[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions 😉
So onto the news:
Bestselling “Steal This Computer Book” Back In A New Edition
If you thought hacking was just about mischief-makers hunched over computers in the basement, think again.
Wallace Wang steps back into the fray with Steal This Computer Book 4.0: What They Won’t Tell You About the Internet (No Starch Press, May 2006), wherein he explains that hacking can also mean questioning the status quo, looking for your own truths and never accepting at face value anything authorities say or do.
Wang’s unique take on the seamy underbelly of the Internet has made the Steal This Computer Book series one of the strongest titles for No Starch Press, with more than 175,000 copies sold.
It’s captivating reading for all of us living in the digital age.
The completely revised fourth edition of this offbeat, non-technical book examines what hackers do, how they do it, and how users can protect themselves.
Written in the same informative, irreverent, and entertaining style that made the first three editions hugely successful, “Steal This Computer Book 4.0” will expand readers’ minds and raise their eyebrows.
Newly added chapters discuss the hacker mentality, social engineering and lock picking, exploiting P2P file-sharing networks, and how people manipulate search engines and pop-up ads to obtain and use personal information.
Wang also takes issue with the media for “hacking” the news and presenting the public with self-serving stories of questionable accuracy.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=51eb13e5dd&e=20056c7556
Will US-CERT bring sanity to virus naming?
IT professionals hope US-CERT’s soon-to-be-unveiled malcode ID plan will end confusion that often arises during outbreaks.
RefineryController, generated at 21:03:41 Mon Jan 4, 2016, by vappma24.techtarget.com
US-CERT is expected to grant Hauser and other IT professionals that wish next month, when it moves the Common Malware Enumeration (CME) initiative out of the testing phase.
According to its Web site, the CME initiative has been working with private industry and government to:
• Assign unique identifiers to high-priority malware events;
• Facilitate the coordination of malware information; and
• Improve the current state of public information needed to respond to malware events.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e956d61fbf&e=20056c7556
Two million sets of data stolen in Japan cyber attacks
Tokyo: At least two million sets of personal data were stolen or feared leaked from 140 companies and other organisations in Japan that were hit by cyber attacks in 2015, the media reported on Monday.
Of the 140 victims, 75 said they noticed the data breaches only after police or another outside group alerted them.
The victims consist of 69 private companies, 49 government agencies and their affiliates, and 22 universities, the Japan Times reported.
Among the remaining 65 organisations, 40 said they discovered on their own that they had been targeted.
The Japan Pension Service, operator of the country’s public pension programme, incurred the largest data theft – about 1.25 million sets of ID numbers, names, addresses and birthdates.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4aeeba1dee&e=20056c7556
Insurers Look to Tighten Cybersecurity Before Innovation
Underlying all 2016 trends is perhaps one of the largest focus areas for insurers: data security.
The industry has been active in beginning to tackle the issue: Since the National Association of Insurance Commissioners created the Cybersecurity Taskforce at the end of 2014, recognition of the growing cybersecurity threat to insurers and the need for increased oversight has increased.
The Cybersecurity Taskforce adopted 12 cybersecurity principles this year designed to provide guidance to insurers and regulators, and is also evaluating a new draft of a Cybersecurity Bill of Rights that specifies the rights of insurance consumers.
according to the Novarica IT Security 2016 Update, 10-20% of insurers are planning to evaluate and pilot these security frameworks in 2016, says Wein.
And budgets are blooming: According to Novarica’s US Insurer IT Budgets and Projects 2016, a survey of 104 insurers indicated that about 10% of their 2016 budget would be going to security, including hardware, software, and processes related to security including firewalls, intrusion detection, encryption, framework adoption, and audits.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3588fee7d2&e=20056c7556
Shipping Industry’s Own Cyber Security Guidelines Released
BIMCO, CLIA, ICS, Intercargo and Intertanko have launched a set of cyber security guidelines to help the global shipping industry prevent major safety, environmental and commercial issues that could result from a cyber incident onboard a ship.
The cyber guidelines are a first for the shipping industry, says Angus Frew, Secretary General of BIMCO. “BIMCO has led the way to identify potential cyber vulnerabilities for ships – and their implications – based on the latest expert research.
The aim is to provide the shipping industry with clear and comprehensive information on cyber security risks to ships enabling shipowners to take measures to protect against attacks and to deal with the eventuality of cyber incidents.”
The growing complexity of ships, and their connectivity with services provided from shoreside networks via the internet, makes onboard systems increasingly exposed to cyber attacks.
In this respect, these systems may be vulnerable either as a way to deliver a cyber attack, or as a system affected because of a successful cyber attack.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b1bfaa9a20&e=20056c7556
NREL’s cybersecurity initiative to wall off smart grid from hackers
A new initiative underway at Energy Department’s National Renewable Energy Laboratory (NREL) is intended to prevent hackers from gaining control of parts of the nation’s power grid, potentially damaging electrical equipment and causing localized power outages.
To tackle that challenge, Ibrahim’s team launched an effort — funded by NREL’s Laboratory Directed Research and Development program — to build the Test Bed for Secure Distributed Grid Management, a hardware system that mimics the communications, power systems, and cybersecurity layers for a utility’s power distribution system, the part of the power grid that carries power from substations to homes and businesses.
The test bed includes the hardware and software that utilities would use to control a distribution system, including a distribution management system, an enterprise data management system, and two substation management systems.
In turn, the substation management systems can interact with real field equipment, such as electric storage systems and electric vehicle chargers, as well as computer-simulated devices, such as solar photovoltaic systems.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=316a4a23b4&e=20056c7556
Endpoint modeling: A new look at IT security
Endpoint modeling is a way to maintain a software-based model, a kind of simulation, of each device that is active on your network; there’s a one-to-one mapping between devices on your network and their corresponding endpoint models.
Observable Networks automatically discovers the devices on your network, then identifies and tracks the role of each device through time.
When a device changes its role — say, when a domain controller runs a telnet client or when a medical imaging device participates in off-site Web traffic — endpoint modeling can ask: Would this role transition be of interest to a security analyst?
Importantly, we do this without installing agents on end hosts, and we do it without deep-packet inspection.
How so.
We instrument the network, collecting metadata from switches, and we watch the network traffic generated by each device, both to and from the Internet and between local devices.
This metadata is compressed, encrypted, and pulled back to our cloud-based modeling and reporting infrastructure.
Wth endpoint modeling, Observable Networks tracks the role of each device on your network through passive observation of network metadata, and it does so with a cloud-delivered service.
Endpoint modeling is not only different, but profoundly different.
In an automated fashion, Observable Networks maintains a device-specific software model of each endpoint in your environment and tracks its role, which includes how it uses the network and who it connects with, among other factors.
What are the advantages of endpoint modeling compared to traditional security approaches?
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=c277f91b5a&e=20056c7556
How to become a CISO
• 1,600+: The number of CISOs in the United States who list CISO as their job title on LinkedIn.
Geographically, CISOs are concentrated in major urban centres: there are 200 in the Washington, D.C. metro area, for example, and more than 150 in the New York City area.
• Organizations with CISOs experience lower losses.
Companies with a CISO experience a loss of $8 per record lost in a data breach.
In contrast, organizations without CISOs have losses $24 higher per record lost in a data breach, according to the 2013 Cost of Data Breach Study conducted by the Ponemon Institute.
• $189,323: The median annual salary for Chief Information Security Officer (CISOs) in the United States according to Salary.com data reported as of December 2015.
• MBA in Cybersecurity.
Several prominent business schools offer MBA degrees (or provide a significant emphasis) on cybersecurity.
Examples include Coventry University, the George Washington University World Executive MBA, and the University of Albany.
Getting hired as a CISO is a complex process involving multiple participants.
How exactly can you become a CISO if you have already built your security reputation.
The ability to effectively communicate with a range of audiences is essential.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f91179f73d&e=20056c7556
Threat Spotlight: Holiday Greetings from Pro PoS – Is your payment card data someone else’s Christmas present?
Payment cards without an EMV chip have reached their end-of-life.
Point of Sale (PoS) malware, such as PoSeidon, has continued to threaten businesses.
The news is continually filled with stories of payment card data being stolen through a breach in the company’s PoS system.
From high-end hotels to large retail firms, threat actors are attacking PoS systems in the attempt to capture payment card data.
PoS Malware is just another threat category that Talos is monitoring and developing defenses against.
In this post, we will examine the functionality of Pro PoS so that you can better understand how this malware can be used to exfiltrate payment card information and potentially other valuable information from your network.
Beginning in October, merchants in the United States were required to use PoS terminals that provide support for chip-enabled cards or otherwise risk liability for fraudulent charges.
These new chip-enabled readers help minimize the chance for PoS malware to steal payment card information because the chip on the payment card generates a single use token.
This transition, however has been bumpy at best because the cost of new chip-enabled readers has made it difficult to upgrade to the newer readers.
Another loophole is that gas stations have a different timeline and are not required to move to chip-based readers until October 2017.
These two factors mean that many establishments still rely on card readers that are not chip-enabled and sending payment card data that can be duplicated and reused.
Pro PoS is simple-to-use PoS malware that is available for purchase, enabling multiple threat actors to easily take advantage of this malware to target businesses.
The functionality of Pro PoS seems fairly extensive according to recent press releases.
These claims include the following:
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=78d0324dfb&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=5c1ebb1fc5)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)