With 2016 coming to a close, The State of Security wanted to give our readers an overview of some of the most interesting, educational, and standout blogs from the year to help fill the time between eating holiday treats and celebrating the New Year. 6 Stages of Network Intrusion and How to Defend Against Them In June, David Bisson wrote up...

As the year approaches the end, it is a time to reflect on 2016 and industrial control systems (ICS) security. Why ICS security? Because securing ICS should be everyone’s concern. Consider the impact on this critical infrastructure and what it means to you. Impact Why? Your entertainment—watching movies on your TV or laptop,...

I am going to put the spoiler warning right here in the first sentence: I am going to be talking about season two of Mr. Robot, and I'm not holding anything back. Read on if you have already watched it. If you haven't watched it, keep reading to see how life imitates art. And if not art, then at least a cable TV show. Those of you here at The State...

Ask any geek and they'll tell you how fun it is to install Linux on a new machine. Whether you're trying out a new distro or installing an upgraded version, there is something cathartic about jumping on the Linux bandwagon and hacking away on a new system. Although Linux by nature is more secure than Windows, there are still steps that need to be...

There are a lot of great benefits to a connected car like the new Toyota Highlander: increased integration, a more comfortable driving experience and personalized controls, just to name a few. However, with increased computing power comes increased risk that hackers could take control of a car remotely, causing it to speed up, turn off, or turn...

Vacuums, refrigerators and thermostats – OH MY! Take a stroll through the homewares section of your favorite store and you are likely to find that nearly all home appliances lighting, and thermostats have a “smart” model or feature. Such is the reality of the Internet of Things (IoT). With two IT professionals in our household, we run it a bit...

IT professionals are instrumental to strengthening an organization's digital security. They must fulfill a variety of duties to work towards that end. One of their most important responsibilities is helping their company detect and respond to data breaches. But there's a problem. Most information security personnel are overconfident in their...

Today’s VERT Alert addresses 12 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-703 on Wednesday, December 14th. Ease of Use (published exploits) to Risk Table Automated Exploit Easy ...

Protecting the company’s servers and online presence is a task that requires a lot of effort. As a result, the reality of securing the online environment is hitting companies hard because hackers and malware constantly find new ways to compromise their online security and privacy. Following a hack or breach, days, months and even years of work could...

When it comes to home security, technology provides us with plenty of solutions for all needs and budgets. The problem is the same technology also provides burglars and perpetrators with the similar means of bypassing your fancy security systems. Long gone are the days when burglars would brutally force their way into your home with a lever. Now...

If you have a Sony network-connected CCTV camera, you may have a security problem. Researchers at SEC Consult uncovered a backdoor in Sony IP cameras that could allow a hacker to remotely execute malicious code, spy on users, brick devices, or recruit them into a DDoS botnet. As the vandal-resistant Sony IPELA Engine IP cameras at the centre of the...

Societies function on the basis of trust, and Internet users are no different. Users need to trust the Internet. They need to trust it to keep their data secure, protected and private, and they need to trust it to reliably give them the content they want to view and share. If governed in an inclusive way, users will continue to place their trust in...

Research on quantum networking is well under way. In April 2012, Gerhard Rempe and other researchers at the Max Planck Institute of Quantum Optics in Germany announced their first working quantum network to the world. Then, just this year, Wolfgang Tittel and his researchers at the University of Calgary transported a light particle's properties...

Women are eagerly needed in information security because we offer unique perspectives and there are so few of us. So far in this series, I interviewed Tiberius Hefflin, Tracy Maleef, Isly, Kat Sweet, and Jess Dodson--five different women from different parts of the English-speaking world and from different areas of IT. For my sixth and final interview...

What happens when service providers issue routers with remotely exploitable flaws? This weekend, we saw a glimpse of what is possible when attackers attempted to load Mirai-based malware on routers through a vulnerability in an exposed remote management protocol. Although the attackers probably failed in their ultimate goal of creating a large...

On the cusp of 2017, one thing's clear: distributed denial-of-service (DDoS) attacks made their mark in 2016. Arbor Networks tracked 124,000 DDoS attacks each week between January 2015 and June 2016. Furthermore, 274 of the attacks observed in the first half of 2016 reached over 100 Gbps (as compared to 223 in all of 2015), while 46 attacks...

Christmas is around the corner, and cyber criminals are as restless as Santa’s dwarves. All big ransomware families are being updated on quite a regular basis, leaving users breathless and file-less. The Cerber ransomware family is an excellent example of a crypto family constantly being renewed. Cerber 5.0.1 is now making its rounds in the wild,...

Facebook has taken the privacy of their customers seriously, as their Chief Security Officer (CSO) Alex Stamos has stated that the company has engaged in black market purchases of leaked or hacked databases that contain Facebook account credentials. A Preface To The Facebook Black Market Trade Facebook has publicly disclosed that it has bought...

Women in information security are a fascinating group of people. I should know, being one myself. But being female in a quickly growing male-dominated industry poses its own challenges. And those of us who pursue security and IT in spite of gender stereotypes have unique strengths and insight. I first interviewed Tiberius Hefflin, a Scottish security...

Women are vital to the information security field, but there are relatively few of us. Speaking to women in our industry gleams insights about how we've ended up in that male dominated field and perhaps how to attract more of us. I first interviewed Tiberius Hefflin, a Scottish security analyst who's working in the United States. Then I spoke to...