Resources

Blog

Hackers Steal $55 million From Boeing Supplier

Aerospace parts manufacturer FACC says that its financial accounting department has been attacked by hackers, who managed to steal approximately €50 million ($54.5 million) from its coffers. Perhaps surprisingly, the company, whose largest shareholder is a Chinese aviation corporation, appears not to have been hacked for its data or intellectual...
Blog

Why Do I Need A SIEM?

In my previous post in this series, we discussed that a "SIEM" is defined as a group of complex technologies that together, provide a centralized bird's-eye-view into an infrastructure. Furthermore, it provides analysis and workflow, correlation, normalization, aggregation and reporting, as well as log management. In this next post, I hope to answer...
Blog

5 Information Security Trends for 2016

Online security trends continue to evolve. This year, online extortion will become more prevalent. We also expect that at least one consumer-grade IoT smart device failure will be lethal. Ransomware will make further inroads, since the majority go unreported. China will drive mobile malware growth to 20M, and cybercrime legislation will take a...
Blog

Exploiting WPA2 In a Citywide Wi-Fi

With mobile phones in almost every pocket today, the payphone has lost its usefulness for perhaps everyone – except maybe Clark Kent. This is why New York City held a competition looking for the best ideas to make appropriate use of this valuable real-estate spread throughout the city. About a year after the contest winner was announced, the city...
Blog

Yahoo! Mail Patches Stored XSS Vulnerability, Awards Researcher $10,000

Yahoo Mail! has patched a stored cross-site scripting (XSS) vulnerability and awarded a researcher $10,000 for finding the flaw. Discovered by Finnish researcher Jouko Pynnonen, the bug allowed an attacker to embed malicious Javascript code into a specially crafted email. The code would automatically execute whenever the message was viewed,...
Blog

Can We Ever Rescind Our Data?

I received a phone call from a friend the other night. He was very concerned because he received one of those now infamous letters from the Office of Personnel Management, which indicated that his records were among one of the millions that were taken in the OPM hack. His information was originally submitted as he was applying for a security...
Blog

"123456" and "password" Once Again Top Annual Worst Passwords Ranking

"123456" and "password" were the most-used and second most-used passwords of 2015, according to an annual worst passwords ranking. Every year, SplashData, a developer of password management software, releases an annual list of the worst--in this case, most commonly used--passwords. It builds its ranking based on more than two million leaked...
Blog

Threat Models in the Real World

In a previous post, I noted some security issues that I had observed during recent visits to medical professional offices and hospitals. In reflecting on that post, I realized an important aspect of the disconnect I experienced as I observe security around me. It is that I carry with me a threat model that is probably very different than the threat...
Blog

Information Security Podcast Roundup: 2016 Edition

Looking for a great information security podcast? There are plenty to choose from! Here’s a roundup of currently active information security podcasts. The list is split into two categories: podcasts run by people representing themselves (meaning they are not speaking for a company) and podcasts produced under the name of a company. I made the...
Blog

Vulnerability Management Program Best Practices – Part 2

Recently, I introduced a three-part series on how to build a successful vulnerability management program. The first installment examined Stage 1, the vulnerability scanning process. My next article investigates Stages 2 (asset discovery and inventory) and 3 (vulnerability detection), which occur primarily using the organization’s technology of...
Blog

Netflix to Crack Down on Use of Proxies among Members

Netflix has announced its intention to counter the use of proxies among members who wish to view content outside of their immediate geographic territory. David Fullagar, Vice President of Content Delivery Architecture at Netflix, broke the news in a blog post on Thursday: "[I]n coming weeks, those using proxies and unblockers will only be able to...
Blog

The Ten Keys to Cyber-Survival

I don’t know if you have noticed, but when it comes to incident response, the methodology applied by organisations can vary from the downright chaotic, to a well-disciplined, well-oiled machine. However, from what I have observed over the preceding five years of my professional life, the general approach seems to be ad-hoc and has suffered from a...
Blog

DDoS Attacks Increased by 180% Compared to 2014, Reveals Akamai Report

Last September, CloudFlare detected a large-scale browser-based L7 flood. Over the course of the distributed denial of service (DDoS) attack, 650,000 IP addresses sent out a total of 4.5 billion HTTP requests, with the campaign peaking at 250,000 requests per second. After investigating the incident, the security company concluded that the attack...