How open source flaws pose a rising threat to all businesses

By Byron Acohido
120316_DDos screen175pxArguably the biggest security blind spot in just about every business network is something too few security executives are aware of, much less focusing on: open source software vulnerabilities.

This truism first rose to the fore in 2014 with the flurry of malicious activity following the discovery of gaping defects in three innocuous open-source protocals: Heartbleed, Shellshock and POODLE.

And today, a long know vulnerability in open-source JBoss …more

Machine learning shows promise for improving cyber defenses

By Byron Acohido

cyberattacks_175pxLAS VEGAS — The cyber security sector  generates mountains of data.

Security Information & Event Management, or SIEM, systems, like Splunk, generate logs of all network traffic. Threat data pours in from next generation firewalls, endpoint security systems, intrusion prevention and  detection systems and vulnerability management systems. A growing crop of threat intelligence vendors are coming up with innovations to make better use of this ocean of threat data.

The key …more

Ransomware rampage takes aim at business targets

By Byron Acohido

sh_ransomware_7501_250pxConsumers are no longer the prime target of ransomware campaigns. After years of petty thievery on a global scale – locking up the computer screens of millions of consumers with scams to sell bogus $79 antivirus clean-up services  –  they’ve turned their attention to much bigger fish.

The opening quarter of this year saw a 7 percent  rise  in registration of websites set up exclusively to host ransomware campaigns, …more

Why ‘Shadow IT’ must be addressed

120316_DDos screen175pxBy Byron Acohido

By-passing the IT department in to order begin utilizing the hottest new technologies is something tech-savvy employees have been doing since the inception of corporate networks. Most often, these workers aren’t maliciously motivated. They are simply intolerant of plodding decision-making and so take it into their own hands to acquire and begin using nifty new tools  they believe will help them become more productive.

This dynamic — variously referred …more

Why network perimeters need to be redefined in the age of cloud computing

By Byron Acohido

OLYMPUS DIGITAL CAMERAThe rising business use of cloud services and mobile devices has opened a Pandora’s box of security exposures.

Software as a Service (SaaS) tools like Salesforce.com, Gmail, Office 365 and Dropbox, as well as social media sites like Facebook, LinkedIn and Twitter, are all being heavily leveraged by companies large and small to boost productivity and collaboration.

This trend also has opened up a whole new matrix of access …more

Pulitzer Centennial highlights role of journalism

By Byron Acohido

pulitzer-group-shot-800px

Standing on the floor of the Newseum in Washington, D.C., last week, in a crush of hundreds of past recipients of The Pulitzer Prize, was thrilling and humbling.

We were assembled for a group photo as part of the yearlong celebration of the Pulitzer’s centennial. It was a chance to reconnect with old colleagues and meet other journalists with whom I share the experience of receiving journalism’s top prize.

They say timing …more

Anatomy of an attack: Using Twitter to launch denial-of-service attacks against banks

By Byron Acohido

(Editor’s note: This actual snapshot of a cutting-edge Distributed Denial of Service attack was discovered by analysts at security vendor Digital Shadows, which provides cyber situational awareness to its SMB and enterprise customers. Digital Shadows’ CTO James Chappell shared this detailed intelligence with LastWatchdog. In the accompanying video, F5 cybersecurity evangelist David Holmes outlines the ongoing evolution of DDoS attacks. )

Core finding: In 2012 and 2013, a hacktivist group called Izz ad-Din …more