Cybersecurity Matters

George Hulme lends his expert insight into the latest developments in cybersecurity.

CSC Baltic

Password managers: Secure tool or single point of weakness?

password security CSC Blogs

Let’s face it: Passwords are not only a hassle, they also don’t make the most effective locks. The average person has dozens of username and password combinations to remember. People who are very active online have hundreds of such combinations. It’s just impossible to remember them all, and that’s a big reason why people tend to use the same password […]

Enterprises could (but often don’t) do this one thing to dramatically reduce risk

email phishing CSC Blogs

What is the one technique involved in almost every security breach? Phishing. Nearly every major breach starts with some sort of phishing attack, in which nefarious individuals send reputable-looking emails with the goal of getting the recipient to reveal information or click on a malicious link. Perhaps it’s an assistant opening what he or she thinks is a contract for […]

Suspected botnet author arrested

A 29-year-old man thought to have been involved in the Mirai botnet malware used in a series of devastating attacks during the second half of last year has been arrested. As the BBC reports in Router hacker suspect arrested at Luton Airport, the man was arrested under a European Arrest Warrant at the request of the […]

Clouds cast long security shadow over enterprise IT

cloud shadow IT CSC Blogs

If you need more evidence that shadow IT is taking hold in enterprises, look no further than the most recent Intel Security Cloud Report. The headline finding is that roughly 40% of cloud services are bought and used without the involvement of enterprise IT. We’ve known that shadow IT has been a problem for quite awhile, but I […]

New Mac malware on the loose: What you need to know

MacOS malware CSC Blogs

In the past week, two relatively crude threats to Mac users have surfaced. The malware targets Apple’s operating system, now called MacOS. The first piece of malware, analyzed by researchers Claudio Guarnieri and Collin Anderson and dubbed MacDownloader, was used as part of an attack that targeted the U.S. defense and aerospace industries. The attackers created a fraudulent […]

Cloud spend outpacing traditional IT, spurring security investments

Cloud security considerations CSC Blogs

According to a newly released report from IDC, the share of cloud IT infrastructure sales in the third quarter of 2016 has climbed to 39.2% of all IT infrastructure spending, up from 34.7% a year ago. According to IDC: Revenue from private cloud infrastructure sales grew 8.2% to $3.3 billion, and public cloud 8.0% to $5.1 […]

Ransomware attacks strike Elasticsearch servers hard

Cybersecurity breaches CSC Blogs

On the heels of a ransomware attack on the MongoDB, which hit thousands of MongoDB databases accessible on the Web, thousands of users of Elasticsearch now find themselves under attack. Based on a thread in the public Elasticsearch support forum, the attack on poorly secured clusters began last week: Today I found that all indices on our Test […]

Manufacturers of home networking gear and IoT devices flagged for poor security

internet of things security CSC Blogs

Last week the Federal Trade Commission (FTC) made it clear that it will be taking the security of home networking and IoT devices very seriously. The U.S. agency said that network equipment-maker D-Link put consumers’ privacy at risk due to the inadequate security of its computer routers and cameras. In a news release, the FTC announced that […]

Law firms targeted in hacks seeking insider info

stock market cybersecurity CSC Blogs

Last week, three Chinese hackers were charged with stealing inside information in order to profit from trading equities. According to an indictment unsealed Tuesday, Jan. 3, 2017, in the Southern District of New York, the three were charged with “devising and carrying out a scheme to enrich themselves by obtaining and trading on material, nonpublic information […]

Encryption backdoors? Lawmakers say they’re not good for U.S. national interest

cloud lockin CSC Blogs

The Encryption Working Group, a bipartisan group of lawmakers formed in March 2016, have concluded what many security experts have contended all along: encrypted data is essential to protect personal and private-sector privacy and to maintain economic success. For about nine months the group met with federal, state, and local governments, former government officials, private […]