Cyber Security Archive
cyber scorecard

Cyber Security Risk Scorecard; Are You Safe or Not?

Cyber Security Risk Scorecard; Today, almost all companies, regardless of the size or the sector, need to rate their cyber security risk. A reliable and actionable security scorecard can assess the risks and show the ways to eliminate the threats. Generating a security scorecard does not require your personal or secret information. Because they use […]
Keynotes Phishing

Keynotes APWG Global Phishing Survey 2015-2016 – Malicious and Compromised Domains

Keynotes Phishing; APWG did an analysis of how many domain names were registered by phishers vs. phish that appeared on compromised (hacked) domains. (Why? Because both of them present different mitigation options for responders, and offer insights into how phishers commit their crimes.) A domain is flagged as malicious, if the domain was reported for […]
Keynotes Phishing

Keynotes APWG Global Phishing Survey 2015-2016 – Attack Motivation

Keynotes, Phishing; Attacks where money is handled or moves in commerce are typically designed to directly defraud victims. Attacks on social networks, e-mail systems usually are attempts to harvest credentials for further use. There are continued attacks on ISP’s and other Internet services companies to obtain Internet resources to launch further attacks. There are also […]

Keynotes APWG Global Phishing Survey 2015-2016 – Target Distribution

Keynotes; By using a large dataset of more than 250,000 phishing attacks detected in 2015 and 2016, APWG quantified cybercrime activity and understanding the patterns that lurk therein. They have learned more about what phishers have been doing, and how they have accomplished their schemes. Keynotes; TARGET DISTRIBUTION APWG counted unique target institutions during 2016, […]
deep web, dark web, bitcoin

Deep Web and Black Market

WHAT IS DEEP WEB? The deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by standard search engines for any reason. The opposite term to the deep web is the surface web.  What is inside the deep web? Let’s take a look at the figure […]
Ecosystem Cyber Risk Manager

Passive Vulnerability Scan & Early Notice for Non Remotely Scannables

Passive Vulnerability Scan; Vulnerabilities such as MS15-034 are big deal for information security specialists who have to keep up with the critical security patches on high pressure business environments. In one hand they know that the cat is out of bag and they have to find out their vulnerable servers, however, on the other hand […]
Security Follows Business

Security Follows Business. And That’s OK

Security Follows Business; Services dynamically evolve with changes, production deployments, application of patches and configuration tweaks. These modifications directly or indirectly affect the stability and security, hence vulnerabilities might be introduced. Periodic and continuous security scans should prevent such vulnerabilities lingering around for a long time for an attacker to take advantage of. Security Follows […]