[From the desk of Paul Davis – his opinions and no-one else’s]
So onto the news:
Don’t let your improper handling of digital evidence sink a cybercrime investigation
European Union Agency for Network and Information Security (ENISA) white paper Electronic evidence – a basic guide for First Responders. The paper’s introduction mentions, “While the securing of digital evidence is ultimately a task and a responsibility of law enforcement, CERT [Community Emergency Response Team] staff can nevertheless contribute to that work by helping to preserve it during the detection of a cybercrime.”
What is electronic (digital) evidence?
– Volatile data
– Five principles for dealing with digital evidence
— Data integrity
— Audit trail
— Specialist support
— Appropriate training
— Legality
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=5fdfd4471d&e=20056c7556
6 Most Dangerous New Attack Techniques in 2015
Experts with the SANS Institute convened at RSA Conference for their annual threats panel, this time dishing on the six most dangerous new attack techniques.
Technique #1: Attackers Will Expose Breached Data Dumps In Dribbles
Technique #2: Microsoft Kerberos Is Getting Spanked
Technique #3: Real-World Exploits of Internet of Things Will Multiply
Technique #4: Encryption Is Becoming Security’s #1 Frenemy
Technique #5: Denial of Service Attacks Are Advancing
Technique #6: ICS Attacks Are Becoming Targeted
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4375f51b03&e=20056c7556
Court Says Cyber Forensics Covered by Legal Privilege
The Middle District of Tennessee recently issued a key decision in the ongoing Genesco, Inc. v. Visa U.S.A., Inc. data breach litigation. The court denied discovery requests by Visa for analyses, reports, and communications made by two cybersecurity firms Genesco retained after it suffered a data breach on grounds that those materials were protected by the attorney-client privileged and work product doctrine.
Accordingly, organizations should think ahead, and carefully, about the underlying purposes for any cybersecurity assessment or cyberattack response effort, and the role that counsel (inside or outside) should play.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8115adc7a8&e=20056c7556
Study: Firms not ready to respond to complex threats
Only 46 percent of organizations have confidence that their security teams can respond to complex threats, according to a new study by ISACA.
Another 41 percent said they’re only confident in their ability to respond to simple issues, and 13 percent said that they’re not confident at all.
One reason? Significant hiring shortages in the information security space.
Only 16 percent of respondents said that at least half of their applicants were qualified, while 53 percent said it can take three to six months to find a qualified candidate. And 35 percent of companies said that they have job openings that they cannot fill.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f8e7ff8db6&e=20056c7556
Having ‘the ear of the CEO’ is key to battling cyberthreats
“One of the most important hires [an organization will make] is the CISO,” Mueller says. When a cyberattack comes, organizations need to have in place a solid tech team that reaches to the highest levels of the enterprise, former FBI Director Robert Mueller cautioned at a recent government IT event.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=6299e6ea0a&e=20056c7556
Logentries Launches Community for Log Management and Analytics Best Practices, Expertise, and Free Tools
BOSTON, April 24, 2015 /PRNewswire/ — Logentries, the leading provider of log management and analytics built for the cloud, today announced the launch of its new Community for IT, Development, and Support teams. The Community provides logging resources, free log analytics tools, logging best practices and expertise to its 35,000+ global users and other log management and analytics professionals. The Community features an interactive Forum for Q&A and content sharing; free Community Pack downloads for quick start log management; and free tools such as the LogCruncher instant log analysis service.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=dd1e301e23&e=20056c7556
CSA Security, Trust & Assurance Registry (STAR) Arrow to Content
CSA STAR Watch is a Software as a Service (SaaS) application to help organizations manage compliance with CSA STAR (Security, Trust and Assurance Registry) requirements. STAR Watch delivers the content of the Cloud Controls Matrix (CCM) and Consensus Assessments Initiative Questionnaire (CAIQ) in a database format, enabling users to manage compliance of cloud services with the CSA best practices…
Link: [ http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f6ec7badce&e=20056c7556 ] ( http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=2145622382&e=20056c7556 )
Point-of-Sale malware on the rise, the opinion of the expert
How many infected Point-of-Sale terminals are infected worldwide and how is evolving the cyber threat? Here you are the opinion of the expert.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=5c878f3d9b&e=20056c7556
RSAC – Threat intelligence can work if we understand our needs and wants
Speaking at RSA Conference in San Francisco, Mark Orlando, director of cyber operations at Foreground Security said that there is “a lot more to intelligence than indicators and leveraging it for response”.
“Intelligence is a terrible tool for alerting; it should be an engine for incident and historical information,” he said. “Build on a better data collection and investigative methods and let threat intelligence drive that process.”
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=91c53e61a0&e=20056c7556
Cisco VP: Firms Must Stop Playing ‘Whack-a-Mole’ with Hackers
The old way of looking at cybersecurity was, “if you just raise the bar high enough, the bad guys will go away,” Roesch said. “They don’t go away anymore.” What’s more, hackers today don’t need many resources to break into the IT systems of almost any organization. “The barriers to entry are low,” he said. “It doesn’t take all the skills in the world to break into all the sites in the world.”
“The idea is to minimize damage,” Roesch said. “We need to have a better response available than playing whack-a-mole with the hackers.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=53002e60e9&e=20056c7556
Argentina Adopts New Data Protection Regulations for the Use of Do Not Call Registry and CCTV
To comply with the Do Not Call regulations, companies need to register and download the database of individuals who do not want to be called. If companies fail to do so, they can be subject to various serious fines of up to USD $12,000. Examples of serious breaches include the processing of personal data without the DPA registration or breach of the Do Not Call regulation in marketing campaigns (even if the caller is located abroad). Any international transfers in breach of the Data Protection Act and its regulations would be considered a more serious breach. Indeed, the DPA has already issued 60 enforcement notices based on this new sanctions regulation.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=cde09780fb&e=20056c7556
Security flaw in YubiKey Neo allows PIN bypass; Yubico may replace affected Neos
Check the firmware version for your YubiKey Neo as a security flaw allows a bypass of the PIN. Since affected devices can’t be updated, Yubico has started issuing free replacements if the firmware is below 1.0.10.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f432d2f17d&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage1.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=f3e7b62fa3)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)