• img May 01, 2017

When Is Apple.com Not Apple.com? Faked Punycode Domains Running Rampant

We have seen a significant uptick in phishing attacks using “Punycode” to exploit a basic vulnerability in web browsers, with phishers able to have the address bar represent what (to the naked, Roman alphabet-reading eye) appear to be correct domains for prominent websites like icloud.com, gmail.com, apple.com, and hotmail.com – but they’re not! The vulnerability […]

Read More
  • img April 28, 2017

SWIFT Attacks are Evolving – Is Your Segmentation Strategy?

Not too long ago, very few people had heard of the Society for Worldwide Interbank Financial Telecommunication or SWIFT. The organization’s standardized message format has been adopted as the global standard for interbank financial transfers, and the associated software and messaging network drives the majority of international banking transfers today, in excess of five billion […]

Read More
  • img April 26, 2017

We Can’t Control Devices and People, but We Can Control the Network

For decades, consultants and federal systems integrators have served as a bridge between Silicon Valley and the U.S. Federal Government, offering a variety of products with a “mission-first” approach that directly addresses public sector needs. To learn more, I recently met with BAI Senior Director of Operations Ryan Morris to ask about current trends he […]

Read More
  • img April 14, 2017

Smart Cities Must Be Secure Cities

If you’ve never heard the term “smart city” before, you are soon going to be hearing it a lot. Smart city technology uses data sensors and analytics, the IoT, information and communication technology to improve the efficiency of city services and the quality of our lives. Smart cities monitor and manage physical assets, infrastructure, connectivity, […]

Read More
  • img April 13, 2017

Is Fileless Malware Really Fileless?

Reports of fileless malware infecting companies around the world have hit a new high, most recently attributed to a single group, FIN7. Besides residing in memory in order to remain nearly invisible, another aspect of fileless malware is the usage of widely deployed tools which systems administrators rely on, such as PowerShell. I wrote back […]

Read More