December 14, 2016

Lessons Learned From This Year’s Biggest Security Breaches

Art Dahnert,, December 9, 2016

Evolve your approach to Application Performance Monitoring by adopting five best practices that are outlined and explored in this e-book, brought to you in partnership with BMC.
As the year draws to a close, we can look back on 2016 and see what challenges the security industry has had to overcome. Jumping on this bandwagon a bit early, I hope to draw attention to some of the more difficult challenges our industry will face in the coming year. In order to do that, I’ll point out the most newsworthy breaches of 2016.

Read More

Chertoff Group bets on a national shortage of skilled counter-hackers

Aaron Gregg,, December 9, 2016

An investment firm run by former Bush administration Homeland Security chief Michael Chertoff is deepening investments in firms that provide high-end cybersecurity advice to private corporations, a strategy that leverages the firm’s close connections to the government cybersecurity community.

Read More

Nearly Half Of The Top 1 Million Websites Deemed Risky

Kelly Sheridan,, December 13, 2016

Nearly half (46%) of the Alexa top one million websites were found to be risky, putting businesses at risk as their users visits these sites.
The finding is part of a new report published by Menlo Security entitled “State of the Web 2016: Quantifying Today’s Internet Risk,” where researchers examined key characteristics of the top one million websites, as ranked by Alexa, to determine sources of risk.

Read More

Ransomware may turn victims into attackers, infect 2 others and decryption is free

Darlene Storm,, December 12, 2016

In the world of ever-evolving ransomware, one recently spotted variant is like doxware and another has a “nasty” option of infecting two other people – be it friends, enemies or strangers – and your files will be decrypted for free.

Read More

An unpatched vulnerability exposes Netgear routers to hacking

Lucian Constantin,, December 12, 2016

Several models of Netgear routers are affected by a publicly disclosed vulnerability that could allow hackers to take them over.
An exploit for the vulnerability was published Friday by a researcher who uses the online handle Acew0rm. He claims that he reported the flaw to Netgear in August, but didn’t hear back.

Read More

Attackers use hacked home routers to hit 5 Russian banks

Lucian Constantin,, December 9, 2016

Botnets made up of hacked home routers were used to launch distributed denial-of-service attacks against the five largest financial organizations in Russia.

Read More

Dyn DDoS Attack: Lessons Learned for the Financial Services Industry

Rich Bolstridge,, December 12, 2016

In the first of this two-part blog, I reported the impact that the Dyn DDoS attack had on the financial services industry. Banks, insurers, credit cards, and others had two waves of impacts on Oct. 21, with many websites clocking in with 60 second page response times, and others with outright failures, not able to service their customers.
In Part 2, we’ll dig into some details to better understand the technology risks of financial services websites, and extract some lessons learned for the industry.

Read More

HHS Offers Tips on Mitigating DDoS Risks

Marianne Kolbasuk McGee,, December 8, 2016

Federal regulators have issued an alert urging healthcare sector organizations to take specific steps to prevent falling victim to distributed denial-of-service attacks.

Read More

How Evolving Cyber Threats Affect Health Data Encryption

Elizabeth Snell,, December 12, 2016

As cyber threats continue to become more intricate, organizations should consider health data encryption options to keep data secure.
Data encryption options are quickly becoming a top security choice for healthcare organizations that are looking to remain innovative but still keep patient data out of the wrong hands. With a recent survey showing the quick growth of the global encryption software market, covered entities should ensure they understand how data encryption could be implemented at their organization.

Read More
Infosecurity Newsletter Archive