From CSO Online: HBO hackers threaten to leak final episode of Game of Thrones Season 7

The attackers responsible for hacking HBO warned that they are about to leak this year’s final episode of Game of Thrones. You may have to dodge and weave as you navigate the web if you don’t want to know what happens in the final episode. (No worries; no spoilers here.)

The hacking group behind the big HBO hack claim to have Game of Thrones Season 7 Episode 7, which is the final episode for GoT in 2017. They told Mashable, “Be ready for GOT S& E6 &E7 as soon as possible.�

In addition, the “Mr. Smith group� told Mashable that it has the login credentials to access “many HBO platforms already.� The publication said the hackers sent them the credentials which seem to be “for almost every single HBO social media account. Passwords for everything from @HBO, @GameOfThrones, and @WestworldHBO to various Instagram and Giphy accounts were in a text document provided to us.�

To read this article in full or to leave a comment, please click here

Read more

From CSO Online: BrandPost: Complying with Country-Access Restrictions Using IP Intelligence

Most people know about autocratic countries that block the ability of their citizens to see independent news reports or other online content deemed inappropriate or “subversive.� Sometimes, however, it’s organizations in the U.S. and elsewhere that need to restrict the ability of users in certain countries from accessing websites and downloading software or other material. The U.S. and other governments place some countries on embargoed lists, and companies that break those embargos can face significant fines and even criminal charges.

In the U.S., for example, the Treasury Department’s Office of Foreign Asset Control administers the economic sanctions that are in effect against various countries at any given time. Currently the U.S. has sanctions programs affecting more than 25 countries, with some of the programs implementing comprehensive business bans and other programs involving more selective restrictions.

To read this article in full or to leave a comment, please click here

Read more

From CSO Online: BrandPost: Building a Threat Defense Machine in the Cloud

If keeping your organization safe from cyber threats has become a dysfunctional mess, you’re not alone. Despite hundreds of security products on the market today that claim they can help make security teams more efficient, analysts are still under tremendous pressure to work harder and faster to keep up.

Too many interfaces, too many alerts, and way too little help – that’s the unfortunate situation many security teams face. The situation is further exacerbated by enterprise migrations to the Cloud that are hampered by ineffective legacy security products. These products have enough trouble providing visibility and threat detections in on-premises networks, but in hybrid environments they become even more challenged

To read this article in full or to leave a comment, please click here

Read more

From CSO Online: Xerox CISO: How business should prepare for the future security threat landscape

The pace of change for the security threat landscape is accelerating. To cope with the change and ensure success against adversaries, Xerox Chief Information Security Officer (CISO) Dr. Alissa Johnson believes the security community needs to rethink the way it anticipates and responds to threats. It also needs to be more open and effective in the way it shares information.

Johnson’s background has given her a unique perspective on the security landscape from the perspective of both private industry and the public sector. An NSA-certified cryptologic engineer, she spent three years with the Obama administration as deputy CIO where she was resonsible for White House technology and some of the technology at Camp David and in Air Force One. Johnson has also worked at Lockheed Martin as a deputy CTO and at Northrop Grumman as a senior network security engineer.

To read this article in full or to leave a comment, please click here

Read more

From CSO Online: Mobile device security for the road warrior

Employees who use their smartphones and other mobile devices while traveling face greater risk that their devices will be compromised, posing a threat to corporate systems. Travelers can minimize the risk by taking a few simple and inexpensive precautions.

CSO Senior Writers Steve Ragan and Fahmida Rashid outline how they prepared for their recent trip to the Black Hat event in Las Vegas. Black Hat is one of the biggest hacker conventions and notorious for having attendees’ phones breached. If you can survive Black Hat without your mobile device compromised, you can trust it to be reasonably secure anywhere. Here’s how Ragan and Rashid stayed safe at Black Hat.

To read this article in full or to leave a comment, please click here

Read more

From CSO Online: BrandPost: 3 Access Blind Spots That Can Put You at Risk

With more applications moving to the cloud and more users on the move, it’s becoming increasingly hard to see where inappropriate access may be a threat to your organization. If you want to keep from being blindsided, you need to know what to look for.

3 Access Blind Spots: You Can’t Manage What You Can’t See

1.       The disrupted perimeter: Cloud, mobile and IoT are opening up so many new points of access to resources, the network perimeter you’ve come to rely on to keep threats out no longer provides an effective defense.

2.       Islands of identity: All those SaaS apps your users depend on daily are islands of identity information unto themselves. Without clear visibility across them, trying to manage access is like driving blind.

To read this article in full or to leave a comment, please click here

Read more

From CSO Online: What is an Enterprise-class Cybersecurity Vendor?

On Monday of this week, I posted a blog about enterprise-class cybersecurity vendors.  Which vendors are considered enterprise-class?  According to recent ESG research, Cisco, IBM, Symantec, and McAfee top the list. 

This blog addressed the “who� question but not the “what.�  In other words, just what is an enterprise-class cybersecurity vendor anyway?  As part of its research survey, ESG asked 176 cybersecurity and IT professionals to identify the most important characteristics of an enterprise-class cybersecurity vendor.  The data reveals that:

To read this article in full or to leave a comment, please click here

Read more

From CSO Online: What is an enterprise-class cybersecurity vendor?

Earlier this week, I wrote a post about enterprise-class cybersecurity vendors. Which vendors are considered enterprise-class? According to recent ESG research, Cisco, IBM, Symantec and McAfee top the list. 

This blog addressed the “whoâ€� question but not the “what.â€� In other words, just what is an enterprise-class cybersecurity vendor anyway? As part of ESG’s research survey, it asked 176 cybersecurity and IT professionals to identify the most important characteristics of an enterprise-class cybersecurity vendor. The data reveals that:

To read this article in full or to leave a comment, please click here

Read more

From CSO Online: 60% off Logitech G105 Gaming Keyboard – Deal Alert

The G105 gaming keyboard from Logitech features dual-level LED backlighting, fully programmable g-keys for single actions and macros, and anti-ghosting capabilities. Program 3 macros per key — configure up to 18 unique functions per game. Program single keystrokes, complex macros or intricate LUA scripts. Record new macros on the fly while you’re in the game. The G105 Logitech gaming keyboard is built for serious gaming and its typical list price of $59.99 has been reduced 60% to $23.99. See this deal on Amazon.

To read this article in full or to leave a comment, please click here

Read more