//
archives

IT & TECHNOLOGY

This category contains 1337 posts

The Curious Case of Notepad and Chthonic: Exposing a Malicious Infrastructure


Recently, I’ve been investigating malware utilizing PowerShell and have spent a considerable amount of time refining ways to identify new variants of attacks as they appear. This posting is a follow-up of my previous work on this subject in  “Pulling Back the Curtains on EncodedCommand PowerShell Attacks”. In a sample I recently analyzed, something stood … Continue reading

Physical and Logical Security: Joining Forces to Manage your Enterprise Security Risk


Just a decade ago, as security professionals, we could talk reasonably about physical security and logical security requiring different approaches. Five years ago, we might have found ourselves having conversations about the blurring lines between the two types of security discipline, and could have easily pointed to aspects of both physical and logical security that … Continue reading

IoT Cybersecurity Act of 2017: A Necessary But Insufficient Approach


The Mirai botnet attack on the DYN network in October 2016 highlighted to many policymakers the potential problems associated with IoT devices. The compromise and concerted use of thousands of webcams and DVRs to disrupt key Internet services focused attention on the poor implementation of security controls on millions of devices newly connected to the … Continue reading

What Does the Future of Financial Cyber Security Look Like?


Today, we trust banks and other financial institutions to safely handle our money and the bulk of our monetary transactions. Successful breaches are somewhat rare thanks to technologies like multi-factor authentication and heavy investment in cyber security, but hackers are always improving their techniques, and tech is always changing. This leads to an ongoing cycle of improvement … Continue reading

Will Blockchain Disrupt the Lives of Governance and Assurance Professionals?


  The blockchain’s distributed ledger paradigm is serving as the supporting foundation to some forms of digital transformation, including the utilization of cryptographic virtual currencies (VCs) such as Bitcoin. These virtual currencies are actively utilized around the globe, both within and outside the circuits of formal economies of countries, with important financial implications including increased … Continue reading

The Cybersecurity Canon: The Seventh Sense: Power, Fortune, and Survival in the Age of Networks


We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite.  The Cybersecurity Canon … Continue reading

Increased Cyber Awareness Must Lead to Equivalent Action


Recent and widely publicized cyber attacks must be the impetus for a renewed and more concerted and coordinated global commitment to strengthen cyber security capabilities. In May, the WannaCry ransomware attacks struck, underscoring the potentially disastrous consequences for health care facilities and their patients when medical records and medical devices are compromised. June brought yet … Continue reading

Security Headlines: Hacking ATMs, HBO and more


ATMs, HBO, democracy … what can’t be hacked? Here are the top security headlines for the week of July 31, 2017: IOActive hacked at ATM at Black Hat. I guess drinks are on them? Espionage was just a red herring. Apparently hackers in North Korea are looking for cash, not secrets. DefCon attendees shredded voting machines – … Continue reading

Five Questions With Jigsaw CEO and CSX North America Keynoter Jared Cohen


Editor’s note: Jared Cohen, CEO of Jigsaw (the successor of Google Ideas), will deliver the opening keynote address at CSX North America 2017, which will take place 2-4 October in Washington D.C. Cohen, co-author of the New York Times best-selling book “The New Digital Age,” recently visited with ISACA Now about the cyber security skills gap, advancements … Continue reading

Is the Cloud Moving Too Fast for Security?


In February 2017, a vulnerability in Slack was discovered which had the potential to expose the data of the company’s reported four million daily active users. Another breach in February on CloudFlare, a content delivery network, leaked sensitive customer data stored by millions of websites powered by the company. On March 7, the Wikileaks CIA … Continue reading

Web Stats

  • 116,973 hits
@PhilipHungCao

@PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,132 other followers

Twitter Updates

Archives

August 2017
M T W T F S S
« Jul    
 123456
78910111213
14151617181920
21222324252627
28293031