Video: good guy Chris Vickery hunts exposed data

By Byron Acohido

Two more stunning disclosures from self-styled internet watchdog Chris Vickery underscore how organizations continue to routinely expose sensitive data in the cloud, risking dire consequences.

“My findings clearly demonstrate that data breaches happen more often than the general public realizes, and companies are quick to deny and cover up these issues,” Vickery says.

Last Friday, Vickery revealed how Habitat for Humanity of Michigan had been making use of two backup virtual hard drives without taking …more

Why dormant SSH keys represent a nightmarish exposure

By Byron Acohido

cybersecurity150pxA nightmarish new exposure affecting virtually all major networks is just beginning to get the attention of the security community.

It involves a fundamental networking protocol—Secure Shell, or SSH. Invented in 1995 by a Finnish programmer named Tatu Ylönen, SSH is an encrypting routine that enables one software application to securely connect and transfer data to the next. Currently, Ylönen is CEO of SSH Communications Security, which develops …more

How open source flaws pose a rising threat to all businesses

By Byron Acohido
120316_DDos screen175pxArguably the biggest security blind spot in just about every business network is something too few security executives are aware of, much less focusing on: open source software vulnerabilities.

This truism first rose to the fore in 2014 with the flurry of malicious activity following the discovery of gaping defects in three innocuous open-source protocals: Heartbleed, Shellshock and POODLE.

And today, a long know vulnerability in open-source JBoss …more

Machine learning shows promise for improving cyber defenses

By Byron Acohido

cyberattacks_175pxLAS VEGAS — The cyber security sector  generates mountains of data.

Security Information & Event Management, or SIEM, systems, like Splunk, generate logs of all network traffic. Threat data pours in from next generation firewalls, endpoint security systems, intrusion prevention and  detection systems and vulnerability management systems. A growing crop of threat intelligence vendors are coming up with innovations to make better use of this ocean of threat data.

The key …more

Ransomware rampage takes aim at business targets

By Byron Acohido

sh_ransomware_7501_250pxConsumers are no longer the prime target of ransomware campaigns. After years of petty thievery on a global scale – locking up the computer screens of millions of consumers with scams to sell bogus $79 antivirus clean-up services  –  they’ve turned their attention to much bigger fish.

The opening quarter of this year saw a 7 percent  rise  in registration of websites set up exclusively to host ransomware campaigns, …more

Why ‘Shadow IT’ must be addressed

120316_DDos screen175pxBy Byron Acohido

By-passing the IT department in to order begin utilizing the hottest new technologies is something tech-savvy employees have been doing since the inception of corporate networks. Most often, these workers aren’t maliciously motivated. They are simply intolerant of plodding decision-making and so take it into their own hands to acquire and begin using nifty new tools  they believe will help them become more productive.

This dynamic — variously referred …more

Why network perimeters need to be redefined in the age of cloud computing

By Byron Acohido

OLYMPUS DIGITAL CAMERAThe rising business use of cloud services and mobile devices has opened a Pandora’s box of security exposures.

Software as a Service (SaaS) tools like Salesforce.com, Gmail, Office 365 and Dropbox, as well as social media sites like Facebook, LinkedIn and Twitter, are all being heavily leveraged by companies large and small to boost productivity and collaboration.

This trend also has opened up a whole new matrix of access …more