Mole Ransomware: How One Malicious Spam Campaign Quickly Increased Complexity and Changed Tactics

Mole Ransomware: How One Malicious Spam Campaign Quickly Increased Complexity and Changed Tactics

On April 11th 2017, we saw a new malicious spam campaign using United States Postal Service (USPS)-themed emails with links that redirected to fake Microsoft Word online sites. These fake Word sites asked victims to install malware disguised as a Microsoft Office plugin. This campaign introduced a new ransomware called Mole, because names for any [...]

Endpoint Protection for SCADA and ICS Environments? Traps Has Your Back

Endpoint Protection for SCADA and ICS Environments? Traps Has Your Back

Information technology (IT) administrators have been quick to adopt new security solutions, but operational technology (OT) administrators are forced to proceed cautiously, in order to prevent compromising process performance or unwanted downtime. These concerns can result in deliberately leaving software unpatched, antivirus (AV) signatures outdated, technologies disjointed, or security solutions left out entirely. Even organizations [...]

As CISOs’ Roles Evolve, So Do the Reporting Lines

As CISOs’ Roles Evolve, So Do the Reporting Lines

Author’s note: This post was inspired by the discussions among CISOs attending ISACA’s 2016 CISO Forums, plus additional readings and personal experience. The opinions are my own. For more insights from the CISO Forums, read ISACA’s CISO Board Briefing 2017. A study by K logix Research titled "CISO Trends" found that "53% of CISOs state [...]