A Review of the Best News of the Week on Cyber Threats & Defense
CyberSecurity Report: Threat Landscape Gets More Sophisticated (Qualys Blog, Aug 07 2017)
Destruction of service. Get acquainted with this newly-minted term, and with its acronym — DeOS. It’s a particularly disturbing type of cyber attack InfoSec teams may face regularly in the not too distant future. That’s one of the main findings featured in the Cisco 2017 Midyear Cybersecurity Report…
Beware of Security by Press Release (Krebs on Security, Aug 07 2017)
On Wednesday, the security industry once again witnessed an all-too-familiar cycle: I call it “security by press release.” It goes a bit like this: A security firm releases a report claiming to have unearthed a major flaw in a competitor’s product; members of the trade press uncritically republish the claims without adding much clarity or waiting for responses from the affected vendor; blindsided vendor responds in a blog post showing how the issue is considerably less dire than originally claimed….
Biohackers Encoded Malware in a Strand of DNA (Wired, Aug 07 2017)
Researchers planted a working hacker exploit in a physical strand of DNA…so that when a gene sequencer analyzes it the resulting data becomes a program that corrupts gene-sequencing software and takes control of the underlying computer.
Threat Analysis: Carbon Black Threat Research Dissects PNG Dropper (Carbon Black, Aug 07 2017)
This report and the associated tools, scripts, rules, and YARA signatures are being provided by the Carbon Black Threat Research Team to assist other researchers and practitioners investigating a dropper family that has been used in recent targeted attacks….
5 ways to create a secure firewall (TechRepublic, Aug 07 2017)
Firewall management can be a complicated and risky process if not performed carefully. Here are five tips to help you build a successful strategy……
Is SIEM The Best Threat Detection Technology, Ever? (Gartner Blog Network, Aug 07 2017)
That’d be a “NO” – those of my readers who are “anti-SIEM” can calm down now :–) Well…. let me explain and perhaps you will see that the answer evolves……
How the National Cybersecurity Center mitigates 90% of attacks reported (TechRepublic, Aug 07 2017)
The National Cybersecurity Center helps SMBs, nonprofits, and governments fight cybercrime. Here’s how your business can benefit from their tactics….
Kenyan opposition leader Odinga: Hackers manipulated election results (Los Angeles Times, Aug 07 2017)
Kenya’s opposition presidential candidate, Raila Odinga, on Tuesday rejected the tally from this week’s election, saying hackers had manipulated data in the election commission’s computer system….
More on the Vulnerabilities Equities Process (Schneier on Security, Aug 07 2017)
The question is whether the US government should prioritize attack over defense, and security over surveillance. Disclosing, especially in a world where the secrecy of zero-day vulnerabilities is so fragile, greatly improves the security of our critical systems…
To Manage Risk Understand Adversaries, Not Just Activity in Your Environment (Security Week, Aug 07 2017)
CARTA, continuous adaptive risk and trust assessment, to manage the increasing risk associated with the digital world. CARTA complements the NIST framework with a process that spans the business – from how companies develop technology products to external partners along the supply chain. The CARTA process involves continuously assessing your ecosystem risk, which extends beyond the walls of the enterprise, and adapting as necessary…
Establishing a root of trust: Trusted computing and Intel-based systems (Military Embedded Systems, Aug 07 2017)
In the global defense-electronics market there is a growing demand for trusted computing solutions that carry effective protections against cyberattacks. Users want to be confident that when they power up their deployed embedded system, the code that their system is running can be trusted. In this sense,”trusted” means that the system is running only the software code that the system integrator intends it to, and that no other code – malicious or otherwise – has been added to it….