Threat: Users targeted with malware in advertising
Solution: Utilize adblocking technology and/or implement other security measures such as disabling javascript by default
URL: http://www.engadget.com/2016/01/08/you-say-advertising-i-say-block-that-malware/

Specifically in this threat the website Forbes asked users to disable ad blockers but the ads served were found to contain malware. This particular instance is worse in my opinion than some as the website owners asked users to disable what is quickly becoming a popular security option and then preceded to serve users malware. While I like to support websites, it makes it difficult to do so when ad networks are not better vetted.

In a multi layered approach security professionals should keep their systems and plugins patched so that known exploits can’t be used on systems. As another layer of security I also recommend turning off javascript by default and only enabling that on trusted websites. Unfortunately in this case the web site would normally be a trusted source so full ad blocking through a proxy, software or other mechanism would be the only way to completely remove exposing systems to the malware.

Threat: Cities face many risks from cyberattackers and the attacks are increasing.
Solution: Cities need to continue to catch up in cybersecurity and practice responses to cyberattacks.
URL: http://www.marketwatch.com/story/the-mind-boggling-risks-your-city-faces-from-cyber-attackers-2016-01-04

In the article the author details the numerous threats and vulnerabilities in cities infrastructure. For example the city of San Diego uses 400 different applications, some of them decades old. With more and more systems exposed to the Internet through networks, these out of date systems are extremely vulnerable. Patching systems isn’t the only solution necessary.

In addition to updating software and policies cities need to practice responses to cyberattacks. The article tells of one simulation where a city wasted 45 minutes waiting for an engineer to reach a computer. Cities need to know who handles what and have a plan for when they can’t reach a point of contact. Through this multi layer approach cities can better prepare for cyberattacks.