Hacks Targeting Voter Rolls

Hack the vote blog series: part 2

Chris Camejo

October 25, 2016 - Posted by Chris Camejo to Security Insight

Voter Rolls Hacking

At first glance, the hacks targeting voter registration databases are a bit confusing: the voter rolls are considered a public record in many states, often obtainable by paying a fee of a few hundred dollars. Websites can and have legally republished this data. Records are also available to political campaigns, even in states where the records are not otherwise publicly available, and these lists can be bought online. It raises the question: why hack into a database that can be had just by politely asking for it?

So far the conversation around the voter database hacks has focused on the confidentiality of these records, as if the exposure of this data presents some sort of increased risk. Illinois, a... read more >

The NTT Security SERT Q3 ‘16 Threat Intelligence Report

Ransomware in the health care industry, the ‘direct cash-back’ revenue model, targeting the Internet of Things (IoT), securing SWIFT networks, and a notable decrease in reconnaissance activity.

Danika Blessman

October 20, 2016 - Posted by Danika Blessman to Threat Intelligence

SERT Threat Report Q3 2016

The NTT Security SERT (Security Engineering Research Team) released its Q3 ‘16 Threat Intelligence Report today.

During Q3 ’16, NTT Security researchers observed attacks which exhibited the same characteristics as those a year ago in Q3 ’15 – a notable decrease in reconnaissance and an increase in application attacks, with attackers likely maintaining a persistent presence in the target environment.

NTT Security observed a 38 percent drop in security-related events from Q2 ’16 to Q3 ’16. While that seems like an amazing statistic, it included a dramatic 91 percent decrease in reconnaissance and a 64 percent decrease in suspicious activity, which may indicate more of a change in focus than a dramatic fall off in attack volume.

... read more >

Hack the Vote

Chris Camejo

October 18, 2016 - Posted by Chris Camejo to Security Insight

Blog

The news has been rife with headlines about voting hacks, with the FBI revealing that state voter registration databases have been compromised and warning of ongoing attacks. Meanwhile, one of the major parties has already suffered two known breaches and WikiLeaks continues to post Clinton campaign emails on a regular basis. So far, signs are pointing to operators inside Russia as the culprits for all of the above.

Many of us in the information security... read more >

The Culture of Security Awareness and Corporate Benefits

Rob Kraus

October 13, 2016 - Posted by Rob Kraus to Security Insight

Cybersecurity in the workplace

The age old problem of determining how to identify and mitigate risk has certainly been something organizations have struggled with for many years.

How do you protect your organization? What tools are the best in the marketplace? What tools are good enough and work with my budget? What is my long term plan and how do I get there?

All the above questions are something we deal with every day, but there is also another constant that we often overlook, our people — education about threats and how to address them on the front line.

Let’s face it, people are vulnerable and will always be. So much so, that the National Cyber Security Alliance dedicated a whole week to educating everyone on the culture of cyber security in the workplace during National Cyber Security Awareness Month (NCSAM).

We need to invest in technologies to help overcome our compulsive... read more >

Problem Management

Why problem management is important to security

Matt Ireland

October 06, 2016 - Posted by Matt Ireland to Security Insight

Cyber Attacks

Well, it is now official; I am writing my first blog post. As the Regional Chief Information Security Officer for the Americas here at NTT Security, I felt it important to share with you a perspective that I have gained from my extensive experience with information and physical security, combined with my recent experience with the Information Technology Infrastructure Library (ITIL), and more specifically problem management. ITIL defines problem management as “The process responsible for managing the lifecycle of all problems. Problem management proactively prevents incidents from happening and minimizes the impact of incidents that cannot be prevented” (Steinberg, Rudd, Lacy, and Hanna, 2011). Well, then, what is a problem defined as? ITIL would tell us that a problem is “a cause of one or more incidents. The cause is not usually known at the time a problem record is created, and the problem management process is responsible for further investigation”... read more >

STOP. THINK. FACT CHECK.

#WarStoryWednesday

Brent White

October 05, 2016 - Posted by Brent White to Security Insight

Another Wednesday, another war story. As a Senior Security Consultant here at NTT Security, I am constantly performing assessments on-site for our clients. At a recent on-site social engineering and physical security assessment, we exploited some vulnerabilities that could easily have been avoided with the right security measures in place.

Also, as many of you are aware, October is National Cyber Security Awareness Month (NCSAM). The theme for this week is STOP. THINK. CONNECT, however, I’d like to change it to fit the theme of my blog: STOP. THINK. FACT CHECK. As I’ve said in previous war stories, always ask questions and check that the person is who they say they are. And no matter how nice someone may look or act, always fact check. Use your instincts and don’t let someone with seemingly legitimate credentials fool you.

Assessment Background

The... read more >

Happy National Cyber Security Awareness Month (NCSAM) 2016

Melinda Reinicker

October 03, 2016 - Posted by Melinda Reinicker to Security Insight

NCSAM 2016

Happy National Cyber Security Awareness Month (NCSAM) 2016! NTT Security is very excited to celebrate this year as an official NCSAM Champion. NCSAM is celebrated every October by raising awareness and ensuring safe practices online. The month is dedicated to continuing cyber education and keeping the digital world secure, which NTT Security takes very seriously with our employees and clients. NTT Security has very educational blogs discussing every day security such as social media, travel, IoT, smartphones and more. These blogs can help protect and keep your family, friends and co-workers, yourself and your devices safe online.

NCSAM is not only for personal education and... read more >

<< Newer Entries | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

LATEST TWEETS