Cybersecurity

Disgruntled ex-employees don’t need to have special hacking skills to inflict severe damage on the company infrastructure. Cynthia James reviews a number of scenarios, and ways to prevent attacks of this kind.

Today’s information technologies are a rather mishmashed system comprised of top-notch innovations interspersed with legacy technologies, some of which have been in use for decades and rarely changed. This “coexistence” of new and old led to the discovery of dramatic bugs that had stayed below the radar for years.

Kaspersky Lab released its new IT Threat Evolution Q3 2014 report, dedicated to the most important security incidents and trends in the cybersecurity sphere. It may seem like attacks are increasing more rapidly than ever, but it’s detection rates that are growing.

Medieval doors were extremely sturdy due to their two-layer construction and different wood grain directions across those layers. Multilayered defensive structures is a must in cybersecurity as well.

Microsoft has patched yet another bug in OLE, this time one that’s 19-years-old. While it is extremely surprising this bug hadn’t been discovered earlier, the crucial question here is the use of the underreviewed legacy code that developers have to drag along for decades.

1 in 8 people don’t believe that cyberthreats are real. The threat may go away if you turn your back to it in a dream, but that won’t work in reality.

Kaspersky Lab has just announced the discovery of an alarming APT campaign codenamed “Darkhotel,” targeted mainly at business executives staying at certain hotels in Asia. Luxury hotels offer not just places to stay, but also comfort and privacy. However, their cybersecurity occasionally fails.

Kaspersky Lab revealed a cyberspy campaign, Darkhotel, which had been active for seven years in a number of luxury Asian hotels.

Read highlights from our top posts in October.

Many organizations—especially government agencies or heavily regulated businesses—are nervous about sharing this data, for fear of reprisals if information about successful attacks becomes public. And politicians and security experts say this is an issue that needs to be solved if businesses are going to have the chance to succeed.

Can a business be “partially” prepared to ward off cyberthreats? That’s up for debate, but it seems there is little difference between “partial protection” and no protection at all.

APT is a term often mentioned in cybersecurity bulletins. Here’s what you need to know to understand it.

Hacking and espionage are hardly crimes for the secret service, but rather are a part of their everyday work. But imagine what could happen if their tools end up in wrong hands.

2014 is making its way into Cybersecurity history books with two global-scale software bugs discovered over 6 months. They are obviously not the last ones, and it is actually a good thing.

Phishing is the most developed form of Internet scamming. Let’s explore the topic in order to better understand why it became so prominent and what measures one can take to avoid a phishing attack.

Cyber-resilience is the ability to sustain damage, but ultimately succeed. In order to be resilient, businesses need to have a plan. One organization is dealing with attacks today that another will deal with tomorrow. There are ways businesses can help each other become cyber-resilient.

Having your business bank account hijacked by cybercriminals could bankrupt your company, but that type of breach isn’t really what law enforcement cares about. They are concerned with only one thing: how well you protect certain information.

A curious story about a cyber-investigation of fraudulent activities, which our GERT group had recently conducted on behalf of one of the company’s clients. The attackers were quite thoughtful, but not good enough.

It is widely known in cybersecurity that the door to a data breach is often opened by employees. In what percentage of breaches is an employee directly at fault?

A number of celebrities private (very private) photos were leaked. While it is first and foremost a blatant invasion of privacy, this is also a wake-up call for businesses.

Read highlights from our top posts in August.