When you think of recent breaches, you wonder about the company’s preparedness and how they handled the communication process with customers, employees, regulators and the government. Today, cyber risk is a real challenge and it should be treated as a business issue rather than a technology issue. No data breach should come as a complete surprise; rather, as a foreseeable event for which you are completely prepared.
The ATT&CK framework, developed by Mitre Corp., has been around for five years and is a living, growing document of threat tactics and techniques that have been observed from millions of attacks on enterprise networks. The funky acronym stands for Adversarial Tactics, Techniques, and Common Knowledge. It began as an internal project and morphed into this behemoth of a public knowledge base that numerous security vendors and consultants have picked up. (More on that in a moment.)
Cybersecurity experts with STEALTHbits, VASCO Data Security and NuData Security commented below on the recent Dark Web Market Price Index published by VPN ratings service Top10VPN.com’s consumer site “Privacy Central.” The index puts the price of a full online identity at $1,170, while hacked Uber, Airbnb and Netflix accounts go for $10 each, and hacked Grubhub, Walmart and Costco accounts go for between $5 and $10 each.
For years, Data Loss Prevention (DLP) has been the first line of defense against data leaving an organization’s four walls. DLP solutions have been touted as having the ability to track and prevent the loss of data through unauthorized channels. However, there are challenges associated with DLP, such as solution stability, the time-consuming data classification process and ongoing maintenance, and disconnects between data owners and DLP administrators. Security teams are realizing DLP is not sufficient in keeping an organization’s critical data safe.
Let me break these down for you a little bit in case you haven’t been exposed to these technologies yet. First and foremost, refer to @Cyb3rWard0g‘s wiki page on how he’s designed it for his HELK implementation, as seen in Figure 1.
Kernel Live Patch Security Notice LSN-0036-1
April 2, 2018
This year’s Equifax breach was a reminder that open source software and components pose a giant risk to enterprise security despite their many benefits, especially when not properly maintained.
Panerabread.com, the Web site for the American chain of bakery-cafe fast casual restaurants by the same name, leaked millions of customer records — including names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number — for at least eight months before it was yanked offline earlier today, KrebsOnSecurity has learned.
When I first started learning about Cross Origin Resource Sharing (CORS) as it applies to web application pentesting, I found it was difficult to gather information needed to fully grasp the security implications of common CORS misconfigurations. (Spoiler: If Burp Suite lights up red like below, things can get pretty ugly!)
Bot attacks are drawing more and more headlines with tales of identity theft. The wealth of consumer data available on the dark web through breaches, social media and more are sold to hackers to compile online consumer profiles to take over accounts for money, products or services.
A new bill passed by the Georgia State Senate last week deems all forms of unauthorized computer access as illegal, thus potentially criminalizing the finding and reporting of security vulnerabilities.
The tabloids take a running jump before leaping to some pretty wild conclusions this week – one of the few things they do well.
Possibly the most common advice for avoiding computer viruses is to avoid adult sites. You’ve probably heard the tropes — dogs, fleas, porn, viruses. But is there any truth to them? Let’s investigate.
An updated version of the njRAT remote access Trojan (RAT) is capable of encrypting files and stealing virtual currencies from crypto-wallets, Zscaler warns.
Robinhood is rolling out its Coinbase-killer that’s already helped the fintech startup’s valuation grow 4X in a year. Zero-fee trading of Bitcoin and Ethereum is now available to all investors in California, Massachusetts, Missouri, and Montana. Everyone else is still on the waitlist. Robinhood users everywhere can already track 16 crypto coins including BTC, ETH, Litecoin, and Ripple, as well as trade traditional stocks with no transaction commission.
Recorded Future Blog
By Amanda McKeon on April 2, 2018
Last month, a blogger at My Online Security reported receiving a spam comment containing WhatsApp Plus. Going through the process, they downloaded an APK of this so-called WhatsApp Plus. Where they ended was as stated,
Posted under: Research and Analysis
The explosive growth of containers is not surprising because the technology (most obviously Docker) alleviates several problems for deploying applications. Developers need simple packaging, rapid deployment, reduced environmental dependencies, support for micro-services, generalized management, and horizontal scalability – all of which containers help provide. When a single technology enables us to address several technical problems at once, it is very compelling. But this generic model of packaged services, where the environment is designed to treat each container as a “unit of service”, sharply reduces transparency and audit-ability (by design), and gives security pros nightmares. We run more code faster, but must in turn accept a loss of visibility inside the containers. It begs the question, “How can we introduce security without losing the benefits of containers?”
Last week, we looked at the thought process behind creating a ransomware decryptor, the inner workings of QuantLoader, the ways one can protect their Android devices, the exploit kits we have encountered this winter, the now-known epidemic of data breaches, the coming of TLS 1.3, and the ways one can protect their P2P payment apps.