[From the desk of Paul Davis – his opinions and no-one else’s]
So onto the news:
The key challenges to timely incident response
Security professionals are inundated with security incidents, averaging 78 investigations per organization in the last year, with 28 percent of those incidents involving targeted attacks – one of the most dangerous and potentially damaging forms of cyber-attacks.
According to the IT and security professionals surveyed by ESG, better detection tools, better analysis tools, and more training on how to deal with incident response issues are the top ways to improve the efficiency and effectiveness of the information security staff.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8774060195&e=20056c7556
Verizon: there is no Android malware problem, except for adware
Verizon notes that mobile devices have never been a preferred avenue for hackers to breach the enterprise, which explains why it never looked at the threat posed by mobile malware.
Verizon doesn’t explain what “truly malicious” means but it does exclude adware apps, which it classed as more of an annoyance since they typically force devices to display unwanted ads and collect more personal information from the device than necessary.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4c8859f9a3&e=20056c7556
Chrome version 42 will pour your Java coffee down the drain: Plugin blocked by default
The latest release of the Chrome web browser, version 42, will block Oracle’s Java plugin by default as well as other extensions that use the deprecated NPAPI.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8bf482d138&e=20056c7556
From vulnerability to exploit in 96 minutes, or why software fire drills are necessary
One of the findings of the Building Security In Maturity Model (BSIMM) is that many mature organisations simulate software security crises; these simulations are essentially fire drills related to software failures — servers unavailable because of attack, major software failing to work, vulnerabilities being exploited actively to harm the business, and so on. The simulations – which are similar in spirit to Netflix’s Chaos Monkey and other frameworks — intentionally induce actual faults in live production systems during business hours to provide real-life experience recovering from failure.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=6379125f3c&e=20056c7556
Researchers try to hack the economics of zero-day bugs
At next week’s RSA Conference, HackerOne Chief Policy Officer Katie Moussouris and Dr Michael Siegel of MIT’s Sloan School will present a study on the economics of the marketplace for “zero-day” vulnerabilities in software and networks, showcasing a model for how that market behaves. Spoiler: their model isn’t simply driven by supply and demand.
In a blog post today entitled “The Wolves of Vuln Street,” Moussouris gave a summary of the team’s findings of what it means for organizations and government agencies seeking to “dry up the offensive stockpile” of vulnerabilities available to would-be attackers. The crux is that bug bounty programs are valuable in uncovering vulnerabilities (especially in less mature software), but some vulnerabilities simply will never be for sale at a price that defenders can afford. The long-term solution, Moussouris suggested, is to pay for automated tools and techniques to help developers find the bugs themselves.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e825e35c85&e=20056c7556
What Banks Need to Know from Verizon’s Comprehensive Breach Report
The estimated financial loss of the 700 million compromised records the report tallied: $400 million.
Several trends and insights emerge from the data that banks could use to hone their security efforts. Among them: Hackers are attacking companies with multiple motives and multiple attack vectors; phishing remains effective; and cyber-threat sharing efforts need to speed up.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=88b1f3a4e6&e=20056c7556
18-year-old SMB vulnerability resurfaces, dozens of vendors affected
SPEAR, the research team at Cylance, has discovered new attack vectors for an 18-year-old vulnerability in Windows Server Message Block (SMB). The updated attack vector, called Redirect to SMB, impacts products from Microsoft, Apple, Adobe, Symantec, Box, Oracle, and more.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=538e5cb094&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=fe582c6340)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)