Jaya Baloo, CISO of KPN, the Netherlands’ leading telecommunications provider, talks to Mike Mimoso about the WannaCry ransomware outbreak and how large network providers and enterprises must contend with advanced attacks.
Baloo will be speaking at the upcoming Borderless Cyber USA conference in New York. Threatpost is a media partner of the event and readers now can use the code “Threat” to get $100 off the corporate registration fee.
Antivirus software to protect corporate systems from malware is like a flu shot. You should have it, but it won’t likely protect you from every strain of the flu.
“Antivirus is great for blocking known threats, but the issue has grown past viruses,” said Ryan O’Leary, vice president of the Threat Research Center at WhiteHat Security. “Malware and vulnerabilities in the network or application can lead to far greater compromise.”
Worse yet, new threats are being crafted faster than traditional antivirus can keep up.
“We as an industry need to recognize that defaulting to an antivirus and firewall mentality is…
Thanks to Kaspersky, we now know that 98% of the Windows machines infected by WannaCry/WannaCrypt were running Windows 7. Since, once it gets a foothold, the malware can infect an entire network, most of the attention was focused on LAN based attacks. My previous blog was about using the Windows firewall as a defensive measure.
But any malware can spread in multiple ways so there is always a need for anti-malware software on Windows PCs. The May 12th blog post, Customer Guidance for WannaCrypt attacks, in which Microsoft announced the release of a bug fix for Windows XP, mentioned that
…
‘Know your enemy’ — understanding what to prepare for
While ransomware isn’t new, this once-simple criminal hacker tactic has morphed into a devastatingly effective weapon wielded by more advanced cyber-criminals — as seen with the recent Wannacry outbreack. These sophisticated attackers are highly motivated by the profitable nature of their efforts. Dan Larson, technical director at CrowdStrike, looks at the current state of ransomware, why organizations should take threats seriously and how to build a strong defense.
What’s at stake — compliance and reputation
Businesses now retain sensitive information that they are required by law to protect. If an organization…
VMware fixed two bugs in its VMware Workstation late Thursday night, including an insecure library loading vulnerability and a NULL pointer dereference vulnerability.
The virtualization software company warned of the issues Thursday night in a security advisory VMSA-2017–0009.
Jann Horn, a security researcher for Google Project Zero who’s previously uncovered bugs in Xen’s hypervisor and the Linux kernel, found the library loading vulnerability in VMware’s Workstation Pro/Player product.
The vulnerability (CVE-2017–4915) is tied to the loading of Advanced Linux Sound Architecture (ALSA) files. ALSA, a software framework and part of the Linux kernel, facilitates APIs for sound card driver files…
Despite all the attention currently focused on Windows computers being infected with WannaCry ransomware, a defensive strategy has been overlooked. This being a Defensive Computing blog, I feel the need to point it out.
The story being told everywhere else is simplistic and incomplete. Basically, the story is that Windows computers without the appropriate bug fix are getting infected over the network by WannaCry ransomware and the Adylkuzz cryptocurrency miner.
We are accustomed to this story. Bugs in software need patches. WannaCry exploits a bug in Windows, so we need to install the patch. For a couple days, I too…
Bipartisan bill wants to stave off another WannaCry
Two US senators have proposed a law limiting American intelligence agencies’ secret stockpiles of vulnerabilities found in products.
The Protecting our Ability To Counter Hacking (PATCH) Act [PDF] would set up a board chaired by an Department of Homeland Security (DHS) official to assess security flaws spies have found in code and hardware, and decide if manufacturers should be alerted to the bugs so they can be fixed for everyone.
Right now, as you probably know, the NSA et al discover exploitable programming and design blunders in computers and networking gear, and keep a bunch of the bugs to themselves…
Are you ready for the next cyber disaster? You may not ever be fully ready. Given the ever-increasing number and variety of threats out there, it’s hard to imagine the many ways in which you could be hit. Twenty years ago, who would have imagined 9/11 or ransomware or the sophistication of today’s social engineering techniques? But even if you can’t be fully prepared, you can avoid being totally unprepared.
There are many things that you can do to be more likely to recover from a major attack or limit how hard it hits you. Being more in touch, more…
Mike Mimoso and Chris Brook discuss WannaCry, Microsoft’s response, the killswitches, a potential link with Lazarus Group, and what the future holds for the ShadowBrokers.
When internet pioneer Vinton Cerf was 10, he was working on advanced math, and by the time he was 17, he was tinkering at programming at UCLA and beginning a lifelong “love affair” with computing.
Today, Cerf, known as the father of the internet, says software bugs are among the biggest dangers to enterprise IT and warns of the mounting challenges the IT community must face in what he calls the “digital dark age.”
Widely recognized for his contributions to technology, Cerf, 73, was awarded the U.S. National Medal of Technology for co-founding and developing the internet. He also was…
