November Patch Tuesday is forced to share the spotlight this month. It’s Election Day in the U.S. and likely on the minds of most people. However, Microsoft also released 14 security updates today, 6 of which are rated critical. Thankfully, there is just one active exploit on an older version of Windows this month so once you’ve cast your vote,
Interestingly, ransomware is not a new thing. It first appeared in 1989 with a Trojan program called, “AIDS Trojan,” which was spread by floppy disk. The AIDS Trojan used several tricks to hide files and encrypt their names using symmetric cryptography. The author extorted a $189 fee from users to provide a restoration tool. The author was identified and forced to stop the distribution,
Cyber criminals have plenty of opportunity this month with 5 vulnerabilities now under active exploit, 2 of which are shared. Microsoft has released 10 bulletins this October Patch Tuesday to address those and other vulnerabilities found in both current and old code. Quick response will be of particular importance this month.
As is often the case,
How can SMBs protect their networks and digital assets without breaking the bank?
For all the focus on mega-enterprise security—and all the high-profile data breaches at major corporations—enterprises aren’t alone in the endpoint security battle.
Think about it for a minute. When was the last time you got through a day of e-mail without a spam e-mail with a nefarious link or attachment?
Taking an item of tremendous value – data belonging to an organization or an individual – and demanding compensation for its return is a highly effective way for criminals to get what they want. This criminal act is achieved through ransomware and, because it is effective and generally not all that complicated for a cybercriminal to carry out,
Today, we’re announcing the results of a survey recently commissioned on the state of enterprise security. Conducted by Ultimate Windows Security, the report provides visibility into the uses, concerns and challenges that IT departments face in respect to endpoint security, patching, cloud applications and mobile management.
We polled nearly 700 IT professionals working at enterprise (1,000+ employees),
In the last few years extortion has hit computer users, big time.
Consumers and businesses alike are finding themselves locked out of their computers, or prevented from accessing their valuable data, by ransomware attacks that demand a payment be made to online criminals.
But normally when these malicious attacks are described,
[Originally published in the Spiceworks IT Community.]
A Google security research paper was recently published on the best safety practices that hundreds of security experts recommend. This paper outlines the results of two surveys — one with 231 security experts, and another with 294 web-users who aren’t security experts — in which both groups were asked what they do to stay safe online.
Yesterday was Patch Tuesday, and – as Optimal Security’s Russ Ernst described – Microsoft released fixes for a smorgasbord of vulnerabilities.
Obviously, it’s important that you roll out the patches as soon as possible, and ensure that your computers and networks are protected against threats which malicious hackers could use to target your systems,
A researcher has found a serious Android vulnerability that requires no interaction at all by the user to hijack their device. In fact, the vulnerability could allow a hacker to infect your mobile phone, while you’re fast asleep.
In my previous two posts How Does Ransomware Work? Part 1 and Part 2 I described the process ransomware goes through to get on your systems, encrypt your files, and collect your money. Like any malware, all of the steps in the process need to be successful in order for ransomware to work.
As you should know by now, Microsoft ended support for Windows Server 2003 on July 14, 2015. But surveys suggest that many organizations may not be ready:
- 50% of organizations started 2015 with no migration plan – or were unaware that support was ending.
- 1/3 of organizations hope to complete their migrations sometime after the end-of-support date – stretching out to 2016 – while another 1/3 were unsure when they will complete the migration.
Operation Pawn Storm is up to its dirty tricks again, this time with what is claimed to be the first new Java zero-day vulnerability in two years.
Another day, another breach. Ho Hum.
So it seemed when news first broke about the hack of the (in)famous Italian vulnerability research firm Hacking Team. Probably a case of hackers hacking back. No impact on most “regular” cybercitizens, right?
Au contraire, mon frère.
It seems that there were a few gems in the 400 GB data dump that was posted online,
Lumension recently released the sixth annual State of the Endpoint Risk report [PDF], based on research by the Ponemon Institute. I’ve blogged about this report several times this year: you can find those posts here and here.
This past week I was honored to present the results of this research alongside Dr.