2016: The Year of Ransomware

By: Katelyn Bailey

Since the beginning of 2015, ransomware infections have been on an upward climb, with no foreseeable slowdown. March, April, and May each broke the record set by the previous month for the highest number of ransomware notifications ever issued by the MS-ISAC, based on our state, local, tribal, and territorial (SLTT) government monitoring. We attribute this continued growth in 2016 to the new-found popularity of ransomware as a money-making enterprise and the strength of the distribution campaigns, as well as ever diversifying tactics, techniques, and procedures (TTPs) by cyber threat actors.

This entry was posted in Threats & Vulnerabilities, ransomware on June 30, 2016 by Kimberly K

5 Takeaways from the 19th New York State Cyber Security Conference

By: Erin Dayton

1. “When, Not If”

If you've attended your fair share of cyber security conferences in the past, it's almost guaranteed that you've heard the long standing joke “You don’t have to out run the bear, you just have to out run your brother.” Although this joke is still prevalent and ensures a good chuckle from the audience, it's becoming less applicable as the forest has become home to more than just one bear.

The “when, not if” timeframe suggests that organizations can no longer rely on planning based on “if” they will be compromised or breached, but “when". Organizations should operate on the belief that the bad guys are already in their system, and should devote efforts towards identifying how to find attackers and knowing what to do once they've been located. Cyber security efforts should strive toward an advanced model which includes education, prevention, protection, mitigation, response, and recovery. This holistic approach to security provides a potential safety net when facing the perfect storm of the vulnerable technological ecosystem (mobile devices, social media, Internet of Things, etc).

This entry was posted in Conference Takeaways, Cyber security on June 27, 2016 by Kimberly K

Reusing Passwords on Multiple Sites

Two high profile breaches have resurfaced in the media again along with a newly announced breach. LinkedIn was breached in 2012, Tumblr in 2013 and most recently MySpace in June 2016.  If you had accounts at any of these sites, you may have been advised to change your password, and as a good cyber citizen, you probably logged on and made the obligatory password change.  But did you think through the consequences?

This entry was posted in Uncategorized, passwords, password security on June 15, 2016 by Kimberly K

CIS Community Newsletter – June 2016

1. CIS Oracle Linux 6 v1.0.0 Benchmark Released

The benchmark provides prescriptive guidance for establishing a secure configuration posture for Oracle Linux 6 systems running on x86 and x64 platforms. The document was tested against Oracle Linux 6.7.

This entry was posted in Benchmarks Community Updates on June 14, 2016 by Kimberly K

Champion License: What You Need To Know About The Update

The Center for Internet Security is pleased to announce a restructuring of the Champion License to better accommodate widespread adoption of the Critical Security Controls. As an organization driven by strong relationships with our members and volunteers, we take the feedback from our community seriously. As always, the CIS Critical Controls are free for organizations using the resources to enhance their own cybersecurity posture. The Champion License is aimed at entities who are utilizing the Controls as part of a commercial service or product offering.

This entry was posted in Critical Security Controls on June 09, 2016 by Kimberly K

End-of-Support Software Report List: 5/1/2016 to 12/31/2016

By: Ryan Overall

The importance of updating software before its End-of-Life (EOL) and End-of-Support (EOS) is something that should not be taken lightly or ignored. EOL occurs when the software is retired, although the vendor/manufacture can (and generally does) continue to support the software until the EOS date. EOS occurs when software updates, patches, and other forms of support are no longer offered, resulting in software becoming prone to future security vulnerabilities. Vendors and manufacturers often use these terms interchangeably, although different vendors and manufacturers may have slightly different definitions for EOL and EOS. For this reason, it is important to check with the individual vendor/manufacturer.

This entry was posted in End-of-Support / End-of-Life Report on June 03, 2016 by Chad R