Sunday , 24 September 2017


Mass-Scale Ransomware Attacks Providing Hackers the Ability to Earn Quick Money

Brian Baskin and Paramjeet Singh,
Carbon Black

During the past six months, the Carbon Black Threat Analysis Unit (TAU) analysed more than 1,000 ransomware samples, categorising them into 150 families, and found the following: Attackers are looking to make quick, easy money with unsophisticated malware combined with sophisticated delivery methods. The majority of today’s ransomware aims to target the largest vulnerable population possible. “Ransomware as a Service ... Read More »

Utilising Threat Hunting techniques to detect and defend against malware attacks

Justin Swisher, Threat Analyst at Anomali and Kris Merritt, Co-Founder at Vector 8

Since the outbreak of Petya, there have been many articles analysing and dissecting the malware, to determine its purpose, and who is ultimately responsible. Reverse engineering and malware analysis to conduct post incident analysis has provided the basis for the conclusions drawn in these features. Instead, Anomali, in collaboration with threat hunting experts Vector8, viewed the Petya outbreak differently by ... Read More »

Shoplifting: Defeating Theft Detection and Prevention Technology

Rob Cook, Analyst,

Typically considered one of the most accessible and in many cases least-sophisticated types of crime, shoplifting persists as an undeniably damaging affliction across the retail sector. In fact, the National Retail Security Survey reported that loss of inventory cost U.S. retailers an estimated $49 billion USD in 2016, with 70 percent of the loss caused by employee theft and shoplifting. The survey ... Read More »

Tackling third party threats

Csaba Krasznay,,
Security Evangelist, Balabit.

In today’s business environment, it’s not uncommon for organisations to outsource some or all of their IT capabilities to third-party contractors. It’s true that there are many benefits to this, outsourcing can save money that organisations would usually spend on full-time employees, so it’s no wonder this practice is so widespread. However, they are often overlooked as a potential threat, ... Read More »

Taking the Bait: Can You Resist an Email Phishing Attack?

Email is a major weapon for cybercriminals and anyone wishing to penetrate an organisations cyber defences. Even nations are at risk. Recently a prankster using the moniker “Sinon Reborn” managed to get the UK Home Secretary, Amber Rudd, to respond to an email she believed to be from a new colleague. From a cybersecurity point of view this is deeply ... Read More »

Cyber risk: Why Cybersecurity Is Important

Simon Parker,
Minerva Security

Our world today is ruled by technology and we can’t do without it at all. From booking our flight tickets, to catching up with an old friend, technology plays an important role in it. However, the same technology may betray you when it’s vulnerable and could lead to loss of essential data. Cyber security, alongside physical commercial security has thus, ... Read More »

Launch your own cybersecurity sprint: 30 days to improved security

Gerrit Lansing,
Chief Architect at CyberArk

Whether it’s well-publicised cyberattacks on government organisations or widespread ransomware that threatens to halt business operations, attackers continue to target privileged credentials as a quick and easy means to reach critical assets and steal sensitive data. Based on what we’ve learned from working with organisations that have suffered a major breach, once attackers break into the network – often through targeted phishing ... Read More »

What boards must do to mitigate the cyber attack risk

Gavin Russell, CEO,

In today’s business environment, cyber attacks have become unavoidable. Recent research suggests that the number targeting UK businesses has increased by more than half in the past three months, to a staggering approximate 65,000 internet-born assaults per company[1]. Cyber security therefore needs to be placed high on an organisation’s risk register, as the ramifications of suffering an attack can be ... Read More »

Lessons from the Equifax Breach

Rick McElroy,
Security Strategist, Carbon Black

When we see a car wreck it’s very easy to slow down and gawk. The first thing we think is “Wow, that’s awful,” quickly followed by “Whew… glad that wasn’t me,” and then we drive on. Most of us don’t spend time thinking about how the wreck happened — we were just glad it wasn’t us. A similar sentiment works ... Read More »

Gurus Desperately Peddling Rubbish?

Robert Schifreen,
Founder and editor, Securitysmart

Next May the GDPR comes into force.  No wait, that sounds wrong.  Surely it’s the GDPR regulations.  But if I call it that, I’ll get hate-mail from the people who complain when I write about PIN numbers.  So we’ll stick with the GDPR for now. The entire security industry seems to have been shaken up by the impending GDPR.   C-level ... Read More »