What is Ransomware

Ransomware is a cyberattack (a virus) that is used to extort money. Originally, criminals used ransomware to extract payments from individuals for the recovery of personal information. Today, cyberattackers extort payments from businesses for the recovery of sensitive information. No one is immune to ransomware. Criminals have extorted payments for the recovery of medical or personal data from healthcare providers and have locked guests out of their hotel rooms. Even industrial systems may prove to be vulnerable to ransomware. Early ransomware, called locker ransomware, prevented a victim from accessing a desktop or browser. Cyberattackers quickly evolved to a more sophisticated...
Read more

How Far Will Email Operators Take Blocklisting to Prevent Spam?

Security administrators use firewalls, web proxies, or antispam gateways to block traffic sources that exhibit suspicious or known attack pattern behaviors. Blocking individual IP addresses has been a staple defensive measure for years. Security system administrators have also blocked entire IP network allocations to mitigate attacks and on rare occasions, they have blocked all of the addresses that have been allocated to an ISP. Are enterprise and ISP email operators poised to apply similarly sweeping security measures to protect their organizations against perceived or reported domain name abuse by blocking TLDs to manage spam? Image by Waxy Dan The Roles...
Read more

Spam: The Security Threat You Easily Forget

About this time last year, I spoke at a Cybersecurity conference in Krakow. I was asked during a video interview to identify security threats that I believed were most pressing. (Ignore the suit...) Yes, I said spam. Not DDoS? Not ransomware? Not breach of personal data? Not IoT? Are you daft, Dave? No. My thinking has not changed a full year later. Spam is a criminal infrastructure enabler Spam may have been merely annoying, unsolicited messages in your inbox at one time, but that was a millennia ago. The average spam volume reported to the Cisco Talos Email and Web...
Read more

Access Controls, User Permissions and Privileges

In my last post, What is Authorization and Access Control, I explained that we use authentication to verify identity – to prove you are whom you claim to be – and also to enable an authorization policy, i.e., to define what your identity is allowed to "see and do". We then implement these authorization policies using security measures to grant or deny access to resources we want to control or protect. The measures we use to implement authorization policies are called user access controls, but are also known as user permissions or user privileges. User access control is commonly used...
Read more