The death of passwords has been announced many times. When my mum stops using them, I'll be convinced that we've finally moved on to something better...: Keeping track of user names and passwords sounds easy, but it is not. In a world where protected network resources are accessed by employees on mobile devices, outside contractors, web applications and internet of things (IoT) devices – passwords just don’t cut it anymore. The stakes are high: Eighty-one percent of confi
There's a very good reason that we talk about "People, Process, and Technology" in that order. If you can't find, recruit, and retain skilled people your projects will fail...: Companies are suffering from a lack of resources, both in terms of people and technology (79 percent), and 72 percent have considered leaving their jobs for this reason, Censornet research reveals. Security professionals believe their jobs and the overall security of their organizations would benef
She's not being very nice about Microsoft...: [...] Because the exploits cannot be used remotely, they are not as dangerous as some attacks, says Tripwire's Young. "Similar to past SandboxEscaper releases, these exploits are also local privilege escalations, meaning that attackers would use these only after gaining a foothold on a targeted system," he says. SandboxEscaper has gained a reputation for releasing LPE exploits with no warning. The researcher has posted repeated
There's a big debate about splitting advisory from audit in the Big Four. It hasn't stopped the recruiting drive...: KPMG and PwC are now the UK’s top cyber recruiters, according to new data released by the world’s largest job site, Indeed. Both companies are hiring a large proportion of cyber security specialists, with cyber roles accounting for one in every 17 (5.95 per cent) new KPMG recruits and one in 20 (5.08 per cent) new hires at PwC. The two other members of the acc
Looks like I'm moving my clients away from Magento at the right time...: [...] The software, discovered by researcher Jérôme Segura at Malwarebytes, takes advantage of the popular retail practice of using a third-party credit card payment organization to facilitate credit card use. In this case, the software targets companies using Magento as their financial processing service provider. The malicious software inserts an iframe around the display code that would send the cust
The sound of (digital) sabres being rattled...: North Korea has condemned plans by the Japanese military to develop a counter-attack computer virus as symptomatic of Tokyo’s “war hysteria”, with an analyst warning the move could fuel a cyber arms race. The Japanese government announced this month that it is planning to create malware designed to break into an enemy’s computer systems and cripple its military forces’ ability to communicate and launch attacks against Japan.
The author works in information security so has valid points. The linked securityplanner is a very simple recommendation engine, worth sending round your company and friends and family...: For the first time in my life, I am actually a part of the majority. What I’m referring to are results from a new cyber security test launched by Google developers designed to see how well Americans are able to pick up on subtle security warnings/threats online. While I didn’t necessarily
Worth listening to. TL;DR - if you don't use machine learning, you can bet the bad actors are...: [...] During the 2019 Cyber Security Digital Summit, Darktrace’s Director of Enterprise Cyber Security David Masson, explained how using AI can help enterprises find threats that get inside. He gave examples of the thousands of in-progress threats detected every day, such as: Indiscriminate worms, Trojans, ransomware Exfiltration of sensitive data by insiders Hacked I
Looking for justification to invest in cyber security? How about the effect on your credit rating and the knock-on to your cost of capital?...: Moody’s has just slashed its rating outlook on Equifax, the first time cybersecurity issues have been cited as the reason for a downgrade. Moody’s lowered Equifax’s outlook from stable to negative on Wednesday, as the credit monitoring company continues to suffer from the massive 2017 breach of consumer data. “We are treating t
Nice to see the different branches of the military getting along so well...: The Air Force is investigating the Navy for a cyber intrusion into its network, according to a memo obtained by Military Times. The bizarre turn of events stems from a decision by a Navy prosecutor to embed hidden tracking software into emails sent to defense attorneys, including one Air Force lawyer, involved in a high-profile war-crimes case of a Navy SEAL in San Diego. T...