Recently, a Dutch security firm has published an extensive report on the activities of a hacker organization by the exotic name of ‘Mofang’. Among their victims: several government agences and even some arms manufacturers. There are more than enough indications to conclude that these are all cases of digital espionage. Nor is it hard to conclude what country they are from. Based on some Chinese characters in the traces that weren’t deleted, and on the remarkably high number of Myanmar organizations among the victims, we can safely conclude that Chinese hackers are behind this group. Continue reading
Are terrorists really any different from cybercriminals? We stumbled upon terrorist content during our investigations on cybercriminal activity in the underground, and after a thorough analysis of it, we uncovered parallels in the way these two distinct groups operate online.
So yes, cybercriminals and terrorists are more similar than we think – they use similar platforms and services online, but also with some key differences. Continue reading
Just one month after the Ukrainian power network was the victim of a cyber attack, hackers did it again last week. This time they were able to penetrate the national electricity network of Israel. Minister of energy Steinitz announced this news himself, when the attack was still in full force. Contrary to in Ukraine, where the virus was detected and eliminated in time. Although the damage in the last attack was fairly limited, these two recent events demonstrate how hackers are more and more aiming at infrastructural targets. Continue reading
Last mont, shortly after the dramatic events in Paris, the online hacker community Anonymous announced more actions against IS (Islamic State). One of these actions was Anonymous’ appeal to everybody to make Friday 11 December ‘IS Trolling Day’, by criticizing and ridiculing IS on social media. This appeal followed actions by Anonymous hacktivists, such as blocking and publicly exposing hundreds of IS-related Twitter-accounts. Continue reading
By Albert Kramer
Bring Your Own Device (BYOD) has for the past few years been both a cause of sleepless nights for security bosses and a major flash point between the business and IT. To that we can now add wearable technology – smart watches, fitness trackers, head-mounted displays and the like which threaten to leak corporate data and expand the enterprise risk surface even further. IT consumerisation took another hit this month when research revealed that some of the most popular apps in the world have password brute force vulnerabilities, exposing as many as 600 million Android and iOS users. Continue reading
It has been a quite interesting week for me. Believe it or not, I don’t get the opportunity to speak on two national (Radio 1 and BNR) radio broadcasting channels every week. The reason for this sudden interest? Trend Micro’s research on identity theft and the Deep Web, which made quite an impression. So of course I want to share this with our loyal audience as well. Continue reading
All or nothing is a really bad strategy for securing your Microsoft Azure workloads. Security in Azure is very much a shared responsibility. You need to know exactly what it is that you must secure, and what is covered by Microsoft.
Microsoft provides robust physical security, network infrastructure, and virtualization layer. Ideally, you will match their excellence with equally robust security for your workloads, including operating system, applications, and data.
But there’s a small catch. If you try to use traditional security to protect your applications and data in the cloud, you risk slowing your Azure project with needless complexity. There’s a simpler and more effective solution. Continue reading
Be aware of your security responsibility !
An increasing number of companies has decided to host their office applications such as Microsoft Word, Excel and Powerpoint in the cloud. Also core services like mail, datastorage and sharepoint are hosted these days. No wonder really, because the underlying principle is very appealing: you no longer need to install software yourself, and the central storage in the cloud allows you to access your data anywhere and from any device. Highly convenient, isn’t it? But beware: switching from onsite applications to their hosted online equivalents also entails a certain degree of risk, particularly when it comes to data security. Continue reading
We are living in exciting times. The way we work is radically changing. We see businesses transforming into digital businesses, relying on social, mobile, analytics and cloud. Not only for collaboration purposes, but also for data storage, email, insights, etc. When it comes to the cloud industry, we see great names as Microsoft, Amazon and Google Apps. They have extensive experience and yes, they have taken security measures to protect the data you trust them with. This, however, does not mean you can put your feet up and leave the security aspect entirely in the third parties’ hands.
So not only the way we work has changed, the way we should handle security should change too… Take greater control, maintain higher levels of security. Continue reading
Most organizations have already understood the importance of a decent IT security solution. And many of you do understand that ‘decent’ means more than just anti-virus. The current landscape of cyberthreats is far more complex than in the old days, when a decent scanning engine ‘at the network’s gates’ would stop virtually everything. These were the days when company software and hardware would never go outside of the company’s walls and the malware was created by spotty teenagers looking for their 5 minutes of fame.