[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions 😉
So onto the news:
All roads lead to the need to strengthen your security operations center?
Don’t have a SOC? Only have one or two security professionals dedicated to the practice of incident detection and response? Do you rely almost exclusively on your Managed Security Services Provider (MSSP) to collect logs and alert you on security incidents that need further investigation? If you answered “yes” to any of these questions, then you are very likely (I hope!) in mid-grapple as these are all signs that your incident detection, investigation, and response capabilities are not setup to meet the realities of today’s threats (although even relatively established SOCs find that they have no shortage of areas that they need to improve as well).
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=c9edfb251f&e=20056c7556
Perimeter Security as the Proverbial Goldfish
In a new article for Infosecurity Magazine, Vectra Networks CTO Oliver Tavakoli uses an analogy of a goldfish circling a fishbowl to illustrate a defining characteristic of perimeter security: it has no memory.
“While perimeter security has its place in a defense-in-depth security strategy, the reality is that perimeter security has the same perfect amnesia as a goldfish swimming in circles in its bowl,” writes Tavakoli. “Each time a goldfish circles the perimeter of the bowl, it has no memory of its prior journey. Similarly, each time perimeter security sees a threat or suspicious behavior, it is as if it is seeing it for the first time.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=aef91cfbaa&e=20056c7556
Research shows data breaches ‘commonplace’ in local government
More than half of all local authorities (55%) have suffered from a data breach in the past two years, with just one council reporting 213 breaches, new figures have revealed.
A freedom of information request, conducted by Six Degrees Group (6DG), also found that 60% of local authorities do not know how much sensitive data they hold or where it is kept.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=72dfcad609&e=20056c7556
Next Generation Cloud Study Reveals Vast Majority of I.T. Leaders Concerned With Security and Privacy of Data for Cloud Implementations
SANTA CLARA, CA — (Marketwired) — 05/20/15 — Hitachi Data Systems Corporation, a wholly owned subsidiary of Hitachi, Ltd. (TSE: 6501), today announced results of an Economist Intelligence Unit (EIU) study, “Preparing for next-generation cloud: Lessons learned and insights shared,” which found that 87% of the organizations surveyed indicated their senior management were concerned with security and privacy of corporate data for cloud implementations. Responses also indicated that outages and failures of public cloud implementations were twice as likely to occur when compared to private cloud. Almost half of the respondents indicated the biggest risk of a failed implementation to be loss of customer data.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f9a5c47c42&e=20056c7556
DHS to launch STIX, TAXII service for cyber
In the next couple of months, the U.S. Computer Emergency Readiness Team (U.S. CERT) will begin using two emerging technical specifications called STIX and TAXII to automate how cyber threat information is shared with the public and private sectors.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=30c1fa29e8&e=20056c7556
Human expertise filling endpoint security holes that defunct antivirus tools no longer can
Despite the spread of technological solutions aiming to intercept or minimise damage from new attacks, Simpson believes the rapidly changing face of malware and novel forms of attack still require the involvement of human expertise.
Companies that are serious about their security, he said, need to be supported by a team of security specialists – either inhouse or, more frequently, working for an outsourced security provider – who can recognise an upswell in attacks against a particular industry vertical and warn other potential targets ahead of time about what to look out for.
“Some of this process is automatable,” he explained, “in the sense of collecting and gathering the requests, and looking for information on botnets. But the technology only gets you halfway there; at some point you have to have humans in the chain.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=35990c25ab&e=20056c7556
Report: Data breaches at ATM reaching 20 year high
The Wall Street Journal and credit score company FICO say that debit card breaches at ATMs on bank properties were up more than 170 percent in the first three months of 2015, compared to the same time last year.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=6a81c0d805&e=20056c7556
Upsurge In Point of Sale Malware Threatens 51.2 Million Traditional POS Devices in Circulation, Says ABI Research
LONDON–(BUSINESS WIRE)–Notable brands like Target, Neiman Marcus, PF Chang’s, Staples, Michaels Stores, and Home Depot have all have become victims of point of sale (POS) security breaches targeting consumer payment card data. In the majority of cases, POS attacks take place due to malware infections. During the past few years there has been a considerable rise in malware families including POSCardStealer, Dexter, Alina, vSkimmer, ProjectHook, BlackPOS and others, many of which can be easily purchased online. According to the 2014 Verizon Data Breach Investigations Report (DBIR), 198 total incidents related to POS intrusions were reported. ABI Research expects the total number of POS related security incidents with confirmed data exposure will hit 600 by the end of 2015.
One of the key technologies that can be deployed to protect POS is network segmentation that can be achieved by deploying a next-generation firewall (NGFW). Once unauthorized access is gained, network segmentation can provide effective controls to mitigate the next step of a network intrusion and limit further movement across the network. “The key advantage that NGFW provides for network segmentation is application servers and data can be designated in different segments based on their risk factors and security classifications, with access to them tightly controlled,” says Monolina Sen, ABI Research’s Senior Analyst in Digital Security. In the coming years, ABI Research expects more enterprises to migrate from traditional to next-generation firewalls.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=72d15e1260&e=20056c7556
BSA 2015: KPMG calls for unity against hackers
Firms should band together to stop hackers extracting money to fund more illegal activities, KPMG partner Stephen Bonner said at the Building Societies Association Conference in Harrogate today.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=02c005e846&e=20056c7556
Hi! You’ve reached TeslaCrypt ransomware customer support. How may we fleece you?
The TeslaCrypt ransomware gang raked in $76,500 in around 10 weeks, according to new research into the scam.
TeslaCrypt, which was distributed through the widely-used Angler browser exploit kit, was first spotted in February 2015 by security researchers at Dell SecureWorks.
After encrypting popular file types on compromised machines, TeslaCrypt demanded a ransom of $150 or more, payable in Bitcoin. The malware uses the Tor anonymity network for command and control. TeslaCrypt was also notable for its encryption of filetypes associated with popular online games.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0198a375d6&e=20056c7556
Hacker launches ransomware rescue kit
Security bod Jada Cyrus has compiled a ransomware rescue kit to help victims decrypt locked files and avoid paying off crooks.
The toolkit is useful for decrypting variants of CryptoLocker, TeslaCrypt, and CoinVault which are three of the nastiest and most popular ransomwares in circulation.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=9d61153a59&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage1.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=bf5974a4b0)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)