threat

Home/Tag: threat

China Is Cutting the Legs Out from Under American Businesses (but please don’t stop them?)

Businesses and their executives everywhere should be aware of this story run by 60 Minutes on Jan 17, and the blog Jeff Lipson wrote about here. The fact that China is stealing U.S. companies’ intellectual property is not news. The fact that President Obama worked with the Western District of Pennsylvania to indict five Chinese officers of theft of intellectual property is not news. So, what is the real news bite here? Some companies and Americans want to fight back and stop [...]

Protecting Philadelphia Companies from Chinese Hacking – Part 1

Last night, 60 Minutes ran a segment on China’s massive theft of intellectual property from US businesses.  http://www.cbsnews.com/news/60-minutes-great-brain-robbery-china-cyber-espionage/ The episode highlighted that the Chinese government is using its military and intelligence services to give its companies an edge over US business, by stealing our trade secrets.   My Team and I spent a number of years working at US Cyber Command and the National Security Agency. We saw first hand just how prolific this theft was.  I’ve spoken numerous times [...]

What’s the deal with LifeLock?

I often get questions from friends and family about LifeLock, an identity theft protection service - what it's all about, whether I use it (I don't), how effective the LifeLock services are, etc. Ironically, about a week and a half ago, LifeLock agreed to pay $100 million (see here) for allegedly breaching a FTC order by: "Failing to establish and maintain a comprehensive security program to protect its customers' sensitive personal information, including Credit Card, Social Security, and bank account [...]

IT and Security: One Team or Two?

Stop me if you've heard this request before..."we need project X delivered, as soon as possible."  To the requester, there is no corner not worth cutting. Whether they know it or not, they have a disregard for the processes that are usually in place to make sure things are done by the book. Put plainly, in an IT department, speed has a troubling tendency to trump security or general processes, most especially when the security arm for your firm is [...]

Prevention Trumps Detection

Some of you may see that headline and consider me Captain Obvious, but it's worth saying regardless. For as many IT staffers out there prefer to take the approach of threat prevention and avoidance, there are still plenty  that are content to detect and remedy. And that method has a major flaw-detection time. While some security appliances do provide real time, or near-real time threat detection and reporting, deployment of such tools is not as common as, say, a wireless [...]

New threat is using job websites to spread malware

A new threat has been identified and is being carried out by using phishing and social engineering techniques to sneak malware into several businesses.  Sites like Careerbuilder have reported malicious documents in Microsoft Word format titled “resume.doc” or “cv.doc.” So how does this new attack work? When a resume is submitted, sites like CareerBuilder automatically send a notification email to the company that posted the ad, along with the resume attached to it. When the end-user opens the email and [...]

Are Hospital Hacks “The Next Big Thing”?

As 2014 winds down, there is little doubt that the hacking activity surrounding Sony is one of the top headlines of the year. That breach has caused tremendous amounts of disruption and loss, and a month after word of the hack first came out the company is still reeling. But, Sony is a big fat corporate target, and no hacker could ever really unleash that kind of Hell on an average user, right? Maybe. Maybe not. In this day and [...]