Sunday, October 30, 2011

Impact of malware - Scientific American magazine article

Scientific American magazine published an article on the impact of malware and what we can do about it.

Here are some of the comments from the article.

"We don’t actually know how to scan for malware. We can’t stop it, because we can’t find it. We can’t always recognize it even if we are looking right at it."
"Like a thriller character who discovers he doesn’t know whom to trust, cybersecurity experts start running through the options."

This is a very interesting article and if nothing else, it helps spread awareness. I have reported in my blog multiple times how the main stream media is covering the new way of attacks and privacy issues. Now, other types of media started covering these issues as well. The more aware general Internet users about these issues, better prepared they would be.

The article link is below:

http://www.scientificamerican.com/article.cfm?id=a-cybersecurity-nightmare


Wednesday, October 26, 2011

Vulnerable web applications

One of the readers asked about vulnerable web applications pre configured for research and testing purpose. Here is the list I have used in the past:


Saturday, October 8, 2011

Consumer reports - Companies to spend $130 billion on cybersecurity in 2011

A recent new item in Consumer Reports caught my eye.

"U.S. companies will spend more than $130 billion dealing with data breaches this year, according to a study by the cybersecurity research firm the Ponemon Institute."

Over the last few years, there has been a steady increase in cyber attacks and breaches. Organizations have started to admit the fact that they are being attacked on a regular basis. Newspapers carry regular news items that show how vulnerable organizations and individuals are to such attacks.

So, apart from the people who did the bad thing, who else benefits from this?

Obviously, it benefits a whole group of people who helps these companies and individuals do the clean-up work. From the people specializing in the corporate communications, people involved in providing legal advice, people involved in forensic investigations, people involved in fighting these cases in court, and people involved in making sure that such incidents don't happen again.

Now, for folks looking for jobs and looking to enter these fields, it is a great opportunity to master these skills.

Some of the hot skills, companies in US and other parts of the world looking for are:

  • E-Discovery
  • Forensic investigation
  • Incident Response
  • Malware Analysis
  • Incident Monitoring
  • Security Operations