YouTube – Seculert Cyber Threat Management.
Our partner Seculert has just published this video on YouTube, highlighting it’s ability to complement existing security controls to provide detailed information on systems compromised by botnets.
Opinions about information security from a risk management perspective
YouTube – Seculert Cyber Threat Management.
Our partner Seculert has just published this video on YouTube, highlighting it’s ability to complement existing security controls to provide detailed information on systems compromised by botnets.
The Top 10 Security Questions Your CEO Should Ask — CIOUpdate.com.
From PwC, here are the top 10 questions your CEO should be asking you:
This article provides a paragraph or two on each one of these questions.
Seculert Research Lab: The New Trend in “Malware Evolution”.
This post by Seculert Research Labs provides an overview of the evolution of Carberp. Carberp is a relatively new botnet which is rapidly evolving into the one of the most sophisticated pieces of malware ever seen.
Some say it will be the successor to Zeus. Whether that happens remains to be seen, but its developers are surely competing for the cybercriminals’ software budget.
While there are many compelling benefits to Software-as-a-Service solutions like Salesforce, SuccessFactors, and Gmail, there are also privacy, security and compliance inhibitors which arise from the fact that SaaS application data is stored in clear text.
For many organizations, encrypting the communication between users and SaaS applications is simply not enough. Some large organizations have resorted to installing SaaS applications in their datacenters to meet privacy, security and compliance requirements. This way they get some of the SaaS application benefits but still must endure the real estate, power, hardware, communications, and associated administrative expenses themselves.
Some organizations have restricted the use of SaaS applications to those where clear-text data does not run afoul of regulatory issues.
The ideal solution would be to encrypt data on the way into and back out of the SaaS applications. SaaS backup solutions, for example, have been doing this for years. The file metadata stays in clear text but the files themselves are encrypted. However, for data-oriented applications like Salesforce, SuccessFactors, and Gmail, standard data encryption does not work because once the data is encrypted, you cannot search or sort on it.
Finally, a solution has come to market – Navajo Systems – which allows you to meet regulatory compliance requirements for storing, for example, Personally Identifiable Information (PII) and Protected Health Information (PHI) in SaaS applications. Navajo’s breakthrough is an encryption algorithm which allows searching and sorting. In other words, data is encrypted before it leaves your organization and is stored in the SaaS application in that same encrypted form, yet can be searched and sorted in a way that is both transparent to the SaaS application and to the users!!
Only you have the encryption keys. No one at the SaaS vendor can read your data. Full disclosure, Cymbel is partnering with Navajo. We would be glad to show you exactly how this works.
Here are links to more information about SaaS Compliance and Navajo Systems.
Panda Security Goes Inside Web’s Black Market
PandaLabs released 44 page report called, The Cyber-Crime Black Market: Uncovered. If you are not familiar with the subject, this report is very good. Here are some highlights:
The exponential growth of malware
Five years ago, there were only 92,000 strains of malware cataloged throughout the company’s 15-year history. This figure rose
to 14 million by 2008 and 60 million by 2010, which gives a good indication of the rate of growth.
At this rate is it reasonable to rely on a signature-based approach to malware detection? No mention is made of 0-day malware. We like FireEye‘s behavioral approach to complement a signature-based approach to anti-malware.
The cyber-crime professions
Panda quotes the FBI’s list of ten different professions that make up the cyber-crime black market – Programmers, Distributors, Tech Experts, Hackers, Fraudsters, Hosted systems providers, Cashiers, Money mules, Tellers, and Organization Leaders. This division of labor should give you some idea of the maturity of the cyber-crime underground.
The process
Panda does a fairly good job of documenting the process although this section of the report could have been better organized.
The black market at-a-glance
This section show just how sophisticated the black market ecosystem is. Just like the markets we engage in every day, there are promotion, try & buy offers, discounts for volume purchases, multiple payment options, and post-sale support services.
What to do and what not to do
The report closes with some common sense advice as to what to do and what not to do to minimize your risk of cyber-fraud.
Zeus Latest Evolution in Malware Trends – Targets Online Payment Providers.
Trusteer is reporting on the evolution of the Zeus malware. Originally it targeted users performing online bank transactions. It’s now targeting online payment providers like Money Bookers, Web Money, netSpend, and e-gold. These types of companies have millions of users. If one of these users has his or her account looted, what recourse does the person have? After all, these are not banks and are most probably not legally bound to make good to their abused clients.
Zscaler reports on ‘blackhat’ SEO numbers for December 2010.
One of the Social Engineering risks a user must cope with is malicious web page links that show up in Google searches. Google is aware of this problem and works to weed out the “blackhat” website pages that attempt to fool Google’s algorithms.
While Google’s efforts are improving, Zscaler is reporting that in December 2010, Google flagged only 44% of the “blackhat” links that Zscaler identified.
Full disclosure – Zscaler is a Cymbel partner.
Facebook scam: Guy that lives in my street killed his girlfriend today.
Social Engineering creativity knows no bounds.
This one has been spreading for a couple of days, posing as a news story from one of your Facebook friends that someone who lives in their street has killed his girlfriend.
If you have been hit by scams like this on Facebook, and are struggling to clean-up your profile, here’s a YouTube video I made which describes what steps you need to take.
ReadWrite Enterprise has a nice summary of the Cisco 2010 Annual Security Report. Here are some of the key points.
Cisco goes MBA-ish with a quadrant to show trends in cybercriminals’ attack methods.
Social engineering continues as a key technique. Cisco highlights the seven weaknesses social engineers exploit: sex appeal, greed, vanity, trust, sloth, compassion, and urgency. Cisco recalls the Robin Sage fiasco.
Java has become the number one target for cybercriminals replacing PDF.
And of course, Cisco acknowledges Stuxnet and the “evil” cybercrime winner.