JPMorgan hackers altered, deleted bank records, says report

CNET | Aug 28, 2014

Investigation into attack on JPMorgan Chase may have expanded to seven of the world’s top banks, amid a report that hackers altered records.

“Getting access to bank records is uncommon but not unheard for hackers, who often change computer logs to cover their tracks but can’t always get to more sensitive data,” said RedSeal cybersecurity expert Robert Capps.

Data Breach-stricken UPS Unaware of PoS Malware for months

| Aug 22, 2014

Just as news of one large point of sale (SuperValu) hack begins to recede, another pops up to reclaim the headlines. This time the victim is shipping giant United Parcel Service (UPS), which has confirmed a long-running data breach at 51 of its UPS Stores, across 24 states.

“This shows that sophistication of IT isn’t an inoculation against a breach,” said Steve Hultquist, chief evangelist at RedSeal Networks. “The combination of complexity and continuous change–including both growth and technological advancement–mean that it’s virtually impossible to be aware of all the potential paths of attack.”

Big Data Overwhelms Security Teams

eSecurity Planet | Aug 20, 2014

A major contributing factor in many recent data breaches has been the fact that many IT security teams are simply overwhelmed by the volume of data they’re handling.

Mike Lloyd, CTO of RedSeal Networks, said that kind of data provides IT security teams with a serious challenge. “I don’t meet any security teams these days that say, ‘You know, what I lack is data,'” he said. “In fact, we’re drowning in data. The problem is turning that data into facts you can use.”

Supervalu Discloses a Data Breach

New York Times | Aug 15, 2014

“This looks much the same as the attack that impacted Target last year,” said Steve Hultquist, an executive at RedSeal Networks, a security firm. “These breaches continue to demonstrate the sophistication of the attackers and the reward they receive being worth the investment they make in their attacks.”

Tennessee Electric Sues Bank Over Cyber-Heist

InfoSecurity Magazine | Aug 14, 2014

Tennessee Electric Company (TEC Industrial) is suing its bank, TriSummit, after falling victim to a $327,000 cyber-heist. The attackers likely used password-stealing malware, and then logged in to the bank using TEC credentials to siphon the funds.

“This action underscores the increasing focus on responsibility for maintaining end-to-end security for customers,” said Steve Hultquist, chief evangelist at RedSeal Networks, in a comment to Infosecurity.

New security bug dubbed Backoff exposed

The Green Sheet | Aug 1, 2014

The latest big breach apparently occurred at the nonprofit retail thrift store operator Goodwill Industries International Inc. The culprit: a new strain of malware called Backoff.

Ray Rothrock, Chief Executive Officer at enterprise cyber security company RedSeal Networks, said the security and retail industries are keen on fighting fraud, even if a modicum of complacency has set in with consumers and the mass media.

“I guarantee if you’re a CEO, you are worried about breaches,” Rothrock said. “In fact, a lot of people these days are being asked by their boards and senior management, assume we will be breached because we will be. What’s your plan of response and remediation for it?”

Goodwill working with secret service to investigate data breach

Cyber Security Business | Jul 31, 2014

Mike Lloyd, CTO of RedSeal Networks, stated to TechNewsWorld: “Many organizations have been in denial for too long … Many industries are loved by the public and can lapse into thinking they don’t have enemies, and so don’t really need to worry about security.”

StubHub Hit in Cyber-Attack That May Have Stolen $10M in Tickets

Security Week | Jul 23, 2014

“The global law enforcement community has sent a strong message to the individuals that commit these crimes,” said Robert Capps, senior director of customer success at RedSeal Networks and former head of global trust and safety for StubHub.

Hackers Leverage Russian Government Malware

eSecurity Planet | Jul 22, 2014

“Sophisticated code like Gyges was created for a specific purpose by what appears to be a government agency, and it should have remained within the control of that agency,” RedSeal Networks Federal CTO Brandon Hoffman said by email.

Ideas for defending against cyberespionage

CSO Magazine | Jul 1, 2014

“With so much business being conducted with suppliers online, Mike Lloyd, chief technology officer for RedSeal Networks, recommended companies map out and monitor all network connections.”