Cyber War Games: Top 3 Lessons Learned About Incident Response
\nDeloitte leads client organizations in war game exercises like these to “stress test” their incident response plans, and identify the strengths and weaknesses of their communications, protocols, and cyber disaster preparedness.
\n\t\u2022\tDesignate a Crisis Officer
\n\t\u2022\tBe Skeptical About The Information You’re Receiving
\n\t\u2022\tResist Finger Pointing In Any Direction
\nDon’t forget about your employees. While the media, the regulators, and the customers are usually top of mind, many companies tend to forget about how they need to communicate about a security incident to their own employees. In the simulation, the chief operating officer was the one who brought it up first.
\nLink: http:\/\/www.darkreading.com\/risk\/cyber-war-games-top-3-lessons-learned-about-incident-response\/d\/d-id\/1319813<\/p>\n
WHAT ARE NATION STATE INFORMATION SECURITY ATTACKS REALLY TELLING US?
\nIt is rarely considered that for most nation-state sponsored attackers, targeting foreign companies is a day job: it is more economically feasible to steal $500,000 of research rather than spending $2,000,000 and two years to conduct the research themselves.
\nMalware is one for the easiest ways in for attackers. The game is stacked in their favour for several reasons..
\nThere needs to be a fundamental transformation from seeing attacks as unusual events brought about by people out to do us direct harm, where our emotions and reflex actions overtake reasoned and rational thinking, to one where these attacks are viewed as a part and parcel of doing business.
\nLink: http:\/\/continuitycentral.com\/feature1302.html<\/p>\n
iSIGHT Partners Acquires Critical Intelligence
\n iSIGHT Partners, Inc., the leading provider of cyber threat intelligence for global enterprises, today announced the acquisition of Idaho-based Critical Intelligence, the leader in cyber situational awareness and threat intelligence for Industrial Control Systems (ICS) owners and operators. Under the terms of the agreement, iSIGHT Partners has acquired 100% of Critical Intelligence, a 6-year-old company and pioneer in identifying vulnerabilities and threats to critical infrastructure systems, including supervisory control and data acquisition (SCADA) and other process control systems (PCS).
\nThe move comes on the heels of iSIGHT Partners’ announcement of a $30m investment by Bessemer Ventures Partners and the company’s expansion of operations in the EMEA region. iSIGHT experienced significant growth in 2014 and finished the year with record revenues and strong client acquisition across numerous vertical and geographic segments, including energy, oil and gas and manufacturing. Growth continues to accelerate and iSIGHT Partners experienced over 100% year-over-year bookings growth in the first quarter of 2015.
\nLink: http:\/\/www.power-eng.com\/marketwired\/2015\/04\/7\/isight-partners-acquires-critical-intelligence.html<\/p>\n
Malicious, large-scale Google ad campaign slams users with malware
\nA large number of ads distributed by a Google advertising partner redirected users to Web-based exploits that attempted to install malware on users\u2019 computers.
\nSecurity researchers from Dutch security firm Fox-IT observed the malvertising campaign Tuesday, when ads coming through a Google partner in Bulgaria called Engage Lab started redirecting users to the Nuclear Exploit Kit.
\nLink: http:\/\/www.pcworld.com\/article\/2907492\/largescale-google-malvertising-campaign-hits-users-with-exploits.html<\/p>\n
Two NTP Key Authentication Vulnerabilities Patched
\nThe Department of Homeland Security and CERT at the Software Engineering Institute at Carnegie Mellon University on Tuesday issued an advisory warning of the two vulnerabilities, which were patched in ntp-4.2 8p2.
\nLink: https:\/\/threatpost.com\/two-ntp-key-authentication-vulnerabilities-patched\/112067<\/p>\n
Microsoft closes acquisition of R software and services provider
\nMicrosoft acquires Revolution Analytics, a commercial provider of services for the open source R programming language for statistical computing and predictive analytics.
\n“Revolution has made R enterprise-ready with speed and scalability for the largest data warehouses and Hadoop systems,” he adds.
\nLink: http:\/\/www.cio.com\/article\/2906456\/data-analytics\/microsoft-closes-acquisition-of-r-software-and-services-provider.html?phint=newt%3Dcio_insider&phint=idg_eid%3De87b17913ba9d312d52f2efa84a73904#tk.CIONLE_nlt_insider_2015-04-08<\/p>\n
HP warns cybersecurity customers to focus on people and processes
\nTo protect themselves against cyberattacks, organizations should focus more on training their employees and improving their internal processes instead of buying new technology, according to one tech vendor.
\nYet, businesses and government agencies often focus on the next “silver bullet” product, unaware that most cybersecurity problems stem from flawed procedures and human error, said Art Gilliland, senior vice president and general manager for Hewlett-Packard’s software enterprise security products.
\nLink: http:\/\/www.computerworld.com\/article\/2907058\/hp-warns-cybersecurity-customers-to-focus-on-people-and-processes.html?phint=newt%3Dcomputerworld_dailynews&phint=idg_eid%3Dd5d8326c323742a4ed7bf4fd3dac54c4#tk.CTWNLE_nlt_dailyam_2015-04-08&siteid=&phint=tpcs%3D&phint=idg_eid%3Dd5d8326c323742a4ed7bf4fd3dac54c4<\/p>\n
Malware writers take a page from the spam industry to evade detection
\nWhile the volume of cyberthreats declined slightly last year, their sophistication increased, according to a new report from Websense Security Labs. One indicator that attackers are reusing pre-existing tools and infrastructure was in the form of botnet usage.
\nAccording to Websense, the average price of an exploit kit is now between $800 and $1,500 a month, and the number of these kits tripled last year, keeping prices low.
\nThe total number of C&Cs has doubled last year, from 1.1 billion to 2.2 billion, he added.
\nLink: http:\/\/www.csoonline.com\/article\/2907124\/cyber-attacks-espionage\/malware-writers-take-a-page-from-the-spam-industry-to-evade-detection.html<\/p>\n
AlienSpy A More Sophisticated Version Of The Same Old RATs
\n\u2026 AlienSpy is distributed via phishing emails with subject headers that are designed to fool recipients into opening them. Many of the emails purport to contain information related to financial transactions of some sort. Systems that are infected could end up having additional botnet and data-stealing malware loaded on them.
\nFidelis researchers have observed AlienSpy being sold in the cyber underground via a subscription model, with prices starting at $9.90 for 15-day use to $219.90 for an annual subscription. The subscription provides users with access to the malware\u2019s complete range of capabilities, including some newer techniques like sandbox detection, antivirus tool disablement, and Transport Layer Security (TLS) encryption-protected command-and-control capabilities.
\nAlienSpy is currently detected by only a limited set of antivirus products and incorporates features like multi-platform support. Fidelis described the capabilities of the malware tool as far beyond what used to typically be available with previous generation remote access malware tools.
\nLink: http:\/\/www.darkreading.com\/attacks-breaches\/alienspy-a-more-sophisticated-version-of-the-same-old-rats\/d\/d-id\/1319842<\/p>\n
FSS [Korea] dedicates itself to fighting \u2018five financial evils\u2019
\nThe Financial Supervisory Service (FSS) is branding voice phishing, insurance fraud, illegal loan sharks, illegal bond collections and overly aggressive sales of products by financial institutions as \u201cfive financial evils\u201d that it will endeavor to fight.
\nThe financial watchdog announced a special task force led by Senior Deputy Governor Seo Tae-jong on Wednesday to combat those financial crimes, which are getting more clever and complex and therefore pose more of a risk than in the past.
\nLink: http:\/\/koreajoongangdaily.joins.com\/news\/article\/Article.aspx?aid=3002878<\/p>\n","protected":false},"excerpt":{"rendered":"
Cyber War Games: Top 3 Lessons Learned About Incident Response Deloitte leads client organizations in war game exercises like these to “stress test” their incident response plans, and identify the strengths and weaknesses of their communications, protocols, and cyber disaster preparedness. \u2022 Designate a Crisis Officer \u2022 Be Skeptical About…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1018","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1018","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1018"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1018\/revisions"}],"predecessor-version":[{"id":3505,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1018\/revisions\/3505"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1018"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1018"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1018"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}