Partner Perspectives //

bitdefender

2/28/2017
03:00 PM
Razvan Muresan
Razvan Muresan
Partner Perspectives

Report: Only 2 in 3 Cyber Attacks Can Be Stopped with Current Defenses

A recent Bitdefender survey of 250 US IT execs in companies with 1000 or more PCs paints a disturbing picture of cybersecurity preparedness in the enterprise.

Image Source: Bitdefender
Image Source: Bitdefender

Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
macker490
50%
50%
macker490,
User Rank: Ninja
3/1/2017 | 7:38:22 AM
1.2m phishings
according to an essay published this morning on Help Net Security:

With 1.2 million phishing attacks, 2016 was a success for cybercriminals

while converting to a more secure o/s may not be immediately practicle nonetheless people can move ahead with AUTHENTICATION for e/mail, current term

consider using Symantec/PGP Desktop with Outlook,   or -- use ENIGMAIL with Thunderbird

note that this can be phased in -- as users and correspondents can acquire training and software step-wise. 

while this will be seen as a burden cost the potential for blocking tragedy is significant.

all e/mail should be authenticated and encrypted.

Link to article
Jet Hedon
50%
50%
Jet Hedon,
User Rank: Apprentice
3/1/2017 | 7:11:06 AM
Re: "Hope is not a method"
Thanks for your comment, helped me out to learn more
macker490
50%
50%
macker490,
User Rank: Ninja
3/1/2017 | 6:36:10 AM
"Hope is not a method"
between the cubes today employees are admonished to read incomming e/mails carefully and not to click on "anything funny"

there was an article on this this morning   on ComputerWorld

see A better security strategy than 'know your enemy': Know your co-workers

THINK

(1) are employees going to be highly successful in examining input mails for signs of fraud?    are they even capable of doing that ?   or are there going to be a few click-firsts and then ooooops errors ?

(2) why are your computer systems vulnerable to "phishing" messages that are loaded with malware?

---

a. start using PGP with Outlook to validate e/mails.   Or Thunderbird/ENIGMAIL .   It isn't hard; you can do it.

b. use a secure o/s.   we may not have any that are 100% secure -- but some are MUCH better than others.

 
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Mueller Probe Yields Hacking Indictments for 12 Russian Military Officers
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/13/2018
10 Ways to Protect Protocols That Aren't DNS
Curtis Franklin Jr., Senior Editor at Dark Reading,  7/16/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-10727
PUBLISHED: 2018-07-20
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain sensitive ...
CVE-2018-8018
PUBLISHED: 2018-07-20
Apache Ignite 2.5 and earlier serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a spe...
CVE-2018-14415
PUBLISHED: 2018-07-20
An issue was discovered in idreamsoft iCMS before 7.0.10. XSS exists via the fourth and fifth input elements on the admincp.php?app=prop&do=add screen.
CVE-2018-14418
PUBLISHED: 2018-07-20
In Msvod Cms v10, SQL Injection exists via an images/lists?cid= URI.
CVE-2018-14419
PUBLISHED: 2018-07-20
MetInfo 6.0.0 allows XSS via a modified name of the navigation bar on the home page.