Using a risk model based on security statistics is a valid and useful approach to defending against cyber attacks. A company can decide that if one type of attack is affecting a large percentage of companies, then chances are, they may be next. The company can take steps to defend against that attack. However, sometimes past statistics are not enough and can be … [Read more...]
Carbon Black Data Leaks – A Good Reminder to Protect Keys
A security firm published a blog post today explaining how they compromised an endpoint security system. The vendor, Carbon Black, responded in a blog post explaining that this feature is off by default and customers receive a warning when they turn it on. Setting aside the topic of responsible disclosure for the moment, take a look at this statement in the research firm’s … [Read more...]
Lookout for Reader Patches – Daily Security Byte EP.80
Adobe typically shares Patch Tuesday with Microsoft, but with Microsoft's recent announcement to stop monthly patches for Windows 10, Adobe could be patching alone this month. That's no excuse to miss patches though, so watch today's video to learn what Adobe plans to update tomorrow. By the way, if Microsoft does release patches tomorrow, we'll be sure to let you … [Read more...]
WatchGuard Sees Evasive Malware – Daily Security Byte EP.79
A few days ago, I told you about Rombertik, an evasive threat that can sneak past signature antivirus, and some sandboxes. This week we also learned about a new variant of Dyre, that uses similar evasive techniques against sandboxes as well. In today's video, learn why WatchGuard's sandbox is not fooled by these new evasions. (Episode Runtime: 2:42) Direct YouTube … [Read more...]