Tag Archives: cybersecurity

Linux is an open source operating system that is very versatile due to the large group of volunteers that maintain and update the popular open source operating system. There is a broad range of Linux distributions aimed at different purposes and preferences. Some are built for specific tasks such as privacy protection or perimeter defense and a host of options are available for both desktop and server operating systems. Linux has been around for decades, yet it only claims 2.36% of the desktop operating system market share. Linux is much more popular…

Continue reading

Cybersecurity challenges companies, countries, and individuals to continually improve protections against an enemy that wants our secrets, money, and identify.  Over the last few decades, the industry has moved from an explorative infancy to an integral and vital corporate function. I had the opportunity earlier this month to discuss the evolution of cybersecurity with Dr. Alissa Johnson, CISO at Xerox.  Her perspective on this journey was interesting to me because Alissa Johnson, also known as “Dr. J”, has served in both the public and private sectors.  She has been involved in…

Continue reading

An acquaintance from a younger generation said to me one day, “Don’t you know that privacy is dead?” I was taken aback at his frank assessment, but I replied “Privacy is not dead, but it is under attack, much like many of our other values.  It is like virginity.  Once given away, it cannot be given back, and that is all the more reason to protect it.” Many give their privacy away for daily trifles.  Mail in rebates, product registrations, text coupons, credit requests, SMS updates, and store discount cards…

Continue reading

A new malware do-it-yourself kit called Karmen is making it easy for wannabe cybercriminals to launch ransomware attacks. Security researchers believe the recently discovered ransomware as a service (RaaS) offering was developed in part by a Russian-speaking ransomware author who goes by the alias DevBitox. For a price, Karmen can turn almost anyone into a cybercriminal in just a few clicks.   RaaS offerings like Karmen began popping up on the dark web in 2015 and ransomware developers have continued to make the kits more user-friendly over time. Karmen is…

Continue reading

The General Data Protection Regulation (GDPR) is the latest in a host of rules designed to protect privacy.  It is significant because it affects companies that do business in Europe or collect data on Europeans.  GDPR’s wide-ranging scope ranks it right at the top of significant regulations, sitting beside well-known requirements such as HIPAA and PCI. Your business may be doing quite a few things required by GDPR already because GDPR has similar goals to other regulations.  While HIPAA is designed to protect patient information in covered entities and business…

Continue reading

For decades, the printer has been the intermediary between the digital and physical worlds.  Through it, our creations become tangible and yet; this intermediary has become so pervasive and such a mainstay of our technological world that it was assumed somewhat unchallengeable.  However, while the basic functions of printing, scanning, copying and faxing have stayed the same, the modern printer is a far different creature from the monoliths of the past or even the printers of last year. Today’s printers exchange data with users not only on the local network…

Continue reading

There are a variety of different ransomware variants that encrypt your data with no intention of ever decrypting it. There are also ransomware distributors who are happy to collect ransom payments but have no interest in returning anyone’s data. Innocent victims often fall prey to ransomware hoaxes or find problems with ransomware decryptors. They all end up in the same place they started, without their valuable data. Some of the groups behind the most prevalent ransomware viruses are working to build up confidence that victims will receive their data if…

Continue reading

I recently did an interview with Karen Marcus for Careers in Cybersecurity on education, career development, and career success.  The transcript is provided below and is divided into a section for those just starting out in cybersecurity, those mid-career and those late into their career.  Enjoy the read and please let me know your thoughts in your comments. For someone just starting out in cybersecurity: What degrees should they pursue? Any advice for landing that first job? There are a variety of degrees from associates to Ph.D. that concentrate on…

Continue reading

Spora is a relatively new ransomware, but there are signs which indicate that it could become a major player in the underground ransomware market, according to various reports. There are currently hundreds of ransomware variants being used by cybercriminals, but only a handful are backed by major criminal syndicates that have the funding to write robust malicious code and the infrastructure to support global extortion efforts. These groups are behind some of the biggest names in ransomware like Locky, CryptoLocker and TeslaCrypt. Spora is not there yet, but it’s certainly…

Continue reading

Bring your own device (BYOD) policies are commonplace in many organizations today. Employees bring in their personal cell phones, laptops, tablets and other mobile devices and use them to content to corporate networks. Additionally, employees regularly use personal computers and other devices not owned by the organization to work at home or on the road. Unfortunately, BYOD can be risky for organizations that do not implement adequate security controls.  Personal devices that aren’t properly managed by the company often have inconsistent security controls implemented on them. For example, one device…

Continue reading