Egyptian-Chariot

99.99% Report Brakes Slowing Down Their Car

(.01% were moving too quickly to comment.) “The whole point of a car is so I can get where I’m going quickly. I just can’t understand why they put the brake pedal right next to the accelerator. And the brakes are merciless now. Whenever I step on them I stop almost immediately. What were they…

ipswich logo

Ipswich Hospital Chooses DatAnywhere

Ipswich Hospital NHS Trust is a busy district general hospital in Suffolk, England. Its 3,500 employees serve the medical needs for a community of over 350,000 people. The Ipswich IT Team was recently faced with an information security challenge. How do you share sensitive, internal documents from the hospital file system with third-party organizations (insurance,…

new-york-world_s-fair-1964-1

Privacy Predictions 2025!

After posting our IT predictions for next year, we decided to assign ourselves an even more challenging task. Using recent headlines from the tech press as a baseline, we tried to extrapolate ahead to the year 2025. Where might today’s stories about technology and privacy lead to in ten years if we don’t change how…

Are We Smarter than a Turkey?

One of my favorite parts of Nassim Taleb’s The Black Swan, a book about how highly improbable and unpredictable events can have massive impact, was the story about the turkey. The idea was that if you were a turkey you might believe that your masters are nice benign folks that mean you no harm because…

Varonis Perspective on the Sony Breach

While we have few details on the Sony Pictures attack itself, this very public breach (or pwning in hacker slang) has shown the extent of the actual exposure—it is massive. The always informative Krebs knows, at this point at least, as much as the rest of us—possible North Korean connection and perhaps the use of destructive erase-all malware….

800px-Ancient_warded_lock_key_transparent

Crypto’s Fatal Flaw: Stealing the Master Key

At the beginning of the year, Cindy and I attended a crypto workshop held at a local college in NYC. We heard experts talk about a fact of life well known in the security world, less so in the IT space: crypto is not very healthy. The prime culprits are a slew of advanced persistent…

Are You Smarter Than a Hacker? [CONTEST]

They’ve broken into the largest retailers, key government agencies, and major social media companies, stealing tens of millions of credit card numbers, email addresses, and sensitive data. They’re experts at cracking codes, penetrating firewalls, and placing stealthy malware on our most guarded servers. Can the hackers be stopped? Maybe, but it helps if you can…

ebook-credential

New Varonis eBook Helps You Hacker-Proof Passwords and Other Credentials

Are you really who you claim to be? That’s the key question that authentication tries to solve. NTLM, Kerberos, one-way hashing, challenge-response protocols, and two-factor authentication are just some of the technologies that have been developed to prove user identities and foil intruders. In recent years though, hackers have become far cleverer about getting around…

SL-Access_card

PoS Malware Mitigation Advice from the Pros

There’s still much we don’t know about the attacks that targeted retailers’ PoS systems over the last year. We do know for certain that Backoff, BlackPos, and its variants were used as the RAM scraping software, and the hackers had considerable time to remove or exfiltrate the data. But there are still questions about how…

dhs - backoff

Driving a Stake through Backoff and other PoS Malware

Despite a US CERT warning and several well-publicized hacking incidents over the summer, Backoff malware continues to add new corporate victims. Krebs has been on the case and has more details on the most recent attacks against two well-known brands. The government warning pointed out that anti-virus vendors may not have the latest signatures for…