On Wednesday, Adobe released a new version of Flash on Wednesday to address the zero-day vulnerability that was disclosed as part of the Hacking Team attack last weekend. Unfortunately, our researchers overnight have found another, new unpatched vulnerability affecting Adobe Flash that is a result of the Hacking Team attack. Our researchers have notified Adobe…Read More
Global Threat Communications
- Christopher Budd is a global threat communications manager with Trend Micro. His focus is on communications around online security and privacy threats to help people understand in plain English the risks they face and what they can do about them. In addition, he focuses on managing crisis communications utilizing a framework and processes he helped put in place. Prior to Trend Micro, Christopher worked as an independent consultant focused on helping clients build crisis communications frameworks for online security and privacy incidents. Christopher draws on his experience as a ten-year veteran of the Microsoft Corporation, where he oversaw and managed worldwide internal and external communications around security and privacy incidents affecting Microsoft customers. During his tenure at Microsoft, he pioneered new strategies and tactics embracing new media technologies that dramatically improved the handling of communications around incidents and helped, as he likes to say, “make awful news just bad”. Christopher is a seasoned spokesperson and speaker and presenter. He has been an expert on television and radio numerous times. At Microsoft he led a live monthly security webcast for over six years. He has also given numerous presentations on communications and technology at a variety of technology and non-technology conferences. He has also given numerous presentations on communications and technology at a variety of technology and non-technology conferences. He is a columnist at Geekwire.com on security and privacy and he is a fellow of the Ponemon Institute.
The United States Office of Personnel Management (OPM) has just released the latest details from their ongoing investigation into the attacks against their systems. Today’s announcement represents a significant escalation in the number of people affected and the risk victims face. Everyone who works or has worked for the federal government as an employee or…Read More
There has been a lot of discussion in the past few days about the successful attack against the Hacking Team in Italy and the release of their data as a result of that attack. The most important thing that people need to be aware of is that this attack has resulted in the public disclosure…Read More
More details continue to emerge regarding the attack against the United States Office of Personnel Management (OPM). Some of the details aren’t surprising – for instance that the number of affected employees has skyrocketed from 4 to 18 million. It’s not unusual for the scope of victims to increase as an investigation continues. It also…Read More
There’s another vulnerability affecting the Android platform that this week once again raises the question: am I vulnerable? Researchers from NowSecure announced at Black Hat in London this week a vulnerability affecting the SwiftKey keyboard on Android. The biggest concern is for Samsung Galaxy phones which install the SwiftKey keyboard by default and allow it…Read More
Cyber attacks have the potential to significantly disrupt national critical infrastructures, which could be catastrophic.
Oftentimes, even the most extensive security systems are unable to identify and alert key employees to the presence of an APT. Therefore, IT administrators and engineers must understand what to look for in order to effectively recognize the launch of an APT, or an existing one within the network.
Add the United States Internal Revenue Service (IRS) to the list of recent large scale data breaches. With their announcement on May 26, 2015 that more than 100,000 U.S. taxpayers’ information was illegally accessed through the “Get Transcript” web application, the IRS has joined Target, Premera and others in the ranks of large scale data…Read More
On May 20, CareFirst BlueCross BlueShield announced that they were the victim of a data breach in June 2014 that affects 1.1 million current and former customers. This is the third major healthcare data breach affecting an affiliate of the BlueCross BlueShield network coming after the Anthem data breach announced in February and the Premera…Read More
Updated 6/1/2015 to include reference to Security Intelligence Blog posting from May 28, 2015. We’ve learned recently that the St. Louis Federal Reserve was the victim of a cyberattack. It appears to be a classic “watering hole” technique going after victims where they’re known to gather. What’s notable is that none of the Federal Reserve’s systems, or…Read More