As the phish, we all need to recognize the baited hook
Phishing scams aren’t going away, and the scammers are in fact getting more sophisticated. That means users have to be more cautious than ever.
By J.F. Rice | 18 May | Read more
Stories by By J.F. Rice
When Locky strikes
A friend’s company is hit with aggressive ransomware and calls our manager for advice.
By J.F. Rice | 20 Apr | Read more
Surprise! You have mystery PCs
Vulnerability scans uncover on the network unpatched, unprotected PCs that IT never even heard about.
By J.F. Rice | 15 Mar | Read more
The battle of the reboot
Patching has become routine, but patches don’t take without a reboot. That’s a problem when business units insist on zero downtime.
By J.F. Rice | 23 Feb | Read more
A ray of hope in the fight against malvertising
A new service offers to keep all your Web browsing on its servers. It could be the answer, despite the risks of contracting with a startup.
By J.F. Rice | 20 Jan | Read more
As pre-IE11 support ends, scrambling for workarounds
For our security manager, the two big issues are the browsers his users employ, and the versions supported by the corporate website.
By J.F. Rice | 16 Dec | Read more
The sharks of the Internet
That’s what hackers are — they should be feared, but our fears are completely out of proportion.
By J.F. Rice | 04 Sep | Read more
Milling with the hackers at Black Hat and Def Con
Attending both for the first time was a chance to compare and contrast.
By J.F. Rice | 19 Aug | Read more
Assessing the value of cyber-insurance
I've ventured into new territory lately: cyber-insurance. Here's why.
By J.F. Rice | 15 Jul | Read more
Network analysis is like turning over rocks
I just found out my company's employees have been finding ways to get around my Web filtering. And that came as a surprise, because I use a best-in-class product that employs a database to categorize and block website URLs, which I thought I could rely on. But as I found out, that product is not perfect.
By J.F. Rice | 20 Jun | Read more
Data held hostage; backups to the rescue
Last year, <a href="http://www.computerworld.com/article/2487348/security0/security-manager-s-journal--target-breach-unleashes-fresh-scams.html">I wrote about a ransomware infection</a> that encrypted the hard drive of one of my company's employees. In that situation, a live, in-person scammer called the employee, claiming to be from "technical support," and tricked the employee into visiting a website that infected his computer. As with <a href="http://www.computerworld.com/article/2493263/security0/security-manager-s-journal--new-ransomware-attack-hurts-trustworthiness-of-web.html">a similar situation I wrote about in 2012</a>, the infection came from an advertisement on the front page of a major news service's website. The website runs rotating ads, one of which was compromised and hit the victim with a drive-by malware infection (without any intervention by or even the knowledge of the victim). I thought that because the infection was on the victim's personal computer, not on my company's network, we were pretty safe. I thought that if it had been on my network, the attempt probably would have failed, or would at least have been detected right away.
By J.F. Rice | 19 May | Read more
Discovering a blind eye to vulnerabilities
Last week, I was horrified to discover a problem with my <a href="http://www.computerworld.com/article/2569669/security0/two-sides-of-vulnerability-scanning.html">vulnerability scanner</a>. The product I use relies on a user account to connect to our Microsoft Windows servers and workstations to check them for vulnerable versions of software, and that user account had never been configured properly. As a result, the scanner has been blind to a lot of vulnerabilities. And this has been going on for a long time.
By J.F. Rice | 13 Apr | Read more
Information overload, SIEM version
It's been over a year since <a href="http://www.computerworld.com/article/2486501/security0/security-manager-s-journal--giving-thanks-for-siem.html">I last wrote about my security information and event management (SIEM) platform</a> -- and a lot has happened since then. Back then, I wrote, "Now that my SIEM has been in operation for several months, I've become completely dependent on it, not only for security monitoring, but also for overall awareness of my network."
By J.F. Rice | 05 Mar | Read more
Security Manager's Journal: Breaches are everywhere
Follow me, if you will, on a journey back in time to just one year ago. As 2013 turned into 2014, the information security industry was buzzing about the latest spate of breaches. Target had ushered in a new era of retail security breaches, with 40 million card numbers lost to the hackers. Little did we know at the time that this was just the beginning, and small potatoes in comparison to what was to come. One year ago, Neiman Marcus and Michaels had joined Target, and <a href="http://www.computerworld.com/article/2487265/security0/security-manager-s-journal--cyberattacks-just-got-personal.html">I wrote in response to the growing number of breach disclosures</a> that "in fact, I have to wonder which retailers have <em>not</em> suffered breaches. The word on the street is that at least a half-dozen other retailers were compromised in the past few months, without publicity." Sadly, this turned out to be true. I hate being right all the time.
By J.F. Rice | 12 Feb | Read more
Sony and Chase: Don't blame the CISO
Over the last couple of weeks, I have read numerous news stories about the widely publicized security breaches at <a href="http://www.computerworld.com/article/2860745/it-security-in-2015-were-now-at-war.html">Sony</a> and <a href="http://www.computerworld.com/article/2691246/jpmorgan-chase-says-breach-affected-83m-customers.html">JPMorgan Chase</a>. It seems as if everybody is a Monday-morning quarterback, with every other reporter voicing an opinion on how these breaches should have been prevented. In particular, I read two articles that specifically blamed the information security organizations at those companies for failing to properly stop the attackers. That's not fair.
By J.F. Rice | 08 Jan | Read more