As concern mounts over cyber warfare between nations, major Wall Street firms will take part later this month in a simulated network disruption exercise aimed at testing their ability to respond to a widespread attack. Read more
Wall Street To Stage Cyber War Game
Posted in Network Security, Uncategorized
Tagged Cyber Attack, cyber war game, Wall Street Cyber War Game
Leave a comment
The Dark Side Of Covert Clouds
We know it happens all the time – employees want to get something done quickly, so they bypass the bureaucracy of their company’s IT department and with a couple of clicks go straight to the cloud. But by doing so, they greatly increase the risk of exposing the company’s network to malware. Read more
Posted in Cloud Security, Security Management
Tagged covert cloud, data leakage, VMware
Leave a comment
PRISM Leaker Stirs US-China Cyber Feud
Edward Snowden, the source of the leaks about the US government’s PRISM cyber spying program, claimed this week that the US has been hacking computers in China for at least four years.
Snowden, who is now in hiding in Hong Kong – a Chinese-controlled territory – made the claims in an interview with the Hong Kong newspaper South China Morning Post. Read more
Posted in Governance, Risk and Compliance, Uncategorized
Tagged China Cyber Feud, cyber spying, Edward Snowden, PRISM
Leave a comment
Google Reports ‘Political’ Phishing Attacks In Iran
Phishing attacks in Iran have spiked dramatically in recent weeks and appear to be related to presidential elections in the country tomorrow (Friday June 14), Google said this week.
Eric Grosse, vice president of security engineering, said in a blog post that over the last three weeks the company had detected and disrupted “multiple email-based phishing campaigns aimed at compromising the accounts owned by tens of thousands of Iranian users. These campaigns, which originate from within Iran, represent a significant jump in the overall volume of phishing activity in the region. The timing and targeting of the campaigns suggest that the attacks are politically motivated in connection with the Iranian presidential election on Friday.” Read more
Posted in Data Protection, Uncategorized
Tagged Google attacks, Iran Phishing Attacks, phishing
Leave a comment
Moving from Compliance to Risk-Based Security, Part 1
After 10 years of managing an IT audit function for an international energy company, I had the opportunity to head up their IT Strategy group that was charged with creating Organizational IT Security and Risk profiles and plans.
The charge of this function was to annually evaluate organization-wide internal and external risk as it relates to IT, and to communicate this information back to the CISO, CIO and CFO. To carry out the evaluation of organizational IT risk required not just working with IT personnel, but also business personnel all the way up the C-level business unit leaders. Read more
Posted in Governance, Risk and Compliance
Tagged Compliance, FISMA, HIPPA, IT Security, PCI, Risk-based Security
Leave a comment
Global Security Technology Market Seen Booming
Gartner analysts this week forecast that the worldwide security technology and services market would grow 8.7 percent this year to $67.2 billion as cyber threats become increasingly sophisticated and dangerous.
The analysts, attending a Gartner summit on security and risk management at National Harbour, MD, said the market could grow to more than $86 billion in 2016. Read more
Posted in Network Security, Security Threats
Tagged BYOD, Cyber Threats, Gartner, targeted attacks
Leave a comment
Storm Over PRISM Leaks Widens
The saga of one of the most significant leaks of government information in recent US history has taken a new twist with the decision by the whistleblower – former CIA technical staffer Edward Snowden – to go public.
In an interview carried out in Hong Kong with the UK newspaper The Guardian, Snowden said that after leaving the CIA he had done contract work for the National Security Agency on behalf of his current employer, Booz Allen Hamilton. Read more
US Government Angry Over Internet Spying Leaks
Director of National Intelligence James Clapper has denounced leaks to The Washington Post and Guardian newspapers this week which revealed that his agency is spying on e-mails and other internet traffic obtained from nine major companies.
In a statement on Thursday, Clapper confirmed the surveillance was taking place but accused the newspapers of making unspecified errors in their reporting. Read more
Posted in Governance, Risk and Compliance, Network Security
Tagged Internet spying, PRISM, spying programme
Leave a comment
Microsoft, FBI Claim Success Against Citadel Botnets
Microsoft and the FBI have carried out a major operation against cybercriminals using Citadel malware, saying they disrupted more than 1,000 botnets responsible for about $500 million in financial fraud globally.
In separate releases issued on Wednesday (June 5), the software giant and the FBI said they had worked with leaders of the financial services industry in acting against “a massive global cybercrime operation.” Read more
Posted in Network Security, Security Threats
Tagged anti-botnets, botnets, Citadel botnets, Cyber Threats, cybercriminals
Leave a comment
McAfee Report Cites Citadel Threat
Cyberspace grew both more dangerous and irritating in the first quarter of the year, according to McAfee Labs’ threat report for the period.
In a report issued this week, the tech security company sounded a special warning about the Citadel Trojan, which has been updated to extract personal information from victims. Read more
Posted in Cloud Security, Security Threats
Tagged cybercriminal, malware, retro-malware, spam
Leave a comment
