[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions đ
So onto the news:
Data breaches from nowhere – most compromises still being discovered by third parties
The majority of data breaches are still being detected by sources outside the affected organisations, security firm Trustwave has reported in its annual report on the topic. Most victims took around three months to uncover incidents.
Altogether, Trustwave investigated 574 breaches among its customer base in during 2014. Although 15 countries were represented, the firmâs business orientation towards certain countries probably explains why half of those incidents were in the US, followed by Australia with 24 percent and the UK with 15 percent although it is also possible that these are more heavily targeted.
In fact, the number of incidents was down on 2013, when it detected 691, with the US experiencing an optimistic 9 percent drop in breaches year-on-year. Most of the breaches, 43 percent, were in retail, followed by food and beverage on 13 percent and hospitality on 12 percent.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ceeb065467&e=20056c7556
Most Security Depts Blindly Trust Certificates and Keys
Most IT security professionals acknowledge they donât know how to detect or remediate quickly from compromised cryptographic keys and digital certificates.
Venafi, in a 2015 RSA Conference survey, found that most security departments and systems blindly trust keys and certificates, which leaves enterprises unable to determine what is âselfâ and trusted in their networks and what is not, and therefore dangerous. This means that cyber-criminals can use them to hide in encrypted traffic, spoof websites, deploy malware, and steal data.
The survey results show that 38% of respondents canât or donât know how to detect compromised keys and certificates, and 56% of the other respondents said they use a combination of next-generation firewalls, anti-virus, IDS/IPS and sandboxes to detect these types of attacks. Both groups leave themselves open to additional attacks.
âAccording to Gartner, 50% of all inbound and outbound network attacks will use SSL/TLS by 2017,â the report pointed out. âBad actors understand that most security systems either blindly trust SSL/TLS or lack access to the keys to decrypt traffic and find hidden threats. These shortcomings create blind spots and undermine critical security controls like sandbox threat protection, NGFW, IDS/IPS, and DLP.â
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=274ea4ffab&e=20056c7556
Growing cyber threats challenging cost reduction as reason to use managed services
Over a third of IT operations at mid-sized companies will move to an outsourced managed service over the next five years, as IT directors seek security as well as cost reductions.
A survey carried out by Vanson Bourne for communications supplier Daisy found companies are planning to move 37% of their IT to a managed service over the next five years. A total of 67% said this is to reduce costs, and 55% said growing cyber threats are driving them to outsource security.
The other main reasons to move to managed services include the desire to gain organisational agility (50%) and a drive to optimise existing IT resources (40%).
âThe complexity of managing and keeping up to date with cyber threats is leading smaller companies, and those not regulated to outsource,â he said, adding that it remains to be seen whether this is the right decision.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=718063ed38&e=20056c7556
LastPass reveals breach that compromised user data
LastPass has revealed that it was breached recently, and that some account data was compromised as a result. The discovery was made this past Friday when, says LastPass, it found (and subsequently blocked) âsuspicious activityâ on its network. Encrypted user vault data doesnât seem to have been taken, says LastPass, and there’s also no sign that users’ accounts were accessed. Some details pertaining to them, however, like email addresses were compromised, and so users need to update their master passwords among other things.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=33f22ebb1f&e=20056c7556
Cyberspies Stole Legit Digital Certificates To Mask Their Malware
Duqu 2.0 nation-state attackers used pilfered Foxconn hardware driver certs to sign spying malware that hit negotiators in Iranian nuclear pact discussions, Kaspersky Lab — and now, an ICS/SCADA hardware vendor.
Costin Raiu, director of Kaspersky Lab’s global research and analysis team, today revealed that his team had discovered a major piece of the puzzle in a wave of targeted cyber espionage attacks that hit international participants at the Iranian nuclear negotiations and other organizations, as well as Kaspersky’s own corporate network, in an apparent attempt to gather intelligence on the firm’s latest technologies and research.
The drivers are installed on firewalls, gateways, and other Internet-facing servers, to appear as legitimate firmware updates on those devices. The endgame is for the attackers to remain hidden inside their target and to provide a command-and-control operation, according to Raiu.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=757d0434e6&e=20056c7556
EU takes important step towards agreeing updated data protection rules
Justice ministers of the European Union’s 28 member states have agreed their general approach on the European Commission’s 2012 proposal for a radical overhaul of the EU’s data protection regulations, which currently date from 1995. Since the European Parliament has already given its overall endorsement of the Commission’s plans, the final haggling over a common, compromise text can now begin in the trilogue meeting between the Commission, the European Parliament and the Council of the EU (representing the member states), which will take place next week.
The Council’s general approach on the data protection regulation includes a number of key elements, some of which may, however, be modified during the coming negotiations with the European Parliament and European Commission. First of all, a single set of rules on data protection will be valid across the EU. This contrasts with the current situation, where each of the member states has its own implementation of the broad principles. The unified approach will make life easier for EU companies, since they won’t need to grapple with multiple data protection regulations. The European Commission claims this move will save businesses around âŹ2.3 billion a year.
The new rules will establish a “one-stop shop” approach for both businesses and citizens. This means, for example, that individuals will only have to deal with their home national data protection authority, in their own language, even if their personal data is processed outside their home country. The national authorities will be given new powers, including the ability to impose some serious fines on companies that breach the rules: penalties of up to 2 percent of their global annual turnover.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8f7c37a2d2&e=20056c7556
Bing to encrypt search traffic by default this summer
Microsoft will sharpen Bing’s security when it starts encrypting all of its search traffic by default this summer.
With this move, Microsoft catches up to its peers in the search market. In 2011, Google began encrypting searches by default for users who were signed in to their Google account. Starting in 2013, the search giant moved all search traffic through HTTPS. Yahoo, Microsoft’s search alliance partner, began encrypting search traffic from its homepage by default in early 2014.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0fd23ee5b8&e=20056c7556
Chinese spooks hit Tor and VPN users with watering hole cyber attacks
Chinese hackers are targeting local users with watering hole attacks capable of bypassing Tor and VPN defences, according to a researcher at AlienVault.
“[We’ve seen] a series of watering hole attacks that have been targeting NGO, Uyghur and Islamic websites since at least October 2013, with the most recent attack discovered a few days ago,” read the report.
The attacks reportedly use several popular Chinese language websites associated with NGOs, Uyghur communities and Islamic associations to spy on privacy-focused web users.
“Using JSONP requests, the attackers are able to bypass cross-domain policies and collect a user’s private information if the user is logged in to one of the affected services. The JavaScript code then sends the user’s private data to an attacker-controlled server.”
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=365ca0b737&e=20056c7556
Execs Worry More About Tech Costs Than Regulation, Cyber Attacks: Willis
Rising costs for information technology infrastructure pose greater concerns for financial services firms than regulation or cyber attacks, a survey showed on Monday.
IT costs came second only to macroeconomic concerns such as the impact of quantitative easing, according to the survey by global risk adviser Willis of senior executives at 150 banks, insurers, reinsurers, asset managers, hedge funds and financial technology companies worldwide.
The fourth-highest concern was that widespread use of technology was creating new risks such as cyber crime.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3a3f282911&e=20056c7556
Anonymous is supporting a new privacy-focused social network that takes aim at Facebook’s shady practices
As if there werenât enough social networks out there, here’s another new social network. But this one hopes to attract the likes of online freedom activists, and it even wrangled the attention of Anonymous.
Minds.com is a social network like most others: It lets users share links as well as their thoughts with their followers via the usual status updates.
But Minds, which officially launched both its desktop and mobile apps today, hopes to entice users given its promise of security. The program is completely open source and encrypts all private messages sent between users.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4916fe8c9b&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage1.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage1.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=62d63abde4)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)