endpoint security: amplified

Final-Connect-Image.jpg

Holiday Phishing

The North Pole has announced a breach exposing billions of children’s information from both past and present. Most importantly the naughty list was also exposed and may be for sale on the Dark Web.

Obviously, this is just a joke but it seems as if we hear of a new breach every week. Last week's Vtech breach using wireless toys as the vector is just one sad example. The holiday season is the time of the year when we think of family and a time to be generous and kind to others. Unfortunately, not everyone thinks this way. There are those for whom this is the most profitable time of year, and I am not just talking about the retailers on Black Friday. The cyber-criminals of the world are lurking and trying to take advantage of the good will and deal seekers during this season.

Read More

Topics: Cyber Security, Email Security, Email Phishing

A Case for Security Prioritization in Retail


I was shoppping with my daughter the other night for indoor soccer socks at a major sporting goods retailer here in Massachusetts. As we rolled up to the register with bright pink and purple options, I noticed something at checkout - the retailer was not ready for chip and pin credit cards. 

As I swiped my chip and pin credit card, I got to thinking...there are cyber risks everywhere, during every transaction, before and after every transaction, at any store, any company, coffee shop, airplane, airport, organization you visit...but back to the example here. 

Read More

Topics: Cyber Security, APT, CounterTack, Breaches, Breach, retail data breach, data breach, EDR, chip and pin, retail security

Endpoint Security Makes Quantum Shift: Part IV - Resolution

Process Matters

Gartner has been the most vocal about the need for a process shift, advocating what it calls an “adaptive security architecture.” The idea is to balance efforts among attempting to predict when a breach will occur, prevent­ing the ones you can, detecting what a suc­cessful attacker has done on the endpoint, and ultimately responding to the attack in some way. You need to be doing all of these, all the time, with a variety of technologies, so you can respond appropriately.

“How you protect yourself from a shotgun blast is very different than how you protect yourself from a sniper’s bullet,” says Neal Mac­Donald, VP distinguished analyst at Gartner.

Let’s look at a real-world example of why you need change now, before you get stuck in the quicksand of a disastrous endpoint breach your prevention tools missed.

Read More

Topics: Cyber Security, endpoint security

Intelligent Algorithms and Feature Design

If you live and breathe at the intersection of Cyber Security and Data Science, you have probably seen Alexandre Pinto’s DefCon22 talk, #SecureBecauseMath (https://www.youtube.com/watch?v=TYVCVzEJhhQ).  In this talk, Alex makes great points regarding some blatantly poor yet commonplace practices. #MathIsAwesome, but pushing not-quite-real science by overeager marketing departments, or being an overly receptive, starry-eyed audience waiting for pronouncements from the next super-genius, are still problems.  Alex also alludes to some things that are of immediate consequence to algorithms and Machine Learning researchers operating in the security space.  For example, Feature Design.

Read More

Topics: Cyber Security, data science, feature design

Don't Look Back in Anger: Make Security a Priority in 2015

It’s typical at this time of year to look back at the previous years’ data breaches and high-profile exploits, and say things got worse. However in 2014, things really did get worse from the standpoint of damage to some of the biggest organizations globally.

From the direct impact on enterprises to the direct impact on consumers in the wake of retail industry breaches. From the indirect impact on businesses like wasted time cycles, downtime and mis-allocated resources, to indirect overall impact felt by consumers - like NOT making purchases at specific retail stores or websites, or perhaps NOT investing money or doing business with financial organizations based on a security breach - we all felt the pain.

We've seen enormous swings financially, and in confidence of organizations, attributed to this year's attacks. But it’s not really just about the attacks. They are going to happen. I'd argue that its more about the nexus of forces around the way organizations and employees are computing, and the devices that are used (endpoints) for multiple purposes within the corporate network.

Read More

Topics: Cyber Security, data breach

“The Internet of Things” – Security Vulnerabilities Can Cause Bodily Harm?

We may have hit a ‘data breach fatigue’ saturation point across the market as of late, but there were a few other security vulnerability stories swirling this past week that seemed to deviate from the standard reports.

DHS is actually probing a number of medical device manufacturers to see if there are legitimate cybersecurity vulnerabilities in a number of pumps and implantable heart devices.

One thing that comes to mind with respect medical devices with internet connectivity, is that devices, like any other technology, have evolved. Medical devices are now programmable, configurable and are more advanced to accommodate so many patient conditions, complete with automation, data collection and storage requirements.

Read More

Topics: Cyber Security, endpoint security

Cyber Resiliency is a Message That Resonates

I've been attending the Inbound Conference, hosted by HubSpot this week, to brush up on a few things in my discipline (Marketing). Speakers present new Marketing strategies, and mainly inspiration for Marketers to find truly different ways to communicate to audiences. Every session focuses on specific tactics, like blogging or email or telling better stories.

Read More

Topics: Cyber Crime, Cyber Defense, Cyber Security, Cyber Attack, APT, cybersecurity, Tom Bain, Sentinel, endpoint security, CounterTack, threat detection, Zero-day Attack, Security Intelligence, Breach, Gartner Cool Vendor

Trends in the Information Security Industry

CounterTack has been buzzing lately based on our rising position within the endpoint threat detection market. We're in the news more often now, but we also are on the radar of the investment community, who is hot after innovative cyber security companies who are helping global organizations defend their businesses against increasingly persistent attackers and insiders.

There are a number of media outlets taking note of how investors have started to focus more on cybersecurity, like XConomy, who recently referenced CounterTack as having a $5M addition to a funding round. The reality is the larger technology companies simply can't innovate as quickly as smaller, more agile startups, who are tailoring their approach to solve very specific problems leveraging in new ways to get it done. 

As a guest blogger on VentureFizz, a leading news, networking and information site for the technology startup and VC community, I interviewed Mark Spoto, General Manager at Razor's Edge Ventures. Razor's Edge is part of CounterTack's investment syndicate, and he elaborated on what drew him to CounterTack, the challenges he sees organizations trying to solve and the impact that startup innovation is having on the industry. 

Read More

Topics: Cyber Security, Sentinel, CounterTack, Gartner Cool Vendor

Show Us the Way CryptoLocker!

Ransomware is a class of crimeware that locks down an infected system by preventing user’s access to their data stored locally or via accessible shared network drives. Access is only sometimes restored to the victim after a sum of money is transferred to a digitally remote blackmailer.

CryptoLocker is one of the latest variants in this family surfacing over the last few months has recently made some noise across the industry. Ransomware is one of the busiest (and most annoying) threats of 2013, and is experiencing another comeback tour so we decided it’s time to take a peek under the hood of the latest variant’s campaign to see what the author team is up to as of late and how different is the actual threat compared to the evasion techniques.

Read More

Topics: Cyber Crime, Cyber Security, malware, Cyber Attack, APT, cybersecurity, malware infection, malware analysis, Scout, Sentinel, endpoint security, CounterTack, Breaches, Zero-day Attack, in-progress attacks, Sean Bodmer

CounterTack News Bulletin – May 6, 2013

What We’re Reading this Week

There are numerous options out there for enterprises looking to boost their cyber defenses – from downloadable freeware to seemingly impenetrable premium solutions, the array of options can seem endless. Though useful and important, nothing will keep today’s motivated cyber attackers from getting through. By now, many organizations have accepted this sobering truth, and have shifted their focus from keeping attackers OUT, to finding out what they are doing once they get IN. What motivates them? And how are they going to try to get what they’re after? We’ll examine this, and other topics that caught our attention this week, in today’s news bulletin.

Read More

Topics: Cyber Security, Cyber Attack

Subscribe to Email Updates

Posts by Topic

see all