Blog

Cybersecurity Risk & Fundamentals

Geoff Stoker on Feb 11, 2019 9:05:00 AM

 

On September 7, 2017, Equifax announced it had suffered a cybersecurity incident resulting in the download of millions of consumers’ personal information from mid-May through late July. Last..

Hope and Hype for Cybersecurity AI

Geoff Stoker on Feb 6, 2019 9:36:00 AM

 

Modern Artificial Intelligence (AI) research began soon after the end of WW II perhaps best indicated by Alan Turing’s 1950 question, “Can machines think?” Since then, while devoted researchers..

Major Vendors Dismissed Top Vulnerability for Malware Delivery

Paulo Shakarian on Feb 4, 2019 9:02:00 AM

Recent reporting by Cisco on information stealing malware  designed to hide from most anti-virus solutions  is leveraging Microsoft Office vulnerability CVE-2017–11882.

Does..

Current Threats: Fileless Malware

Paulo Shakarian on Nov 5, 2018 9:30:10 PM

 

Fileless malware is on the rise and is enabling many attacks in 2018. While fileless techniques were prevalent in 2017, most of the more well-known attacks still accessed the disk and..

Five Questions to Ask a Cybersecurity Vendor

Paulo Shakarian on Oct 30, 2018 9:48:36 AM
 

Five questions to ask a cybersecurity vendor selling a machine learning solution

Ever since we started CYR3CON, we are continually surprised at the hype cycle surrounding..

Patching without Prioritization isn’t Working

Paulo Shakarian on Oct 23, 2018 9:34:13 AM

 

Detection dates and continued scanning don’t solve the root cause of the problem: how do you determine which CVEs are likely to be targeted and must be patched?

Recent media..

Breach disclosed by the Pentagon highlights the importance of third-party risk

Paulo Shakarian on Oct 17, 2018 2:33:04 PM

 

Late last week, the Associated Press reported that nearly 30,000 Department of Defense workers may have had Personally Identifying Information (PII) exposed due to a data..

Current Threats: Cryptomining

Paulo Shakarian on Sep 26, 2018 2:29:40 PM

Several recent studies are telling us that illicit cryptomining is becoming a very large threat. This may leave many threat watchers wondering “what happened to ransomware”?..

What will be the impact of the new Windows 10 Zero-Day?

Paulo Shakarian on Sep 26, 2018 2:28:56 PM

The recently revealed Windows 10 Task Scheduler Zero-Day illustrates just how quickly the idea of an exploit can become available.

Some have referred to the zero-day as bering of “limited..

The Cybersecurity Labor Shortage Makes it an Exciting Time to be a Service Provider

Paulo Shakarian on Sep 25, 2018 9:24:00 AM

The cybersecurity talent shortage will continue to grow — with an estimated 3.5 million openings by 2021. If that were a city, it would be the third-largest in the U.S. after New York and Los..