Malware Targets the Electric Grid

Sophisticated malware that has proven its ability to interfere with power systems could be coming to an electric grid near you.

Not only is there a lot of malware present in the Industrial Control Systems (ICS) that manage crucial infrastructure. Now, security researchers have identified specific strains that are tightly focused on interfering with electrical grids, and may be usable in many environments. 

Continue Reading

Monitoring – and Securing – Serverless Computing Architectures

Learn more about serverless architectures, and how to secure them with a new whitepaper.

Increasing demand for serverless architectures, such as Amazon Web Services Lambda, poses a new security threat because traditional tools are not equipped to monitor these functions. This article – and a new whitepaper – shows you how you can overcome these vulnerabilities. 

Continue Reading

More Details on the WannaCry Ransomware Attack

Additional details on the WannaCry attack

We recently wrote a technical blog that showed how users could detect the WannaCry malware using Observable’s security service. Here, we take a closer look at some additional details, including what happened, why, and additional suggestions for preventing similar attacks.

Continue Reading

Too Much of a Bad Thing?

Security solutions are generating a volume of alerts that threaten to overwhelm IT and security professionals. We look at an example where “less is more.”

Spurred by the rise in data breaches, IT and security professionals have embraced a wide assortment of new tools designed to detect threats to their IT systems and data. Now, all of those tools seem to be yelling “Alert!” with such high frequency that security analysts simply can’t keep up. As a consequence, analysts become “detuned” to certain alerts and entire classes of alerts. This leads to security blind spots.  Observable’s Dynamic Endpoint Modeling offers a sensible alternative. 

Continue Reading

Practice Makes Protection: “Hacking” Yourself into Better Security

Valuable resources to learn more about the “hack yourself” movement – critical for improving security.

Cops and robbers. Cowboys and Indians. White hats versus black hats. The games we played as kids are not unlike the work we do as IT professionals fending off cyber criminals. And while security is serious business, “hack yourself” programs harken back to these youthful adventures with simulated exercises designed to strengthen skills and defenses.

Continue Reading

Piecing Together the “Big Hack”

What would it take to debilitate a major American city?

A fictional account of a coordinated cyberattack, no matter how dramatic, is still fictional. But the smaller attacks that could make up a larger one are grounded in reality, and deserve close attention. 

Continue Reading

Five Steps You Can Take to Reduce a Hackers’ Advantage

Thinking like a hacker may help you prevent a future attack.

Sometimes in order to beat a hacker, you have to think like a hacker. That’s the secret behind continuous security validation, an emerging trend among security organizations that are susceptible to high-profile breaches. Learn the five steps to taking advantage away from the hackers and reducing your risk proactively.

Continue Reading

Ransomware Meets Remote Server Tracking and Sentinel Files

Enterprising administrators came up with the idea of putting "canary" or "sentinel" files out on their shared drives.

For organizations ransomware isn't just a particularly annoying type of malware. It's somewhat inconvenient when a user loses access to the files on an infected drive, but it's unspeakably horrible when all users lose access to the files on a network share. Some enterprising administrators came up with the idea of putting "canary" or "sentinel" files out on their shared drives. These are files that normal users would have no reason to access and whose contents are known to a monitoring system.

Continue Reading

What We Can Learn from the Biggest Data Breaches of 2016 (So Far)

Understanding these attacks may help you improve security in the future.

It has already been a busy year for IT professionals and the cyber criminals they are forced to defend their companies against every day. Find out what has made the news thus far in 2016, including rising malware incidents, blackouts, and more vulnerabilities in SSL.

Continue Reading

Strengthening the Defense Against Ransomware Attacks

Our second article in our two-part series on this growing threat.

Ransomware attacks pose unique challenges to businesses and security vendors. A collaboration between Observable and its customers has resulted in new tools to ward off the hostage-takers.

Continue Reading