Here’s a quick look at how cyber thieves attack retail organizations, some thoughts on why and best practices for defending against them.
In the throes of holiday shopping season, 110 million Target customers woke to the news that cleverly placed malware had pilfered their credit- and debit card numbers, along with other sensitive data. We aren’t yet certain who was behind the massive attack on Target and, evidently other large retailers, or how the heist was orchestrated.
As employees and IT professionals return from the holidays, many are doing so with 2014 New Year’s resolutions in mind. For IT pros, we hope that one of your resolutions is to bolster your organization’s security and defenses in 2014. One of the rising threats that many IT professionals should be concerned about defending against in the new year is advanced persistent threats (APTs).
Today we released the 5th annual State of the Endpoint study, together with our colleagues at independent research firm, the Ponemon Institute. We’ve all known for some time the bad guys keep getting better and IT pros are continually challenged to keep the pace. Reinforcing the idea that it isn’t if an organization will be attacked but when,
With the holiday shopping season upon us, scammers, cyber criminals and other nefarious characters come out of the Internet woodwork. Security experts are warning consumers should be cautious during the holiday shopping season to protect personal and financial data from being compromised. Banks and retailers should also be on high-alert.
Consider just a couple of the telling statistics: Trend Micro researchers identified more than 200,000 malware infections targeting online banking in the third quarter.
In my last post, I discussed the reality of APT hitting unsuspecting organizations with a predictable pattern. Study after study indicates people are being hit by malicious hackers and the attack goes on for months before anyone is any the wiser. If they ever know.
Some very large companies, with hundreds of business units and locations,
It used to be that only large, Fortune 500-sized businesses had to worry about targeted threats, or APTs. Today, it’s a whole new ballgame. Sophisticated, malicious hackers use focused resources for small- and medium-sized companies too. Everyone is a target and your risk is multiplied if you do business with important partners and business associates who have valuable intellectual property.
We recently worked with the editors at SC Magazine on a reader survey about server-side risk. As expected, companies of all sizes are concerned about varied attack vectors that could allow bad-guy access to their mission-critical data. The results show that malware, server misconfigurations (which lead to malware intrusions) and targeted attacks (aka APTs) are the top most concerning threats.
I do not believe when Apple launched the iPhone it had some grand plan to change the very nature of how we work. If it had, the phrase would be Bring Your Own iDevice – and it would surely have been copyrighted. iDevices are consumer products, and as Jean Brodie said, “Safety does not come first.
A quick scan of news headlines shows the practical side of cybercrime. As you read this, a fake “Grand Theft Auto V’ torrent is racing to spread its infectious payload. An Advanced Persistent Threat (APT) called NetTraveler is doing its dirty work, most recently via a known Java vulnerability. Fake Xerox emails are delivering malware to your employees’ inboxes.
When you have something that someone else wants, you’re forced to protect it if you want that something to remain yours. Since the beginning of time, theft has been our unfortunate reality. As our world moved online and everything became digitally interconnected, thieves quickly recognized that’s where real value resides. To swipe it, they have gotten increasingly creative with their tactics and,
Oracle is offering what it calls some “shocking conclusions” about cybersecurity, but will these conclusions cause any shift in emphasis away from the perimeter for the sake of protecting the database?
According to a 110-company Oracle-sponsored survey from IDG Research’s CSO Customer Solutions Group, most IT security resources in today’s enterprise are allocated to protecting network assets,
By now you’ve read about the new indictment of five hackers from Russia and Ukraine in what is being called the “largest data breach scheme in the US.” You can read the DOJ press release here and/or a redacted copy of the indictment here [PDF]. In what is really a continuation of the Albert Gonzalez saga,
Anata no joho sekyuritei konshu no haiku
Are APTs Bad?
All Your Data Iz Theirs. Yes,
China In Your Sh1t
### Notes ###
* HT to Mike Rothman for this one.
* Thanks to Ms. Etsuko vdH for the translation.
* Thanks to everyone who’ve contributed their haikus …
Imagine you woke up one morning to find all of your possessions gone. Someone broke into your house in the dead of night and stole all of your things. You don’t know how they did it or who it was, but the fact remains: your stuff is gone. You might step outside, see the broken window or the ruined lock,