Slack Hacked

eSecurity Planet | Mar 30, 2015

Steve Hultquist, chief evangelist at RedSeal, said by email that the Slack breach clearly demonstrates that organizations need to use automation to improve security. “They must use a system to ensure that all of their security zones are correctly configured, that there are no ways around the security controls, and that all possible paths are monitored for unexpected activity — not just those that are used when everything is operating as expected,” he said.

Secrecy on the Set: Hollywood Embraces Digital Security

The New York Times | Mar 29, 2015

Some Hollywood studios are removing their movie editing software from the Internet so hackers cannot get to it, said Ray Rothrock, the chief executive of RedSeal, a security start-up. For years, oil companies have been doing something similar with their pipelines — a process known as “air-gapping”— so that if hackers breach their internal network, they can’t use that access to blow up a pipeline. Now, Mr. Rothrock said, Hollywood is doing the same to combat theft.

Target agrees to $10m breach compensation

ComputerWeekly.com | Mar 19, 2015

Steve Hultquist, chief evangelist at security firm RedSeal, said even a significant investment in proactive security analytics and process improvements would have given a good return on investment for Target.

Upgrade now: Older OpenSSL versions vulnerable to FREAK attack

InfoWorld | Mar 19, 2015

Steve Hultquist, chief evangelist at security analytics firm RedSeal, noted that keeping things under wraps ahead of time served as a way to pre-emptively prevent automated exploitation of these vulnerabilities.

Cheat Sheet: What Bankers Need to Know About the $1B Carbanak Heist

American Banker | Mar 17, 2015

“These thefts are a significant evolution in approach, since the attackers didn’t simply break in, take over accounts, and run with the money,” said Mike Lloyd, the chief technology officer at security analytics company RedSeal. “The time invested by criminals in studying the operations of target banks shows two things: first, that such attacks are lucrative enough for this time commitment to be worthwhile, and second, they would not have bothered if they did not have to.”

Natural Grocers Investigates Data Breach

SecurityWeek | Mar 3, 2015

“The movement of the attackers laterally within the internal network underscores a reality of modern networks: attacks are automated, patient, multi-step, and multi-phase,” said Steve Hultquist, chief evangelist at RedSeal. “Attackers probe for weaknesses, then use each weakness to dig further into the network, uncovering more weaknesses and further value each step.”

Data at risk for about 50,000 current and former Uber drivers

SC Magazine | Mar 2, 2015

Uber announced on Friday that unauthorized access was gained to one of its databases in May 2014. That type of personal data can be used to obtain additional information on an individual, which can then be leveraged to commit identity theft, Steve Hultquist, chief evangelist at RedSeal, told SCMagazine.com in a Monday email correspondence.

Natural Grocers investigating unauthorized access to POS systems

SC Magazine | Mar 2, 2015

That the company “can firmly state what kind of data was not stolen, because they simply do not gather it, is strong evidence of one of the emerging truths of cybersecurity: if you keep something, someone will test your defenses, and if they aren’t perfect, they’ll take whatever you kept,” said Dr. Mike Lloyd, CTO at RedSeal, in a statement sent to SCMagazine.com. “As a result, the new rules say don’t keep it if you don’t need it.”

From Community Emergency Preparedness To Network Security — Here’s What We Need To Know

Forbes | Feb 26, 2015

Most corporations readily acknowledge that cybersecurity is a big deal, and that threats are escalating. There’s also a greater concentration of risk now, thanks to technology trends such as cloud infrastructures and mobility. Networks are unquestionably the foundation of every modern business, and understanding how that network operates, is managed and is protected is vital. If the network is compromised, the entire business is compromised.

Cheat Sheet: What Bankers Need to Know About the $1B Carbanak Heist

American Banker | Feb 17, 2015

“These thefts are a significant evolution in approach, since the attackers didn’t simply break in, take over accounts, and run with the money,” said Mike Lloyd, the chief technology officer at security analytics company RedSeal.