Kacy Zurkus
Author Archives: Kacy Zurkus
- Home → Author's archive:
Kacy Zurkus
0
The sport of threat hunting, and who should be in the game
“Hunting is not a sport. In a sport, both sides should know they're in the game.”According to Field and Stream magazine, this is an oft quoted hunting expression. There is irony in applying this quote to the cyber security industry where hunting is indeed a sport. The good guys and the bad guys both know that they are in the game.Joseph Loomis, CEO of CyberSponse, works closely with the cyber units at the FBI, DHS and Secret Service described this trendy new cyber sport in which the good guys try to entrench themselves into the world of the dark web.To read this article in full or to leave a comment, please click here
0
The sport of threat hunting, and who should be in the game
“Hunting is not a sport. In a sport, both sides should know they're in the game.”According to Field and Stream magazine, this is an oft quoted hunting expression. There is irony in applying this quote to the cyber security industry where hunting is indeed a sport. The good guys and the bad guys both know that they are in the game.Joseph Loomis, CEO of CyberSponse, works closely with the cyber units at the FBI, DHS and Secret Service described this trendy new cyber sport in which the good guys try to entrench themselves into the world of the dark web.To read this article in full or to leave a comment, please click here
0
The expanding landscape of exploit kits
Angler, Magnitude, and Nuclear are a few of the most commonly used exploit kits criminals are using to deliver a variety of payloads from botnets to ransomware. Exploit kits are really just a means for malicious actors to get in the door. Once their payloads are installed, the payload is unique to the criminal, and the payload delivered has a profound impact on business operations.The prevalence of exploit kits and the techniques favored by attackers changes quite often. Only a few years ago, Black Hole was the most popular exploit kit until its author, Dmitry “Paunch” Fedotov was arrested. In the years that followed his arrest, the use of Black Hole declined. Despite "Paunch" being sentenced to seven years in prison last month, exploit kit authors remain undeterred and vigilant in their derivatives.To read this article in full or to leave a comment, please click here
0
Political statements largely behind DDoS attacks
Countries around the world from Estonian and Ukraine to China, Russia, and the US have been the target of DDoS attacks, many of which are politically motivated. Criminals aren't necessarily looking to steal data or other assets as much as they are intending to make a very powerful statement.According to Nexusguard’s Q4 2015 threat report, attacks on Turkey skyrocketed ten-fold to more than 30,000 events per day, surpassing the thousands of attacks on other popular targets like China and the U.S. The attacks, targeting Turkish IP addresses, contributed to a big increase in DNS attacks, outweighing other popular NTP and CHARGEN methods by 183 percent.To read this article in full or to leave a comment, please click here
0
Political statements largely behind DDoS attacks
Countries around the world from Estonian and Ukraine to China, Russia, and the US have been the target of DDoS attacks, many of which are politically motivated. Criminals aren't necessarily looking to steal data or other assets as much as they are intending to make a very powerful statement.According to Nexusguard’s Q4 2015 threat report, attacks on Turkey skyrocketed ten-fold to more than 30,000 events per day, surpassing the thousands of attacks on other popular targets like China and the U.S. The attacks, targeting Turkish IP addresses, contributed to a big increase in DNS attacks, outweighing other popular NTP and CHARGEN methods by 183 percent.To read this article in full or to leave a comment, please click here
0
Hospitals hacks put patient health at risk
A report that highlights the vulnerabilities in medical devices and the risks they pose to patient health issued by Independent Security Evaluators comes at an opportune time as the past month has shown that hospitals are becoming targets for criminals.Ted Harrington, executive partner at Independent Security Evaluators said, "It’s a scary report in a lot of ways, but our hope is to organize an industry in recognizing these problems. We are trying to make an entire industry start changing, especially one that is very regulated and complex. The conversations need to start happening."To read this article in full or to leave a comment, please click here
0
Defense in depth: Stop spending, start consolidating
When it comes to layered defense and security tools, less is often more just as more can sometimes be less. The average enterprise uses 75 security products to secure their network. That's a lot of noise and a lot of monitoring and testing for security practitioners. To make sure that the security tools not only work but work in harmony with each other, some security professionals recommend taking a closer look at the layers of the security ecosystem to eliminate redundancies that contribute to alert overload. There is a lot of threat intelligence information out there, and Stephan Chenette, CEO, AttackIQ said all of that threat information can be overwhelming. "They need to use the threat information to determine what is applicable to their organization and tailor it to their industry. Risk has a number of factors, not only the impact to organization but also the real probability of the threat," Chenette said.To read this article in full or to leave a comment, please click here
0
Current p2p trends threatening enterprise security
Security threats from peer to peer (p2p) communication are nothing new, but they are becoming more sophisticated. From ransomware and botnets, these threats are a global threat that continue to evolve in more sophisticated ways. If security teams aren’t looking for them, they may go undetected, which could be costly for the enterprise.The TrendLabs Security Intelligence blog has been talking about ransomware and CryptoLocker threats for the better part of this and the last decade. In his August 2015 post, Macro Threats and Ransomware Make Their Mark: A Midyear Look at the Email Landscape, Maydalene Salvador, noted that the number of spammed messages in 2014 was nearly 200 billion emails.To read this article in full or to leave a comment, please click here
0
Decrypt SSL traffic to detect hidden threats
The percentage of encrypted Internet traffic continues to grow creating a space where not only private information but also criminals can travel about undetected. In the last five years, the advent of SSL traffic from major companies like Google, YouTube, and Twitter has spawned an expansive movement toward encrypting Internet traffic for enterprises as well. The risk in taking this security measure, though, is that while the exchange of information via the Internet is secured, bad guys can also linger unnoticed. Criminals, of course, know this and use it to their advantage, cloaking their attacks within Transport Layer Security (TLS) or Secure Sockets Layer (SSL) traffic.To read this article in full or to leave a comment, please click here
0
Network security vs. app security: What’s the difference, and why does it matter?
If you’re familiar with the film The NeverEnding Story, then you know that the goal of the hero, Atreyu, was to reach the boundaries of Fantasia. He’s disappointed to learn that Fantasia has no boundaries because it’s the land of human fantasy. In some ways, the land of Fantasia is like network security. Where once there existed a fortress around the perimeter of a land that needed to be protected, those boundaries have expanded, leaving security professionals scratching their heads trying to discern how best to protect the enterprise against invaders.The idea that time and resources should be invested in either network security or application security is misguided as both are equally as important to securing the enterprise. To read this article in full or to leave a comment, please click here
0
DDoS attacks are more than disruptions to service
Distributed denial-of-service attacks have increased in complexity so that they are no longer just an annoyance causing a disruption in service. Criminals are using these attacks as a distraction while targeting sensitive data, leaving enterprises to pay for lost business and breach recovery.Any conversation that involved breaches this year included the statement, “It’s not if but when.” The expectation has become, as IDC’s Christina Richmond, program director, security services, said, “Breach is a foregone conclusion.”For many companies, the attacks are frequent and more advanced. Richmond said, "Distributed-denial-of-service attacks are no longer an isolated event. Sophisticated attacks hit companies of all sizes, in all industries.”To read this article in full or to leave a comment, please click here
0
How emerging technology is changing K-12 classrooms
Though implementing one-to-one initiatives such as having a laptop for every student continues to be a primary focus for many school systems across the country, those who have already a 1:1 program are discovering new ways to shape student learning. Impressive technology trends are transforming traditional classrooms for students at every grade level.Robotics, makerspaces and wearables will be a few of the trends that join the ranks alongside teachers and students in the fall. “Research shows that this group of kids learns very differently from past generations,” says GB Cazes, vice president at Cyber Innovation Center recognized, Cazes says.“The use of cyber as a way to provide a context for the content is rapidly growing. We are putting them on a cyber-highway and providing them with on and off ramps,” says Cazes, who added that this is especially true in science and math. One exciting new tool, the Boe Bot robot, allows students to build a robot with a microcontroller. “There are no textbooks for the Boe Bot. The Boe Bot is the textbook, so you provide teachers with all they need and the students are learning programming and coding as they build,” Cazes says.To read this Continue reading
0
When to host your Website’s security
Managing the daily updates and upgrades needed to keep the website secure demands a highly skilled administration team. A third party website management company provides both managed hosting and security, but the security of the site depends largely upon the provider.Larger enterprises come to website hosting providers because they have regulatory requirements that they can’t meet on their own. Commodity providers from AWS to Azure and Rackspace, provide infrastructure, but the enterprise monitors the security of the site themselves.Self-monitoring with a highly skilled team can be as reliable as entrusting their site to the security team of a web hosting provider, but not every organization has a staff with the expertise and flexibility needed to build a strong security platform program.To read this article in full or to leave a comment, please click here
0
8 new threat intelligence products to make you bulletproof
Threat intelligence + big data = real securityImage by ThinkstockThreat Intelligence and the use of data to flag critical security indicators were popular topics in Las Vegas at the Black Hat conference in early in August –and for good reason. As enterprises struggle to understand their network vulnerabilities, they have to consider the many layers of defense needed to secure their most valuable data. Security teams are inundated with threat data and overburdened by the need to allot countless man-hours to the task of weeding out the noise from the real threats.To read this article in full or to leave a comment, please click here
0
Threat intelligence needs to grow up
Security teams are overwhelmed with a massive amount of threat data. While a decade ago no one was talking about threat intelligence except government agencies, organizations are now bombarded with threat data leaving them challenged with identifying what is relevant.Aggregating that data requires a shift in mindset and a maturing of threat intelligence in order to better mitigate risks.Experts say that collecting data for the purposes of having data does no good and can actually detract from a security intelligence program by using up time and man power to analyze data that is most often noise rather than real indicators of threat.MORE ON CSO:10 tips to make sure you are ready when a disaster strikes If the long-term goal of enterprises is to have mature threat intelligence programs, they need to conduct an internal risk assessment and design a plan of action.To read this article in full or to leave a comment, please click here
0
Consumers still don’t get two-factor authentication
LAS VEGAS – Telesign, a mobile identity solutions provider, continued to educate the public about its free “Turn It On” Campaign – a step-by-step instructional guide to two-factor authentication (2FA) on some of the most visited websites – at this year’s Black Hat security conference. Co-founder Ryan Disraeli says that based on Telesign’s “Consumer Account Security Report,” it’s clear consumers want more security but don’t know much – if anything – about 2FA.The report, a study of the changing attitudes and behavior of consumers around their online security, found that “80 percent of consumers worry about online security and 45 percent are extremely or very concerned about their accounts being hacked.”To read this article in full or to leave a comment, please click here