skip to Main Content
Cyberseer News Roundup Banner

Cyber News Roundup

April 20th, 2015

In the last week we have seen a couple of timely reminders that effective cyber security requires a lot more than implementing the latest tech and tools – it requires constant vigilance and joined-up thinking across the organisation. Venfi Labs report in SC Magazine on the continuing high levels of vulnerability to Heartbleed, despite it being over a year since the bug was “solved” technically; the technical fix, as usual, was the easy part, and the really hard work of responding to Heartbleed has been in implementation and key management.

IBM report in Engadget on the scale of the Dyre Wolf attack, which at its heart relies on good old social engineering. Directing human behaviour and maintaining good operation security remains as difficult a challenge as ever.

It’s not all cautionary tales however. Cisco blog reports on their combined efforts with Level 3 Communications to thwart a large scale attack campaign at the infrastructure level. Their efforts are an excellent reminder of the importance of cooperation within the security community and a great example of the results that can be achieved when we share intelligence and work together.

To receive news, updates and events directly to your inbox, sign up for the Cyberseer’s communication HERE. We guarantee 100% privacy, your information won’t be shared. Follow us on Twitter (@CyberseerNet), Googleplus and LinkedIn.

“Experiment Tracks Dissemination of Illicit Data on Dark Web” [eweek]

“A file containing 1,500 fake identity records and posted to underground forums is quickly downloaded and disseminated to 22 countries, according to research by security firm Bitglass.”

Heartbleed“Nearly 75 percent of Global 2000 organisations still vulnerable to Heartbleed?” [SC Magazine UK]

“The majority of Global 2000 organisations are still vulnerable to Heartbleed, a critical bug discovered in widely used versions of the OpenSSL library that was discovered one year ago.

 

 

“Dyre Wolf attack swipes $1million in wire transfers” [engadget]

The Dyre Wolf“Hackers continue their brazen attacks on organisations and are even having their victims call them on the phone to hustle them out of their company’s money. That’s what IBM’s Security Intelligence division has discovered while researching a malware-based attack they have dubbed The Dyre Wolf that’s responsible for stealing more than $1million. The coordinated campaign uses targeted speak phishing emails, malware and good ol’ chatting-on-the-phone social engineering to go after organisations that use wire transfers.” [Image Credit: IBM] VIA: Engadet.com

The Dyre Wolf Attack Steps

 
“Cool Global Accolade for Darktrace” [Business Weekly]

Darktrace Cyber Intelligence Platform - https://www.cyberseer.net/cyber-security-solutions/technology/darktrace-cyber-intelligence-platform/“Darktrace, the Cambridge UK-based cyber security specialist, has been named a ‘Cool Vendor’ by globally respected technology research firm Gartner. Darktrace’s enterprise immune system technology leverages machine learning and mathematics developed at the University of Cambridge to automatically establish a ‘pattern of life’ for every user and device within an organisation”

“Threat Spotlight: SSHPsychos” [CISCO Blogs – Threat Research]

“Talos has been monitoring a persistent threat for quite some time, a group we refer to as SSHPsychps or Group 93. This group is well known for creating significant amounts of scanning traffic across the Internet. Although…research efforts help inform and protect…globally. The primary focus of SSHPsychos has been SSH brute force attacks.”

To submit news articles for inclusions on the Cyberseer News Roundup, please email us at: 
[email protected]
.

About Cyberseer – The Threat Detection Specialists

Cyberseer excel in advanced threat detection by leveraging cutting edge technologies and forensic analysis and investigation. Our security solutions alongside our threat detection and analytics managed service provide organisations with a flexible and intelligent defence that protects them from both external and internal cyber-attacks.

Leave a Reply

Your email address will not be published. Required fields are marked *

Search