This is some great research done by CitizenLab.org on the FinFisher surveillance spyware. Check it out here. Great job, guys.
Pages
Monday, October 19, 2015
Friday, October 16, 2015
Cyber Horror Stories From the Past Year
The eerie cyber season is upon us now, the time of year when
the cyber ghouls are out looking for our data. This past year has been
exceedingly spooky with major organizations being taken advantage of the cyber
undead. With this being Cyber Awareness Month we’d like to
review a few of these attacks with you so that they can become part of your zombie
security survival guide when the cyber apocalypse is pointed in your direction.
Stay alert; you never know when these monstrosities will come after you next.
Here are a few stories from the past year that will give you goosebumps.
We’ve noticed that 2015 is the year of the healthcare
breach. These monsters have targeted healthcare over the past 12 months with
wild abandon. Whether it is Anthem, Blue Cross, UCLA or any other casualty,
these monsters have the taste for healthcare and want more of it. The industry
as a whole has taken this very
serious after seeing their peers eaten alive and is making strides to securing
what they can before it’s too late. There is never a safe place from these
beasts, but over the past 12 months the sea change in thinking for healthcare has
been eye-opening. The entire industry is putting in defenses today that
wouldn’t have been there if not for these vicious attacks. The carnage of these
assaults has sparked a flame in healthcare, one that will hopefully continue to
shine brightly. Otherwise, they’ll be the next ones to the stake.
The government has also become, or should I say always was,
a favorite target for cyber witches that continue to plague their security. We
noticed some advanced witchcraft thrown out the government this year in the
forms of the OPM and IRS hacks. The enchantresses behind these breaches were
sophisticated and able to craft unstoppable spells over the government networks
who weren’t ready for their potent effect of data lose. These attacks were used
to gain more insight into government employees and could only be the beginning
of their spells. The stolen data these witches stole will probably be used later
on to create a more refined incantation using this pinched data as an
ingredient in their cauldron for an even greater conjuring of evil towards the
government and their employees. The government as a whole needs to wake up and
start making changes that will protect themselves from these types of attacks.
They’re the biggest target to these overseas witches and will be for years to
come.
Something interesting
we saw this year, that we don’t see every day, was a group of cyber fiends
being hunted down by what seems like a another individual to usurp them from
their evil throne. This of course was the “Hacking Team” hack, where the group
“Hacking Team” was selling surveillance and malware to countries to spy on
their people. The zombie hunting Phineas Fisher, who’s could play both hero and
villain, defended these countries by exposing “Hacking Team” for what they
really were. It’s interesting to watch these cyber vigilantes come right after
evil, while toeing the line of becoming exactly what they’re fighting against.
This battle for cyber purity is one that can swallow up a person, or group for
that matter, if they’re not careful.
My dear friends, it’s been a terrifying 2015 and one that
gives us reason to worry. Let’s use this Cyber Awareness Month as a way to
educate others against ghouls on the internet lurking in the dark webs ready to
pounce. Constant diligence and education will keep us safe, because you never
know when they’ll strike. Let us be like Ghost Busters and team up together to
let everyone know that “We ain’t afraid
of no ghosts!”
Wednesday, October 14, 2015
Best Practices to Prepare for a Cyber Attack
The war is coming and it's a matter of time before you're attacked, assuming you aren't already under attack which you most likely are, and if you're not actively preparing for this event you'll be destroyed when it happens. There needs to be a plan of action, there needs to be training, there needs to be assigned roles, or you'll be scrambling during an incident. This article I wrote helps explain a few areas that should be done now in preparation of an incident. It's better to be prepared, rather than making it up in the heat of the moment. Knowing is only half the battle.
http://blog.algosec.com/2015/10/10-best-practices-to-help-you-prepare-for-a-cyber-attack.html
http://blog.algosec.com/2015/10/10-best-practices-to-help-you-prepare-for-a-cyber-attack.html
Monday, October 12, 2015
Review of some best #CyberAwareTips
Tripwire recently correlated a few of the better cyber security awareness advice from the hashtag #CyberAwareTips for National Cyber Security Awareness Month (NCSAM). You can check out mine and others advice on this aggregated blog from Tripwire:
http://www.tripwire.com/state-of-security/security-awareness/cyber-aware-tips-how-to-stay-safe-online/
http://www.tripwire.com/state-of-security/security-awareness/cyber-aware-tips-how-to-stay-safe-online/
Friday, October 9, 2015
How NOT to be a Victim of Social Engineering [Cyveillance]
Here's a great infographic from Cyveillance about "How NOT to be a Victim of Social Engineering. To read the entire blog post please take a look here. Well done, Cyveillance.
Thursday, October 8, 2015
New Amazon Application Security Services
Okay, the cloud is dangerous and everyone should stop using it before it rains down your data upon all those it wasn't intended for, right? We'll, not really. There are times when keeping data in house is an ideal solution, but there are other times when pushing data to the cloud is completely viable approach. This is all about knowing your security risk appetite and understanding the data that's being hosted in the cloud and the security of the cloud provider. With this being said, Amazon has taken great strides in helping ease the "security of the provider" concern. Take a look at the following two products that Amazon recently released recently:
These two services assist greatly with running any type of web application off Amazon's AWS service. Many startups and lower income businesses are using Amazon to run their applications, as well as many very large companies, but for those without the revenues to purchase these services elsewhere Amazon has really created a secure ecosystem to keep clients from outgrowing their services from a security standpoint. This is a huge step forward for them and I'm personally very excited about seeing where they're going in the future.
- Amazon WAF: https://aws.amazon.com/blogs/aws/new-aws-waf/
- Amazon Inspector: https://aws.amazon.com/blogs/aws/amazon-inspector-automated-security-assessment-service/
These two services assist greatly with running any type of web application off Amazon's AWS service. Many startups and lower income businesses are using Amazon to run their applications, as well as many very large companies, but for those without the revenues to purchase these services elsewhere Amazon has really created a secure ecosystem to keep clients from outgrowing their services from a security standpoint. This is a huge step forward for them and I'm personally very excited about seeing where they're going in the future.
Wednesday, October 7, 2015
Building a cybersecurity culture in the workplace
We all know that attackers are coming after your users, this shouldn't be a surprise. We need to find better ways to have security awareness sink into their minds, because they're the first line of defense. They are the weakest links in your networks and systems. If they're not trained you're at even more of a risk of data breaches. It's really that simple. Also, all groups shouldn't be trained the same and having the dedicated training per group (administrators, marketing, finance, etc) will assist with getting a focused education and assist with better protection of your users.
Here's an article I collaborated with the good folks at Tripwire regarding some other cybersecurity culture training tips for the workplace.
http://www.tripwire.com/state-of-security/security-awareness/3-tips-on-how-to-create-a-cyber-security-culture-at-work/
Here's an article I collaborated with the good folks at Tripwire regarding some other cybersecurity culture training tips for the workplace.
http://www.tripwire.com/state-of-security/security-awareness/3-tips-on-how-to-create-a-cyber-security-culture-at-work/
Friday, October 2, 2015
Comparing MDM Solutions (IMO)
Here's my thoughts on how to compare mobile device management (MDM) when looking to purchase a system to manage your mobile devices. As the mobile market grows so does the risk of your data and internal networks being compromised on these devices. Here's a few criteria on how to make an educated decision on which MDM is right for your organization:
http://searchsecurity.techtarget.com/feature/Comparing-the-best-mobile-device-management-products
http://searchsecurity.techtarget.com/feature/Comparing-the-best-mobile-device-management-products
Who let the data out?! Time for effective egress filtering!
We've seen way to many organizations have data breaches due to not having proper egress filtering configured. Many places are still only worried about what's making it's way into the network and aren't concerned about what's leaving the network. This could be the difference between an attacker making it into your network and an attacker leaving with your data. If they aren't able to get data out, there's no data loss and this limits the risk of the compromise.
http://blog.algosec.com/2015/09/dont-let-the-data-out-tips-for-effective-egress-filtering.html
http://blog.algosec.com/2015/09/dont-let-the-data-out-tips-for-effective-egress-filtering.html
Security Metrics Crowdsourced Blog
If you're building a security dashboard with metrics for executives, or anyone for that matter, take a look at this blog assembled by Tripwire regarding "Top 10 Tips for Building an Effective Security Dashboard". Tip #6 is especially interesting ;)
http://www.tripwire.com/state-of-security/risk-based-security-for-executives/connecting-security-to-the-business/the-top-10-tips-for-building-an-effective-security-dashboard/
http://www.tripwire.com/state-of-security/risk-based-security-for-executives/connecting-security-to-the-business/the-top-10-tips-for-building-an-effective-security-dashboard/
Cyber Security Awareness Month #CyberAwareTips
October has been deemed "Cyber Security Awareness Month" by many major security companies and it's something, that if used correctly, could be of great assistance to those that might not be as cyber-savvy. I've been posting a few tips to Twitter with the hashtag #CyberAwareTips, along with many others. Let's see how much traffic we can generate with this hashtag and get the word out this month.
Subscribe to:
Posts (Atom)