[From the desk of Paul Davis – his opinions and no-one else’s]
…
So onto the news:
Signature antivirus’ dirty little secret
[1^st] … organized criminals have entered the fray, and now customize malware for specific targets (such as Point-of-Sale malware), today’s threat do not wildly spread and touch as many victims quickly. This means it takes much longer for new malware to hit the threshold where AV companies might notice and analyze it.
Second, and more importantly, today’s malware has become much more evasive.
In summary, signature-based AV can’t keep up and fails to catch the latest malware on a regular basis. Behavioral or heuristics-based malware detection helps, but basic implementations found in host-based solutions are only partially effective. If you really want to protect your organization from today’s highly-evasion, constantly morphing threats, I highly recommend you add an advanced malware detection or next-generation sandbox solution to your existing layers of defense.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=cb1400d6d6&e=20056c7556
COMPUTERS CAN NOW PREDICT VIOLENT OUTBREAKS AROUND THE WORLD
Statistical and computer models that predict behavior might sound like science fiction, but several groups are doing similar research. In doing so they are identifying possible causes of conflict, raising hopes of prevention, and potentially providing guidance on safety and stability for development work.
Ulfelder is also working on a proposal to continue crowdsourcing development of the models from the USAID competition, getting software developers among the general public to improve them further.
With the Early Warning Project close to full deployment, Ulfelder admits that it now faces another crucial test, shared by any attempt at prediction. It must convince potential users that its assessments are credible.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4c418f6229&e=20056c7556
Premera Hacked – 4 Key Takeaways From Another Healthcare Data Grab
According to Premera, the breach was discovered on January 29th, the same day that Anthem Blue Cross uncovered a breach affecting almost 79 million customers, although Premera representatives say that the hacks were separate and the breaches were discovered independently. Krebs on Security, however, summarizes some important similarities between the attacks. Investigations are ongoing, but both appeared to use lookalike domain names to deliver malware to unsuspecting employees.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=81229156f0&e=20056c7556
Cybersecurity in Financial Services — A CSC Point of View
Today’s organizations enable multi-country operations through centralized shared services and regional hubs and are dependent on partner ecosystems to provide cost effective, efficient and customer-focused business services. As a consequence, modern banking systems have evolved across legislative borders with increased interconnection and complexity. This evolution has led to complex regulatory requirements, greater exposure to internal and external cybersecurity threats, and intensified concerns around data security and privacy across virtual borders.
This paper highlights the cybersecurity challenges faced by the financial services industry due to the changing nature of threats and business, and provides a view on mitigation strategies in order to strengthen the security posture.
Our point of view is that financial services institutions should consider a risk-based approach to cybersecurity with actionable threat intelligence by collaborating internally and externally. The risk-based approach consists of two parts. Firstly, organizations need to identify risk at a point in time and then undertake periodic reviews to identify changes in the threat landscape, threat actors, the likelihood of threats and any associated impact.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=1fabc649c3&e=20056c7556
Corporate Security Policies: Their Effect on Security, and the Real Reason to Have Them
Sarah Clarke and a few others were running a discussion on Twitter trying to hash out if security policies have any value. The discussion was started by a person critically stating that as far as he was concerned, they have no value at all.
As Twitter isn’t a good medium for summarizing the potential values that were identified, Sarah and I challenged each other to both blog about, with both a public awareness/educational purpose, but also to test how closely aligned our thoughts are on the subject.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e8b1ea75d9&e=20056c7556
Highly Skilled Russian Hackers a Threat to Financial System – State Dep’t
WASHINGTON (Sputnik) — Highly skilled hackers coupled with organized crime groups make cybercrime a significant problem in Russia, according to a US State Department annual report on money laundering and financial crimes.
“Cybercrime remains a significant problem,” the report, published on Wednesday, said. “Russia’s highly skilled hackers and traditional organized crime structures have followed the global trend of increasingly combining forces, resulting in an increased threat to the financial sector.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=cf54400790&e=20056c7556
How to tackle cyber crime before people even know they’re a victim
By accessing financial intelligence, police are able to identify individuals who are sending money to known high-risk countries for fraud. They then notify these people with their suspicions that they may be involved in fraud. In many cases the people don’t even know they may be victims or involved in online fraud.
This proactive approach was originally pioneered by Queensland Police Service. Another example is Project Sunbird, a collaborative project between the West Australian Police (WAPOL) and the West Australian Department of Commerce (Commerce) which first started in 2012.
There are five stages to Project Sunbird: identification; intervention;‘ interruption; intelligence; and investigation.
Initial results from Project Sunbird have been very positive. Between March 2013 and July 2014, 1,969 first letters were sent to individuals. Financial intelligence indicates that approximately two thirds (66%) stopped sending money, with a further 14% reducing the amount of money transferred (transactions are examined three months prior and three months subsequent to the month the letter is received). Of those who continue to send money and receive a second letter, 44% stopped sending money and a further 33% reduced the amount being sent.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3da11221da&e=20056c7556
New Security Mindset: Focus On The Interior
Chief privacy officer Jason Straight shares his insights on why organizations are struggling to stop the breach wave — and manage the aftermath.
An attorney, Straight runs the cyber-risk solutions practice for UnitedLex as well as its internal risk management operation. “We need to get lawyers more involved in cyber-risk,” says Straight, who at next month’s Interop conference in Las Vegas will give a presentation on insider threats as well as participate as a panelist debating the weakest links in security.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4a32d29a20&e=20056c7556
OpenSSL fixes serious denial-of-service bug, 11 other flaws
OpenSSL released versions 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf Thursday to address 12 flaws, but not all OpenSSL versions were affected by all 12 flaws.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f00d614771&e=20056c7556
Cyber attackers leaving warning ‘messages’: NSA chief
Attackers hacking into American computer networks appear to be leaving “cyber fingerprints” to send a message that critical systems are vulnerable, the top US cyber-warrior said Thursday.
Admiral Michael Rogers, director of the National Security Agency and head of the Pentagon’s US Cyber Command, made the comments to a US Senate panel as he warned about the growing sophistication of cyber threats.
“The cyber intruders of today, in many cases, not only want to disrupt our actions, but they seek to establish a persistent presence on our networks,” he told the panel.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=69b861e7ba&e=20056c7556
ASIC lays out guidelines on cyber attacks
The Australian Securities and Investments Commission (ASIC) issued a new report Thursday designed to help regulated financial firms improve their ability to “prepare, respond, adapt and recover from a cyber attack”; a capability that it refers to as ‘cyber resilience’.
“This report outlines some ‘health check prompts’ to help businesses review their cyber resilience—including flagging relevant legal and compliance requirements, particularly on risk management and disclosure,” he added. “We encourage businesses, particularly where their exposure to a cyber attack may have a significant impact on financial consumers and investors or market integrity, to consider using the United States’ NIST Cybersecurity Framework to manage their cyber risks or stocktake their risk management practices.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=92b5a7f6ae&e=20056c7556
LAC Publishes First Report in Japan on APTs and on Relationships Linking Multiple Different Cyber-Attacks<3857.T>
TOKYO, March 19, 2015 /PRNewswire/ — LAC Co., Ltd. (Tokyo Stock Exchange/JASDAQ: 3857), a leading company in cyber security services in Japan, published its English version of Research Report on Advanced Persistent Threats in Japan on March 19. This report presents the results of analyses performed by Cyber Grid Japan based on information that was obtained by LAC’s Cyber Emergency Center through its responses to emergencies and its investigations into data breaches. It is the first technical report published in Japan on the results of research and analysis into some 80 Advanced Persistent Threats (APTs), which are highly skilled cyber-attacks targeting specific companies and organizations, that occurred in Japan.
Download Report: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=68f8bb7fb2&e=20056c7556
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=82e9ddc740&e=20056c7556
Operation Woolen Goldfish hackers spear phishing European firms
Trend Micro researchers reported uncovering the campaign in an Operation Woolen-Goldfish: When Kittens Go Phishing white paper, warning the attacks are likely a follow-up to the “Rocket Kitten” campaign discovered in December 2014.
Rocket Kitten was an attack campaign that targeted victims with basic spear phishing messages designed to entice them to open malicious Office files loaded with a rare “Ghole” malware.
Trend Micro said the follow-up Woolen Goldfish campaign is far more sophisticated.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=21be0afa0f&e=20056c7556
ThreatStream Announces New Advisory Board with Leading Experts from Cisco, Cloudera and …
PR Newswire (press release)
REDWOOD CITY, Calif., March 19, 2015 /PRNewswire/ — ThreatStream®, the leading provider of an enterprise-class threat intelligence platform, …
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=64b6c35ad5&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage1.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=b42287e950)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)