Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: PC Security

State of Insider Threats in the Digital Workplace Report 2019

“While cybercriminals, hacktivists, and ransomware often make a big splash in the news headlines, the reality is that the biggest security threat is often right in front of you. Insiders—people already in your organization—pose a pervasive security risk, whether their behavior is malicious or accidental. In fact, according to the 2016 U.S. State of Cybercrime report by CSO Magazine, insiders were the source (or cause) of the following:

  • 50% of incidents where private or sensitive information was unintentionally exposed
  • 40% of incidents where employee records were compromised or stolen
  • 33% of incidents where customer records were compromised or stolen
  • 32% of incidents where confidential records (i.e., trade secrets or intellectual property) were compromised or stolen.
  • And with the rise of SaaS applications, it’s easier than ever to expose private or sensitive data, whether it’s intentional or not. New attack vectors and data leakage points are emerging in SaaS apps. As a result, a new type of insider threat is taking shape. What makes this new breed of insider threats especially insidious? It stems primarily from the well-meaning but negligent end user. In the age of SaaS, where end users interact with and share data freely, it can spell trouble.
  • Featuring survey data from 500 IT professionals, proprietary product data from 2,000+ BetterCloud customers, and commentary based on BetterCloud’s 7+ years of industry experience, this is the most comprehensive insider threats report to date…”

The perilous life of computer virus cracker making powerful enemies online

BBC: “Fabian is world renowned for destroying ransomware – the viruses sent out by criminal gangs to extort money. Because of this, he lives a reclusive existence, always having to be one step ahead of the cyber criminals. He has moved to an unknown location since this interview was carried out…Ransomware is a particularly nasty… Continue Reading

IBM X-Force Intelligence Threat Index 2019

“As the cyber threat landscape evolves, what we saw in 2018 is organisations across all industries are facing unmanageable levels of cyber threats brought on by the changing threat landscape, the risk of exposure and an ever-growing attack surface. The IBM X-Force Research team is a crack team of security professionals who run thousands of… Continue Reading

Nine Steps That Companies Should Take To Protect You

EFF: “Today we are announcing Fix It Already, a new way to show companies we’re serious about the big security and privacy issues they need to fix. We are demanding fixes for different issues from nine tech companies and platforms, targeting social media companies, operating systems, and enterprise platforms on issues ranging from encryption design… Continue Reading

Paper – Perceptions and Reality of Windows 10 Home Edition Update Features

In Control with no Control: Perceptions and Reality of Windows 10 Home Edition Update Features, Jason Morris, Ingolf Becker, Simon Parkin – University College London Workshop on Usable Security (USEC) 201924 February 2019, San Diego, CA, USAISBN 1-1891562-53-3 http://dx.doi.org/10.14722/usec.2019.23008 – www.ndss-symposium.org: “Home computer users are regularly advised to install software updates to stay secure. Windows… Continue Reading

Half of all Phishing Sites Now Have the Padlock

Krebs on Security – “Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. Unfortunately, this has never been more useless advice. New research indicates that half of all phishing scams are now hosted on Web sites whose Internet address includes the… Continue Reading

How to Tell if Your Account Has Been Hacked

Motherboard – How to check if your Gmail, Facebook, Instagram, Twitter, and other accounts have been hacked. “Hackers routinely target high profile victims like politicians or wealthy cryptocurrency investors. But you could become a target too. Maybe an abusive former partner wants to stalk you, or a run-of-the-mill cybercriminal wants to get into your bank… Continue Reading

US-CERT issues guide on how to properly dispose of your electronic devices

ZDNet – “Over the past few years, there have been numerous reports, and studies about how second-hand devices that have been put up for sale still contained information from previous owners, exposing those individuals to scams, blackmailing, or identity theft. This week, the United States Computer Emergency Readiness Team (US-CERT), a division part of the… Continue Reading

GAO – Actions Taken by Equifax and Federal Agencies in Response to the 2017 Breach

Data Protection: Actions Taken by Equifax and Federal Agencies in Response to the 2017 Breach. GAO-18-559: Published: Aug 30, 2018. Publicly Released: Sep 7, 2018: Hackers stole the personal data of nearly 150 million people from Equifax databases in 2017. How did Equifax, a consumer reporting agency, respond to that event? Equifax said that it… Continue Reading

DHS announces US critical infrastructure at risk from Russia

WSJ – DHS Forms New Cyber Hub to Protect Critical U.S. Infrastructure Secretary Nielsen Says ‘Our Intelligence Community Had it Right’ About Russian Interference – What What What ⸮⸮⸮ [see my previous posting about this punctuation mark] As this article is behind a paywall – you may want to avail yourself via US-CERT of the… Continue Reading

These are the websites your clean-install Windows PC connects to by itself

MSPoweruser: “Since the release of Windows 10, Microsoft has been accused of breaching privacy and connecting users to services without proper disclosure. The company now has released a list of websites and services that a Windows PC connects to after a clean install. The list mostly consists of Microsoft services which provide data endpoints to… Continue Reading