[From the desk of Paul Davis – his opinions and no-one else’s]<\/p>\n
So onto the news:<\/p>\n
Zero-Days Remained Unpatched an Average of 59 Days<\/p>\n
The newly released Internet Security Threat Report (ISTR) \u2013 which examines emerging trends in attacks, malicious code activity, phishing, and spam \u2013 reveals that 2014 was a record-setting year for the exploitation of zero-day vulnerabilities, and it took software companies an average of 59 days to implement patches, up from only four days in 2013.<\/p>\n
\u201cAttackers took advantage of the delay and, in the case of Heartbleed, leapt to exploit the vulnerability within four hours. There were 24 total zero-day vulnerabilities discovered in 2014, leaving an open playing field for attackers to exploit known security gaps before they were patched,\u201d the researchers said.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=08a9bbd55f&e=20056c7556<\/p>\n
3 Ways Attackers Will Own Your SAP<\/p>\n
The SAP security specialists with Onapsis, today, reported that in a study of hundreds of SAP installations examined by their researchers, over 95 percent were exposed to vulnerabilities that could lead to the full compromise of an organization’s business data and processes. Run by a quarter of a million customers worldwide, SAP products form the backbone of critical technology infrastructure of 87 percent of Global 2000 companies. And yet, SAP remains a cybersecurity backwater for most infosec programs.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=9391d940af&e=20056c7556<\/p>\n
Breach Detection, Prevention Harder Than 2 Years Ago Despite Security Spending: Survey<\/p>\n
According to a survey of 200 IT and information security professionals, 75 percent agreed that detecting and preventing a breach has become harder. Fifty-nine percent said malware has grown more sophisticated during the last 24 months and presents fresh challenges – even though the vast majority (87 percent) said they have increased endpoint security spending during the same period.<\/p>\n
The survey also revealed that 54 percent felt that it was impossible to keep up with the amount of alerts related to endpoint security threats and breaches.<\/p>\n
A particular focus of the survey was the subject of browser-based breaches. Eighty-one percent of organizations that experienced a security breach within the past 24 months that tied it to an attack that was introduced into the network via a browser classified the time it took to remediate the breach as “very significant” or “significant.”<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=401d2dece0&e=20056c7556<\/p>\n
Protecting the Protectors: Putting Network and Security Admins First<\/p>\n
Starting with the obvious, it is critical to make sure that all administrators\u2019 devices remain full patched and secured. While it may seem counter-intuitive, it is not unheard for administrators to spend hours and days patching the organization\u2019s servers, but forget to patch their own devices.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b926aee5fa&e=20056c7556<\/p>\n
Port monitoring critical to detecting, mitigating attacks using SSL<\/p>\n
Statistics show HTTP traffic is down and HTTPS traffic is up. Additionally, 69% of the top 50 most-visited sites and 100% of the top 10 most-visited sites use HTTPS.<\/p>\n
Asplund showed a slide of a fake Dyre SSL certificate next to a real Google SSL certificate used in July 2014. The fake certificate lists Google’s location as Miami, Fla. — across the country from its real Mountain View, Calif. home.<\/p>\n
A security person may notice this, Asplund said, but “the vast majority of users wouldn’t have a clue what it meant.”<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=20a09a2867&e=20056c7556<\/p>\n
More serious security flaws found in Lenovo computers<\/p>\n
Lenovo has issued a patch for a flaw in its computers, which researchers say could allow hackers to replace trusted apps with malicious versions.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=0800ccadd7&e=20056c7556<\/p>\n
Phishing in the C-Suite: 96% of executives vulnerable to attacks<\/p>\n
MOUNTAIN VIEW, Calif., May 6, 2015 \/PRNewswire\/ — According to a recent survey, 96% of executives failed to tell the difference between a real email and a phishing email 100% of the time* (source: McAfee Phishing Quiz, Intel Security). This is among the key findings featured in Harpooning Executives: How Phishing Evolved into the C-Suite, a joint eBook written by Intermedia and Intel Security. Released today, this eBook highlights how phishing has evolved into “whaling” and why executives are optimal targets.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=fafe02a23f&e=20056c7556<\/p>\n
CYREN Report: Q1 2015 Sees 51 Percent Increase in Phishing Sites<\/p>\n
MCLEAN, Va., May 6, 2015 \/PRNewswire\/ — CYREN (NASDAQ: CYRN) today published its Q1 2015 Cyber Threat Report. In the report, CYREN security analysts note a steep rise in phishing URLs, tracking 3.86 million at the end of March compared to 2.55 million at the start of the year \u2013 a 51% increase. Download the full report at http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=7394104bc1&e=20056c7556. Five of the top 10 Web malware in Q1 2015, as analyzed by CYREN, consist of exploit kits that scan the user’s system for unpatched vulnerabilities, then deliver the appropriate payload to begin compromising the victim’s computer.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a286c1173e&e=20056c7556<\/p>\n
Here’s What a Cyber Warfare Arsenal Might Look Like<\/p>\n
A major part of the DoD\u2019s cyber strategy is to bolster the Pentagon\u2019s \u201ccyber mission force,\u201d which the department began forming in 2013 to carry out its operations in cyberspace. Although the unit will not be fully operational before 2018 the unit is expected to have nearly 6,200 military, civilian and contractors\u2014divided into 13 teams\u2014working across various military departments and defense agencies to \u201chunt down online intruders,\u201d Defense Secretary Ashton Carter said last month during a lecture delivered at Stanford University.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d8dbcba1a8&e=20056c7556<\/p>\n
The impossible task of counting up the world’s cyber armies<\/p>\n
A new document, the US Department of Defence Cyber Strategy, does throw some light on US military thinking and capabilities, and it may be the start of greater openness about cyber-warfare capabilities across the world.<\/p>\n
It will be made up of 133 teams: 68 teams of ‘cyber protection forces’ will defend key military networks and systems, while 13 ‘national mission teams’ aim to defend broader US interests against cyberattacks of significant consequence. A further 27 ‘combat mission teams’ and their associated support staff will support commanders by generating “integrated cyberspace effects” in support of their military operations. Another 25 support teams will help with analysis and planning for national mission and combat mission teams.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=495f56f480&e=20056c7556<\/p>\n
Hackers likely to target IAM warns SailPoint<\/p>\n
… identity-as-a-service (IDaaS) is a particularly big attack surface, he said, because it is connected via the internet to a gateway on-premise.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=39f7d3f5e2&e=20056c7556<\/p>\n
\u2018Beware the angry IT worker\u2019: Firms must control data access or risk a repeat of Sony hack<\/p>\n
\u201cA person who is working in security operations can actually be involved on the darker side,\u201d he told ComputerworldUK. \u201cIt is possible to have this job and then to take on another more adversarial role. If someone is disgruntled – if they are fired from their position or don\u2019t feel like they are being rewarded \u2013 and they still hold the administrator user name and password, they can still do some considerable damage to the organisation.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=6ab1105411&e=20056c7556<\/p>\n
Addressing Cyber Attacks and Data Breaches in Supplier Contracts – Part 1: Contractual Protections With Respect to Data Breaches<\/p>\n
Given the unrelenting, it seems, news reports of cyber attacks and data breaches affecting customer records and data, the issue of what are the appropriate contractual provisions that should govern data breaches in a contract between customers and suppliers remains timely, sticky, and constantly-evolving. Below are several observations regarding contractual language and protections with respect to data breaches, where a supplier has access to and\/or could cause or allow a customer’s data to be breached.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c0c669592f&e=20056c7556<\/p>\n
The changing cybersecurity profession reflects a more diverse workforce<\/p>\n
Far from being a geeks\u2019 profession composed of dedicated techies, over half of the UK infosecurity professionals surveyed did not come through traditional computer science degrees and 12 percent had done majors in social sciences, business or history. Furthermore, those recruiting entry-level to mid-level professionals ranked soft skills such as communication skills and analytical skills far above traditional techie attributes.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2e00162788&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If someone forwarded this email to you and you want to be added in,
\nplease click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage1.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage2.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=6079c4311f)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] So onto the news: Zero-Days Remained Unpatched an Average of 59 Days The newly released Internet Security Threat Report (ISTR) \u2013 which examines emerging trends in attacks, malicious code activity, phishing, and spam \u2013 reveals that 2014 was…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1070","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1070","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1070"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1070\/revisions"}],"predecessor-version":[{"id":3557,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1070\/revisions\/3557"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1070"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1070"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1070"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}