Cyber Threats and New Ways to Fight Them Continue to Pile Up

Posted By: Gene Fredriksen | November 14, 2016 | 0 Comments

This week’s Cyber Security update – the People, Process and Technology of a solid InfoSec program.

New reasons to be alert and new defensive techniques to resist cyber threats are created every day. Take a look at just a small selection from the previous week.

“A culture of security is in place when rhetoric is replaced with action” – Gene Fredriksen

PHONY ANDROID FLASH PLAYER INSTALLS BANKING MALWARE

Security researchers warn that a bogus Flash Player app aimed at Android mobile devices has surfaced and is luring victims to download and install banking malware that steals credit card information and can defeat two-factor identification schemes.

ThreatPost. November 1, 2016

Updated WeMo smart home devices patches Android phones spying vulnerability

If it isn’t routers, web cameras and maybe even printers feeding into the Mirai botnet – the malware that delivered the most powerful distributed denial of service (DDoS) attack in recent history – then it’s a home automation kit from WeMo that could have let attackers get at its Android app and spy on phones.

NakedSecurity, November 3, 2016

Directors Focusing More on Cybersecurity — But Is It Enough?

Three-quarters of boards are more involved with cybersecurity than last year, but only a quarter share information externally after an attack.

CFO, November 1, 2016

How to Mitigate the Threat of Ransomware

Unfortunately, ransomware attacks on corporate systems are becoming more common. Here’s how to manage the risk.

CFO, August 31, 2016

NICE framework: Resource for a strong cybersecurity workforce

The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) released a resource that will help U.S. employers more effectively identify, recruit, develop and maintain cybersecurity talent.

HelpNetSecurity, November 4, 2016

Cyber Security Awareness Needs To Last Beyond October

The U.S. Department of Homeland Security (DHS) has designed October as National Cyber Security Awareness Month. But as we leave October, remember that data security is an ongoing challenge that requires continued vigilance not just from information system hacking, but also from employee error and other threats. Setting up a comprehensive training and awareness program is critical – and this outline can help you continue keeping your organization aware of cyber security throughout the year.

The National Law Review, October 31, 2016

Ransomware Attacks Have More Than Doubled In Q3, Says New Kaspersky Report

Q3 cyber threat study by Kaspersky Lab says ransomware modifications have risen 3.5 times and newer countries are coming under attack.

DarkReading, November 4, 2016

Outlook Web Access Two-Factor Authentication Bypass Discovered

Enterprises running Exchange Server have been operating under a false sense of security with regard to two-factor authentication implementations on Outlook Web Access (OWA) adding an extra layer of protection.

ThreatPost, November 3, 2016

Gene Fredriksen

Gene Fredriksen

Chief Information Security Officer at PSCU
Responsible for the development of information protection and technology risk programs. Gene has over twenty five years of Information Technology experience, with the last twenty focused specifically in the area of Information Security. He served as the Chair of the Security and Risk Assessment Steering Committee for BITS, as well as serving on the R&D committee for the Financial Services Sector Steering Committee of the Department of Homeland Security.He also served as an advisor on various cyber security steering committees for the administrations of George W. Bush and Bill Clinton, assisting in the preparation of the president’s Cyber Security Position Paper. Gene is a member of the SC Magazine Editorial Advisory Board.

He has published numerous papers and books and maintains a close working relationship with both local and federal law enforcement agencies.
Gene Fredriksen

 


 

 
 
 

Leave a Reply