October 2016 - Page 5 of 7 - Cyber Security Minute

Ex-NSA contractor hoarded two decades’ worth of secrets

Issued by: CIO Security

The former National Security Agency contractor suspected of stealing U.S. hacking tools allegedly was found hoarding two decades’ worth of classified materials. In a Thursday court filing, federal investigators provided new details on their case against 51-year-old Harold Martin, who was arrested in late August. Investigators have seized 50 terabytes of information from Martin, in…

Application Security, Mobile Security

Intel asserts its trademark rights against John McAfee

Issued by: CIO Security

Intel does not object to John McAfee using his personal name in connection with his business, but it objects to the use by the maverick entrepreneur and security expert of the McAfee trade name and trademark in a way that could confuse or deceive consumers or dilute the brand. The issue came up when John…

Application Security

RASP rings in a new Java application security paradigm

Issued by: CIO Security

Runtime Application Self Protection (RASP) is a next-generation cyber security technology designed to redress some of the weak points of application security. Unlike firewalls or code analysis, runtime-based technologies contain application data and contextual awareness, enabling them to be both precise and preemptive. In this article I introduce RASP. I’ll briefly compare RASP to other…

Cloud Security, Network Security

From Chasing Alerts to Hunting Threats: What Makes an Effective SOC is Evolving

Issued by: Security Week

Whether you call it a SOC, a CSOC, a Cyber Defense Center, or something else, security operation centers have the same fundamental mission – to help organizations detect, analyze, respond to, report on, and prevent cyber security incidents. But what it takes to do that effectively has changed in this ever-evolving threat landscape, putting an…

Malware & Threats

Sarvdap Spambot Checks IP Blacklists

Issued by: Security Week

The Sarvdap spambot was recently observed checking the IP addresses of infected hosts against common blacklists, in an attempt to ensure that its spam email is successfully delivered, Palo Alto Networks security researchers reveal. While other spambots typically start sending spam emails as soon as a host has been infected, Sarvdap first checks to see…

Vulnerabilities

“Dirty COW” Linux Kernel Exploit Seen in the Wild

Issued by: Security Week

A new Linux kernel vulnerability disclosed on Wednesday allows an unprivileged local attacker to escalate their privileges on a targeted system. Red Hat said it was aware of an exploit in the wild. The vulnerability, discovered by Phil Oester, was sarcastically dubbed by some people “Dirty COW” due to the fact that it’s caused by…

Cloud Security, Mobile Security

Why Poor Cyber Hygiene Invites Risk

Issued by: Dark Reading

Organizations around the world are implementing mobility, cloud computing, the Internet of Things (IoT), business intelligence, and social media technologies at breakneck speeds in order to remain competitive and relevant in today’s digital economy. However, with the rapid implementation of these technologies, new weak spots are emerging for attackers to exploit. And those adversaries are…

Software Security, Vulnerabilities

US Bank Regulators Draft Rules For Financial Services Cybersecurity

Issued by: Dark Reading

US bank regulators are all set to issue new standards for banks to protect themselves from cyberattacks, reports Reuters. The proposal, expected to be finalized soon and binding on financial institutions with more than $50 billion assets, comes in the wake of US banks suffering serious losses from online thefts. When the rules come into…

Malware & Threats

MBRFilter: Cisco open sources tool to protect the Master Boot Record

Issued by: Help Net Security

Cisco’s Talos research team has open sourced MBRFilter, a tool that aims to prevent a system’s Master Boot Record (MBR) getting overwritten by malware. The latest malware families that use this tactic are HDDCryptor (aka Mamba) and Petya, two pieces of ransomware that not only encrypt victims’ files, but also effectively lock them out of…

Network Security, Software Security

How cybercriminals attack homes, and how to stop them

Issued by: Help Net Security

At a recent Home Hacker Lab event, an ethical hacker revealed how cybercriminals attack, and what consumers can do to protect themselves. The October 13 workshop in New York City, presented by HSB and Prescient Solutions, mounted a remote cyber-attack on an Internet-connected model home inside the American Modern Insurance Group claims training facility in…