All Blog Posts (549)

I Love Ransomware

Before you go all torches and pitchforks on me, hear me out.

I hated writing this article. Truly. My industry is, at its core, a service industry. Overwhelmingly I meet people who go into IT service, support and cybersecurity that have a real desire to help others.…

Continue

Added by Meghana P on March 8, 2017 at 1:00pm — No Comments

Ransomware in ICS/SCADA ... It's Happening and Predictions

One is not exactly channeling Nostradamus to predict that ransomware attacks will hit Industrial Control Systems (ICS). The importance of a reliable, high integrity backup and ability to recover in an acceptable timeframe is the same for ICS and enterprise network…

Continue

Added by Meghana P on March 8, 2017 at 11:30am — No Comments

Top 4 Resources on IoT Security from 'Task Force Blogathon'

A big thank you to our  CISO Platform IoT Security Task Force. They did a 6 hour blogathon and came up with very interesting articles for our community.



If you love it, don't forget to share it !…

Continue

Added by pritha on March 3, 2017 at 11:36am — No Comments

CISO Guide: Mobile Security & Business Transformation Study

Learn How Enterprise Mobility Has Forever Changed the Way Enterprises Conduct and Secure Business

Ninety-nine percent of the enterprise workforce currently uses mobile devices - smart phones and tablets - to perform their jobs today. And nearly 60 percent of security leaders describe their organizations as either partially or fully mobile, deriving enhanced productivity and other business benefits.…

Continue

Added by Gireesh Kumar on February 28, 2017 at 3:00pm — No Comments

Cyber Insurance May Affect Incident Response Industry

Faced with the risk of cyberattacks, the prospect of losing data and the potential for large fines, the private sector has turned to the insurance industry to protect against losses arising from all manner of information security incidents. Research from CFC Underwriting shows a 50% growth in demand for cyberinsurance last year and the firm expects continued high demand for cyber insurance products in 2017.

The cyberinsurance industry is growing quickly as a result. Allianz estimates…

Continue

Added by pritha on February 22, 2017 at 12:00pm — No Comments

10 Things You Should Ask of Your Cyber Incident Response Tool

In the fast moving world of cyber security incident response, the challenge is to rapidly identify and stay ahead of the threat. Incident responders must move faster, be more agile, have longer stamina than the attacker. Additionally they must also be more responsive than the attacker or malware can morph and be concealed. In the world of small networks (1-100 nodes), this is not a particularly oppressive challenge with the old methodologies, tools, and procedures. In midsize to large-scale…

Continue

Added by pritha on February 21, 2017 at 10:00am — No Comments

Advertising Vulnerabilities in Bluetooth Low Energy (BLE) IoT Networks

Overview

With the increasing need of Bluetooth Low Energy (BLE) IoT security, comes the part of vulnerability management in these networks. Unlike the IP  security, BLE security framework is not yet mature. The newer version of BLE have enhanced the security of BLE devices but vulnerabilities are still present because of the lack of attention by both manufacturers and customers on security.

These vulnerabilities have to be…

Continue

Added by Amit Chahar on February 18, 2017 at 4:00pm — No Comments

Survey of Industrial IoT and Security

Overview

Internet of Things (IoT) has been gaining prominence in the consumer space in the last few years by redefining business-to-consumer (B2C) markets such as smart homes, media, infotainment, retail, financial services and so on. This IoT revolution has the potential to dramatically alter manufacturing, energy, agriculture, transportation and other industrial sectors of the global economy in the next decade. Termed as the…

Continue

Added by Vishwas on February 18, 2017 at 3:58pm — No Comments

End-to-End Encryption in Bluetooth Low Energy (BLE) IoT Networks

Overview

With millions of Bluetooth Low Energy (BLE) IoT devices deployed per year, comes the responsibility to secure them. BLE was designed for low power personal area networks. Security was not a focus while designing it. But nowadays, BLE devices are an important part of IoT networks where these can be a matter of life and death.

There are two types of IoT architecture using BLE:

1. BLE device sends data to the…

Continue

Added by Amit Chahar on February 18, 2017 at 3:30pm — No Comments

IoT Security using Blockchain

Two of the most talked about technologies in today's world are blockchain and IoT. They are at the initial stage of maturity and there are lot of activities taking place in development of them and finding interesting uses of the technologies. One of the key challenges of IoT world is security. In this article my attempt is to critically view the use of blockchain technology to secure IoT.

The article starts with giving a very brief primer on blockchain followed by explaining the…

Continue

Added by Arnab Chattopadhayay on February 18, 2017 at 3:30pm — No Comments

Survey of IoT Security Standards

IoT security is being approached by many organizations and from different perspectives . In this post we give a birds eye view of the players.This is not intended to be comprehensive.  We will supplement  this in time with deeper dive at different layers of the ISO 7 layer model.…

Continue

Added by Arvind Tiwary on February 18, 2017 at 3:30pm — No Comments

Security vulnerabilities in connected cars

Connected Cars

 Connected vehicle technology potentially increases driving safety and efficiency through its ability to communicate with the internet and other automobiles

Consumer demands features range from Bluetooth, Wi-Fi, cellular network connections, keyless entry systems, to…

Continue

Added by Rahul M on February 18, 2017 at 3:30pm — No Comments

List of IoT Use Cases

This is a list of various use cases of IoT. Some of them have been detailed, because of current or potential challenges and usage trends.

1. Manufacturing

There are two types of systems: old systems with hardly any/nil instrumentation, and the relatively new ones with instruments which generate lot of data using automation systems, robots, NC machines, PLCs, digital gauges, cameras, sensors, wireless tools and others…

Continue

Added by N Katariya on February 18, 2017 at 3:09pm — No Comments

Classification of IoT Devices

A typical architecture of an IoT solution consists of constrained devices, gateways or border routers and the cloud platform. On a high level architecture perspective there are two types of devices: constrained devices and gateway-like…

Continue

Added by Nagasai on February 18, 2017 at 2:46pm — No Comments

Cyber Incident Response - The 5 Important Steps

This article gives us 5 fundamental steps and questions one must ask to understand the crisis of the Incident. This includes understanding the incident, the control points, plan of action, communication, business impacts.



( Read…

Continue

Added by pritha on February 18, 2017 at 12:30pm — No Comments

Best ploy against Ransomware : A Perfect Backup Plan

Last year, cybercriminals attacked the California-based Hollywood Presbyterian Medical Center, encrypting files crucial in running the hospital’s operating systems and demanding a ransome to restore them to working order. The scam worked – after 10 days of futility, the hospital surrendered and paid $17,000 to regain system control.…

Continue

Added by Amit Jaokar on February 17, 2017 at 1:30pm — No Comments

[ALERT] USB Sticks Could Infect Your Network With New Spora Ransomware Worm

The new Spora ransomware strain has now been dissected by more malware researchers and the team from G Data discovered that Spora uses an "innovative" way to spread itself via USB sticks. This strain is highly sophisticated and could become the "New Locky". 

Spora has well-implemented encryption procedures that do not need a Command & Control server, a user-friendly payment site, choice of different “packages” that victims can opt for including immunity from future attacks, and…

Continue

Added by pritha on February 17, 2017 at 10:00am — No Comments

Ransomware - Practical View, Mitigation & Prevention Tips

Ransomware is a type of malware that encrypts everything on your system with a cryptographic algorithm and holds that encrypted data hostage for ransom. It demands the user to pay for the decryption key. There are two types of ransomware. The first type encrypts all data on the system and renders it nearly impossible to decrypt without the key. The second type simply locks the system and demands to enter the key for data decryption but does not encrypt data itself.…

Continue

Added by pritha on February 16, 2017 at 1:30pm — No Comments

Meet 1-Minute RSAC Expo Navigator Tool!

RSA conference is one of the leading security conferences worldwide with 700+ vendors at the Expo, which creates some unique challenges for security professionals. Some of the challenges @RSAC Expo are as below:

  • Extremely difficult to identify the vendors in your area of interest in the crowd of 700+…
Continue

Added by Amit, CISO Platform on February 15, 2017 at 5:00pm — No Comments

2016: The year of Ransomware - Let's change 2017...

2016 will go in history as the year CyberCriminals made fortune by using vulnerabilities found in technology and moreover exploiting human weaknesses. The infamous CEO Scam brought billions of dollars to CyberCriminals. I had written a separate post to handle this crime, more details can be found here…

Continue

Added by Vikas Arora on February 2, 2017 at 10:30am — No Comments

Monthly Archives

2017

2016

2015

2014

2013

2012

1999

 

© 2017   Created by CISO Platform   |   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

Related Posts