Category Archives: Don’t miss

Diffy: A triage tool for cloud-centric incident response

The Netflix Security Intelligence and Response Team (SIRT) has released Diffy, an open source triage tool that allows digital forensics and incident response teams to quickly pinpoint compromised hosts during a security incident on cloud architectures. The name of the tool comes from its function: it identifies differences between instances that might point to a compromise (an unexpected listening port, a running process with an unusual name, a strange crontab entry, a surprising kernel module, … More

The post Diffy: A triage tool for cloud-centric incident response appeared first on Help Net Security.

Dealing with a system launch: It requires more than just testing

Rolling out new IT systems or software can be a challenge and fraught with issues from day one – and the recent IT crisis with TSB has shown how damaging these can be if managed poorly. A lack of pre-launch tests has been raised as a potential cause of immediate failures, but it would be simplistic to suggest that this would completely eliminate the problems that companies encounter following a system launch. A successful launch … More

The post Dealing with a system launch: It requires more than just testing appeared first on Help Net Security.

Cyber Chief Magazine: GDPR Winning Moves

This issue delivers a ready-to-use GDPR kit packed full of how-to’s and practical tips that companies need to implement so they don’t end up on the wrong side of an audit. You’ll get the actionable insights you need today, without unnecessary compliance theory. Content in this edition: GDPR Confusion: 7 Common Myths Busted How to Jump-Start GDPR Risk Assessment GDPR Fines: What Should You Expect? …and more!

The post Cyber Chief Magazine: GDPR Winning Moves appeared first on Help Net Security.

Cisco plugs serious flaws in Policy Suite, SD-WAN, and Nexus switches

Cisco has issued another batch of fixes, plugging a number of critical and high severity holes in its Policy Suite, SD-WAN, and Nexus products. Cisco Policy Suite Users of the Cisco Policy Suite should upgrade to Release 18.2.0 as soon as possible, as it implements fixes for four critical vulnerabilities: A vulnerability (CVE-2018-0376) in the Policy Builder interface of the Suite that could be exploited by an unauthenticated, remote attacker to access the Policy Builder … More

The post Cisco plugs serious flaws in Policy Suite, SD-WAN, and Nexus switches appeared first on Help Net Security.

How hackers exploit critical infrastructure

The traditional focus of most hackers has been on software, but the historical focus of crime is on anything of value. It should come as no surprise, therefore, that as operational technology (OT) and industrial control system (ICS) infrastructure have become much more prominent components of national critical infrastructure, that malicious hacking activity would be increasingly targeted in this direction. It also stands to reason that the salient aspects of hacking – namely, remote access, … More

The post How hackers exploit critical infrastructure appeared first on Help Net Security.

BEC scams and real estate deals: How to protect yourself?

Despite constant warnings by law enforcement and industry organizations, BEC scammers continue to fleece companies. They target small, medium, and large business and personal transactions, but have, in the last few years, shown a notable predilection for targeting companies in the real estate sector. What are BEC scams? Business E-mail Compromise (BEC)/E-mail Account Compromise (EAC) is a type of scam targeting both businesses and individuals performing wire transfer payments, and often starts with the attackers … More

The post BEC scams and real estate deals: How to protect yourself? appeared first on Help Net Security.

Retail data breaches continue to reach new highs

Thales announced the results of its 2018 Thales Data Threat Report, Retail Edition. According to U.S. retail respondents, 75% of retailers have experienced a breach in the past compared to 52% last year, exceeding the global average. U.S retail is also more inclined to store sensitive data in the cloud as widespread digital transformation is underway, yet only 26% report implementing encryption – trailing the global average. Year-over-year breach rate takes a turn for the … More

The post Retail data breaches continue to reach new highs appeared first on Help Net Security.

Inside look at lifecycle of stolen credentials and extent of data breach damage

Shape Security released its Credential Spill Report, shedding light on the extent to which the consumer banking, retail, airline and hospitality industries are impacted by credential stuffing attacks and account takeover. The report analyzes attacks that took place in 2017 and reveals 2.3 billion account credentials were compromised as a result of 51 independent credential spill incidents. Credential stuffing collectively costs U.S. businesses over $5 billion a year. When usernames and passwords are exposed, or … More

The post Inside look at lifecycle of stolen credentials and extent of data breach damage appeared first on Help Net Security.

Attention all passengers: Airport networks are putting you at risk!

Coronet released a report identifying San Diego International Airport, John Wayne Airport-Orange County (CA) International Airport and Houston’s William P. Hobby International Airport as America’s most cyber insecure airports. The purpose of the report is to inform business travelers of how insecure airport Wi-Fi can inadvertently put the integrity and confidentiality of their essential cloud-based work apps (G-Suite, Dropbox, Office 365, etc.) at risk, and to educate all other flyers on the dangers of connecting … More

The post Attention all passengers: Airport networks are putting you at risk! appeared first on Help Net Security.

Microsoft offers bug bounties for holes in its identity services

Microsoft is asking security researchers to look for and report technical vulnerabilities affecting its identity services and OpenID standards implementations, and is offering bug bounties that can reach as high as $100,000. “Microsoft has invested heavily in the security and privacy of both our consumer (Microsoft Account) and enterprise (Azure Active Directory) identity solutions. We have strongly invested in the creation, implementation, and improvement of identity-related specifications that foster strong authentication, secure sign-on, sessions, API … More

The post Microsoft offers bug bounties for holes in its identity services appeared first on Help Net Security.

Microsoft tops list of brands impersonated by phishers

The number one brand spoofed by phishers in Q2 2018 in North America was Microsoft, says email security company Vade Security. The company credits the surging of adoption of Microsoft Office 365 for this unfortunate statistic. “It’s clear that Office 365 has become the number one target for corporate phishing attacks,” the company explained. “The reason is that it’s highly profitable to compromise an Office 365 account. Hackers see email-based attacks as an easy entry … More

The post Microsoft tops list of brands impersonated by phishers appeared first on Help Net Security.

Do you have what it takes to become a Chief Scientist in the infosec industry?

Igor Baikalov, Chief Scientist at security analytics firm Securonix, is a trained scientist: he spent over 16 year working on various aspects of Structural Biology, developing new methods for determining the structure of basic building blocks of life: proteins, DNA, and their interactions. “A lot of this work had to do with processing and interpreting massive amounts of data and writing tons of code to do that – something I realized I was pretty good … More

The post Do you have what it takes to become a Chief Scientist in the infosec industry? appeared first on Help Net Security.

How to use the cloud to improve your technology training

Anyone who has tried to hire an IT expert knows that the shortage of qualified people is real. We’re not just talking about IT security jobs, either. Almost every area of tech faces a skills shortage that threatens to sap productivity and presents challenges to IT departments of all sizes. Informal on-the-job training has been the norm for most IT teams. However, the rise of cyberthreats and the pace at which they arise leaves companies … More

The post How to use the cloud to improve your technology training appeared first on Help Net Security.

Only 65% of organizations have a cybersecurity expert

Despite 95 percent of CIOs expecting cyberthreats to increase over the next three years, only 65 percent of their organizations currently have a cybersecurity expert, according to a survey from Gartner. The survey also reveals that skills challenges continue to plague organizations that undergo digitalization, with digital security staffing shortages considered a top inhibitor to innovation. Gartner’s 2018 CIO Agenda Survey gathered data from 3,160 CIO respondents in 98 countries and across major industries, representing … More

The post Only 65% of organizations have a cybersecurity expert appeared first on Help Net Security.

GitHub adds Python support for security alerts

GitHub has announced that its recently introduced feature for alerting developers about known vulnerabilities in software packages that their projects depend on will now also work for Python packages. About Security Alerts The security alerts service depends on the Dependency Graph, which is turned on by default for every public repository and can be set up for private repositories. “GitHub tracks public vulnerabilities in Ruby gems, NPM and Python packages on MITRE’s Common Vulnerabilities and … More

The post GitHub adds Python support for security alerts appeared first on Help Net Security.

World powers equip, train other countries for surveillance

Privacy International has released a report that looks at how powerful governments are financing, training and equipping countries with surveillance capabilities. Countries with powerful security agencies are spending literally billions to equip, finance, and train security and surveillance agencies around the world — including authoritarian regimes. This is resulting in entrenched authoritarianism, further facilitation of abuse against people, and diversion of resources from long-term development programmes. Global government surveillance Examples from the report include: In 2001, the US … More

The post World powers equip, train other countries for surveillance appeared first on Help Net Security.

Rain Capital: Venture fund seeks to back cybersecurity companies led by women and minorities

A new venture fund that will focus on providing capital, strategy, critical resources and unique insights to early-stage cybersecurity companies in Silicon Valley has been officially launched last month. Headed by security technologist Dr. Chenxi Wang and with Amena Zhang, a VC with a strong track record of funding successful startups in Asia, as operating partner, Rain Capital has one other goal in mind: to boost funding to companies led by women and minorities. “Two … More

The post Rain Capital: Venture fund seeks to back cybersecurity companies led by women and minorities appeared first on Help Net Security.

Zero login: Fixing the flaws in authentication

Passwords, birth certificates, national insurance numbers and passports – as well as the various other means of authentication, that we have relied upon for the past century or more to prove who we are to others – can no longer be trusted in today’s digital age. That’s because the mishandling of these types of personally identifiable information (PII) documents from birth, along with a string of major digital data breaches that have taken place in … More

The post Zero login: Fixing the flaws in authentication appeared first on Help Net Security.

Review: The Absolute Platform with Persistence Technology

Absolute is a long-time player in the endpoint security arena, specializing in endpoint visibility and control. Regarded as an industry leader in IT asset management for more than two decades, Absolute recently revamped its solution to leverage its patented Persistence technology. The Software-as-a-Service platform is made possible through innovative endpoint technology and go-to-market partnerships with more than 25 original equipment manufacturers (OEMs) and top PC vendors. Absolute’s patented technology is built into the firmware of … More

The post Review: The Absolute Platform with Persistence Technology appeared first on Help Net Security.

Magecart presents an unprecedented threat: Here’s what you can do

Recently we learned that the previously disclosed Ticketmaster UK breach from a few weeks ago was not a one-off event but instead part of a widespread website digital credit card skimming operation that impacted over 800 ecommerce sites around the world. On the surface, even an attack of this size isn’t necessarily out of the norm in today’s threat landscape of highly sophisticated actors. However, if we consider the true impact of this event it … More

The post Magecart presents an unprecedented threat: Here’s what you can do appeared first on Help Net Security.

Only 20% of companies have fully completed their GDPR implementations

Key findings from a survey conducted by Dimensional Research highlight that only 20% of companies surveyed believe they are GDPR compliant, while 53% are in the implementation phase and 27% have not yet started their implementation. EU (excluding UK) companies are further along, with 27% reporting they are compliant, versus 12% in the U.S. and 21% in the UK. While many companies have significant work to do, 74% expect to be compliant by the end … More

The post Only 20% of companies have fully completed their GDPR implementations appeared first on Help Net Security.

Gargoyle: Innovative solution for preventing insider attacks

A group of researchers from UNSW Sydney, Macquarie University, and Purdue University has released a paper on a new and very promising network-based solution for preventing insider attacks. Dubbed Gargoyle, the solution: Evaluates the trustworthiness of an access request context through a set of Network Context Attributes (NCAs) that are extracted from the network traffic Leverages the capabilities of Software-Defined Network (SDN) for both policy enforcement and implementation Takes advantage of the network controller for … More

The post Gargoyle: Innovative solution for preventing insider attacks appeared first on Help Net Security.

An overview of the OT/ICS landscape for cyber professionals

Most cyber security professionals take for granted the information technology or IT nature of their work. That is, when designing cyber protections for some target infrastructure, it is generally presumed that protections are required for software running on computers and networks. The question of whether some system is digital or even computerized would seem to have been last relevant to ask in 1970. We all presume that everything is software on CPUs. The problem is … More

The post An overview of the OT/ICS landscape for cyber professionals appeared first on Help Net Security.