[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions 😉
So onto the news:
BitSight report: half of entities susceptible to SSL vulnerabilities
The BitSight Insights Industry Benchmark report found that energy/utility and healthcare companies are among the most vulnerable industries surveyed in the report.
BitSight discovered over half of all entities across all industries were susceptible to SSL vulnerabilities, such as Heartbleed, POODLE and FREAK.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e3c9de5cfa&e=20056c7556
Smartphone passcodes protected by the Fifth Amendment – US court
The Feds can’t make suspects give up their company-issued smartphone passcodes because doing so violates the Fifth Amendment of the US Constitution.
So ruled Judge Mark Kearney of the federal court in East Pennsylvania in the case of Securities and Exchange Commission v Huang, an insider-trading case brought against two ex-Capital One bank workers.
While that’s good news for the defendants, Bonan Huang and Nan Huang, it’s very bad news for prosecutors.
It’s a very fine legal distinction.
A passcode is a thought process, which does get Fifth Amendment protection, whereas a biometric identifier is out in the open.
The SEC is bound to appeal the case and go to a higher court on this one.
It’s likely that the Supreme Court will eventually have to hear the case, but in the meantime, passcodes are protected. ®
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8d2c30199d&e=20056c7556
ThreatConnect and Defense Group Inc. Uncover Extensive Chinese Cyber Espionage Campaign Targeting South China Sea Interests
A growing community of private and highly-vetted cybercrime forums is redefining the very meaning of “targeted attacks.” These bid-and-ask forums match crooks who are looking for access to specific data, resources or systems within major corporations with hired muscle who are up to the task or who already have access to those resources.
One particularly active member, shown in the screen shot above and the one below using the nickname “Demander,” posts on Jan. 10, 2015 that he is looking for credentials from Cisco and that the request is urgent (it’s unclear from the posting whether he’s looking for access to Cisco Corp. or simply to a specific Cisco router).
Demander also was searching for services related to Bank of America ATMs and unspecified data or services from Wells Fargo.
globeauthThe interesting twist with forums like Enigma is that they focus on connecting miscreants seeking specific information or access with those who can be hired to execute a hack or supply the sought-after information from a corpus of already-compromised data.
Based on her interaction with other buyers and sellers on these forums, Jolles said a great many of the requests for services seem to be people hiring others to conduct spear-phishing attacks — those that target certain key individuals within companies and organizations.
ThreatConnect Inc., creator of the most widely adopted Threat Intelligence Platform (TIP), and open source cyber intelligence company Defense Group Inc. (DGI) today unveiled a report attributing a sophisticated cyber espionage campaign, orchestrated by an Advanced Persistent Threat (APT) group known as “Naikon,” with interests in the South China Sea to a Chinese People’s Liberation Army (PLA) unit.
Revealing the scope of how extensive cyber campaigns are readily applied to ongoing regional disputes and conflicts, ThreatConnect and DGI’s joint report, “Project CAMERASHY: Closing the Aperture on China’s Unit 78020” documents Chinese efforts to gain the upper hand in a geopolitical stand-off by capturing information on regional rivals’ negotiating postures, economies and military capabilities.
For nearly five years PLA Unit 78020 used an array of global midpoint infrastructure to proxy the command and control of customized malware variants embedded within malicious attachments or document exploits.
Targets include government entities in Cambodia, Indonesia, Laos, Malaysia, Nepal, Philippines, Singapore, Thailand and Vietnam as well as international bodies such as United Nations Development Programme (UNDP) and the Association of Southeast Asian Nations (ASEAN).
Strategic implications for the United States include cyber threats against not only military alliances and security partnerships in the region, but risks to interests in a major artery of international commerce through which trillions of dollars in global trade traverse annually.
This report stands out from previous APT reports given the collaborative nature of the research, aggregation and analysis of multiple data sources, application of statistical analysis, as well as data visualization to clearly connect the points between the adversary, their capabilities, the infrastructure they used and the victims being targeted.
To create this report, ThreatConnect used a unique methodology built into their Threat Intelligence Platform called The Diamond Model of Intrusion Analysis.
Using that repeatable process, any ThreatConnect user can derive a multidimensional picture of the underlying relationships between threat actors, their tools, techniques and processes.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=81ba184af5&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=e55a35b35d)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)