Best Practices for Mitigating Advanced Persistent Threats – On Demand Video

My Keynote last year at Ahnlab’s 2013 Security Fair: My presentation title is “Best Practices for Mitigating Advanced Persistent Threats”.

I was completely surprised that this got so many hits. But I guess it is a popular subject.

Broadcast live streaming video on Ustream




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hebrew no shield from hackers, phony bank app shows

http://www.timesofisrael.com/hebrew-wont-stop-hacking-fake-bank-app-shows/ By David Shamah The Times of Israel June 26, 2014 Israelis are just as vulnerable as anyone else to hacking and data theft, and their right-to-left language won’t shield them, experts say, after discovering a Hebrew version of a dangerous phony bank app While a Hebrew interface is no guarantee of an app’s safety, said Israeli security expert Tal Pavel, seeing their native language is uncommon enough that it would probably lead Israelis to trust the app more. “It’s really a sophisticated form of ‘phishing,’ where hackers use a form of social engineering to steal data,” said Pavel. In a phishing scam, said Pavel, an expert on Internet usage and crimes in the Middle East, “hackers search for a ‘weak link ,’ matching a message with a potential victim, using threats, rewards, fear or other psychological tactics to get the victim to click on a link or open a document that will install a virus or trojan, giving them access to data.” In this case, he said, the legitimate-looking Hebrew app that is almost indistinguishable from the real thing would be enough to prompt Mizrahi Bank customers to download the app and allow hackers free access to their data. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Security industry runs aground

http://news.techeye.net/business/security-industry-run-aground By a staff writer TecheEYE.net 26 June 2014 The IT security industry is unable to cope with cybercrime and needs to come up with a better way of protecting customers. Eugene Spafford, a computer security expert and professor of computer science at Purdue University, said that the security industry is just adding layers of defensive technologies to protect systems. However it can’t deal with the most substantial, underlying problems that sustain a sprawling cybercrime syndicate. Talking at the FIRST security conference in Boston, Spafford said that software makers continue to churn out products riddled with vulnerabilities, creating an incessant patching cycle for IT administrators that siphons resources from more critical areas. He said that the problem was so bad that today businesses are rushing to invest in many of the latest security technologies designed to detect infections without any ability to efficiently fix them. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] This Site Shows Who Is Hacking Whom Right Now — And The US Is Getting Hammered

http://www.businessinsider.com/norse-hacking-map-shows-us-getting-hammered-2014-6 By Jeremy Bender Business Insider June 26, 2014 U.S.-based computer security firm Norse has released a real-time animated map that illustrates ongoing cyberattacks around the world. Without a doubt, the U.S. is getting constantly hammered by hackers. In just 45 minutes, the U.S. was the victim of 5,840 cyberattacks. Within that span of time, the U.S. suffered from 27 times more cyberattacks than Thailand, the second most targeted country. Thailand was the target of only 220 cyber attacks during these 45 minutes. The Norse map does not represent all hacking attempts in the world. Instead, according to Smithsonian Magazine, the map relies on a Norse honeypot network — a network purposefully designed to detect hacking — to provide a representative snapshot of global hacking attempts. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Airport breach a sign for IT industry to think security, not money

http://www.csoonline.com/article/2378585/data-protection/airport-breach-a-sign-for-it-industry-to-think-security-not-money.html By Antone Gonsalves CSO Online June 26, 2014 The two U.S. airports that had their computers compromised by an unknown group of hackers is a wake up call that America’s best IT talent needs to focus less on money and more on national security, an expert says. The Center of Internet Security (CIS), a government-endorsed nonprofit that helps states with cybersecurity, said in its recently released report that it was notified in the summer of 2013 of advanced persistent attacks (APTs) against four U.S. airports. The CIS later learned that the same attackers were targeting eight other airports. Because there’s no financial gain from going after airports, “the logical point of these attacks is to be able to support taking down or controlling critical systems in time of war or conflict,” Murray Jennex, a San Diego State University professor and former systems engineer at the San Onofre nuclear power plant in California, said. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Secure Messaging App Wickr Raises $30 Million Series B

http://techcrunch.com/2014/06/26/secure-messaging-app-wickr-raises-30-million-series-b/ By Sarah Perez TechCrunch.com June 26, 2014 Self-destructing and encrypted messaging app Wickr raised $30 million in Series B funding, the company is announcing today, in a round led by Jim Breyer, founder and CEO of Breyer Capital, with participation from CME Group and Wargaming. Breyer will now join the company’s board. The new round comes on the heels of Wickr’s $9 million Series A announced earlier this year. The app was created by CEO Nico Sell, also co-founder of the DEF CON security conference, as a tool that allows senders and receivers to communicate privately. Only the receiver is able to decrypt the message after it’s sent, as the company itself does not hold the decryption keys. Security and privacy are popular topics in this post-Snowden era, where a backlash against mainstream social services is finding new footing with those of a younger generation, as well as those wanting to protect themselves from overzealous ad-targeting or even in some cases, totalitarian government regimes. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Sourcefire founder Martin Roesch shares lessons from building a $2.7 billion business

http://www.washingtonpost.com/business/capitalbusiness/sourcefire-founder-martin-roesch-shares-lessons-from-building-a-27-billion-business/2014/06/26/bc6e005a-fcb1-11e3-932c-0a55b81f48ce_story.html By Steven Overly The Washington Post June 26, 2014 Martin Roesch founded cybersecurity software firm Sourcefire in 2001 with the goal of making money on a widely used and freely distributed security program he had built years earlier called Snort. Twelve-and-a-half years later, Cisco bought the company for $2.7 billion. Now that’s what you call making money. In an interview last week at start-up hub 1776, Roesch shared lessons learned along the way with a gathering of tech and security enthusiasts: Admit what you don’t know. In 2002, Roesch was flying back and forth between Sourcefire’s Columbia headquarters and the offices of West Coast investors. Every time he returned, there was a new face in the office. The company went from four employees to 30 in less than six months. “I was very, very scared. We were growing so quickly and things felt out of control and I didn’t have any experience with what we were doing. I was terrified I was going to screw up and kill us all,” he said. So Roesch made a decision that more egotistical founders might find difficult: He hired someone to take over as chief executive who had the business acumen to complement his technical know-how. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Android malware targets South Korean online banking customers

http://www.networkworld.com/article/2401481/android-malware-targets-south-korean-online-banking-customers.html By Jeremy Kirk IDG News Service June 26, 2014 Malicious software that swaps itself for legitimate online banking applications is striking users in South Korea, with thousands of devices infected in the last week, according to a Chinese mobile security company. Cheetah Mobile, formerly known as Kingsoft Internet Security Software, wrote that the banking malware masquerades as a popular game or tool on third-party Android application markets. Google checks Android applications in its Play store for malicious behavior, but third-party marketplaces are often rife with malicious applications. Security experts advise caution when using such sources for applications. If the malicious application is installed, it scans for the official applications of South Korean banks including Nong Hyup, Shinhan, Kookmin, Woori, Hana, Busan and the Korean Federation of Community Credit Cooperatives, Cheetah Mobile wrote. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail