As security vendors, we talk a lot about how technology can help maintain our way of life in the digital age by providing the mechanisms to prevent attacks. The other two pieces of that prevention story, however, rely on people and processes.
In the past there was a real shortage of people skilled in the basics of cybersecurity, which meant that cybersecurity roles weren’t filled anywhere near as quickly as they were needed, or inexperienced people were hired and forced to learn on the job, both of which posed huge risks to organizations. I think this is still somewhat true today — there are more cybersecurity roles needed than there are seasoned cybersecurity professionals — but we’ve made progress in solving this problem.
A growing number of universities in the U.S. have added cybersecurity-related degree programs to their educational offerings. …Continue reading
Over the last decade we have seen a striking, but expected, trend. As we move more and more of our personal lives, business operations, and critical infrastructure into the digital arena, cyberattacks have gotten more aggressive, successful, and damaging. Not only is there more value to be stolen online, but it has also become easier and cheaper to launch successful attacks, eroding our digital trust in online systems.
Consider your bank account and total absence of tangible money or legal tender that underlies it; you trust that the assets exist because you can “see” them when you log in. But the value that sits on the servers is made up entirely of trust in those digital systems. There is a very fine line separating our smoothly functioning digital society built on this trust and the chaotic breakdown that would result from its erosion. …Continue reading
All of our top news from this past week has been rounded up right here for easy consumption!
Unit 42 was especially busy this week:
- Publishing the 2015 Application Usage and Threat Report (AUTR)
- Finding new Apple iOS malware, YiSpecter, that attacks both jailbroken and non-jailbroken iOS devices
- Uncovering that the latest TeslaCrypt ransomware borrows code from Carberp Trojan
- Discussing the new anti-analysis trick the authors of Upatre added in an attempt to defeat sandboxes.