. While many are trial ware-based enticements designed to lure decision makers to purchase the pricey premium counterparts of these freebies, many are full-blown utilities. A few important categories include threat intelligence tools, tools to build security in during the development stage, penetration testers, and forensics tools.To read this article in full or to leave a comment, please click here(Insider Story)

1 2 3