[From the desk of Paul Davis – his opinions and no-one else’s]
I know that the Beebone botnet was taken down, but users and administrators still need to clean up.
So onto the news:
Top 5 Cybersecurity Failures in Financial Services
… according to a report by the Center for Strategic and International Studies, a Washington-based think tank. A Hewlett Packard-sponsored study found that the financial sector suffered the 2nd highest annual cybercrime cost behind energy & utilities.
The average financial institution incurs an annualized cyber attack expense of $13 million. The most prevalent types of cyberattacks include viruses and worms, followed by malware, botnets, web-based attacks and phishing schemes, respectively, said the study. The primary actors targeting the financial services industry are often hackers connected to crime syndicates in former Soviet Bloc countries, according to cyber security experts.
As cybercrime emerges as a dominant news headline, financial firms have become especially vulnerable to scandal. 80% of banking CEOs consider cyber attacks to be the biggest threats to their companies’ growth prospects1. For an industry who’s business model hinges on the mantra of “trust,” safeguarding client account data is a matter of life and death.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a1122bc75d&e=20056c7556
Log Management Tools Face-Off: Splunk vs. Logstash vs. Sumo Logic
With that being said, let’s take a look and compare a few of the tools in this space. Today, I’ll be comparing Logstash, Splunk, and Sumo Logic. There are more tools out there worth considering, like Loggly for example, but these three give a good representation of the different types available. You can read more about log management tools in the new ebook we’ve just released: The Definitive Guide for Production Tools.
Choosing between these three tools comes down to a few factors. One of the primary factors is going to be the deployment model you’re comfortable with. On-premises, SaaS, and open source all have different pros and cons that require a careful examination of your needs and environment. Depending on how much control you want and effort you’re willing to put in, you’ll lean more towards one type or another. Other factors include the cost, extensibility, and extra features of the different tools.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e447b1c0e3&e=20056c7556
New virus directly targeting ATMs likely headed for Japan: Interpol
Banks in several countries have been hit by a new form of financial cyberattack, in which a virus alters banks’ computer systems to allow cash withdrawals from automated teller machines to users without an account, Interpol officials said Saturday.
On Friday, Tokyo police said about 82,000 personal computers worldwide, including about 44,000 in Japan, have been found infected with a separate virus that steals online banking users’ login details to make unauthorized money transfers.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=51ba102d26&e=20056c7556
Top Five Things To Check After An IT Security Incident
Before diving into an investigation, it is key that your company define exactly what an IT security incident is to them. This may vary based upon the type of information your company stores, as well as the type of industry your company is a part of.
Although it has become increasingly difficult over the years to protect consumer data, an effective Incident Response Plan (IRP) will allow for Security Operations Centers (SOCs) to reduce the impact of an IT security incident.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0cc9ae1561&e=20056c7556
Atmia Assists Atm Industry in Preventing Malware Attacks
To help the ATM industry prevent malware attacks on its terminals, the ATM Industry Association has published new guidelines called “Best Practices for Preventing ATM Malware, Black Box and Cyber-Attacks”.
This important security manual explains how ATM malware works, from installation to execution, as well as how to detect it. It includes major international ATM malware case studies, for example, Skimer-A, Scrooge, Siberian Malware, Dump Memory Grabber, Backdoor Ploutus, Macau Malware and others.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=1e37a01406&e=20056c7556
All Mac owners should migrate to OS X Yosemite 10.10.3 ASAP
Kvarnhammar says the unpublished API, which he dubs a backdoor, grants root access to local users on unpatched boxes. The flaw (CVE-2015-1130) is fixed in Apple’s patch run this week but for machines running OS X 10.10.x only.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=27a34bdd41&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage1.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=cd369bb321)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)