10 09, 2015

Bug Bounties and Ransomed Security

By |2017-10-05T14:33:34-07:00September 10th, 2015|Cybersecurity|

On September 6, amid the doldrums of Labor Day weekend, security researcher Kristian Hermansen was hard at work, disclosing a zero-day vulnerability in FireEye’s Mandiant security software. The bug, which could give unauthorized users remote root access to the file system, is merely one of “many handfuls of FireEye/Mandiant 0day” Hermansen has “been sitting on,” [...]

18 08, 2015

Life after Breach: 5 steps to recover from a cyber attack

By |2017-10-05T14:50:12-07:00August 18th, 2015|Cybersecurity|

It seems only fitting to have a post-Black Hat reflection on post-attack recovery. In her presentation How to Implement Security after a Cyber Security Meltdown, Christina Kubecka outlined the recovery efforts she helped implement after the 2012 cyber attack on Saudi Aramco. Chicken Little! Chicken Little! Your network just got pwned! For those unfamiliar with [...]

30 06, 2015

Why Hackers Pick on Healthcare

By |2017-11-14T11:44:28-07:00June 30th, 2015|Healthcare|

As the healthcare industry shifts to more electronic medical records, we’ll continue to see an increase in massive attacks like those that hit Anthem (78.8 million patient records compromised), Premera (11 million patient records compromised) and Community Health Systems (4.5 million patient records compromised). That is, until the industry’s security practices catch up with the [...]