Symantec Government Symposium Redefines the Cyber Conversation

| November 26, 2018

article image
A renewed push needed for a rethink – and a redefinition – how to approach cyber security One of the long-standing tenants of cyber security is the belief that the attackers have an advantage. That makes sense as cyber security, for the most part, has been a reactionary process that identifies an attack once it happens and then makes adjustments to stop it from happening again. That process is no longer good enough for Jeanette Manfra, assistant secretary for the Office of Cyber Security and Communications in the Department of Homeland Security’s (DHS) National Protection and Programs Directorate. As Manfra said during her keynote presentation at the Symantec Government Symposium, she believes government needs to develop deep partnerships with the private sector on cyber security that can “create an environment where the defender has an advantage.” She acknowledged this is a rarity in cyber security, but also that federal agencies need to look beyond simply being reactive to cyber security incidents.

Spotlight

ZingBox Inc.

ZingBox detects and protects the connected equipment. It provides unparalleled visibility into the Internet of Things (IoT) infrastructure to reveal existing vulnerabilities and hidden threats. ZingBox is a real-time IoT security solution that protects enterprises from cyber and insider threats. Deployed in a non-intrusive way, ZingBox discovers, identifies and classifies assets into IoT categories. It then learns and generates a baseline of normal device behavior and identifies its risk profile. ZingBox detects anomalous behavior to provide real-time policy enforcement.

OTHER ARTICLES

Security News This Week: A Tiny Piece of Tape Tricked Teslas Into Speeding Up 50 MPH

Article | February 22, 2020

This week was filled with wide-scale calamity. Hundreds of millions of PCs have components whose firmware is vulnerable to hacking which is to say, pretty much all of them. It's a problem that's been known about for years, but doesn't seem to get any better. Likewise, Bluetooth implementation mistakes in seven SoC—system on chips—have exposed at least 480 internet-of-things devices to a range of attacks. IoT manufacturers will often outsource components, so a mistake in one SoC can impact a wide range of connected doodads. The most troubling part, though, is that medical devices like pacemakers and blood glucose monitors are among the affected tech. YouTube Gaming, meanwhile, wants to take Twitch's crown as the king of videogame streaming. But its most-viewed channels are almost all scams and cheats, a moderation challenge that it'll have to take more seriously if it wants the legitimacy it's spending big money to attain. In another corner of Alphabet's world, hundreds of Chrome extensions were caught siphoning data from people who installed them, part of a sprawling adware scheme.

Read More

5G and IoT security: Why cybersecurity experts are sounding an alarm

Article | March 2, 2020

Seemingly everywhere you turn these days there is some announcement about 5G and the benefits it will bring, like greater speeds, increased efficiencies, and support for up to one million device connections on a private 5G network. All of this leads to more innovations and a significant change in how we do business. But 5G also creates new opportunities for hackers.Gartner predicts that 66% of organizations will take advantage of these benefits and adopt 5G by 2020 — with 59% of them planning to use 5G to support the Internet of Things across their business. Already, manufacturers including Nokia, Samsung, and Cisco have either started developing 5G enterprise solutions or have publicly announced plans to do so. In the enterprise, full deployment of private 5G networks will take time, as it requires significant investments to upgrade legacy network infrastructures, observers say. In the meantime, there are instances of devices in the workplace already operating on a 5G network.

Read More

Best Cybersecurity Tips for Remote Workers

Article | June 21, 2021

Remote working and cybersecurity risks, unfortunately, go hand in hand. As the COVID-19 pandemic appears to be far from over, cyber threats to individuals and businesses continue to loom large. The only solution at the moment is to invest in robust technology solutions that protect your network and to train employees in cybersecurity so that they develop healthy remote working practices. If you allow a bulk of your employees to work remotely, it is important to adopt a few basic habits to protect your devices and your business network from cyber criminals. Here’s a quick look at a few basic tips for remote workers that can go a long way in enhancing the overall security posture of your organisation. Passwords provide the first line of defense against unauthorized access to your devices and personal information. By creating a strong, unique password, you increase protection levels tremendously. You make it more challenging for cybercriminals to gain access and disrupt your systems networks. Rule number two is never to ignore those little pop-up windows that tell you that software updates are available for your device. Once you get such a notification, be sure to install the latest software as soon as possible. Timely software updates (including antivirus updates) help patch security flaws and safeguard the computer system. Are you busy with your work and don’t like to be distracted by such notifications? We highly suggest you encourage your employees to select auto-update for software on both mobile devices and computers. It will help you and your staff to prevent problems caused by delayed system updates.

Read More

Malicious coronavirus map hides AZORult info-stealing malware

Article | March 11, 2020

Cyberattackers continue to seize on the dire need for information surrounding the novel coronavirus. In one of the latest examples, adversaries have created a weaponized coronavirus map app that infects victims with a variant of the information-stealing AZORult malware. The malicious online map, found at www.Corona-Virus-Map[.]com, appears very polished and convincing, showing an image of the world that depicts viral outbreaks with red dots of various sizes, depending on the number of infections. The map appears to offer a tally of confirmed cases, total deaths and total recoveries, by country, and cites Johns Hopkins University’s Center for Systems Science and Engineering as its supposed data source. Malwarebytes issued a warning about the map last week, and Reason Cybersecurity this week has followed up with its own blog post, reporting additional details on the scam, gathered by Reason Labs researcher Shai Alfasi.

Read More

Spotlight

ZingBox Inc.

ZingBox detects and protects the connected equipment. It provides unparalleled visibility into the Internet of Things (IoT) infrastructure to reveal existing vulnerabilities and hidden threats. ZingBox is a real-time IoT security solution that protects enterprises from cyber and insider threats. Deployed in a non-intrusive way, ZingBox discovers, identifies and classifies assets into IoT categories. It then learns and generates a baseline of normal device behavior and identifies its risk profile. ZingBox detects anomalous behavior to provide real-time policy enforcement.

Events