[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions đ
So onto the news:
5 common misconceptions about DDoS protection
Misconception #1: Firewalls, IPS or Content Delivery Networks Are the Answer
Misconception #2: A Single Layer of DDoS Protection is Enough
Misconception #3: The Odds Are We Will Not Become a Target, So Itâs Worth the Risk
Misconception #4: The Impact of a DDoS Attack Does Not Justify the Cost for Protection
Misconception #5 â DDoS Attacks Are Not Advanced Threats
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f822ead8a9&e=20056c7556
How risk management leads to increased profit margins
Companies that put a premium on risk management can cope with ever-increasing business risks while seizing opportunities that present themselves.
PwC surveyed more than 1,200 senior executives and board members for the report, Risk in review: Decoding uncertainty, delivering value. It found that companies that lead in risk management tend to take a holistic view of risk and involve risk management in the business at a strategic level. As a result, over the past three years, 55 percent of risk management leaders recorded increased profit margins and 41 percent achieved an annual profit margin of more than 10 percent.
While 73 percent of executives say that risks to their companies are rising, only 12 percent of respondents demonstrate the hallmarks of risk management leaders. PwC says risk management leaders set themselves apart in four key areas…
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d42722812f&e=20056c7556
Trojan Hides In Microsoft SQL Database
The infection begins with an infected e-mail attachment that contains a downloader. Once the attachment is opened will download the final malware.
Normally this is done via a URL, but does in the case of the now discovered downloader that connects to a Microsoft SQL database. That makes it difficult for administrators to find out where the malware comes from. To download the Trojan horse downloader makes the connection to the database, check the correct table and downloads the malware via the response from the database.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ac09ffbefa&e=20056c7556
Malware industry maturing
Group Executive – Security, says threats targeting end users are higher than ever. In addition, security vulnerabilities are mostly related to end-user systems and not servers. âIt appears that successful exploits occurs over the weekend when end users – and their devices – are outside the security controls of the corporate network. This indicates that traditional security controls are effective at protecting the corporate network, however assets that transition between corporate and external access points are at greater risk.
According to Gyde, the malware industry is maturing, with malware becoming commoditised and available through dark net marketplaces. This means the barrier to entry for cybercriminals is a minimal financial investment, but for a potentially large return.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=efda4707e6&e=20056c7556
Drinking from the Malware Fire Hose
Take a staged approach to processing malware in bulk so that scarce and time-limited resources can be prioritized for only those threats that truly require them.
This past Thursday, Virustotal, a free service that analyzes suspicious files and URLs, said it detected almost 400,000 unique malware instances on that day alone. Keep in mind that number doesnât include malware that wasnât sent to Virustotal, or malware that isnât detected by antivirus engines. The number of truly unique malware families is, of course, lower but each of these samples may have unique configuration items that could be useful for threat intelligence. That leaves a lot of malware to process and not a lot of time or resources — reverse engineering and sandboxing isnât cost effective when dealing with this quantity of samples.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=9473ce4b04&e=20056c7556
Businesses Lack Enforceable Policy, Control Over Mobile Workers
At more than 64 percent of businesses, a majority of mobile workforces can access their organizations’ secure data remotely, yet less than 25 percent of businesses have sufficient policies and controls in place for mobile media, such as USB drives, according to a survey of 330 IT and security professionals.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3100e5903b&e=20056c7556
What We Learned From a Data Exfiltration Incident at an Electric Utility
The utility employed a range of security devices to gather forensics information over months. Eventually, and consistent with suspicions, the traffic was traced back to the third-party enclave. A 4-G “puck” was found that the spies used to transmit sensitive information back to the Far East. These actors were caught, but only after the loss of confidential data and a lot of time and resources were expended on forensics. Analysis shows that the attackers were exploiting open ports and using a legacy high-speed token ring protocol, encapsulated in Internet Protocol, as a means for stealthy communications. We don’t know all the details and can’t make full conclusions, but let’s look at some best practices and technologies that possibly could have prevented or at least mitigated this event:…
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=cf2dd465de&e=20056c7556
Malicious keylogger malware found lurking in highly publicized GTA V mod
Why this matters: Bad guys always find a way to ruin a good thing. But this fiasco drives home an important point: Mods are software designed to run on your system, and you should religiously scan all software you download with anti-virus and anti-malware tools before you run them. Yes, even mods.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=11f71fc87f&e=20056c7556
MediaClone, Inc introduces SuperImager Plus
To allow investigators to use the SuperImagerÂŽ Plus field units as a complete mobile investigation platform, the new units provide optional dual-boot feature, with Windows 7 as the second OS. When this feature is enabled, the investigator can, after completing forensic imaging, reboot the unit to Windows, and run third-party applications, such as Computer Forensic cellphone data extraction and analysis, Forensic Triage data collections, and full computer forensic analysis.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d7b82cf048&e=20056c7556
Mobile Spy Software Maker mSpy Hacked, Customer Data Leaked
mSpy, the makers of a dubious software-as-a-service product that claims to help more than two million people spy on the mobile devices of their kids and partners, appears to have been massively hacked. Last week, a huge trove of data apparently stolen from the companyâs servers was posted on the Deep Web, exposing countless emails, text messages, payment and location data on an undetermined number of mSpy âusers.â
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8798837925&e=20056c7556
VENOM virtual vuln proves less poisonous than first feared
âItâs serious, but not Heartbleed serious,â said Karl Sigler, threat intelligence manager at Trustwave. âThere are no known in-the-wild attacks and a patch is available.”
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=91e7e0a7ae&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=a8e02f3c7e)
** Update subscription preferences (http://paulgdavis.us3.list-manage1.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)