The SEC is now demanding more information about breaches and known risks in companies, according to their newest guidance. They are also stating that stock trading is forbidden for companies executives with known vulnerabilities in their organization. This is pretty big move, and could signal a move toward government-mandated compliance, similar to PCI/HIPAA/SOX, etc. […]
Read MoreIts no secret that cybersecurity is on everyone’s mind. Most companies are waking up to the stark truth that they need to hire staff to keep their data safe, but did you realize just how many open jobs there are for these positions? While you are looking to staff, the bad guys aren’t sleeping, so […]
Read MoreReleased Tuesday: The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as HARDRAIN and BADCALL—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. NCCIC/US-CERT encourages users and administrators to review the HIDDEN […]
Read MoreYears ago, I had a neighbor who left his network open, and I would randomly fire off a script that would simultaneously access his floppy drives from multiple computers, creating a similar effect to this vulnerability – but my floppy drive attack would lock up the whole machine by using all the I/O the device […]
Read MoreIf you still think that security can be something that you “get to as soon as…”, then you may already be in trouble. Too many companies pay little attention to the risk potential until it is too late, and the bad guys are well aware of it. Security is something that must be baked into […]
Read MoreToo often, we at White Raven have spoken to our peers in the industry who have complained about the sticker shock of moving to the cloud. Matthew Shooshtari has written an article discussing this phenomenon, and we wanted to expand ever so slightly on it. As a long-term infrastructure manager, it bears (in my opinion) […]
Read MoreAccording to Thales threat report, breaches have risen for companies by about 36% this year, with 67% of respondents reporting one or more in their environment. Other findings include that the top three methods of preventing data loss and breaches are : Data-at-rest protection Network Security Data-in-motion protection Interestingly, the findings state that most companies […]
Read MoreAs new developments unfold in the Spectre saga – it appears that Intel shared the news about the vulnerability with Chinese interests before those in the USA – this could mean that threat actors in that region were able to react before we even knew about it. Regardless of the legal and international ramifications, White […]
Read MoreAs the infrastructure world is catching on to automation, so too is the security world beginning to take notice. Automating repetitive tasks in any IT environment reduces the need for staffing numbers, and increases the speed of reaction to potential issues. White Raven believes that automation is the key, so long as it is there […]
Read MoreWe all tend to believe that our utilities providers are safe from intrusion – this is simply not true. White Raven believes that they hold huge potential for the bad guys to gain information, and this is likely just the first of many such exploits we will soon see in the news. Using information from […]
Read More