Ghost Town Security: What Threats Lurk in Abandoned Offices?
Millions of office buildings and campuses were rapidly abandoned during the pandemic. Now it s a year later. What happened in those office parks and downtown ghost towns? What security dangers lurk there now, waiting to ambush returning businesses?
(image by Rob Dobi, via Adobe Stock)
Take a bow, ye in IT and infosec, for pulling off the biggest, baddest save-the-world action in the heat of a pandemic. Because of you, businesses keep running even when there isn t anyone in the building to keep the lights on and the machines patched. Most CISOs were focused on getting people remote as quickly as possible using a just-get-it-done approach, says Andrew Turner, executive vice president at Booz Allen Hamilton.
9 Modern-Day Best Practices for Log Management
Log management is nothing new. But doing so smartly, correctly, and concisely in today s data-driven world is another story.
(Image: 123tin via Adobe Stock)
Logs are central to forensic investigations, but only if they re collected, stored long enough, contain everything investigators need, and the bad guys don t get to them first.
That s a big if. What can businesses [do] to mitigate the possibility that lots of attackers are trying to hide their tracks and even destroy log files? Obvious: Use a log management tool to centralize logs – the same advice as in 2021, 2011, 2001, and perhaps even 1991, says Dr. Anton Chuvakin, head of security solution strategy at Google Cloud and author of several books.
Contemplating the Coffee Supply Chain: A Horror Story
On the bean-to-cup journey, dangers await around every corner. Here, well-caffeinated security experts warn the coffee industry about the threats.
(Image: Okea via Adobe Stock)
A supply chain is only as strong as its weakest link. That we know. But what gets less consideration is that each step in the process, every link, also has a supply chain, and all of it expands one s attackable surface, says Adam Levin, a cybersecurity expert and author who founded the recently acquired company Cyberscout.
Put another way, supply chain security issues spread far beyond the intended path in transporting things from Point A to Point B.
FBI Encounters: Reporting an Insider Security Incident to the Feds
Most insider incidents don t get reported to the FBI due to fear of debilitating business disruptions, public embarrassment, and screeching vans skidding into the parking lot to confiscate servers. But is that reality?
(image by ontronix, via Adobe Stock)
Despite stunning incident counts, many if not most insider threats remain unreported. Reasons vary but all bloom from the same stem: The victim company s fear of being harmed again, either by the legal system or law enforcement. But are those fears real and justified, or are they spun from myths? Time to take a look at what actually happens after a company contacts the FBI, formally or informally.
7 Infamous Moments in Adobe Flash s Security History
End-of-life is here: Adobe s support for Flash is gone as of Jan. 1. Here s what we won t miss about the multimedia software platform.
Show of hands for those who will mourn Adobe Flash – and it s hellish 1,500-plus critical security holes – when its flame dies out on Jan. 1. Anyone? Anyone? That s what we thought. But make no mistake: The ecosystem that spawned such a security nightmare is likely pregnant again with another software security horror because Flash was not a fluke, according to At-Bay founder/CEO Rotem Iram, it in his most excellent ode to the end of a software security serial killer.