Adylkuzz: WannaCry’s older more devious cousin

Think you got off scot-free in regards to this whole WannaCry business? Well, it turns out that you might be immune to infection by WannaCry because you’ve already been infected by Monero cryptocoin mining Adylkuzz. #irony

Last week the WannaCry ransomware attack made headlines around the world as it spread rapidly at an unprecedented and almost mindboggling pace, infecting thousands of computers worldwide. But the next wave of attacks using the same tactics and techniques is already underway. In fact, it’s been active for weeks now. And it’s quietly getting bigger too.

Continue reading…

WannaCry: Whodunit?

That’s the err… $61,614.02 question!

The worldwide WannaCry ransomware attack has been making the news since Friday afternoon when it began to run ramped at hospitals in the UK, causing manufacturing plant shut downs across Europe propagating and encrypting everything it could get it’s hands on from ATM’s to marketing display panels.

Continue reading…

WannaCry: Just another manic Monday?

On Friday afternoon, the UK’s National Health System (NHS) began reporting infections of a new ransomware strain known as WannaCry. Throughout Friday and into Saturday morning, it spread like wildfire across the world, infecting computers in over 150 countries. In the news was account after account of PCs, Smart TVs, ATMs, and arrival and departure displays getting hit as WannaCry sought to find and infect everything it would get its hands on.

And then . . . it seemed to just . . . well . . . stop.

Continue reading on the Gigamon Blog…

WannaCry: What we know so far…

An unprecedented cyber-attack by a ransomware variant known as WannaCry, which encrypts a computer’s files and then demands payment to unlock them, has propagated at a speed never before seen by cybersecurity researchers and is impacting targets worldwide. So far it has taken a major toll on operational services at targets including Telefonica in Spain, the National Health Service in the UK, and FedEx in the US with European countries, including Russia, being among the worst hit.

Continue reading…

How to introduce cyber security risk management to the business

 

If you haven’t already, then at some point you’ll need to have “the talk” with the business.

Introducing cyber security risk management to non-technical executives can be difficult, awkward and excruciatingly tiring. Unfortunately… the number one and arguably most important thing missing from most corporate cyber security risk management programs is senior leadership’s approval.

Continue reading…

Stop Doing Five Things and Convince Your Execs and Board to Properly Fund Cybersecurity

My first post on Infosec Island is live today and more importantly, I’m one more step closer to my bucket list dream of being published in Wired ! In it, I cover my thoughts on what cyber security professionals are doing wrong when the communicate to senior leadership and the board and what they can do to fix it.

So check out my top 5 boardroom presentation hacks and find out how I somehow managed to make fun of stock clipart and work in references to War Games, The Matrix, Sneakers, Sword Fish, Hackers, and The Net!

Continue reading on Infosec Island…

Who Owns Cyber Security Risk Management?

In light of the countless cyber incidents reported daily—including high-profile database breaches that have impacted millions of patients—the question of risk responsibility is more front and center than ever before. To date, there’s remained a troubling tendency to view cyber security as fundamentally different and separate from other organizational risks. Or, it’s simply viewed as an “IT problem” best left handled by those with the requisite experience and operational subject matter expertise.

Continue reading…

HIMSS Privacy and Security Forum Boston – Top Themes and Conference Recap

In healthcare, there can often be a disconnect between IT and executive leadership when it comes to prioritization of cybersecurity risk management. Finding ways to bridge this gap has been a prevailing theme at both this week’s HIMSS 2017 Conference and Exhibition and last quarter’s HIMSS Privacy and Security Forum.

Continue reading…