Tag Archives: tools

My latest Gartner research:Competitive Landscape: Endpoint Detection and Response Tools

5 January 2017  |  …EPP providers starting to offer EDR features. At least 50% of endpoint detection and responseproviders will incorporate enhanced analytics of user and attacker…the next 12 to 24 months, up from less than 15% today. The endpoint detection and response (EDR…

Gartner clients can access this research by clicking here.




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Surprise! America Already Has a Manhattan Project for Developing Cyber Attacks

http://www.wired.com/2015/02/americas-cyber-espionage-project-isnt-defense-waging-war By Kevin Poulsen Threat Level Wired.com 02.18.15 “What we really need is a Manhattan Project for cybersecurity.” It’s a sentiment that swells up every few years in the wake of some huge computer intrusion—most recently the Sony and Anthem hacks. The invocation of the legendary program that spawned the atomic bomb is telling. The Manhattan Project is America’s go-to shorthand for our deep conviction that if we gather the smartest scientists together and give them billions of dollars and a sense of urgency, we can achieve what otherwise would be impossible. A Google search on “cyber Manhattan Project” brings up results from as far back as 1997—it’s second only to “electronic Pearl Harbor” in computer-themed World War II allusions. In a much-circulated post on Medium last month, futurist Marc Goodman sets out what such a project would accomplish. “This Manhattan Project would help generate the associated tools we need to protect ourselves, including more robust, secure, and privacy-enhanced operating systems,” Goodman writes. “Through its research, it would also design and produce software and hardware that were self-healing and vastly more resistant to attack and resilient to failure than anything available today.” These arguments have so far not swayed a sitting American president. Sure, President Obama mentioned cybersecurity at the State of the Union, but his proposal not only doesn’t boost security research and development, it potentially criminalizes it. At the White House’s cybersecurity summit last week, Obama told Silicon Valley bigwigs that he understood the hacking problem well—“We all know what we need to do. We have to build stronger defenses and disrupt more attacks”—but his prescription this time was a tepid executive order aimed at improving information sharing between the government and industry. Those hoping for something more Rooseveltian must have been disappointed. On Monday, we finally learned the truth of it. America already has a computer security Manhattan Project. We’ve had it since at least 2001. Like the original, it has been highly classified, spawned huge technological advances in secret, and drawn some of the best minds in the country. We didn’t recognize it before because the project is not aimed at defense, as advocates hoped. Instead, like the original, America’s cyber Manhattan Project is purely offensive. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] CarolinaCon-11 is coming – March 20th-22nd 2015

Forwarded from: Vic Vandal h4x0rs, InfoSec geeks, script kidz, posers, and friends, CarolinaCon is back for its 11th year, which is also billed as “the last CarolinaCon as we know it”. For about the price of your average movie admission with popcorn and a drink ($20), YOU are invited to join us for yet another intimate and informative weekend of hacking-related education. This year’s event will be held on the weekend of March 20th-22nd 2015 in Raleigh NC at the North Raleigh Hilton (Midtown). The currently chosen lineup includes more presenters named Old Gregg than you’ll find at any conference anywhere, along with other esteemed individuals, such as; – Have you ever drunk Bailey’s from a shoe? (aka Pen-Testing & Social Engineering Convergence) – Old Gregg (smrk3r) – Cryptocurrency Laundering Theory for Fun and Retirement – Old Gregg (myddrn) – How to design your “You got hacked” page – Old Gregg (digital shokunin) – Electronics Engineering for Pen-Testers – Old Gregg (melvin2001) – Phony Business – What Goes Around Comes Back Around – Unregistered & Snide – Elevator Obscura: Industry Hacks & Answers to all Your Odd Questions About Those Magical Moving Rooms – Howard Payne & Deviant Ollam – Rethinking the Origins of the Lock – Schuyler Towne – RedneckSec – @th3mojo – Cyber War Stories – Andrew Shumate – One Step Closer to the Matrix: Machine Learning and Augmented Reality in Networking – Rob Weiss & John Eberhardt – I live in a van and so can you – Mark Rickert, aka Matt Foley – Drilling Deeper with Veil’s PowerTools – Justin Warner (@sixdub) & Will Schroeder (@harmj0y) – Hacker’s Practice Ground – Lokesh Pidawekar – Social engineering is bullsh*t, call it what it is – surpherdave – Anatomy of Web Client Attacks – Jason Gillam – Art of Post-infection Response and Mitigation – chill – SPAM, Phish and Other Things Good to Eat – Joshua Schroeder / JoshInGeneral …..and potentially 1-2 other l33t talks that we might be able to squeeze in! Side events currently on tap include; – Capture The Flag – Mobile Museum of Vintage Technology – Lockpicking Village – Hacker Trivia – Android Netrunner – Pulp Fiction Canonical Drinking Game – “Unofficial” Shootout (details at http://hackers.withguns.com/) For those traveling to the event or who simply want to stay at the Hilton venue throughout, hotel rooms at the special CarolinaCon group rate can be reserved via this link. http://www.hilton.com/en/hi/groups/personalized/R/RDUNHHF-CCC-20150319/index.jhtml?WT.mc_id=POG ALERT: The special group rate is only available until February 20th, so book now if interested. For other exciting details as they develop stay tuned to: http://www.carolinacon.org If you have any important questions about the event that are NOT answered in website content you can send an email to; infocarolinacon.org Peace, Vic


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Startup finds malware intrusions by keeping an eye on processor radio frequencies

http://www.networkworld.com/article/2875517/security0/startup-finds-malware-intrusions-by-keeping-an-eye-on-processor-radio-frequencies.html By Tim Greene Network World Jan 26, 2015 PFP Cybersecurity, a startup with roots in academia and the military, seeks out malware by analyzing the performance of hardware – not software and not the behavior of devices on the network. PFP’s system compares ongoing radio-frequency output from processors to a baseline that is established when the device is known to be performing legitimate tasks. When it detects anomalies that might represent malicious activity, it triggers alarms. Then it’s up to other tools to figure out what exactly is behind the problem. The system could be used to keep an eye on a large number of similar devices all performing the same task, such as those found in supervisory control and data acquisition (SCADA) networks that support power grids, chemical plants and the like. Savannah River National Laboratory is considering the gear for to protect its smart-grid relays. The system could also be used to check new devices as they are delivered from the plants where they are made in order to find faulty ones or ones that have been tampered with, the company says. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] About the infosec skills shortage

http://3vildata.tumblr.com/post/109188919632/about-the-infosec-skills-shortage By https://twitter.com/addelindh and https://twitter.com/0xtero http://3vildata.tumblr.com/ Jan 26th, 2015 Today I got into an argument on Twitter that started with me saying something sarcastic in reference to a recent statement by a vendor and ended with a discussion about the skills shortage in security. Twitter can be a difficult medium sometimes and I don’t really feel that I got my point across, so this is my attempt to correct that. Before I start I would like to point out that in no way do I think that this is the only reason there is a skills shortage in security, but that I do consider it a large contributing factor. In the beginning, there was firewalls Enterprise investment in security has traditionally been in products such as firewalls, anti-virus, IPS/IDS, and so on. Security products has in turn been marketed and sold as “solutions” rather than tools; heavily automated and not really much to work with. Because of this, they have been considered as infrastructure components rather than applications, you just install and configure them and then let them do their magic. Automation is great, until it isn’t The thing about buying automated solutions is that it removes the incentive to invest in knowledge of the problem the solution was supposed to solve. Why pay money so that someone can learn how to solve a problem that has already been solved, right? For an enterprise, this makes perfect sense, and for a while it worked. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

My latest Gartner research: Competitive Landscape: Endpoint Detection and Response Tools, 2014

The endpoint detection andresponse (EDR) market (also referred to in Gartner research as endpoint threat detection and response[ETDR]) is an emerging security technology market created … Carbon Black EDR software solution to provide both endpoint prevention, visibility, detection and response in an integrated solution. The latest version 7. …

Gartner clients may access this research by clicking here.


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Can Iran Turn Off Your Lights?

http://www.defenseone.com/technology/2014/12/can-iran-turn-your-lights/100821/ By Patrick Tucker Defense One December 9, 2014 Online security company Cylance released a report last week showing that an Iranian cyber-espionage operation “Operation Cleaver” had successfully breached U.S. and foreign military, infrastructure and transportation targets. The report claimed to confirm widely-suspected Iranian hacks of the unclassified Navy Marine Core Intranet system, NMCI, in 2013. It describes (with explicitly naming) more than 50 targets around the world, including players in energy and transportation. But is the Iranian cyber threat overblown? The tactics detailed in the report show an escalation of Iranian hacking activity, which the report’s writers, in several instances, refer to as rapid. “We observed the technical capabilities of the Operation Cleaver team rapidly evolve faster than any previously observed Iranian effort. As Iran’s cyber warfare capabilities continue to morph the probability of an attack that could impact the physical world at a national or global level is rapidly increasing. Their capabilities have advanced beyond simple website defacements, Distributed Denial of Service (DDoS) attacks, and Hacking Exposed style techniques,” the report states. The Operation Cleaver team found vulnerabilities in the Search Query Language or SQL coding in various target systems and then used those SQL vulnerabilities to inject secret commands into back servers (a tactic called SQL injection). They were then able to upload new tools into the systems allowing for more data theft and access. The tools enabled the hackers to capture a wide number of administrator passwords (a technique known as credential dumping) and even log keystrokes on affected computers. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Popular messaging apps fail EFF’s security review

http://news.techworld.com/security/3584204/popular-messaging-apps-fail-effs-security-review/ By Lucian Constantin Techworld.com 04 November 2014 Some of the most widely used messaging apps in the world, including Google Hangouts, Facebook chat, Yahoo Messenger and Snapchat, flunked a best-practices security test by advocacy group the Electronic Frontier Foundation (EFF). The organization evaluated 39 messaging products based on seven criteria it believes such tools should meet in order to ensure the privacy and security of digital communications. The reviewed products included mobile texting apps, instant messaging clients, voice and video calling software and email services. The results were published Tuesday under the form of a Secure Messaging Scorecard. The EFF did not perform vulnerability assessments or in-depth technical analyses of the encryption implementations in the reviewed products. Instead it judged them based on principles and features it felt are necessary to protect communications from widespread Internet surveillance by governments, which includes data collection in transit or from online service providers. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail