Threat Detection and Response : 4 Best Practices You Should Know

Perimeter defenses of various IT environments continue to be undercut by social engineering, insider threats and other difficult-to-defend attack vectors. Nowadays, greater focus is now being placed on threat detection and response, and work toward the holistic improvement of an incident response strategy.

To that end, here are four best practices that any business can start taking right away:

1. Log Workstation Data

By workstation, we mean any business computer, laptop or endpoint that belongs to the organization and can act as a point of network access. This doesn’t necessarily mean you have to go out and purchase a SIEM. There are intuitive, affordable and easy-to-deploy solutions, that allow IT staff to determine the extent of their workstation data logging, and also the extent of information and events being shared with administrators.

2. Get Real-time, Active Protection

Active protection that continually runs in the background and helps to identify and block cyberthreats in real time is a critical component of threat detection and incident response. This doesn’t occlude the need for a bidirectional firewall, but rather, it assists it by quietly monitoring files that are executed by users. In this way, it helps to identify and block malware that may be accidentally introduced by clicking on a malicious link or running an infected macro.

Threat intelligence is about using what you know to preclude future intrusions.

3. Use Application Control

Speaking of executables, anti-executable software allows you to build a

How to Enable Computer-Based Learning in Educational Environments

The concept of computer-based learning, also known as e-learning, is playing an increasingly important role in all industries. According to Global Market Insights, the market’s total value will exceed $240 billion by 2023, as an increasing number of organizations start to rely more heavily on the internet and electronic resources to enhance the learning experience.

While corporations can significantly benefit from using computer resources for training purposes, no sector is in quite as strong a position to receive a boost from computer-based learning as education. Success of e-learning implementations at any level, however, hinges upon proper implementation.

Here are a few tips and tricks to enable computer-based learning in educational/ training environments.

Restrict Distracting Websites and Applications

Ever since the first computers were installed in classrooms, there have been concerns about students being distracted, or accessing unsavory content on the web. With the inclusion of laptops, Chromebooks and tablets, managing an e-learning environment has only become more difficult for educators at all levels.

In order to foster an engaging learning environment, it’s important that educators have the ability to easily restrict the usage of certain applications and websites on classroom endpoints. The easiest way to do this is to create a whitelist of apps and websites, which have been authorized for access.

Make the Most of Digital Capabilities

The purpose of computer-based learning is to improve education. But successfully leveraging e-learning resources isn’t necessarily intuitive at first; much like in the enterprise, there need to be digital collaboration platforms in place

Lessons for 2017 : Top 3 IT Security Takeaways From 2016

Each year the cyberthreat landscape seems to get less favorable for businesses, and 2016 was no exception. Ransomware wreaked havoc on the healthcare sector. Meanwhile, phishing scams and malware intrusions cost banks tens of millions of dollars. Likewise, U.S. government agencies such as the IRS, and political entities like the DNC succumbed to fraud and social engineering, respectively. More recently, hackers used a sophisticated malware to hijack Internet-of-Things endpoints to create a botnet army strong enough to drown a DNS company in server requests.

Needless to say, 2016 didn’t turn out quite how we hoped it would. But that doesn’t mean we can’t learn from it. Let’s look at some of the top security takeaways from the year that was:

cloud

1. Better Password and Account Management Is Needed

Two of the most prominent cyberattacks in 2016 could have possibly been avoided with better authentication practices. They include:

  • The Bangladesh Bank hack: It’s believed that cybercriminals were most likely able to orchestrate the attack after login credentials were compromised, allowing hackers to log in over a long period of time to plan out how they would use SWIFT to their advantage.
  • The IoT botnet army: The massive distributed denial-of-service that brought Dyn down was only possible because the IoT endpoints used in the attack still had default passwords.

In the case of the former, requiring more frequent password

Law and Disorder : Data Security Challenges in the Legal Sector

Talking about data security challenges, 2016 was a rough year, especially for the legal sector. There were several high-profile breaches, some of which will be talked about for years to come. Among the worst were the following:

  • Mossack Fonseca: 11.5 million documents known as the Panama Papers dating as far back as 1970 were leaked, in what some are calling the largest data breach ever by volume.
  • Cravath and Weil Gotshal: Both law firms – which represent Fortune 500 companies – were broken into, possibly as an attempt to steal information about Wall Street clients for the purposes of insider trading.
  • Ransomware hits over a dozen firms: In Europe, multiple law firms were hit with ransomware within a period of only a few weeks.

As a whole, the sector has been more heavily targeted in recent years. According to an American Bar Association survey conducted in late 2015, a quarter of all law firms with 100 or more attorneys have been breached. The reason hackers would want to to target law firms is the same as why they’d target any other industry: to steal data that could be of value to someone, or to hold that critical data hostage by encrypting it.

The most important question now is: What what can law firms do to address their unique data security challenges?

Blocking Unauthorized Executables

Many law firms still use email as their standard method for communication and document sharing. Despite the widespread use of web gates and active anti-virus protection to prevent the execution of malware,

5 Things You Need to Know About Proteus Malware

Everyday, about one million new malware threats are released. Many of them will fall by the wayside without causing much damage. But some will leave a malicious mark in the memory of CIOs and CISOs everywhere. An example of such a cyberthreat is Proteus malware, a cousin to the well-known Andromeda botnet. Here’s what you need to know about this multi-functional menace:

1. It Steals Your Cryptocurrency

According to Bleeping Computer, Proteus can mine for cryptocurrency using SHA256 miner, CPUMiner and ZCashMiner, all of which leverage the local PC’s GPU or CPU to steal Bitcoin, Litecoin, Zcash, and other forms of cryptocurrency. On the surface, theft of cryptocurrency may not seem like a big deal, but it really is. An increasing number of banks are preemptively purchasing cryptocurrency so they can more quickly deal with ransomware mitigation. Thanks to Proteus, having cryptocurrency is just as much of a liability as not having it.

2. It Turns Your Computer into a SOCKS proxy

A socket secure (SOCKS) proxy acts as an intermediary that relays traffic between a server and a client for any type of network protocol. Proteus essentially enables your computer to do this, meaning that malicious traffic can pass freely through an infected system. In essence, Proteus transforms one of your business endpoints into an open door for cybercriminals. And to that end, Proteus is able to download and execute other types of malware that can be used against a host.

3. It Verifies Stolen Credentials

Some cybersecurity experts contend that Proteus’ primary or