[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions 😉
So onto the news:
Mozilla blocks all Flash in Firefox after third zero-day
Mozilla on Monday began blocking all versions of Adobe Flash Player from running automatically in its Firefox browser, reacting to news of even more zero-day vulnerabilities unearthed in a massive document cache pilfered from the Italian Hacking Team surveillance firm.
Computerworld confirmed that the current production versions of Firefox — dubbed v. 39 — on both Windows and OS X now block Flash.
Until Adobe issues a patched version of Flash, Firefox will not automatically engage the player without warning users, even if they have updated Flash to v. 18.0.0.203 since Wednesday, July 8, when Adobe shipped the patch for the first of the zero-day troika.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=235ec877e0&e=20056c7556
Businesses are wasting huge amounts of money due to false positive malware alerts
The Cost of Malware Containment report from the Ponemon Institute (commissioned by Damballa) questioned 550 IT pros and IT security experts across the EMEA, and found that companies are dealing with 10,000 malware alerts per week, but only 22 per cent of those are deemed reliable.
Indeed, only a small amount of those reliable reports are actually considered to be worthy of further investigation – 3.5 per cent in total.
This adds up to an average of 272 hours per week which security staff spend dealing with false positive malware alerts, which the report claims costs each organisation an average of £515,000 every year in lost productivity.
The report also noted that 57 per cent of those questioned said the severity of malware infections hitting their business had increased (or indeed significantly increased) over the past year, with 47 per cent saying that the volume of infections had increased over the same time period.
Despite this increase in numbers and severity, a quarter of respondents admitted they had an “ad hoc approach to containment”, with 38 per cent saying there is no one specific staff member in the company who is accountable for dealing with and containing malware.
Finally, only 37 per cent of those surveyed said that their business has automated tools to capture intelligence and help evaluate the true threat levels malware poses.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=c36fc52275&e=20056c7556
New PHP Releases Fix BACKRONYM MySQL Flaw
Several new versions of PHP have been released, all of which contain a number of bug fixes, most notably a patch for the so-called BACKRONYM vulnerability in MySQL.
The PHP Group fixed this vulnerability in versions 5.6.11, 5.5.27, and 5.4.43.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=5dd94f1e62&e=20056c7556
Malvertising reaches record levels in June
Malvertising campaigns have reached more users than ever before, reported security firm Invincea yesterday, with many brand-name websites affected — including CBS Sports, Yahoo and eBay in the UK, Livestrong, Perez Hilton, Glenn Beck’s TheBlaze.com and the Drudge Report.
The company monitors over 2 million endpoints for suspicious activity. Not only is there more malvertising than before, from more high-profile sites, but most of the malware was new to antivirus vendors.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ad5ddf0d0f&e=20056c7556
Cybersecurity Gains Higher Profile Among Chief Financial Officers
A new report by Deloitte shows how important cybersecurity risks really are at the board room level, as the nation’s top financial executives expressed their concerns about how security risks could impact their companies’ bottom lines. In its CFO Signals 2015 Q2 survey report, Deloitte found that CFOs consider cyberattacks one of the most threatening crises to potentially impact their enterprise financial health.
Deloitte surveyed 100 CFOs at large North American firms for this poll and found that 97 percent of them considered cyberattacks to be a major threat to their companies. Among those executives, only 10 percent believed their firms to be well-prepared for the threat. And one in four reported they were insufficiently prepared for cyberattacks.
Grant Thornton reported that for 38 percent of organizations, the security buck ultimately stops with the CFO. That’s proportionally more CFOs ultimately in charge of security than even CIOs, 38 percent of whom reported they were the main person tasked with security. Meanwhile, just 7 percent of CISOs reported ultimate responsibility.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a5861874f4&e=20056c7556
The New Corporate Star: CIGOs
Organizations are […] turning to a new data professional: the Chief Information Governance Officer (CIGO). The CIGO stands at the juncture of cybersecurity and information governance. The CIGO is responsible for an organization’s information governance program and relevant staff and oversees information asset issues relating to risk management: compliance, privacy and IT security; electronic data discovery; records and information management and retention; imaging and electronically stored information initiatives; and best practices.
The CIGO does not replace the chief privacy officer or chief data officer. Instead, the position is designed to complement those other roles by coordinating records management and e-discovery together with security, compliance, data governance, risk management and privacy.
The CIGO’s role is to break down the various disparate and siloed data and information activities spread throughout an organization and to take a systematic approach, rather than an ad hoc one, to protecting a firm’s most valuable resources. And that’s why the CIGO is the new corporate star.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=288cf437c9&e=20056c7556
Searching the Enterprise for Known Indicators of Breach
Multiple vendors are offering cloud-based sandbox analytics services, and/or on-premises appliances, that can analyze new binaries to determine if they have suspicious behavior. These services are aimed at the kind of high-end evasive malware that has avoided detection from the traditional AV solutions. Network vendors have been very active in integrating this capability into their network controls – next generation firewalls and IPS.
These are powerful tools. Unfortunately, these systems are primarily looking at traffic over the network. They lack visibility when those binaries have already made it to the high value assets within the network. And, we know there are all sorts of attack vectors into a network that may not be through the common ingress point that the network breach detection appliances are monitoring.
Tripwire now offers several important use cases to help our customers address this challenge, ranging from stand-alone one-off situations to fully integrated security automations.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=1044dc6f16&e=20056c7556
FireEye Study: APT3 Threat Group Targets US Firms with Phishing Email
FireEye security professionals have found that the China-based APT3 persistent threat group has used an unpatched Adobe Flash Player zero-day bug to launch a spear phishing campaign against multiple U.S. industries, FCW reported Monday.
Mark Rockwell writes FireEye identified aerospace, defense, construction, engineering, transportation, high-technology and telecommunication companies as the targets in APT3’s Operation Clandestine Wolf in early June.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=571a6d01f7&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage2.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage1.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=794d4d1df2)
** Update subscription preferences (http://paulgdavis.us3.list-manage2.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)