cyber security | Page 2


Welcome back to our monthly review of some of the most interesting security research publications. July was very busy with the annual DEFCON and BlackHat US conferences, but also RMLL, the Worldwide Free Software Meeting held this year in France. Past editions: June 2017 May 2017 April 2017 March 2017 Elie Burzstein et al, How We Created the First SHA-1 collision and what it means for hash security video, DEFCON 25 slides and paper With the nickname "Crypto Girl", I obviously had to listen to this... [Read More]
by RSS Axelle Apvrille  |  Sep 07, 2017  |  Filed in: Security Research
The 13th annual Hacks In Taiwan Conference (HITCON) took place August 25th and 26th at Academia Sinica, Taiwan’s national academy located in Taipei. Elite cyber security researchers from across the world gather at this annual conference to share their research and exchange ideas about the global threat landscape. Approximately 1000 people registered for the conference and, according to one of the HITCON crewmembers we met, one third of the attendees were undergraduates and fresh graduates. This is a good sign, given... [Read More]
by RSS Wayne Chin Yick Low and Yongjian Yang  |  Sep 05, 2017  |  Filed in: Security Research
As cyberattacks become more frequent and impactful, security teams and executives across industries are taking notice. With new strains of malware being constantly reported, organizations want to make sure that their security solutions, and the vendors that provide them, are adapting to defend against this new normal. To ensure they have the capability to deal with these constantly evolving attacks, customers are turning to you, their solution providers, to answer their questions and ensure there is a structured strategy in place to deal with... [Read More]
by RSS Joseph Sykora  |  Sep 05, 2017  |  Filed in: Industry Trends
Businesses around the globe are becoming increasingly data driven. This, in large part, has to do with the expectation of customization across the user experience. Financial institutions, for example, have been able to use customer data and customization to offer tailored services to their customers, such as loans or insurance, based on recent purchases or financial history. However, consumers are now being encouraged to re-take control of their own personal data. The new emphasis being placed on individual rights to data is clearly demonstrated... [Read More]
by RSS Bill Hogan  |  Aug 29, 2017  |  Filed in: Industry Trends
The financial services sector has unique security needs. Financial services firms are considered critical infrastructure by many governments, and therefore are bound by strict government cybersecurity regulations. They house highly personal information of their clients that has to be accurate and accessible at all times, as well as secure from new, sophisticated cyberattacks. Ensuring data security, accuracy, and compliance was simpler when there was a defined network that could only be directly accessed by bank employees. However, consumers... [Read More]
by RSS Trish Borrmann  |  Aug 25, 2017  |  Filed in: Business and Technology
The healthcare industry requires technology that can keep pace with the speed at which medicine is evolving in order to provide patients with the best possible care. Additionally, this technology must meet HIPAA compliance standards to secure protected health information (PHI) from the growing number cyberattacks targeting the healthcare industry. This comes at a time when more devices than ever are accessing healthcare providers’ networks, including the proliferation of connected medical devices in the Internet of Medical Things (IoMT), and... [Read More]
by RSS Trish Borrmann  |  Aug 18, 2017  |  Filed in: Business and Technology
It has just been a week since the variation of Locky named Diablo6 appeared. Now it has launched another campaign more massive than the previous. This time, it uses “.lukitus”, which means “locking” in Finnish, as the extension for the encrypted files. The FortiGuard Lion Team was the first to discover this variant with the help of Fortinet’s advanced  Kadena Threat Intelligence System [1](KTIS) Fig. 1 Encrypted files with .lukitus extension Fig. 2 Familiar Locky ransom note Same Locky, More Spam This... [Read More]
by RSS Joie Salvio, Rommel Joven and Floser Bacurio  |  Aug 17, 2017  |  Filed in: Security Research
President Trump just signed a new cybersecurity Executive Order that has important implications, not only for federal agencies, but for Critical Infrastructures as well. [Read More]
by RSS Phil Quade  |  May 11, 2017  |  Filed in: Business and Technology
The Australian Signals Directorate’s (ASD) ‘Essential 8’ strategies to mitigate cyber security incidents represent a set of cyber security best practices that, when implemented successfully, will provide your agency with a baseline cyber security posture. The Essential 8 expand upon the ‘Top 4’ mitigation strategies, part of the government’s Protective Security Policy Framework, which have been mandatory for federal agencies since 2014. ASD has stated that implementing the Top 4 mitigation strategies will... [Read More]
by RSS Katrina Fox  |  Mar 27, 2017  |  Filed in: Industry Trends
The world never stands still. In the technology space, this means that constant innovation and discovery is the key to a solution provider’s survival and growth. In the cybersecurity arena, this creed is even more vital. Many hackers are brilliant people. There’s only one way to get the better of them – be even more brilliant. And faster and more creative. Which is why R&D is crucial in the security technology business. Cybersecurity solution providers must deliver open, integrated security and networking technologies... [Read More]
by RSS Michael Xie  |  Feb 27, 2017  |  Filed in: Business and Technology, Security Q & A