Archives for posts with tag: threats

IE_Logo_Trash-970x546

So, week two of 2016 here at Eskenzi was most definitely no shrinking violet compared to last week’s phenomenal results!

This week, Microsoft released its final patches for Internet Explorer 8, 9 and 10 along with an “End of Life” notice, to encourage users to switch to Internet Explorer 11 and Microsoft Edge, currently only available on Windows 10.

These changes were originally announced back in August 2014, and it is estimated that these older, legacy browsers could account for more than 20% of web traffic. Computerworld reported that as many as 340 million Internet Explorer users are still using IE 8, 9 or 10! NetMarketShare estimates that Internet Explorer accounts for 57% of the browser market, compared with 25% for Chrome, 12% for Firefox and 5% for Apple’s Safari – That’s a lot of people using browsers that are now potentially unsafe, and can no longer be patched.

This means that Internet Explorer won’t receive any more security updates, or other patches. Those still using the browsers could be vulnerable to security threats and even hacks; depending on what other (if any) security software is installed.

A story of this type throws open the rapid response doors for Eskenzi clients, many of which had sound advice on what users, who still use Internet Explorer 8, 9 or 10, can do to ensure they stay protected, despite this news.

Four Eskenzi clients commented on this story – ESET, Tripwire, AppRiver and Bromium – and one from our sister agency, SmileOnFridays – Tenable, which resulted in over 250 pieces of coverage across National newspapers, business publications and trade press.  The coverage obtained was truly global, with publications in the UK, United States, France, Germany, Kenya, Japan, Ghana and Argentina (and many more!) reporting on the news with commentary from our clients included.

Hits include the BBC, The Metro, Business Reporter (included with The Daily Telegraph), BT, SC Magazine, Dark Reading and Yahoo! News.

Several journalists reached out to Eskenzi for specific commentary, as we are so well known to those who report in the security and technology space, knowing they would get great quotes to use in their stories, as well as sound advice for businesses and consumers alike.

We’re lucky to work with so many amazing clients who can, at the drop of a hat, pull amazing quotes and advice out of the bag. I wonder what week three will deliver.

2016-01-06-image-6

logo-date+slogan(banner)

Here’s an event that you’re going to want to be involved in because it’s for every company who takes Security Seriously!

The campaign is called SECURITY SERIOUS and we’ve dedicated an entire week to it from 26-30 October.  The campaign will push the message to the business community that – we’re taking Security Seriously and so should you!

We’re hoping to get 50+ best of breed companies who are good at IT security to help other companies become more security savvy through a range of exciting events! We’ll kick off the week with a photocall outside the Tower of London at 12 noon on 26th October.  Everyone will be there with their company logo and huge banner that states that we’re all pulling together to show that “UK PLC is serious about IT security. We’ve arranged for the press to take pictures at the photocall and then we intend to create a social-media frenzy around the whole week!

During the week we have lots of free lectures and events that companies are offering on a first-come first-served basis. These will be on a range of cyber-security topics – it could be “getting the board’s attention”, “how to stop breaches” – “Finding the right tools to securing an SME” etc.

We’ve already got some amazing large companies behind the week doing some really exciting events, BUT we want to get a huge momentum behind and need your help with the following:

  1. Let us know if you want to be involved in the photocall opportunity – if so we’ll get a huge placard with your logo on it.
  2. Can you support this event by offering something positive to other businesses during the week – it could be a webinar, free software, seminar in London, internal seminar to your staff, something inspiration and creative!  We’ll promote it through Eventbrite and Brightalk and on the website with your logo as a supporter of Security Serious.
  3. Who could you invite to get involved apart from your own company?
  4. Add the event and logo to your email signature
  5.      Blog about it.

YOUR INVOLVEMENT AROUND THIS EVENT WILL NOT COST YOU A PENNY – it’s all about the community collaborating as an industry to get best of breed security professionals from great organisations working to help others become more security savvy – that way we can improve the security posture of UK PLC!

So please let us know how you’d like to get involved asap so we can build your event and idea into the website and campaign.

For more details email Yvonne@eskenzipr.com

hacker
That’s a pretty far flung suggestion, but after my conversation with a “grey hacker” (that’s someone that works on the good side and also a little on the bad side) I’m not sure it’s so far-fetched. The truth is, I love talking to hackers. I think it’s becoming a bit of “thing” of mine, all because I’m trying to get my clients and their “hacker mates” to write a short story book made up of fictional hacker tales – based on the semi-truth. So in my quest to get this book written, I’m interviewing lots of hackers to get their thrilling tales from the underground. Well you could knock me over with a feather with what I’m currently hearing – it’s the most exciting venture I’ve undertaken in a long while.

Only last week my grey hacker friend was telling me about a bloke he met down the pub who has a rather interesting way of boosting his yearly income to pay for his wife’s new car or their expensive annual holiday. He manipulates share prices in what could be dubbed rather brilliant.

This is how it goes. He’s a very proficient IT consultant, called into major organisations to sort out all sorts of IT security issues from fire-fighting to unravelling an IT project that’s gone wrong and needs sorting out. He always chooses one year contracts, which gives him plenty of time to get familiar with the company and the company to get familiar with him. As an IT programmer, he has to get the back-door passwords or admin passwords which basically give him access to everything. He doesn’t use these for anything sinister at all for at least the year. He does a great job for the company and gets paid a fair price. Just before the company goes public with their profit announcements, he goes in through the back door and changes the figures. Of course no-one notices and the figures are very poor and surprises everyone – so of course the price drops. He buys a lot of stock but not so much that people notice he’s bought them, maybe just $50-$75k. Once the accountants have noticed that something has gone awry with the balance sheets, they re-issue the profit announcement and tell the world there was a terrible internal mistake and the price shoots up and he makes a very healthy profit.

That’s clever, obviously hugely illegal, immoral and very wrong – but you have to admire the guy and he’s never been caught because he doesn’t brag about it, isn’t greedy and leaves no trace behind him. I’m not saying this has happened in the case of Tesco’s – because when you read between the lines they look like they’ve just been pretty rubbish at “creative accounting” – but then my more paranoid brain says to me just imagine if there was a hacker that had screwed with their figures and now they’re having to make wonderful excuses to cover their tracks!

You see this book really is messing with my head – but I can’t wait to get all my contributions in from the hackers so you can read it and have your imagination run riot too!