Using a risk model based on security statistics is a valid and useful approach to defending against cyber attacks. A company can decide that if one type of attack is affecting a large percentage of companies, then chances are, they may be next. The company can take steps to defend against that attack. However, sometimes past statistics are not enough and can be … [Read more...]
The Seattle CTO Club ~ Sharing Security Information
Yesterday I had the honor of presenting some security information at the Seattle CTO Club. I loosely based the discussion on a similar presentation I gave last week at an event for Equinox IT, a WatchGuard partner, covering the cyber security landscape and top threats businesses face. Members of the group learned common attack patterns and discussed strategies for effectively … [Read more...]
Hacker Hide & Seek: Malware Obfuscation and How to Detect It
There’s a reason malicious software mutates as it multiplies, evading even the oldest, most-mature antivirus (AV) solutions. Hackers at all levels are successfully evading security defenses with obfuscation techniques designed to distribute malware without detection, and they’re achieving this by making well-known threats look “new again.” Below are excerpts from WatchGuard CTO … [Read more...]
Become a Better Cybersecurity Pro by Abandoning These Bad Habits
We all have our faults, and can sometimes get stuck in our ways – no one is perfect after all. But in the world of information security, bad habits can lead to costly and unnecessary troubles for your company. In a recent article, TechRepublic outlines 10 habits cybersecurity pros need to break, and features advice from industry experts on how to overcome them. The story … [Read more...]
Three Trends That Dominated Black Hat and DEF CON 2017
Last week, thousands of hackers, security professionals and infosec enthusiasts gathered at the Black Hat and DEF CON security conferences in Las Vegas. Each year, the top minds in security flock to these shows to share new research, vulnerability discoveries and hacking presentations that give the world insight into the types of threat trends and attacks we’ll need to be … [Read more...]