[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions 😉
So onto the news:
Cisco Midyear Security Report Reveals Sophisticated Cyberattacks Are Defining the Innovation Race Between Adversaries and Defenders
The Cisco® (NASDAQ: CSCO) 2015 Midyear Security Report released today, which analyzes threat intelligence and cybersecurity trends, reveals the critical need for organizations to reduce time to detection (TTD) in order to remediate against sophisticated attacks by highly motivated threat actors. The Angler Exploit Kit represents the types of common threats that will challenge organizations as the digital economy and the Internet of Everything (IoE) create new attack vectors and monetization opportunities for adversaries.
The report shows that new risks associated with Flash, the evolution of ransomware, and the Dridex mutating malware campaign, reinforce the need for reduced time to detection. With the digitization of business and the IoE, malware and threats become even more pervasive, which shines a light on the security industry’s estimates of 100 to 200 days for TTD. In contrast, the average TTD for Cisco Advanced Malware Protection (AMP), with its retrospective analysis of attacks that make it past existing defenses, is 46 hours.
The findings also underscore the need for businesses to deploy integrated solutions vs. point products, work with trustworthy vendors, and enlist security services providers for guidance and assessment. Further, geopolitical experts have declared that a global cyber governance framework is needed to sustain economic growth.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=47cbeefeba&e=20056c7556
Elastica Cloud Threat Labs Discovers Google Drive-Based Phishing CampaignElastica Cloud Threat Labs Discovers Google Drive-Based Phishing Campaign
SAN JOSE, CA–(Marketwired – Jul 27, 2015) – Elastica (www.elastica.net), the leader in Data Science Powered™ Cloud Application Security, today released findings around a new Google Drive-based advanced phishing campaign initiated by unknown attackers. The attackers used JavaScript code obfuscation and compromised websites in order to steal end-user account credentials using Google services. A detailed analysis of the attack can be found on the Elastica Cloud Threat Labs blog.
According to Elastica researchers, the attackers deployed a JavaScript encoding mechanism to obfuscate Web page code that could not be easily read. Attackers were able to reach a wider network of end users by exploiting a widely used and highly trusted enterprise tool such as Google Drive to host malicious Web pages, where attack victims were directed. In this case, the attackers used Gmail to distribute emails containing links to unauthorized Web pages hosted on Google Drive, and then stored stolen credentials through a third-party domain.
Though researchers are uncertain whether the Gmail account was compromised or if attackers created a false account, the phishing emails were delivered successfully and undetected by Google’s built-in spam engine. This is most likely because the emails were sent from what appeared to be an authentic Google account and the embedded link pointed to “googledrive.com.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=fab313a8ab&e=20056c7556
Busting cybersecurity jargon: 20 need-to-know terms to protect your enterprise
Do you know what a detection deficit is? Do you know the difference between a malware and crimeware? These cybersecurity terms might not mean much to you now, but when your enterprise organization is faced with a potential data breach (and it’s typically not a matter of if you get breached, but when), you will want to be able to understand what’s going on.
To help, here are 20 key cybersecurity terms that you should know to secure your enterprise systems.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=227a1b40b1&e=20056c7556
Software vulnerabilities hit a record high in 2014, report says
There was some worrying news in the recent Secunia Vulnerability Review 2015. The number of recorded vulnerabilities hit a record high of 15,435 last year, up 18% from 2013. The vulnerability count has increased 55% in the last five years. The report also found a rise in the number of zero-day vulnerabilities with 20 being uncovered in the 50 most popular programs. These are vulnerabilities that have already been exploited by hackers before being made public or being patched.
It seems that many businesses are making dangerous assumptions about open source software. The Ninth Annual Future of Open Source Survey from Black Duck offers some fascinating insights. OSS is gaining in popularity quite dramatically, but there’s a lack of policy in place to manage it. An impressive 78% of respondents reported that their companies run part or all of their operations on OSS, but 55% have no formal policy in place to deal with OSS use.
There’s a belief that OSS delivers better security than proprietary software, as 55% of respondents cited security as a reason for adopting OSS. That may be true, but it doesn’t mean that OSS is free of vulnerabilities. We all remember Heartbleed, and OpenSSL just released a fix for another high-severity flaw. It takes time and resources just to stay up to date on the latest vulnerabilities and keep software fully patched.
According to the survey, more than 50% of respondents are not satisfied with their ability to understand known security vulnerabilities in open-source components. What’s worse – only 17% plan to monitor open source code for security vulnerabilities. That means the majority are content to rely on someone else to find vulnerabilities, and without oversight it’s hard to predict how many vulnerabilities are already being exploited.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=deb9e0bdc7&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=2fbb9f3ebc)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)