A Review of the Best News of the Week on Cyber Threats & Defense

#RSAC: The Five Most Dangerous New Attacks According to SANS (Infosecurity Magazine, Apr 18 2018)
SANS institute shared what they believe to be the five most dangerous new attack techniques in cybersecurity.

Intel, Microsoft to use GPU to scan memory for malware (Ars Technica, Apr 16 2018)
Since the news of the Meltdown and Spectre attacks earlier this year, Intel has been working to reassure the computer industry that it takes security issues very seriously and that, in spite of the Meltdown issue, the Intel platform is a sound choice for the security conscious.

Firms using WebEx at risk of poisoned Flash attacks (WeLiveSecurity, Apr 23 2018)
The vulnerability allows a boobytrapped Flash file (.SWF) to be uploaded to WebEx conference meeting attendees due to insufficient input validation by the Cisco WebEx’s client software.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Traditional firewalls fall short in protecting organizations, says survey (Naked Security – Sophos, Apr 17 2018)
A new survey, sponsored by Sophos, asked IT managers how their firewall technology is working for them. The results are in.

#RSAC: RSA President Urges Cybersecurity Industry to Concentrate on Security Not Threats (Infosecurity Magazine, Apr 17 2018)
Rohit Ghai, President of RSA Security, presented an optimistic view of the industry, explaining why he believes cybersecurity is getting better, not worse.

Honeypot Shows the Power of Automation in the Hands of Hackers (SecurityWeek, Apr 18 2018)
Next-gen endpoint detection and response firm Cybereason wanted to test two hypotheses: first, that hackers are ignoring free information in the underground forums; and second, that bots have become more sophisticated and dangerous than is often believed.

Cybersecurity conference exposed attendee info via a garbage app because of course it did (Mashable, Apr 23 2018)
“[It] was the API from http://eventbase.com that was used by the RSA conference app,” the researcher, who goes by svbl, explained over Twitter direct message. “[The] vulnerability was on eventbase’ side.”

SAP Cyber Threat Intelligence Report – April 2018 (Infosec Island, Apr 19 2018)
The April 2018 SAP Security Notes consists of 16 patches with the majority of them rated medium.

Could an Intel chip flaw put your whole computer at risk? (Naked Security – Sophos, Apr 17 2018)
Due to a low-level programming bug in your computer’s CPU, the memory chips relied upon during startup could be sneakily and unexpectedly filled with garbage. This would almost certainly stop your computer working properly, and perhaps even stop it booting up at all.

SOAR Webinar Questions – Answered (Gartner Blog Network, Apr 16 2018)
only those with mature security operation processes should use SOAR tools. However, this is not entirely true: we have seen some organizations building security operation centers with “native” (day 1, etc) support for SOAR tools, and it worked for them.

New Malware Adds RAT to a Persistent Loader (Dark Reading, Apr 17 2018)
A newly discovered variant of a long-known malware loader adds the ability to control the victim from afar.

Securing Your Organization’s Human Layer (Infosecurity Magazine, Apr 18 2018)
There is value in adopting a cybersecurity framework because of the structured manner of thinking that it helps impose.

CrowdStrike Unveils New Endpoint Protection, Threat Analysis Solutions (SecurityWeek, Apr 17 2018)
CrowdStrike this week unveiled its new Falcon Endpoint Protection Complete solution and announced the addition of an automated threat analysis module to its Falcon platform.

Practically Applying Threat Intelligence to Your Business (Dark Reading, Apr 18 2018)
Travis Farral, Director of Security Strategy at Anomali, believes cybersecurity teams can operate much more efficiently by better identifying the specific threats that endanger their environment – and by better understanding the potential impacts of those specific threats.

Leveraging Threat Intelligence across Infosec Roles (Dark Reading, Apr 18 2018)
Allan Liska, Senior Security Architect at Recorded Future, believes everyone in the infosec team – including vulnerability management and threat response staff – can take greater advantage of available threat intelligence to more effectively and efficiently mitigate risk.

FireEye Unveils New Solutions, Capabilities (SecurityWeek, Apr 19 2018)
One of the new solutions is SmartVision Edition, an offering designed to help organizations detect malicious traffic moving within their network.

IDS & IPS: Two Essential Security Measures (Dark Reading, Apr 23 2018)
To protect business networks, one line of security isn’t enough.