Realizing the potential of exploit toolkits

Anti-virus companies have identified a new trend: Criminals are increasingly using open source software instead of developing or purchasing their own malware. Kaspersky Lab recently revealed several cyber espionage campaigns, which operate according to this model. Such free tools that were originally designed for security testing contain many tools that criminal hackers can also use for their own purposes. Even more conveniently for hackers, these tools are also developed and maintained by the open source community for free.

Vulnerability scan for Industry 4.0 with LARS

Not a day goes by without Industry 4.0 being touted as the future of the manufacturing industry. And it’s true, the digitization of production environments is already gaining traction, in some sectors more than others. And with all these developments, everyone is concerned with the security of the brave new interconnected world. Now standard hardware and software are in control of motors, switches and pumps, the security risks must be kept in mind by automation engineers. This requires a methodological approach, which is best adapted and linked to a central ISMS policy.

Trouble in store? Don’t forget VPN

For a couple of years now security breaches in the retail sector have seldom been out of the headlines. Breaches at large retail chains like Target, Neiman Marcus and The Home Depot in 2014 were followed in 2015 by Dungarees, Starbucks, CVS, Toys R Us and Wallmart Canada. Some of the latter stores were much smaller illustrating that when it comes to attacks a retailer’s size is not important. According to the annual Global Threat Intelligence Report, retail now makes up 22 per cent of all response engagements, up from 12 per cent the previous year. This is also reflected in the latest report from BDO which lists a possible security breach in joint top spot with “general economic conditions” as the biggest security risk to the retail sector.

Threats at Public Hotspots

Germany is reported to be increasingly left behind in terms of digitization in public spaces. The reason: There are just not enough hotspots available. A political decision has now been taken to abolish any “disturber“ liability (“Störerhaftung” under German law). This means, the door has been closed for any business models based on cease and desist letters. This will pave the way for more free hotspots in cafés, at airports, train stations and hotels.

Many professionals frequently use free Internet access in remote locations, especially when they travel, making them easy targets for hackers. And while most encrypt their private Wi-Fi to ensure data protection and IT security related to corporate network access, they seldom take the same precautions when surfing the Internet or checking email from public hotspots.

Big data, big security questions

Half of enterprises today store sensitive information within big data environments (up from 31 percent in 2015). Influential agencies like ENISA warn there are considerable cyber risks from using big data tools. There is concern, for example, that such developments are a possible point of compromise and there are calls for increased vigilance and compliance.