From The Conversation:
‘High risk’ cyber-crime is really a mixed bag of threats
This is a great piece on cybercrime. Prof. Wall does an excellent job of differentiating between individual vs corporate cybercrime. He also breaks down the various permutations of cybercrime. All in all an excellent read.
From DarkReading:
Deconstructing the Cyber Kill Chain
Damn good article by Giora Engel. He's got it right, focusing too much on Steps 1 - 6 will only address a very narrow set of attacks. In addition to the examples he's listed consider these. Reconnaissance is near impossible to detect. Weaponization only addresses direct attacks, i.e. malware attacks, not the other methods an attacker can use. Neither of these are something a security professional can control. In fact, it is best that a security professional works under the presumption that these attacks are already in progress or have been successful.
Instead think outside the box for Indicators of Compromise (I blogged about them earlier today) that will let you know that you've been compromised. Things like anomalous outbound traffic, SSH or RDP on port 80 or 443, multiple failed logins for a domain admin account are much better at threat detection. Once you know you're compromised you can begin the remediation effort & address any blow back that may arise.
Electronic Frontier Foundation (EFF) press release:
New, Free Certificate Authority to Dramatically Increase Encrypted Internet Traffic
ENCRYPT! ENCRYPT! ENCRYPT! Now that it's free you don't have any excuses.
https://letsencrypt.org/
This is an old article from DarkReading that I just came across.
Top 15 Indicators Of Compromise
From Help Net Security:
One-in-four have been victims of identity theft
Other research highlights:
- Online purchases were the top reason that users thought they became victims of identity theft, underscoring the importance of confidence in one’s own online security.
- The groups that are most likely to say they have been victims of identity theft are those that probably best understand and notice the signs of identity theft: IT workers, online shoppers, higher-salary workers, the tech-savvy, and those with a high digital footprint.
- Those with the least confidence that their passwords are absolutely secure include, those that do less online shopping (12%), those aged 50-64 (11%), and those with a medium digital footprint (11%).
- A plurality of consumers are only somewhat confident that their passwords for personal accounts could not be cracked by a computer program, but few are very confident.
From Help Net Security:
Critical factors in preventing data breaches
Key findings include:
- 74% of respondents indicated that targeted attacks are a primary concern for their organizations.
- 58% of organizations investigated 10 or more attacks last year.
- Only 24% of companies are confident in their ability to detect an attack within minutes, and just under half said it would take days, weeks, or even months before they noticed suspicious behavior.
- 78% of those able to detect attacks in minutes had a proactive, real-time Security Information and Event Management (SIEM) system.
- Half of the companies surveyed indicated that they have adequate tools and technologies to deliver faster incident response, but often critical indicators are not isolated from the mass of alerts generated, placing a burden on IT teams to sift through threat data.
From Sophos Naked Security:
MasterCard promises (slow) death to online payment passwords
One Time Passwords (OTP), whether done via a key fob or sent as a text message to your phone would be my choice. Not so sure I like the biometric options. While fingerprints aren't a bad idea things like retina scans can facilitate the communication of flu/colds... and tying a heart monitor to authentication seems a bit error prone and fraught with potential liability. What if you just finished at the gym? Better yet, what's the liability if the monitor senses you're about to have a heart attack and DOESN'T notify you &/or 911 or your physician?
From Sophos Naked Security:
Anonymous e-hijacks KKK in wake of threats against Ferguson protesters
Can't really say I support the group or tactics but considering the target ...
