Insights blog.

The evolution of the technology environment and related security threats is so fast paced it often seems businesses and regulators are playing an endless game of catch-up.

As retailers and consumers across the country begin gearing up for the 2019 holiday shopping season, hackers are also preparing for the days between Thanksgiving and Christmas. And all signs point to ransomware as their preferred method of attack.

The regulatory environment is evolving rapidly as national and international regulatory bodies attempt to keep pace with changing business models, technology infrastructure and continuously escalating cyberthreats. 

2019 has been a year of high-profile attacks, and, as we predicted, it’s only getting worse. That’s certainly the case for Airbus.

In the weeks since our previous post, we’ve seen development in the security community withthe release of an exploit into a commercial product as well as the announcement of theunreleased integration of an exploit into Rapid7’s Metasploit framework. During this time, wewanted to provide an update of affected machines, but also dive a bit deeper into thecharacteristics of the individual systems that remain exposed and unpatched.

It’s been five weeks since we first posted about the exposure of the BlueKeep vulnerability on the external networks of many organizations across the world. There have been further developments regarding the capabilities of the vulnerability including that both the DHS developed a working exploit and individuals from the private sector have also developed a remote code exploit. Both of these milestones further demonstrate the risk introduced by this vulnerability and the pressing statements by Microsoft and the NSA to patch.

A little over a month ago, Microsoft discovered a software security vulnerability that could ultimately lead to one of the worst cybersecurity attacks since 2017’s infamous WannaCry ransomware incident.

On May 14th, Microsoft issued a warning about the BlueKeep vulnerability (CVE-2019-0708) affecting Remote Desktop Services Protocol (RDP), a component common in most versions of Microsoft Windows that allows remote access to its graphical interface. This vulnerability, if exploited by an external attacker, will lead to full system compromise, without requiring any form of authentication or user interaction.

The importance—and urgency—of cybersecurity measures have become increasingly visible in recent years. Yearly industry reports from the likes of Verizon, Trustwave, and PwC all express the importance of cybersecurity measures and the costly consequences of cyberattacks. No company wants to become another data breach statistic—but some decision-makers still may not understand the urgency of cybersecurity protection. 

It goes without saying that the following data breaches were incredibly damaging, both to the companies and to those affected. Each has resulted in some level of data loss, financial loss, and reputational harm. Below, we’re exploring what some of the top breaches in 2015, 2014, and 2013 were and examining the commonalities and differences between them.

In his 2015 State of the Union Address, President Barack Obama mentioned the importance of improving America's cybersecurity and what he believes it will take to make it happen. Below is a review of the most interesting statements and initiatives mentioned in the address or recent media coverage, and the potential impact each could have on American Information Security.

Last October the world was alerted to Poodle, a vulnerability on websites and servers running SSL 3.0. Acting as a "man in the middle," would-be attackers could compromise the secure connection between a browser and a website, and inject JavaScript that enabled them to view these communications, stealing unencrypted data and manipulating traffic flow. The apparent fix at the time was to upgrade from SSL 3.0 to TLS, but new research suggests this may not be the case.

Ever since the JPMorgan Chase breach was made public, companies have been watching closely to see the aftermath, the bank's course of action, and any best practices that may be developed as a result.

The security community is abuzz with the news of the latest vulnerability to sweep the internet. Early yesterday morning, details about the Bash security bug, also called Shellshock, started to emerge, putting companies on high alert about the threat experts are calling “Bigger than Heartbleed.”

As more and more details surrounding the Target breach continue to unfold, it's becoming evident just how complicated it can be for investigators and journalists to follow the trail of evidence left behind. The latest reports suggest that one or more business partners were used by the attackers to gain access to Target's systems. Below is a summary of top stories which provide insight into the tangled web of third party vendors and suppliers which may have left Target vulnerable to attack, highlighting just how esstential it is for organizations to be aware of their third party risks.