McAfee Threat Intelligence: for latest in-depth security
threat research reports, insights from security experts, and learning how to
protect enterprise from malware, cybercrime, and other cybersecurity threats. The
McAfee Labs Threats Report from March 2018 was quite informative, highlighting the
switch from threats like ransomware, to newer tools and techniques like PowerShell
malware and cryptocurrency mining. The report also stated that new malware has reached
an all-time high of 63.4 million new samples, with PowerShell malware growing 267%
in the fourth quarter. The report can be viewed here: https://www.mcafee.com/us/resources/reports/rp-quarterly-threats-mar-2018.pdf.
McAfee also had some good information on ransomware; this is
a type of malware that uses asymmetric encryption to hold a victim’s
information at ransom. In a ransomware attacker, the victim must pay up before
the attacker will make the private key available to the victim; it is almost
impossible to decrypt the files that are being held for ransom without access
to the private key. The reality is that users and organizations can follow
simple cyber security advice to avoid becoming a victim of ransomware. Sometimes
victims can regain access to their encrypted files or locked systems, without
having to pay. This is made possible by McAfee’s creation of a repository of
keys and applications that can decrypt data locked by different types of ransomware.
One of my all time favorite cybersecurity report is the annual
Verizon Data Breach Investigations Report. This report is an incredibly
valuable tool to help any organization prepare themselves from being the next
victim of a data breach. The 2017 report was no different. It reminded
organizations they don’t have to be huge or well-known to become a target. As
an example, the healthcare industry could be hit by both external and internal
attackers. Many employees and others have access to valuable patient
information that could result in identity theft and cloning of identities. Attackers
can also use other organizations as a soft target useful as a stepping stone to
their partners’ systems. You can download the 2017 report here: http://www.verizonenterprise.com/resources/reports/rp_DBIR_2017_Report_en_xg.pdf.
CNET Security and Privacy: And it’s time to report yet
another data breach. This time it’s Delta, Sears, and Kmart who suffered a data
breach, in which customers’ names, addresses and credit card numbers may have
been stolen during September 26th and October 12th, 2017. However, this breach
was a bit different from the others. None of these companies' internal
databases were actually breached. Rather, a piece of malware temporarily
residing in their online chat service possibly harvested customers’ payment
information after they completed a transaction. While Delta reported that multiple
hundreds of thousands of its customers could potentially have had data stolen, Sears
believes fewer than 100,000 of its customers were affected by the breach. Read
more about this at https://www.cnet.com/news/delta-sears-kmart-data-breach-credit-card-address/.
And finally! Some commonsense ruling: A judge allows Massachusetts
Here’s another data breach: Hackers steal data from 5
million Saks, Lord & Taylor customers.
Read more about it at https://www.cnet.com/news/hackers-steal-data-from-5-million-saks-lord-taylor-customers/.
No comments:
Post a Comment