Author: nlqip
All too often, I hear colleagues wax poetic on the disdain their directors and managers have towards the mission of cyber security. I’m always eager to provide some sage couples counseling wisdom toward these difficult relationships between CISOs and their colleagues. 1. Designate FUD as your Friend rather than Adversary Someone once said that Fear,…
Read MoreNeed-to-Know Facts CVE-2017-74942 has a CVSS Score of 7.5 (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)3. This vulnerability is the Linux version of WannaCry, appropriately named SambaCry. A malicious Samba client that has write access to a Samba share could use this flaw to execute arbitrary code typically as root. The flaw allows a malicious client to upload a shared library to…
Read More2016 has been called “the year of stolen credentials,” and with good reason. Between the massive breaches at Yahoo, LinkedIn, MySpace, Tumblr,1 Twitter,2 and Dropbox,3 just to name a few, it’s estimated that over 2 billion records were stolen. Although attackers steal all kinds of data, a vast majority of what’s stolen are user credentials,…
Read MoreAh, CISOs. Such magnificent and noble creatures. There’s such a wide variety in the wild that you might have a hard time believing they are all part of the same species. Let’s take a short field expedition to familiarize ourselves with a few common varieties. And wipe all that sunscreen off your face, you won’t…
Read MoreAll businesses watch their bottom line. That’s unsurprising. Those that provide technology to consumers (whether IoT device manufacturers or your local ISP that provides your home router) are particularly careful about balancing product support with ease of use. That can lead to what the inventors no doubt believe is an ingenious method of determining passwords…
Read MoreFor the past 15 years, American organizations have lived in the shadow of breach disclosure. It all began in California under SB-13861 in 2002, which mandated written notification of victims of privacy breaches of unencrypted personal data. The law covers organizations located in or doing business in California. Because California is the most populous state…
Read MoreThere’s an expression in geekdom called “yak shaving” that refers to doing busywork that appears important but is actually useless. The essence is that yak shaving is easier to do than dealing with the actual problem at hand (which is often complex and hard).1 Too Much Security Awareness Training There’s only so much security training…
Read MoreThe financial trojan TrickBot has been updating its campaigns and targets since F5 malware researchers started following it in September 2016. This is expected behavior because attackers need to continually update their targets and methods to evade detection. Previously, TrickBot, the successor to Dyre, targeted financial institutions in Europe, Australia, New Zealand, and Canada. TrickBot’s May 2017…
Read MoreNSA, CIA Leaks Provide a Roadmap to Stealthier, Faster, More Powerful Malware Like SambaCry and NotPetya
- by nlqip
It’s been another banner year for leakers. In May, Wikileaks released the CIA’s Vault7 cyberwarfare documentation,1 and the Shadow Brokers released NSA exploit information, including the Windows EternalBlue2 exploit. EternalBlue was quickly weaponized into the WannaCry ransomware that pummeled the Internet for days. The Petya/NotPetya ransomware hitting Eastern Europe is also reportedly using EternalBlue to infect machines.…
Read MoreIn Part I of this blog series, we introduced information modeling as a method to reduce compliance gaps. In this blog, we create a master model of protection based on the business model of a fictitious company called Eclipse Cloud Services (ECS). The master protection model forms the basis of contextualizing access to the infrastructure,…
Read MoreRecent Posts
- Security plugin flaw in millions of WordPress sites gives admin access
- Phishing emails increasingly use SVG attachments to evade detection
- Fake AI video generators infect Windows, macOS with infostealers
- T-Mobile confirms it was hacked in recent wave of telecom breaches
- GitHub projects targeted with malicious commits to frame researcher