The message “Don’t mess with our elections” followed by a U.S. flag appeared on Iranian and Russian screens after a hacker group exploited Cisco Smart Install Client on vulnerable machines. The hackers claim to have targeted only the computer infrastructure in Iran and Russia during the attack on Friday night.
Over 130,000 Finnish citizens have had their credentials compromised in what appears to be third largest data breach ever faced by the country, local media reports.
In “Algorithms don’t have biases, and other dangerous cyber-assumptions,” I addressed dangerous beliefs that have consequential effects on protecting vulnerable assets and preventing malicious attacks. For example, assuming algorithms don’t make assumptions may result in depending on faulty data leading to a weak defense.
The nation’s seaports, which handle freight traffic as well as cruise and ferry passengers, continue to face physical threats like terrorism or active shooters as well as ever-increasing concerns about cyber warfare. Amidst all this, they have been doing battle on Capitol Hill to retain current levels of port security funding from U.S. Customs and Border Protection (CBP).
The United States Secret Service is warning of a new scam in which thieves are targeting the chip-based debit cards issued to corporations.
Malwarebytes™, the leading advanced malware prevention and remediation solution, today announced the release of Malwarebytes Endpoint Protection and Response.
While it may be a bit harsh to label it the currency of crime, Bitcoin and its dozens of cryptocash cousins certainly have an underworld appeal. Profit-motivated cybercriminals are drawn to its decentralised nature and the anonymity that it affords. Cryptocurrency also simplifies cashing out for the bad guys, and the potential for extortion through ransomware and attacks on unsecured exchanges grows exponentially as digital cash inches toward the mainstream. It has become a multi-billion-dollar enterprise.
IT and security conversations are moving away from the confines of remote IT departments and are finding their way to the top of boardroom agendas. As they do so, CIOs need to carefully consider the way they communicate with other senior executives if critical IT initiatives are to receive that all important buy-in from the Board. In this article, I will offer guidance to CIOs who are required to obtain Board-level approval before implementing strategic IT projects.
Today, I will be going over Control 10 from version 7 of the CIS top 20 Critical Security Controls – Data Recovery Capabilities. I will go through the five requirements and offer my thoughts on what I’ve found.Key Takeaways for Control 10Backups can save your company. After getting hit with ransomware, some companies have had to pay millions in ransom. While a Fortune 500 company may be able to take that type of hit, the vast majority of us cannot.Don’t forget to test. The importance of testing data backups is just as critical as actually creating the backups. This doesn’t have to be a complex procedure; a simple test file on a non-critical server can be quickly tested in a matter of minutes. However, it’s not a bad idea to run through a full restore of a system every now and again, either.How often is a regular basis? This is a great question when it comes to how often you need to run a full, incremental, or differential backup. There is no official guidance on what this number would be from regulatory frameworks, so balance performance and storage costs to a level of risk that is acceptable for the business.Requirement Listing for Control 101. Ensure Regular Automated Back UpsDescription: Ensure that all system data is automatically backed up on regular basis.Notes: There are a lot of reasons why you want to perform backups. Availability is the key component that was the driver of this control historically. Now that ransomware is prevalent across any industry, this can be a driver to show additional ROI for backup solutions.2. Perform Complete System BackupsDescription: Ensure that each of the organization’s key systems are backed up as a complete system through processes such as imaging to enable the quick recovery of an entire system.Notes: The three main backup types are full, incremental, and differential. There are pros and cons to each type, primarily around the performance of obtaining and restoring backup data. A full backup will take longer to create; however, restoring a full backup is much quicker than restoring from incremental or differential backups. The best option is to have a mix of backup types, such as a full backup once a week with daily incremental backups.3. Test Data on Backup MediaDescription: Test data integrity on backup media on a regular basis by performing a data restoration process to ensure that the backup is properly working.Notes: There are two reasons why this is absolutely critical. The first is that you need to be sure that the backups are working before you actually need them. Nothing is worse than losing a critical file before finding out that the backups didn’t complete properly and you cannot restore it. The second comes in the face of ransomware. By testing backups, you can have confidence in restoring encrypted files. You will also have an idea about the internal costs associated with restoring these files and can make an informed decision that restoring files is cheaper than paying a ransom.4. Protect BackupsDescription: Ensure that backups are properly protected via physical security or encryption when they are stored as well as when they are moved across the network. This includes remote backups and cloud services.Notes: Sophisticated threat actors have historically gone after backup data. However, since IT organizations have been restoring data rather than paying a ransom, ransomware authors have also begun targeting backup files to prevent restoration.5. Ensure Backups Have At least One Non-Continuously Addressable DestinationDescription: Ensure that all backups have at least one backup destination that is not continuously addressable through operating system calls.Notes: This one is related to the previous requirement. Malware can be written to automatically target backups before they wreak havoc on your data. This means that the backup source should have a copy of the data stored offline. This can be written to a disk, tape, or even a USB drive for smaller organizations. Just don’t leave your USB drive plugged in and think you are safe. See how simple and effective security controls can create a framework that helps you protect your organization and data from known cyber attack vectors by downloading this guide here.Read more about the 20 Critical Security Controls here:Control 20 – Penetration Tests and Red Team ExercisesControl 19 – Incident Response and ManagementControl 18 – Application Software SecurityControl 17 – Implement a Security Awareness and Training ProgramControl 16 – Account Monitoring and ControlControl 15 – Wireless Access ControlControl 14 – Controlled Access Based on the Need to KnowControl 13 – Data ProtectionControl 12 – Boundary DefenseControl 11 – Secure Configuration for Network Devices, such as Firewalls, Routers, and SwitchesControl 10 – Data Recovery Capabilities
The first Americans to line up to vote on Nov. 6, 2018, will be the East Coast’s earliest risers. As early as 5 a.m. EST, rubbing the sleep from their eyes and clutching travel thermoses of coffee, they will start the procession of perhaps 90 million Americans to vote that day. The last to cast ballots will be Hawaiians, who will do so until 11 p.m. East Coast time. When all is said and done, the federal election will unfold something like an 18-hour-long ballet of democracy: 50 states, dozens of different kinds of voting machines and an expectation that everything should be counted up in time for TV networks to broadcast the results before Americans head to bed. Election Day 2018 is expected to unfold no differently than it has in years past.
By Pieter Van Ostaeyen & Guy Van Vlierden
On April 4, 2018 French media reported that the 72 year old Shaykh Bassam Ayachi was arrested in the north of France on March 27. The media portrayed him as “the oldest Belgian Jihadi”, as “the mentor of generations of Belgian Jihadi’s” and above all as “one of the main recruiters for Belgian foreign fighters who left for the war in Syria”. In 2012 Flemish newspaper De Standaard even called him “the personification of radical Islam in our country.” His actual story is a bit more nuanced however, and this brief article aims to separate the fiction from the facts.
Continuing where we left off in Threat Hunting & Adversary Emulation: The HELK vs APTSimulator – Part 1, I will focus our attention on additional, useful HELK features to aid you in your threat hunting practice. HELK offers Apache Spark, GraphFrames, and Jupyter Notebooks as part of its lab offering. These capabilities scale well beyond a standard ELK stack, this really is where parallel computing and significantly improved processing and analytics truly take hold. This is a great way to introduce yourself to these technologies, all on a unified platform.
worried about how advertisers and others can abuse access to our data
The Internet of Things is a cancer that consumes all reasonable expectations of technology, opens vast security holes we’ve never had to deal with before, and complicates life in the pursuit of quarterly gains from whatever technology startup is hot right now. We are getting some interesting tech out of it, though. The latest in the current round of ‘I can’t believe someone would build that’ is the Internet of Pillows. No, it’s not a product, it’s just an application note, but it does allow us to laugh at the Internet of Things while simultaneously learning about some really cool chips.
You might be surprised to find out that it’s actually not a good idea to put all of your credit card information on a little Bluetooth enabled device in your pocket. Oh, what’s that? You knew already? Well in that case you won’t find the following information terribly shocking, but it’s still a fascinating look at how security researchers systematically break down a device in an effort to find the chinks in its armor.
Every day at 6 AM, a team of Oregon Fish and Wildlife officers check the traps. The cages encircle docks—sea lions love sunbathing—throughout the Columbia River Basin, at a strategic point just before the Willamette Falls, a natural feature in a tributary of the same name. If a trap door is closed, officers barge the sea lion out of the river and wrangle the agitated mammal into yet another trap, before driving it 230 miles to the California coast, only to have the same sea lion virtually beeline back to the same stretch of the Columbia.
Consumers are demanding cheaper cigarettes and this has prompted the West Indian Tobacco Company (Witco) Ltd to re-brand its Mt. d’or product and engage in innovation with some of its brands, including Dunhill Flow Filter, du Maurier 14s and Dunhill double Capsule.
We’re in Hawaii! “We” being Scott Helme and myself and we’re here for the Loco Moco Sec conference which has been a heap of fun (the location may have played a part in that…) And what a location:
It’s been a week filled to the brim with customer security compromises, and here’s one more to add to the pile. A day after Sears, Kmart and Delta confirmed that they’d been impacted by a breach of data firm, 7.ai, Best Buy issued a public statement noting that it’s in the same boat.