April 20th, 2015
In the last week we have seen a couple of timely reminders that effective cyber security requires a lot more than implementing the latest tech and tools – it requires constant vigilance and joined-up thinking across the organisation. Venfi Labs report in SC Magazine on the continuing high levels of vulnerability to Heartbleed, despite it being over a year since the bug was “solved” technically; the technical fix, as usual, was the easy part, and the really hard work of responding to Heartbleed has been in implementation and key management.
IBM report in Engadget on the scale of the Dyre Wolf attack, which at its heart relies on good old social engineering. Directing human behaviour and maintaining good operation security remains as difficult a challenge as ever.
It’s not all cautionary tales however. Cisco blog reports on their combined efforts with Level 3 Communications to thwart a large scale attack campaign at the infrastructure level. Their efforts are an excellent reminder of the importance of cooperation within the security community and a great example of the results that can be achieved when we share intelligence and work together.
To receive news, updates and events directly to your inbox, sign up for the Cyberseer’s communication HERE. We guarantee 100% privacy, your information won’t be shared. Follow us on Twitter (@CyberseerNet), Googleplus and LinkedIn.
“A file containing 1,500 fake identity records and posted to underground forums is quickly downloaded and disseminated to 22 countries, according to research by security firm Bitglass.”
“The majority of Global 2000 organisations are still vulnerable to Heartbleed, a critical bug discovered in widely used versions of the OpenSSL library that was discovered one year ago.
“Hackers continue their brazen attacks on organisations and are even having their victims call them on the phone to hustle them out of their company’s money. That’s what IBM’s Security Intelligence division has discovered while researching a malware-based attack they have dubbed The Dyre Wolf that’s responsible for stealing more than $1million. The coordinated campaign uses targeted speak phishing emails, malware and good ol’ chatting-on-the-phone social engineering to go after organisations that use wire transfers.” [Image Credit: IBM] VIA: Engadet.com
“Darktrace, the Cambridge UK-based cyber security specialist, has been named a ‘Cool Vendor’ by globally respected technology research firm Gartner. Darktrace’s enterprise immune system technology leverages machine learning and mathematics developed at the University of Cambridge to automatically establish a ‘pattern of life’ for every user and device within an organisation”
“Talos has been monitoring a persistent threat for quite some time, a group we refer to as SSHPsychps or Group 93. This group is well known for creating significant amounts of scanning traffic across the Internet. Although…research efforts help inform and protect…globally. The primary focus of SSHPsychos has been SSH brute force attacks.”
To submit news articles for inclusions on the Cyberseer News Roundup, please email us at:
About Cyberseer – The Threat Detection Specialists
Cyberseer excel in advanced threat detection by leveraging cutting edge technologies and forensic analysis and investigation. Our security solutions alongside our threat detection and analytics managed service provide organisations with a flexible and intelligent defence that protects them from both external and internal cyber-attacks.