The SEC is now demanding more information about breaches and known risks in companies, according to their newest guidance. They are also stating that stock trading is forbidden for companies executives with known vulnerabilities in their organization. This is pretty big move, and could signal a move toward government-mandated compliance, similar to PCI/HIPAA/SOX, etc. […]Read More
In case you didn’t see it on the news, SpaceX sent up a pair of satellites with a new launch yesterday. Their purpose? To begin testing what will be broadband for all at gigabit speeds. While this may seem like a grandiose plan, gigabit speeds would be an amazing step forward for many of us, […]Read More
Thinking about doing cybersecurity in-house? You may have a harder time finding employees than you think.
Its no secret that cybersecurity is on everyone’s mind. Most companies are waking up to the stark truth that they need to hire staff to keep their data safe, but did you realize just how many open jobs there are for these positions? While you are looking to staff, the bad guys aren’t sleeping, so […]Read More
The Colorado Department of Transportation was brought to its knees by SamSam this week. Are you vulnerable? Read more: https://www.2-spyware.com/samsam-ransomware-hit-colorado-department-of-transportation?lipi=urn%3Ali%3Apage%3Ad_flagship3_feed%3BUj3NSRhaR4CEVe4QjP8aJQ%3D%3DRead More
Released Tuesday: The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as HARDRAIN and BADCALL—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. NCCIC/US-CERT encourages users and administrators to review the HIDDEN […]Read More
Years ago, I had a neighbor who left his network open, and I would randomly fire off a script that would simultaneously access his floppy drives from multiple computers, creating a similar effect to this vulnerability – but my floppy drive attack would lock up the whole machine by using all the I/O the device […]Read More
If you still think that security can be something that you “get to as soon as…”, then you may already be in trouble. Too many companies pay little attention to the risk potential until it is too late, and the bad guys are well aware of it. Security is something that must be baked into […]Read More
While the costs of Cloud are generally a better ROI than hosting your own infrastructure, remember it isnt free.
Too often, we at White Raven have spoken to our peers in the industry who have complained about the sticker shock of moving to the cloud. Matthew Shooshtari has written an article discussing this phenomenon, and we wanted to expand ever so slightly on it. As a long-term infrastructure manager, it bears (in my opinion) […]Read More
According to Thales threat report, breaches have risen for companies by about 36% this year, with 67% of respondents reporting one or more in their environment. Other findings include that the top three methods of preventing data loss and breaches are : Data-at-rest protection Network Security Data-in-motion protection Interestingly, the findings state that most companies […]Read More
Spectre/Meltdown patches being rolled back by Microsoft and other vendors and China knew before the US?
As new developments unfold in the Spectre saga – it appears that Intel shared the news about the vulnerability with Chinese interests before those in the USA – this could mean that threat actors in that region were able to react before we even knew about it. Regardless of the legal and international ramifications, White […]Read More