Profile cover photo
Profile photo
Davey Winder
123 followers -
Editorial Director & Managing Analyst - IT Security Thing Ltd
Editorial Director & Managing Analyst - IT Security Thing Ltd

123 followers
About
Posts

Post has attachment
By me @ +SolarWinds MSP: Ransomware has fast become the biggest actor in the global threatscape. Attacks such as Petya and WannaCry made global headlines and came at a massive financial cost to organisations not protected against the threat. Whilst there is plenty of advice on how to avoid becoming a victim of the ransomware scourge, the grapevine is much quieter when it comes to answering the question: should you pay ransomware ransoms?

Post has attachment
By me @ ITSecurityThing: Use a Fingbox to help whack the KRACK attack

"There’s not a great deal to add to the excellent job done by the researchers who revealed the KRACK attack to the world some weeks ago now. I would wholeheartedly encourage you to go read up at the Manny Vanhoef Key Reinstallation Attacks site. What can be done for the home user to help mitigate the risk, if they are not the firmware updating type. Well, obviously, educating them as to why they should be is the prime method. Failing that though, apps and gadgets that have shiny LED lighting always do well on the home user engagement front in my experience."

Post has attachment
By me @ IT Pro: Social engineering: the biggest security risk to your business

Post has attachment
By me @ +SC Media: This paints a rather sad picture of an industry that hasn't learned lessons. But is that portrait a fair representation of the web application development business? Is it really a case of developers refusing to smell the insecurity coffee, or is there something more complicated at work here? Ilia Kolochenko, CEO at High-Tech Bridge, told SC Media that this can probably be explained by "high customisation of web applications." With start-ups creating their own web-based apps or implementing some level of customisation as a rule, he has a point. "At the same time" Kolochenko continues "they try to save money and consequently hire inexperienced developers." This leads to a toxic cocktail of new code and unaware or careless developers unavoidably leads to numerous vulnerabilities.

Post has attachment
"Uber may be the latest in a long line of big names to hit the headlines in the wake of serious data breaches, however, it is the handling of the attack that is the biggest cause for concern. The lengths gone to by the executive team to conceal the loss of personal data from staff and customers is mind-blowing, and there simply isn’t a place or excuse for it." Dan Panesar – VP EMEA at Certes Networks

Post has attachment
By me @ +SC Media: Attack of the killer cyber-bees? +Fortinet predicts hivenets will replace botnets in 2018.

Post has attachment
By me @ +IT Security Thing Ltd: "If people assume that they need to worry more about phishing threats than anything else, does this mean they don’t have to bother about the rest? Erm, nope. Will people who never thought about phishing threats before, all of a sudden become expert at spotting social engineering scams? Ditto."

Post has attachment

Post has attachment
By me @ +SC Media: Is the ability to effectively bypass monitoring middleboxes is a good thing, both for the enterprise and more broadly network security?

Post has attachment
By me @ +DaniWeb LLC: First look at the world's smallest 4G smartphone, the Jelly Pro. I can say one thing for sure, it is small. Very small indeed. But is that a big problem when it comes to real world usability?
Wait while more posts are being loaded