One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 1497044 |
| Date de publication | 2020-01-04 09:16:03 (vue: 2020-01-06 21:00:27) |
| Titre | NBlog Jan 4 - malware awareness update 2020 |
| Texte |  Our security awareness topic for February will be malware, malicious software - viruses, Trojans, worms, crytpminers, APTs, ransomware, spyware and Tupperware. Well OK, maybe not all of them: viruses are vanishingly rare these days.An increasingly important part of the malware problem is the wetware: we humans evidently find it hard to sense and react appropriately to the dangers presented by infected messages, web pages and apps. Addressing that is a key objective of the awareness module, and quite a challenge it is given that the bad guys are forever coming up with new ways to conceal their intentions or trick us into doing something inappropriate. Digging a little deeper, I feel we also need to explain why we can't rely on antivirus software etc. to save the day because the baddies are also finding novel ways to evade the technological controls, despite the best efforts of the good guys in IT.One screamingly-obvious lesson from the rash of ransomware incidents is that we need to anticipate malware infections when the preventive controls fail, which means strengthening the security protecting our business-critical systems and being ready to recover IT services and data efficiently following incidents. Another less-obvious lesson from incidents such as cryptominers, spyware, Vendor Email Compromises and Advanced Persistent Threats is that detecting infections in progress is harder than it appears ... and, again, it makes sense not to over-depend on detection. Taking that to its logical conclusion, what could/should we do if we presume the organization is currently infected by some sneaky malware? I'm talking about the malware element of counter-espionage, for example deliberately seeding false information, or creating situations designed to reveal 'moles in the camp'.There we are then: malware issues to discuss with general employees, tech/specialists and management, respectively. Now all I need to do is prepare the content for those three streams and Bob's yer uncle! |
| Envoyé | Oui |
| Condensat | digging taking vendor well 2020 about addressing again all also and advanced another anticipate antivirus appears appropriately apps apts are awareness bad baddies because being best bob business camp can challenge coming compromises conceal conclusion content controls could/should counter creating critical cryptominers crytpminers currently dangers data day days deeper deliberately depend designed despite detecting detection discuss doing efficiently efforts element email employees espionage etc evade evidently example explain fail false february feel find finding following forever from general given good guys hard harder humans important inappropriate incidents increasingly infected infections information intentions issues its jan key less lesson little logical makes malicious malware management maybe means messages module moles nblog need new not novel now objective obvious one organization over pages part persistent prepare presented presume preventive problem progress protecting quite ransomware rare rash react ready recover rely respectively reveal save screamingly security seeding sense services situations sneaky software some something spyware streams strengthening such systems talking tech/specialists technological than them: then: these those threats three topic trick trojans tupperware uncle update vanishingly viruses ways web wetware: what when which why will worms yer |
| Tags | Ransomware Malware |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.