Ransomware Gangs Are Mostly Just Following the Easy Money

posted in: Security 0 |
Reading Time: 2 minutes

I saw a few references to this KELA study of ransomware based on doing some digging around the dark web to see what people were looking for. I wasn’t necessarily surprised by what they found, because it seems relatively obvious, but I was a little surprised to see that it’s pretty well-thought-out. I guess I had been working on an assumption that folks using ransomware were just throwing out a wide net and catching whatever they could, but it seems like maybe they are thinking a bit more about what they are doing. … Read More

Linked: Wanted: Disgruntled Employees to Deploy Ransomware

posted in: Links, Security 0 |
Reading Time: 2 minutes

Look, it makes sense at any time, but right now with companies varying sets of rules around a pandemic, forcing employees back to an office, mandating a vaccine if they do, closing offices, etc. there is bound to be at least one person who just isn’t very happy with whatever stance the company has taken.

Would the vast majority of them stoop to purposefully installing ransomware on the corporate network? Probably not, but the hacker doesn’t need the majority, they need 1. Just one person to be so angry, and also unethical, and they are in.… Read More

Apple’s Image Scanning Tool is, Well, Complicated

posted in: Security, Tech 0 |
Reading Time: 3 minutes

At first blush, the idea of scanning images synced up to iCloud for child sexual abuse materials against the hash list of known CSAM images seems like a good idea. As a survivor of childhood sexual abuse myself, I want tech companies to takes some initiative to deal with this issue. They also want to scan images on kids’ phones using AI to see if kids are getting into any trouble with sending or receiving sexual material. Again, that sounds like a good thing. But, as the EFF points out, this all requires a backdoor, and backdoors, once created, almost never remain used for just one purpose.… Read More

Your People Are Routing Around Your IT Security

posted in: Security 0 |
Reading Time: 2 minutes

That combination of things points to one, larger, issue. There’s a pretty large communication gap between IT and business users. The security restrictions that exist are getting in the way of people getting work done, and rather than ask for them to be changed, users simply work around them using their own tools, maybe even their own laptops, or network connections, and the IT folks don’t even know this is happening.

That’s a recipe for disaster. It might be time to work on communicating with your users, and of course when I say “communicate” that absolutely means listening too.… Read More

1 2 3

Privacy Policy Settings

Top Posts