Security Insights – March 2019
Understanding Zero Day Attacks
Part of forming an effective cybersecurity strategy means understanding the threats that can impact your organization. One form of threat that is on the rise and steadily evolving in complexity and danger is a zero-day attack, also referred to as a zero-day exploit. The name of these malicious assaults is derived from how many days it’s been since a third-party exploit, or it refers to when a company hasn’t had the opportunity to fix a security issue.
Botnets: When IoT Goes Rogue
In a world thriving on interconnectivity, one big development over the last ten years is not just the invention of IoT devices, but the availability of those devices. Not only do they extend internet connectivity beyond the standard desktop or laptop, they’ve been developed to touch every aspect of our lives. From toys and watches for our kids, to smart coffee pots, to smart city technologies that assist with weather readings and traffic predictions. Having Internet-connected devices that go unchecked and unprotected
Now Is the Time to Protect the 2020 Election
We may feel that there is still time to prepare for the 2020 election, but cyberattackers are already actively seeking ways to undermine it. Election attacks typically start long before the actual election. Threat actors seek to infiltrate systems by stealing valuable login credentials through methods like phishing or purchasing stolen data in underground markets, among many other common and not-so-common tactics. Their motivations may be varied, from nation-states wanting to affect outcomes to activists who want to further a cause, and criminals who want to make a buck with ransomware. However, the havoc they cause results in one serious consequence, a lack of trust in our election system that threatens to undermine democracy.
In the headlines
Security Certifications: Are They Worth Earning?
With an estimated 3 million un-filled cybersecurity jobs around the world, and more expected to open as enterprises invest more in increasing their defenses, security professionals looking for work or a promotion have their pick.
However, this open market begs some questions: Who has an edge when it comes to getting those jobs? Will a certain security certification help when it comes to edging out the competition?
macOS Vulnerability Leaks Safari Data Security Week
A vulnerability in the latest macOS release could allow a malicious application to access restricted Safari data, an application developer has discovered. Apple last year aimed to boost the privacy protections in macOS with the addition of new features in 10.14 Mojave, but Mac applications developer Jeff Johnson says that the platform actually fails to protect users better than before.
Bi-Partisan Bill Would Create Public - Private Cyber Workforce Exchange
Sens. Amy Klobuchar (D-Minn.) and John Thune (R-S.D.) on Monday introduced a bipartisan bill to create an exchange program between the federal government and private firms aimed at bringing more cybersecurity expertise to the federal workforce. The legislation, known as the “Cyber Security Exchange Act,” provides a path for cyber experts at private firms or academia to work for federal agencies for up to two years.
Cybersecurity and the Human Element: We're All Fallible
We are only human; we all make mistakes sometimes. Until the day when both the offensive and defensive sides of cyberattacks are conducted entirely by machines, we need to factor in human error as part of the cybersecurity process. Generally, when the topic of the human element is discussed, it focuses exclusively on the actions of the end user. But there is far more to the story than that. Every aspect of securing, defending, and attacking has a human element, an element that profoundly affects all the other components and guarantees that there can be no silver bullet in cybersecurity.
CyberDefenses is an award-winning Managed Security Services Provider (MSSP). Schedule a 30-minute conversation to learn how we can help protect your organization from cyber attack.