You are viewing 'cyberattacks'

Facebook isn’t Safebook!

ImageGate allows Ransomware Infection

David Biser

November 29, 2016 - Posted by David Biser to Security News

Facebook

With so many users accessing Facebook within corporate networks, it is imperative that your security team be up to date on current threats involving social media. A well-known piece of malware, Locky Ransomware, is spreading via Facebook Messenger by pretending to be a harmless image file. Since many companies allow employees to access Facebook, this presents a potentially massive hole in security programs.

The initial reports on this piece of ransomware show a commonality among the type of infection vector and approach used by the attackers. First, the user receives an instant message containing only an image file, or what appears to be an image file. It is usually titled generically with a .svg extension. A .svg (Scalable Vector Graphics) is an XML-based vector image, which is formatted for two dimensional graphics and support for animation and interactivity. These image files can be created and edited with any text... read more >

Hacks Targeting Voter Rolls

Hack the vote blog series: part 2

Chris Camejo

October 25, 2016 - Posted by Chris Camejo to Security Insight

Voter Rolls Hacking

At first glance, the hacks targeting voter registration databases are a bit confusing: the voter rolls are considered a public record in many states, often obtainable by paying a fee of a few hundred dollars. Websites can and have legally republished this data. Records are also available to political campaigns, even in states where the records are not otherwise publicly available, and these lists can be bought online. It raises the question: why hack into a database that can be had just by politely asking for it?

So far the conversation around the voter database hacks has focused on the confidentiality of these records, as if the exposure of this data presents some sort of increased risk. Illinois, a... read more >

Top Ten Ways to Fight Ransomware with Backups

Your Backup Strategy Can Minimize the Risk

Bob Bybee

June 09, 2016 - Posted by Bob Bybee to Security Insight

Ransomware Note

Ransomware is grabbing a lot of security news headlines these days, not necessarily because it’s worse than other types of malware, but perhaps because it’s more annoying. Older malware might simply have erased your hard drive.  Ransomware encrypts it, saying “your data is still here, but you can’t have it.” To add insult to injury, it then tells you to pay a ransom “or else.”

Of course, paying the ransom is no guarantee that your data will be recovered. Once a system is infected with ransomware, there is no sure way to recover all of the data. But a robust backup strategy can get you most of the way back, and that’s a lot better than nothing. It’s hard to believe that large organizations or government offices have been caught without adequate backups, but it has happened to hospital groups, law firms, police departments, and even NASA (see links at the end of this... read more >

The Risk of Wearable Tech

A Cyber Security Risk on Your Wrist?

Jacob Faires

June 02, 2016 - Posted by Jacob Faires to Security Insight

Rise of Wearable Tech Technology has come a long way in the last decade.

Smartphones in the ‘90s, outside of Nokia’s N series, weren’t even a thing. Wearable devices were a leftover trend from ‘80s cyberpunk. Images resembling those depicted in Snow Crash and Neuromancer were things of the imagination, but are now becoming part of daily life. “Goggling in” referenced in Snow Crash is a reality made possible by the new rise in virtual reality products like the HTC Vive and Oculus Rift. People are already carrying around what essentially amounts... read more >

Introducing the 2016 Global Threat Intelligence Report

Observations of the Trends and Statistics that Shaped Cybersecurity in 2015

Rob Kraus

April 19, 2016 - Posted by Rob Kraus to Security Insight

2016 Global Threat Intelligence Report

Now in its fourth year of publication, the 2016 Global Threat Intelligence Report (GTIR) highlights observations and details about global threats. In this year’s report we continue tracking trends that have affected our clients over the last few years, as well as identify the new threats that presented themselves in 2015.

This year’s GTIR provides actionable intelligence, guidance about what attackers are doing, and comprehensive security controls designed to disrupt attacks. Controls recommended in this report will contribute to an organization’s survivability and resiliency in the face of an attack.

To develop this year’s annual report, we collaborated with several well-respected organizations, including Lockheed Martin, Recorded Future, Wapack Labs, and the Center for Internet Security. These contributors provided key feedback and observations from their unique perspectives of the cyber... read more >

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

LATEST TWEETS