A Review of the Best News of the Week on Cyber Threats & Defense
FBI pushes private sector to cut ties with Kaspersky (Cyberscoop, Aug 21 2017)
The FBI has been telling private sector companies that Kaspersky is an unacceptable threat to national security….
Inline and Out-of-Band: The ABCs of Network Visibility (Ixia, Aug 21 2017)
When it comes to network monitoring, there are two scenarios—out-of-band and inline (in band). This definition typically refers to the placement of the equipment from the monitoring tool’s perspective. Basically, is the monitoring tool in the critical path of network data or not? The next question, of course, is why does it matter?…
Carbon Emissions: Oversharing Bug Puts Security Vendor Back in Spotlight (Krebs on Security, Aug 18 2017)
Last week, security firm DirectDefense came under fire for over-hyping claims that Cb Response, a cybersecurity product sold by competitor Carbon Black, was leaking proprietary from customers who use it. Carbon Black responded that the bug identified by its competitor was a feature, and that customers were amply cautioned in advance about the potential privacy risks of using the feature. Now Carbon Black is warning that an internal review has revealed a wholly separate bug in Cb Response that could in fact result in certain customers unintentionally sharing sensitive files….
Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report
Synopsys Fuzzing Report Identifies IoT and Industrial Control Systems Software as Most Vulnerable to Exploits (markets.businessinsider.com, Aug 15 2017)
Synopsys, Inc. released its fuzzing report: The overall average time to first failure (TTFF) — the first instance when a protocol crash is recorded — was 1.4 hours. In the case of more mature protocols, the length of time is in hours. But with less mature protocols, that time could be as short as a few seconds, indicating a higher likelihood of exploitable vulnerabilities….
AlienVault partners with SpyCloud plug-in searches for stolen passwords on Dark Web (TechCrunch, Aug 15 2017)
SpyCloud plug-in monitors sites and forums on the Dark Web and lets your company know when credentials matching your domain show up. …
A Russian Hacker Group Used a Leaked NSA Tool to Spy on Hotel Guests (WIRED, Aug 15 2017)
The same hackers who hit DNC and Clinton campaign are now apparently spying on high-value travelers via Wi-Fi…
7 free tools every network needs (Network World Security, Aug 15 2017)
From device discovery to visibility into systems, networks, and traffic flows, these free open source monitoring tools are worth reviewing…
Unfixable Automobile Computer Security Vulnerability (Schneier on Security, Aug 18 2017)
There is an unpatchable vulnerability that affects most modern cars. It’s buried in the Controller Area Network (CAN): Researchers say this flaw is not a vulnerability in the classic meaning of the word. This is because the flaw is more of a CAN standard design choice that makes it unpatchable. Patching the issue means changing how the CAN standard works……
Blowing the Whistle on Bad Attribution (Krebs on Security, Aug 18 2017)
The New York Times this week published a fascinating story about a young programmer in Ukraine who’d turned himself in to the local police. The Times says the man did so after one of his software tools was identified by the U.S. government as part of the arsenal used by Russian hackers suspected of hacking into the Democratic National Committee (DNC) last year….
‘Pulse wave’ DDoS – another way of blasting sites offline (Naked Security – Sophos, Aug 18 2017)
If there’s one thing we’ve learned, it’s that any new way of DDoSing will reveal that there are a huge number of undefended devices online…
ShadowPad How Attackers Hide Backdoor in Software Used by Hundreds of Large Companies Globally (BW CIOWORLD, Aug 21 2017)
ShadowPad is one of the largest known supply-chain attacks and the backdoor allows attackers to download further malicious modules or steal data. The most worrying finding was the fact that the [software] vendor did not mean for the software to make these requests….
It’s baaaack: Locky ransomware is on the rise again (Naked Security, Aug 21 2017)
Locky had been quiet until new variants started appearing last week. Here’s what you need to know…
Hacker Sells 2FA bypass flaw in Poloniex exchange after 2 months wait (HackRead, Aug 21 2017)
The sold vulnerability facilitates Bypassing 2FA on Poloniex – The hacker sold the flaw after they waited for Poloniex’s reply for 2 months….
Flashpoint – Flashpoint Intelligence Academy: A Personal Approach to Intelligence (Flashpoint, Aug 21 2017)
Flashpoint Intelligence Academy (FIA) provides quality BRI education and trains organizations how to reduce their overall risk exposure….
Cybersecurity: Is the Air Gap Strategy Making a Comeback? (Automation World, Aug 21 2017)
The release of an air gap version of Dell’s Endpoint Security Suite Enterprise software indicates not only the continued prevalence of air gapped industrial systems, but an acknowledgement that such systems also need cybersecurity protection….