Tag Archives: today

My latest Gartner research:Competitive Landscape: Endpoint Detection and Response Tools

5 January 2017  |  …EPP providers starting to offer EDR features. At least 50% of endpoint detection and responseproviders will incorporate enhanced analytics of user and attacker…the next 12 to 24 months, up from less than 15% today. The endpoint detection and response (EDR…

Gartner clients can access this research by clicking here.




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] After OPM Hack, Pentagon to Store and Secure Sensitive Security Clearance Docs

www.nextgov.com/cybersecurity/2016/01/after-opm-hack-pentagon-store-and-secure-sensitive-security-clearance-docs/125338/ By Jack Moore Nextgov.com January 22, 2016 In the continuing aftermath of the massive hack of sensitive records stored by the Office of Personnel Management, the Obama administration announced today it’s shifting the responsibility for conducting background investigations of sensitive personnel to the Defense Department In the future, files containing personal information on security clearance seekers


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Fathers’ Rights Protesters Scale Roof on Buckingham Palace Grounds

abcnews.go.com/International/fathers-rights-protesters-scale-roof-buckingham-palace-grounds/story?id=35477272 By CAROLYN DURAND ABC News Nov 29, 2015 Two men involved in a fathers’ rights group scaled a roof of a building on the Buckingham Palace grounds, remaining there for a few hours before climbing down and surrendering to police. The men climbed onto the roof of the Queens Gallery, a public art gallery on the Buckingham Palace grounds that has a separate entrance from the residence itself. The Queen and Prince Philip were not at the palace today. The men are a part of the fathers’ rights group Fathers For Justice. The activists claimed to have breached security by creating a distraction and climbing a ladder, according to the group. One member told British television station ITV over the phone that it was “easy” and he could “have gone further.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] US Still Doesn’t Know Who’s In Charge of What If Massive Cyber Attack Strikes Nation

www.defenseone.com/threats/2015/11/us-still-doesnt-know-whos-charge-if-massive-cyber-attack-strikes-nation/123377/ BY PATRICK TUCKER Defense One NOVEMBER 3, 2015 The threat of a massive cyber attack on civilian infrastructure, leading to loss of life and perhaps billions in damages, has kept lawmakers on edge since before former Defense Secretary Leon Panetta warned of it back in 2012 (or the fourth Die Hard movie in 2007). Many experts believe that a sneak attack would be highly unlikely. The Department of Homeland Security has the lead in responding to most cyber attacks. But if one were to occur today, DHS and the Defense Department wouldn’t know all the details of who is in charge of what. The Department of Defense Cyber Strategy, published in April, carves out a clear role for the military and Cyber Command in responding to any sort of cyber attack of “significant consequence,” supporting DHS. Specifically, the strategy tasks the 13 different National Mission Force teams, cyber teams set up to defend the the United States and its interests from attacks of significant consequence, with carrying out exercises with other agencies and setting up emergency procedures. It’s the third strategic goal in the strategy. It’s also “probably the one that’s the least developed at this – at this point,” Lt. Gen. James K. McLaughlin, the deputy commander of U.S. Cyber Command, said at a Center for Strategic and International Studies event last month. He went on to describe the role that the military would play in such an event as “building the quick reaction forces and the capacity to defend the broader United States against an attack.” It’s something that the Defense Department, the Department of Homeland Security and the FBI and other agency partners all train for together in events like the Cyber Guard exercises, the most recent of which took place in July. The Defense Department, DHS and others worked through a series of scenarios related to a major attack on infrastructure. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] A New Material Promises NSA-Proof Wallpaper

www.defenseone.com/technology/2015/10/new-material-promises-nsa-proof-wallpaper/123066/ By PATRICK TUCKER defenseone.com OCTOBER 23, 2015 Your next tinfoil hat will won’t be made of tinfoil. A small company called Conductive Composites out of Utah has developed a flexible material — thin and tough enough for wallpaper or woven fabric — that can keep electronic emissions in and electromagnetic pulses out. There are a few ways to snoop on electronic communications. You can hack into a network or you can sniff out radio emissions. If you want to defend against the latter, you can enclose your electronic device or devices within a structure of electrically conductive, (probably metallic) material. The result is something like a force field. The conductive material distributes the electromagnetic energy away from the target in every direction — think of the *splat* you get when you hurl a tomato at a wall. These enclosures are sometimes called Faraday cages after the 18th-century British scientist who discovered electrolysis. Today, Faraday cages are all over the place. In 2013, as the College of Cardinals convened to elect a new Pope, the Vatican’s Sistine Chapel was converted into a Faraday cage so that news of the election couldn’t leak out, no matter how hard the paparazzi tried, and how eager the cardinals were to tweet the proceedings. The military also uses Faraday cages for secure communications: Sensitive Compartmented Information Facilities or SCIFs are Faraday cages. You’ll need to be in one to access the Joint Worldwide Intelligence Communication System, or JWICS, the Defense Department’s top-secret internet. Conductive Composites has created a method to layer nickel on carbon to form a material that’s light and moldable like plastic yet can disperse energy like a traditional metal cage. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Salted Hash: Live from DerbyCon 5.0 (Day 2)

http://www.csoonline.com/article/2986800/security-awareness/salted-hash-live-from-derbycon-5-0-day-2.html By Steve Ragan Salted Hash CSO Online Sept 26, 2015 It’s Day two at DerbyCon, which is actually the day that most of the action takes place. This weekend has already seen some impressive talks, but today promises to be interesting with talks running the full spectrum of InfoSec, from medical device research, AppSec, and social engineering. This post is being written at 0900, which is early for a hacker conference, but people are slowly starting to gather, as the picture shows. So far this weekend, Salted Hash has posted various conversation starters along with general updates, so today’s post will continue that slight trend. The idea for the topic came out of a technical failure on your faithful reporter’s part yesterday. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Salted Hash: Live from DerbyCon 5.0 (Day 1)

http://www.csoonline.com/article/2986763/security-awareness/salted-hash-live-from-derbycon-5-0-day-1.html By Steve Ragan Salted Hash CSO Online Sept 25, 2015 DerbyCon 5.0 has officially started, and it didn’t take long before the halls were flooded with hackers looking to catch-up with their peers as they headed to the first talk of the day. On Thursday, I had the chance to catch-up with a number of people who resonated with the thought process of yesterday’s post. The point being, insider threats aren’t what you think they are, and the core issue isn’t a malicious user – it’s a clueless user. In addition, when dealing with insider-based issues, policies that prohibit or hinder workflow will create more problems than they solve. Today, the topic is threat intelligence. I learned something interesting recently, if you gather a group of hackers and researchers around a table and ask them to define threat intelligence, the conversation will quickly spins into a rage fueled discussion about sales-driven security (meaning InfoSec products that are pitched and sold with no real security value). […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Seven years of malware linked to Russian state-backed cyberespionage

http://arstechnica.com/security/2015/09/seven-years-of-malware-linked-to-russian-state-backed-cyberespionage/ By Sean Gallagher Ars Technica Sep 17, 2015 For the past seven years, a cyberespionage group operating out of Russia—and apparently at the behest of the Russian government—has conducted a series of malware campaigns targeting governments, political think tanks and other organizations. In a report issued today, researchers at F-Secure provided an in-depth look at an organization labelled by them as “the Dukes,”which has been active since at least 2008 and has evolved into a methodical developer of “zero-day” attacks, pulling together their own research with the published work of other security firms to provide a more detailed picture of the people behind a long-running family of malware. Characterized by F-Secure researchers as a “well resourced, highly dedicated and organized cyberespionage group,” the Dukes have mixed wide-spanning, blatant “smash and grab” attacks on networks with more subtle, long-term intrusions that harvested massive amounts of data from their targets, which range from foreign governments to criminal organizations operating in the Russian Federation. “The Dukes primarily target Western governments and related organizations, such as government ministries and agencies, political think tanks and governmental subcontractors,” the F-Secure team wrote. “Their targets have also included the governments of members of the Commonwealth of Independent States; Asian, African, and Middle Eastern governments; organizations associated with Chechen terrorism; and Russian speakers engaged in the illicit trade of controlled substances and drugs.” The first known targets of the Dukes’ earliest-detected malware, known as PinchDuke, were some of the first known targets were associated with the Chechen separatist movement, by 2009 the Dukes were going after Western governments and organizations in search of information about the diplomatic activities of the United States and the North Atlantic Treaty Organization. While most of the attacks have used spear phishing emails as the means of injecting malware onto targeted systems, one of their attacks have spread malware through a malicious Tor exit node in Russia, targeting users of the anonymizing network with malware injections into their downloads. The known components of the Duke malware family, in the order they have been detected by malware researchers at F-Secure, Kaspersky, Palo Alto Research and others, are: […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail