DDoS Attack Bandwidth Jumps 718%

Posted on by admini

Given that situation, it’s no surprise that China, the United States and Germany — which all sport a relatively large Internet infrastructure — are also tops for DDoS attack origin. But Prolexic’s report said it’s odd that Iran, which has a very small Internet architecture by comparison, should be the source of so many attacks.

As DDoS attack sizes increase, so do fears of an Armageddon scenario, in which the attack not only disrupts a targeted site, but every site or service provider in between. According to Prolexic’s report, the largest single attack it’s mitigated to date occurred in March, when an “enterprise customer” was hit with an attack that peaked at 130 Gbps. While that wasn’t equal to the 300 Gbps attack experienced by Spamhaus, it still represents well more than most businesses can handle, unless they work with their service provider or third parties to build a better DDoS mitigation defense.

“There are a number of DDoS mitigation technologies out there, and we see organizations that are deploying the technologies in their own infrastructure and in their own environments,” as well as working with service providers, said Chris Novak, managing principal of the RISK Team at Verizon Enterprise Solutions, speaking recently by phone.

Link: http://www.informationweek.com/security/attacks/ddos-attack-bandwidth-jumps-718/240153084?cid=RSSfeed_IWK_security

Read more

Researchers develop industrial systems that watch for breaches

Posted on by admini

Mo-Yuen Chow, co-author of the research and a professor of electrical and computer engineering, said the concept was like a “community watch,” where neighbors watch each other’s property for burglaries.

SCADA and PLC systems are used in industries comprising the nation’s critical infrastructure (CI), which includes power generation facilities, oil and gas pipelines, electric power transmitters and defense manufacturing.

Securing the nation’s critical infrastructure is difficult because most of the electronics and machinery was built before the Internet evolved as a networking protocol in controlling systems. In tackling the problem, NCSU researchers have developed an algorithm that can be deployed in any networked device, either in software or as firmware in a microcontroller.

The technology would augment traditional security systems used today, such as communication encryption and access controls, said Wente Zeng, a doctoral student and co-author of the research.

The researchers plan to present their paper (PDF), entitled “Convergence and Recovery Analysis of the Secure Distributed Control Methodology for D-NCS,” at the IEEE International Symposium on Industrial Electronics being held May 27-31 in Taipei, Taiwan.

Link: http://www.csoonline.com/article/733477/researchers-develop-industrial-systems-that-watch-for-breaches

Read more

Malware Behind Oldest, Most Active Spam Botnet Gets Refresh

Posted on by admini

“This latest version has a fall-back C&C mechanism that is based upon a domain name generation algorithm (DGA),” wrote Manos Antonakakis, Damballa’s Chief Scientist and lead researcher on the report, issued Wednesday. “If the malware cannot successfully resolve any of the domains that are hard coded into it, it will start using the DGA in an effort to connect to the currently active DGA C&C.”

Researchers at antibotnet vendor Damballa Labs performed malware analysis on the new Pushdo variant and monitored several of the domains generated by the new domain algorithm to measure the scope of the new threat.

The latest domain generation algorithm technique is a backup, only used if the malware on an infected machine fails to connect with the primary command-and-control server.

“This is a very smart way to defeat generic network signature and sandboxing systems that simply block the network communication observed during the dynamic analysis of the malicious binary,” the researchers said

Link: http://www.crn.com/news/security/240154963/malware-behind-oldest-most-active-spam-botnet-gets-refresh.htm

Read more

Beware The Coming SEC Regulations On Cybersecurity

Posted on by admini

f the SEC requires details on the material loss from cyber-attacks, the actual reporting of such proof is going to be a tall order on a company that’s already strapped for specialized IT security talent and working at fever pitch to manage risk. Until then cyber incidents continue to financially drain private and public companies, IT must clean up the mess and put a lid on it in order to save face with stakeholders.

As corporate data theft continues and investors demand answers, here are recommended actions companies can take now within their IT departments to ensure they are prepared to not only answer to to the SEC and investors, but also better prepared for managing the risks associated with maintaining and relying on global computer networks:

It’s All or Nothing: With today’s emerging technologies such as cloud computing, mobility and virtualization, it’s important to have a complete view of your IT landscape.

Less is More: Those with experience with Sarbanes-Oxley understand that access and entitlements to financial reporting systems is a vital control to exhibit, mainly due to the potential impact of manipulation of those systems.

Most companies that have their data or systems compromised as a result of security incident know full well the costs of repair and remediation; costs of deploying cybersecurity protections (including software like my company develops), litigation costs and the worst: reputational damage to brands and stock price.

While companies are following the guidance, many that have been the targets of these successful attacks have denied any material impact in their SEC filings – the lack of these filings proves that.

Link: http://www.forbes.com/sites/ciocentral/2013/05/15/how-to-prepare-for-when-the-sec-comes-asking-about-cybersecurity-risk/2/

Read more

HBGary Announces Next-Gen Responder™ Pro

Posted on by admini

In a move to significantly close the gap between discovery and mitigation of targeted attacks, HBGary, a subsidiary of ManTech International Corporation, unveiled the next-generation version of Responder™ Pro, the de facto industry standard in automated Windows® physical memory analysis. By leveraging Digital DNA™ 3.0, HBGary’s flagship technology, Responder™ Pro…

Read more