[From the desk of Paul Davis – his opinions and no-one else’s]
Phew, so the RSA conference finished and I can say it was really, really busy. A lot of conversation is still around threat intelligence. You will have also seen a lot about cross vendor collaboration announcements. Expect to see more. But I do think that private proprietary integrations aren’t not going to work in the long run. I know I am biased but I do think open standards like pxGRID are a better way to go.
So onto the news:
Threat intelligence programs maturing despite staffing, tech obstacles
During a Tuesday session at RSA Conference 2015, entitled “Threat Intelligence is Like Three-Day Potty Training,” Forrester Principal Analyst Rick Holland used the analogy to highlight how threat intelligence is increasingly becoming a requirement for enterprises, but building a program and advancing it to the point where it supports an organization’s strategic objectives often takes much longer than anticipated.
Citing data from Forrester’s 2014 global security survey, Holland said that for the past two years more than three-quarters of North American enterprises said establishing or improving threat intelligence was a priority in the next 12 months.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8b12f9bda4&e=20056c7556
IDC Analysts Identify IT Security Trends at RSA
in the world of cyber-fraud (or “consumer cyber security”), intelligence has not significantly advanced in recent years. While in the world of enterprise security, advanced threat intelligence identifies IOCs, TTPs, and causes pain to the threat actor, in the world of fraud, intelligence has remained superficial – here’s a compromised credit card number, or here’s a ZeuS hash. No depth or insight. In the world of fraud, we receive disconnected data points for the most part.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4b2e866431&e=20056c7556
IRC Botnets alive, effective & evolving
In this era of sophisticated Botnets with multiple C&C communication channels, custom protocols, and encrypted communication; we continue to see a steady number of new IRC based Botnet payloads being pushed out in the wild on a regular basis. As we saw in our analysis, IRC based Botnet families continue to evolve in terms of sophisticated features incorporated in the bots.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=800b6fd459&e=20056c7556
5 Overlooked IT Risk Management Issues That Can Bite You In The Budget
The cold, stark reality of IT budgeting is that there are plenty of IT risk management issues that can easily be overlooked … and end up biting you in the budget. Here are five to put on the agenda for your next IT staff meeting so that you don’t find yourself footing an unexpected (and nasty) bill later in the fiscal year.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=2a57d2d338&e=20056c7556
New F-Secure Report Warns of Growth in Extortion Malware
New research from cyber security firm F-Secure points to an increase in the amount of malware designed to extort money from unsuspecting mobile phone and PC users. New F-Secure Report Warns of Growth in Extortion Malware According to the new Threat Report, malware such as premium SMS message sending trojans and ransomware continue to spread, making them a notable presence in today’s digital threat landscape.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0a5d7ab886&e=20056c7556
Conficker remains top of the threats as existing malware for Windows dominates
Android is still the main target for mobile malware, with 61 new families discovered compared to only three for iOS. The fastest growth has been in malware that sends premium SMS messages. Ransomware is still growing too, the Koler and Slocker trojans being the largest ransomware families on Android.
Looked at geographically, most threats reported by F-Secure users in the second half of 2014 originated from Europe and Asia, but in the last six months the company saw more activity reported in South America.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=aca2b9c7c0&e=20056c7556
Mobile malware infections may be overhyped
Mobile users in the US are 1.3 times more likely to be struck by lightning than malware, new research has found.
Atlanta-based security firm, Damballa, has released data at the RSA conference in San Francisco that suggests the problem of mobile malware has been overemphasised.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d602805d3f&e=20056c7556
Kaspersky Lab Finds “Darwin Nuke” Vulnerability in OS X and iOS
The “Darwin Nuke” vulnerability is exploited while processing an IP packet of specific size and with invalid IP options. Remote attackers can initiate a DoS (denial of service) attack on a device with OS X 10.10 or iOS 8, sending an incorrect network packet to the target. After processing the invalid network packet, the system will crash. Kaspersky Lab’s researchers discovered that the system will crash only if the IP packet meets the following conditions:
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=7da94da6bc&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=9f158f7e3b)
** Update subscription preferences (http://paulgdavis.us3.list-manage2.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)