[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions đ
So onto the news:
Corporate boards: the challenges and risks of maneuvering through cybersecurity
Board oversight should include a comprehensive plan to respond to a cyber incident or data breach, with senior management fully trained with respect to such plan. Moreover, the plan should be continually updated, fully rehearsed and stress tested, so that responding to an incident or breach is virtually instinctive, and responding to a cyber incident is not being conducted cold and for the first time without any prior practice or rehearsal. âTable top rehearsalsâ of the response plan are critical.
The board should also ensure capable leadership, from the CEO on down, who are able to deal with cyber threats in a competent and meaningful fashion.
An assessment should be made of what data is most critical, what risks exist, and a plan formulated and practiced well in advance of the inevitable cyber incident or data breach (to include a plan that ensures early detection), so that the organization is not playing a confused game of catch up when a cyber-incident or data breach occurs.
The DOJâs Best Practices document outlines various suggestions that companies should follow to ensure that they are acting prudently in protecting against, and planning for, cyber threats and data breaches, including:
– Identifying the companyâs âcrown jewelsâ
As is evident from the discussion above, boards are now, more than ever, open to the risks of regulatory audits and derivative law suits, among other things, arising from real or perceived lapses in cyber security focus. And in the absence of a comprehensive and preemptive federal law to provide guidance, boards are even more left to think creatively in order to fulfill their duties to protect their companies against cyber threats.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0a3b207091&e=20056c7556
Team GhostShell: Back with a bang and after your data
The group has re-emerged from the shadows with a reported stream of hacks and data thefts in the past 24 hours.
Several years ago the group used SQL injections to compromise databases and steal records. However, it is currently unknown whether this latest stream of hacks is thanks to the same method.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=747ba55633&e=20056c7556
Charity data breaches on the rise, ICO data shows
Charities have increasingly suffered data breaches over the last year as third sector organisations suffered 53 data breaches between October and April, compared to just 23 in the previous six months, according to figures published by the Information Commissionerâs Office.
The data shows that charitable organisation are the fourth most likely to breach data protection laws, behind health services, local government and educational services.
âMy advice to charities is to ensure you have policies in place, that your staff are properly trained in data protection and you use a privacy impact assessment before starting any new project, asking yourself what you are doing with the personal information and why,â he said.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=cf281371f9&e=20056c7556
Secure the DNS to Secure the Business
Securing DNS is crucial to mitigating APTs. Businesses that donât are neglecting their best defense says Chris Marrison
DNS can play a key role in every stage of an APT attack. An attacker will generally use one of three methods for infecting a system, two of which â phishing attacks and watering hole attacks â rely on DNS, highlighting the importance of ensuring its security.
Not only can DNS be easily exploited, but it is often used to enable APT attacks, illustrating the importance of making sure it stays protected â something often overlooked. Deploying a DNS firewall, for example, will enable an organization to use its DNS to block an APT attack at any stage, temporarily or permanently.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a80d14b7b2&e=20056c7556
SecurityScorecard Releases Security Benchmark Report, Finds Banking Malware Targets Employees, And Partner Company Employees, Across All Industries
NEW YORK, July 1, 2015 SecurityScorecard, the leading non-intrusive threat benchmarking platform that allows companies to holistically identify, mitigate and prevent security threats in real time, released a major research report which explores the current state of banking malware for the first half of 2015. The study finds the primary motivator behind banking malware attacks is to capture credentials, financial data, and personal information from employees, and partner company employees, across industries. Then apply this stolen information in fraudulent wire transfers or fake automated clearing house (ACH) transactions to steal funds.
SecurityScorecard sinkholes found 11,952 infections affecting 4,702 organizations and identified the top banking malware families to be Dridex, Bebloh and TinyBanker.
To gather these insights, SecurityScorecard’s research and development team analyzed banking malware and discovered distinct patterns of obfuscation and multiple, evolving malicious code bases. They found that the top three banking malware families being captured are all direct variants of Zeus, or mimic Zeus-like functionalities. These malware attacks are the preferred method of obtaining stolen credentials, especially when traditional attacks on web applications or network-based attacks are being monitored by internal security teams.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4524fd1042&e=20056c7556
Facebook Phishing via Apps is Alive and Well
Weâve seen a number of phishing attempts targeting users of Facebook, and just like the campaign weâve seen in February last year, the scammers have used the Apps feature. The pages youâre about to see below originated from one account, specifically:
If you have come across any of the Facebook app pages weâve shown above and, thinking theyâre real, given up your credentials, please update your password immediately. You may also want to familiarize yourself and take advantage of Facebookâs two-factor authentication for added security for your account.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b9c25de170&e=20056c7556
One third of enterprise iOS devices vulnerable to app, data hijacking attacks
The vulnerabilities allow for so-called Masque attacks because they involve the impersonation of existing apps or their components. Three of them were patched in iOS version 8.1.3 that was released in January and two newer ones were patched in iOS 8.4, released Tuesday.
In order to attack iOS devices with these flaws, hackers would have to trick their owners into installing rogue apps through the enterprise provisioning system. Companies use this mechanism to deploy in-house developed apps that are not published on the official App Store.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=753225d4d2&e=20056c7556
DHS Expands Access to ECS Threat Intelligence Sharing Program
The Department of Homeland Security (DHS) has expanded access to the Enhanced Cybersecurity Services (ECS) program, making the threat intelligence sharing platform available to all public and private sector organizations through designated service providers.
Prior to the announcement, access to data from the ECS program was limited to only a few entities who were considered critical to national security, but now the department is making the actionable threat information more widely available.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a804ee2826&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=3072b9f65b)
** Update subscription preferences (http://paulgdavis.us3.list-manage1.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)