Security systems are blind to memory-based threats

By |2019-02-22T04:50:04+00:00February 22nd, 2019|Security News, Uncategorized|

The failure of traditional security systems to see memory-based threats pose data theft risks You can’t protect what you can’t see. Process memory is still goes unseen by most security tools, making memory the perfect target for attackers. Recent memory attacks include GreyEnergy, BlackEnergy, WannaCry, NotPetya, Industroyer, Triton, Spectre and Meltdown. All of these attacks [...]

Blog Series: Cybersecurity threats we expect to see in 2019

By |2019-02-22T04:42:34+00:00February 20th, 2019|Security News, Uncategorized|

Death, taxes….and cyber threats In 1789, Benjamin Franklin wrote in a letter that “Our new Constitution is now established, and has an appearance that promises permanency; but in this world nothing can be said to be certain, except death and taxes.” Ben Franklin couldn’t conceive of computing and the Internet, but in our current era [...]

20 Spectre and Meltdown Attacks Demonstrated So Far and Rising: This Class of Threat Continues in 2019

By |2019-02-15T19:20:13+00:00February 15th, 2019|Security News, Uncategorized|

Authors: Shauntinez Jakab, Michelle Netten What you should know about Spectre Attacks Branch misprediction is the basis for the attack Attackers leverage the mis-training mechanism Process memory address space is affected Only works with data the application can access architecturally Four methods can be applied to mis-train branch prediction What you should know about Meltdown [...]

The Year-Over-Year Trend of Significant Cyber Attacks Is Increasing Dramatically

By |2019-02-08T20:45:39+00:00February 8th, 2019|Security News, Uncategorized|

With comparison infographic of cyber attacks 2017 & 2018 Significant data breach events have reached the unwelcome distinction of becoming a near daily occurrence. In 2005, the number of significant breaches was under 200. In 2017, that number was 1,300. The actual number of cyber hacks in 2018 over 2017 went down, but measuring “significance” [...]

Even Over, Shutdowns Still Affect Contractor Staff Recruiting & Boost Hacker Activity

By |2019-02-01T16:40:13+00:00January 31st, 2019|Security News, Uncategorized|

With comments and summary from Ray Demeo Key Takeaways for Executives* • The government shutdown made it harder for contractors to attract and retain top talent. • The tight labor market worsens this effect, as employees have more options for jumping ship than they had during previous shutdowns. • Larger firms were able to switch [...]

New Ursnif Bank Trojan Uses Fileless Infection To Steal Passwords & Remain Undetected

By |2019-02-01T05:03:55+00:00January 30th, 2019|Security News, Virsec in the News|

isBuzz, Information Security and Security Week, January 28, 2019, with comments by Ray DeMeo Fileless Ursnif Trojan hits unsuspecting banks A new Trojan variant called Ursnif is hitting banks, sneaking in under the radar and stealing users’ passwords and credentials. Researches wrote in a blog post that the Trojan uses a "fileless persistence, which makes [...]

The Biggest Cybercrime Threats of 2019

By |2019-01-14T21:13:31+00:00January 14th, 2019|Security News, Virsec in the News|

E-Commerce Times, January 11, 2019, with comments from Satya Gupta Cybercrime is becoming so costly it’s well on its way to becoming more profitable than the global trade of all major illegal drugs combined. And it’s costly to organizations. By 2021, it’s estimated that cybercrime will cost the US $6 trillion, double its cost 4 [...]

Facebook compromises users’ privacy yet again

By |2019-01-07T21:30:23+00:00January 7th, 2019|Security News|

Up to 6.8 million users’ private photos exposed to developers in latest leak It seems for Facebook that 2018 is the year of saying ‘We’re sorry’ again and again as it announces breach after breach. The last one we knew about was a breach revealed on September 25, 2018 where 30-50 million users were impacted. [...]

Congressional investigation into Equifax breach finds multiple security failures

By |2019-01-06T18:59:27+00:00December 28th, 2018|Security News, Uncategorized|

After a 14-month government investigation into the Equifax breach Congress report concludes the breach was preventable. In December, the US House Committee on Oversight and Government Reform completed its 14-month investigation into the Equifax breach. In their final report released earlier this month, they held Equifax accountable for the massive breach that impacted close to [...]

For one company hit big by NotPetya, their insurance company is refusing to pay out on their policy’s cyber attack coverage

By |2018-12-21T16:58:33+00:00December 21st, 2018|Security News, Uncategorized|

NotPetya is the globe’s worst cyber attack so far To date, first place for the most destructive cyber attack the world has ever seen goes to NotPetya. It struck in the summer of 2017, perhaps most memorably impacting Maersk, the Danish shipping company. For them, their network was so corrupted, their IT staff was rendered [...]