Threats & Defense – The Week’s Best News – 2017.07.31

Hackers claim credit for alleged hack at Mandiant, publish dox on analyst (CSO Online Salted Hash, Jul 31 2017)
Late Sunday evening, someone posted details alleged to have come from a compromised system…It claims that sometime in 2016, continuing until recently in 2017, the threat intelligence firm was fully compromised….

Trickbot Malware Now Targets US Banks (Threatpost, Jul 21 2017)
Researchers with IBM and Flashpoint warn the Trickbot Trojan is growing more potent and now targeting U.S. banks….

Antivirus for Android Has Terrible Track Record (Wired, Jul 22 2017)
A new study shows that 94 percent of Android antivirus failed to stop a comprehensive set of malware attacks….

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in Leaders Quadrant for 5th Consecutive Year. Get the report

How Does UC in the Cloud Impact Your Security Posture? (Infosec Island, Jul 20 2017)
To maintain the security posture of unified communications, enterprises must implement a holistic approach to security that extends from their infrastructure to the cloud….

A New Toolkit Hopes to Fix the SS7 Flaws That Plague Cell networks (Security Latest, Jul 26 2017)
Carriers have ignored flaws in SS7 that allow hackers easy access to telecoms. A new set of open-source tools hopes to jumpstart a fix….

SIEM or Log Management? (Gartner Blog, Jul 26 2017)
Welcome to 2002! Let’s discuss a timely topic … and, no, its not Y2K – that one is fortunately over.The topic is: SIEM vs log management.Yes, really!…

Report: The top 5 cybersecurity threats of 2017 (TechRepublic, Jul 26 2017)
1) Reverse Deception Tactics, 2) Sophisticated Phishing Campaigns, 3) Strategic Use of Information Operations, 4) Alternative Crypto-Currencies, & 5) DDoS-for-Hire Services…

Threat Hunting? Ditch the SIEM – Part 2 (FireMon, Jul 26 2017)
In Part 1, we built the case that SIEMs are ineffective for threat hunting…To date, SIEM vendors have not provided the market with the functions needed for producing world-class threat hunting. Again, threat hunting is a method. In order to follow this method, we have to……

How Netflix DDoS’d Itself To Help Protect the Entire Internet (Wired, Jul 28 2017)
Taking one for the stream….

The Very Best Black Hat Hacks (Wired, Jul 30 2017)
All the best hacks from the year’s biggest security conferences….

A Blue Team’s reference guide to dealing with Ransomware (CSO Online Salted Hash, Jul 05 2017)
Tharp’s post lists a number of other protective steps; we’ve reproduced a few of them below. For example, “Avoid mapping your drives and hide your network shares. WNetOpenEnum() will not enumerate hidden shares. This is as simple as appending a $ to your share name….”…

Share on facebook
Share on twitter
Share on linkedin