Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.
Here are the most interesting articles we’ve found this week that could be helpful to you:
Young adults most likely to lose a phone, making them top targets for mobile hackers
It won’t come as a surprise to you that young adults are most likely to lose a phone. This article makes a great case for two important mobile device best practices that’ll help you in case of loss:
- Two Factor Authenication for all of your online services
- Using a passcode to encrypt your mobile device
These inexpensive security fundamentals can save your company a lot of time and effort.
The ninja security tactics described in this guide — a set of reimagined, if not completely “new” security fundamentals — are available to all for free or with minimal investment. They don’t come with new acquisition costs, steep learning curves or additional vendor lock-in. All they require is a fresh perspective on existing systems and tools, and the judicious application of already well-known security concepts.
PCI is going to impose new payments security rules this week — and they don’t go nearly far enough
New PCI security requirements are to be issued this week. If you handle credit cards, they apply to you. Are these new measures enough?
“An organization could go to great lengths to protect their internal network only to see a third-party negate all of their effort as indicated in data breach reports. That is why several new requirements were identified for service providers in PCI DSS 3.2. These new requirements should already be part of service providers’ efforts to successfully manage the effectiveness of security within the cardholder data environment,” Troy Leach PCI Chief Technology Officer
Ransomware-as-a-service Malicious Insiders = Deadly Threat
As the Ransomware market continues to evolve, the actors start to specialize and stay in their comfort zones.
The Ransomware as a Service (RaaS) model is an emerging concept in which Ransomware authors provide customized, on-demand versions of malware to distributors. The ransomware author collects the ransom and shares it with the distributor. A classic “affiliate” distribution model, which we know from other domains on the web. Thus, malware authors stay in their comfort zone of writing software while distributors who specialize in spam, malvertizement or BlackHat SEO create a new revenue stream based on their existing platforms
Ransomware in your inbox: the rise of malicious JavaScript attachments
JavaScript attachments are replacing Word documents as attachments of choice for some ransomware authors.
