Smashing Security #012: Eau de Eugene Kaspersky PODCAST

Smashing Security #012: Eau de Eugene Kaspersky

Androids pre-installed with malware - can the supply chain be trusted? Will WikiLeaks help vendors get zero-days fixed? And what on earth has the Kaspersky marketing department dreamt up this time?

All this and more is discussed in the latest podcast by computer security veterans Graham Cluley, Carole Theriault and special guest Nick FitzGerald. Give it a listen.

Read more...
US charges Russian FSB officials in connection with massive Yahoo security breach

US charges Russian FSB officials in connection with massive Yahoo security breach

The United States has charged four men, including two officials of Russia’s FSB intelligence agency, in connection with a hacking attack against Yahoo that saw the details of 500 million users stolen and the use of forged cookies to break into accounts.

Read more in my article on the We Live Security blog.

Read more...
Realistic crisis simulations are the backbone of cyber preparedness - ENISA plays a role in EU cyber preparedness SPONSOR

Realistic crisis simulations are the backbone of cyber preparedness - ENISA plays a role in EU cyber preparedness

Many thanks to the great folks at ENISA, who have sponsored my writing for the last week.

Regular readers of this blog will be more than familiar with the myriad of cyber threat and vulnerabilities which internet users are unknowingly faced with on a daily basis. But recently, the topic of cybersecurity has been dominating the headlines of more than just tech-focused outlets. From concerns about the targeting of critical infrastructure, to increasingly-substantiated accusations around nation-state hacking of electoral systems, cybersecurity is no longer a niche topic, but a matter for far wider public concern.

With this in mind, it is essential that Europe be as prepared as possible to mitigate ever-evolving cyber threats. They say there’s no substitute for experience – but that doesn’t mean learning on the job. Instead of waiting for the next cyber crisis to strike just so we can learn lessons, we prefer another motto: practice makes perfect.

Realistic crisis simulations are the backbone of cyber preparedness efforts. With just enough unknown variables to keep participants on their toes, without actually jeopardising their operations, a cyber exercise allows security experts to test their capacity for problem-solving, troubleshooting and crisis management in a realistic timeframe but a non-hostile environment.

We need the practice. Europe’s economic welfare is increasingly rooted in its provision and exploitation of digital services. This provides massive opportunities for growth, job creation and social prosperity. But it also makes us a prime target for cyber criminals looking to perform industrial reconnaissance, tamper with customer data, manipulate stock markets, or even sabotage critical infrastructures.

At the EU Agency for Network and Information Security (ENISA), we want as many people as possible to get this practice in. That’s why, every two years, we organise the EU’s largest and most comprehensive cybersecurity exercise, Cyber Europe.

(more…)

Read more...