Pure JS Ransomware

Sophos posted details of a new Ransomware sample that operates entirely from javascript. 

Different from the recent rash of malicious javascript files, this javascript does not rely on the introduction of a malicious binary.  Sophos titled the malware "JS/Ransom-DDL".

This type of malware can be dangerous if you have never considered javascript as a possible attack vector.  Without a binary to detect/inspect/observe, some advanced malware defense tools will be useless.

Remote Access Service GoToMyPC Compromise

According to Citrix, "GoToMYPC service has been targeted by a very sophisticated password attack." 

Sophisticated or not - this should be a reminder to enterprises that consumer oriented remote-control applications cannot be ignored.

Gartner: Top 10 InfoSec Technologies for 2016

Gartner highlighted the top 10 technologies for information security during their 2016 Security & Risk Management Summit earlier this week.  The list was:

1. Cloud Access Security Brokers
2. Endpoint Detection and Response
3. Nonsignature Approaches for Endpoint Prevention
4. User and Entity Behavioral Analytics
5. Microsegmentation and Flow Visibility
6. Security Testing for DevOps (DevSecOps)
7. Intelligence-Driven Security Operations Center Orchestration Solutions
8. Remote Browser
9. Deception
10. Pervasive Trust Services

Microsoft + LinkedIn: Employee Privacy?

Today Microsoft announced it "will acquire LinkedIn for $196 per share in an all-cash transaction valued at approximately $26.2 billion."

LinkedIn is increasingly the means for employees to connect with new career opportunities. Microsoft increasingly represents Enterprise customers rather than individual consumers.  What affect might this deal have on workplace privacy?

Google Chrome PDF Reader : Remote code execution

Do you avoid Adobe Reader and Acrobat due to the never-ending stream of security problems?  Perhaps you have done away with PDF reader software all together in favor of the viewer included with Chrome?

If you have, you will be disappointed to learn that the Chrome viewer is vulnerable to a remote code execution vulnerability.  The viewer included in Chrome, called PDFium, can be used  run code of the attacker's choice.

2016 vs 2010 Magic Quadrant for Enterprise Firewalls

Gartner released the 2016 Magic Quadrant for Enterprise Firewalls almost two weeks ago.

The biggest surprise is how stratified Gartner views this market.  There are two leaders, two challengers, and all other vendors tied for last-place.

What is going on?