Raxxis Breach of Global Bank - Real World Attack Case Study

The following is external content provided as a free resource for blog readers.

Raxis, a leading penetration testing firm, reconstructed a real-world APT attack by Russian hackers on a global bank. A stolen digital certificate and private key resulted in access to almost 100 servers and tens of millions of customer records.

Read this whitepaper, Real-world Attack Breaching a Global 100 Bank, to get the details on how you can protect your organization:

  • Discover how hackers obtain unsecured private keys and digital certificates
  • See how stolen keys and certificates increase the effectiveness of targeted phishing attacks
  • Find out how you can protect against certificate misuse to keep your business and your brand safe


Request Free!

New SANS 20 Updates Require Keys and Certificates to be Protected

The following is external content provided as a free resource for blog readers.

Enterprises have an average of almost 24,000 keys and certificates, and 54% of security professional admitted they don’t know where all of their keys and certificates are used. Is your organization ready to meet the new SANS 20 requirements?

Download this important SANS 20 Critical Security Control brief to learn how to implement these new requirements and reduce risk:

  1. Manage the rapid growth in keys and certificates

  2. Gain visibility into where all keys and certificates are located

  3. Secure your keys and certificates against cyberattacks

  4. Enforce automation of certificate issuance and renewal



Request Free!

Mitigating the DDoS Threat

The following is external content provided as a free resource for blog readers.
This white paper covers:
  • Likelihood of attacks for different industries
  • Top business concerns of DoS/DDoS attacks
  • 2013 notable attack vectors and landscape
  • DoS/DDoS protection best practices


Request Free!

Space Weather Outlook July 26, 2015 at 09:31PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-30 2015 July 26 at 7:20 p.m. MDT (2015 July 27 0120 UTC) **** SPACE WEATHER OUTLOOK **** Summary For July 20-26 G1 (Minor) geomagnetic storms were observed on 23 July. No R1 (Minor) or greater radio blackouts were observed. No S1 (Minor) or greater solar radiation storms were observed. Outlook For July 27-August 2 No G1 (Minor) or greater geomagnetic storms are expected. No R1 (Minor) or greater radio blackouts are expected. No S1 (Minor) or greater solar radiation storms are expected. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions

The following is external content provided as a free resource for blog readers.
As recent breaches like Target and Neiman Marcus show, payment card information is involved in more security breaches than any other data type. In too many places, sensitive card data is simply not protected adequately. Hacking Point of Sale is a compelling book that tackles this enormous problem head-on. Exploring all aspects of the problem in detail - from how attacks are structured to the structure of magnetic strips to point-to-point encryption, and more – it's packed with practical recommendations. This terrific resource goes beyond standard PCI compliance guides to offer real solutions on how to achieve better security at the point of sale.
  • A unique book on credit and debit card security, with an emphasis on Point-to-Point Encryption of payment transactions (P2PE) from standards to design to application
  • Explores all groups of security standards applicable to payment applications, including PCI, FIPS, ANSI, EMV, and ISO
  • Explains how protected areas are hacked and how hackers spot vulnerabilities
  • Proposes defensive maneuvers, such as introducing cryptography to payment applications and better securing application code
Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions is essential reading for security providers, software architects, consultants, and other professionals charged with addressing this serious problem.

Request Free!

Who's Using Cyber Threat Intelligence

The following is external content provided as a free resource for blog readers.
We've seen the “commercialization” of malware, with attack kits available on underground forums for anyone who wants to perpetrate a variety of attacks. Large botnets are available for rent, allowing attackers to send spam or launch DDoS attacks at will. Many attackers reuse malware and command and control protocols and methods, adapting their “products” over time to keep ahead of the antimalware industry and security professionals. As more and more attacks occur, however, the likelihood increases that some organization or group has seen the attack before.

Request Free!

SANS Analytics and Intelligence Survey

The following is external content provided as a free resource for blog readers.
By conducting this survey, SANS had hoped to see more improvements in the use and benefits of security analytics and intelligence. However, security teams are struggling with visibility, and the use of “intelligence” is slipping. Learn more about the information gathered by SANS and understand if you're realizing your threat intelligence investment.

Request Free!

Security Intelligence: Information Sharing Strategies Using Trusted Collaboration

The following is external content provided as a free resource for blog readers.
The challenge for the recipient of raw intelligence is validating whether or not the information gathered is accurate and can be used effectively in a timely manner. The results of intelligence collection can be ambiguous at best and often lacks standards; therefore, raw intelligence must go through a number of steps to assess its value.

Alternative approaches to data set normalization do exist. Trusted collaboration is a unique approach to security intelligence due to the speed in which intelligence can be reviewed and the diversity of experience within the community to analyze the attack data.

Learn more about this new approach to sharing threat intelligence and develop a methodology to measure the effectiveness of your current security infrastructure.

Request Free!

Threat Intelligence: Defeating the Adversary

The following is external content provided as a free resource for blog readers.
Many organizations are overwhelmed by the volume of indicators they see daily and can only combat these threats in a reactive manner due to lack of resources. In this presentation, we will discuss threat intelligence, what it is, why it's important, and how to use and leverage your current security investment to help avoid costly breaches and defeat cyber adversaries.

Request Free!

Social Threat Intelligence (STI)

The following is external content provided as a free resource for blog readers.
Fascinatingly, enterprise has been slow to embrace community sourcing security intelligence. Trevor Welsh of ThreatStream will present on Social Threat Intelligence (STI). This talk will detail how STI exists today, and how it might exist tomorrow. Trevor will also detail how enterprise can best take advantage of STI in a sensible, secure way.

Request Free!

Are You Asking the Right Questions When Selecting an ERP System?

The following is external content provided as a free resource for blog readers.
When selecting an ERP solution it is easy to get lost in the details, but ultimately the decision comes down to two main questions:
  • Does the solution have the functionality we need?
  • Is the solution usable?
Recent Aberdeen research on ERP selection uncovered the top criteria used by Best-in-Class organizations when choosing an ERP solution. It shouldn't surprise you, hopefully, that cost is not at the top of the list. Instead, top performers focus on a variety of criteria that ensure the ultimate solution can support the business effectively for a long time. Truly, your organization cannot get the full value out of its ERP investment if the line of business cannot actually use the technology for its intended purpose. Top performing manufacturers select user-friendly, but powerful, solutions that enable users to easily access the information they need, and convert that information to actions and smart decisions.

Request Free!

Network Forensics for Attack Mitigation

The following is external content provided as a free resource for blog readers.
The network forensics market is set to dramatically expand as increasing numbers of organizations become the victims of malware attacks. Limiting the damage from these incursions, and avoiding potentially crippling losses, are key motivators for businesses of any size. And network forensics offers a powerful set of tools to help companies achieve those goals.

Request Free!

Space Weather Outlook July 20, 2015 at 01:21AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-29 2015 July 19 at 11:11 p.m. MDT (2015 July 20 0511 UTC) **** SPACE WEATHER OUTLOOK **** Summary For July 13-19 Category G1-Minor geomagnetic storms were observed on 13 July due to effects from a positive polarity coronal hole high speed stream. Outlook For July 20-26 No space weather storms are expected. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Rethinking Security: Fighting Known, Unknown and Advanced Threats

The following is external content provided as a free resource for blog readers.
Open a newspaper, log onto the Internet, watch TV news or listen to President Obama's recent State of the Union address and you'll hear about another widespread breach. You are not paranoid when you think that your financial data, corporate intelligence and reputation are at risk. They are and it's getting worse.

Smart cybersecurity today must include advanced anti-malware at its core. It takes multiple layers of cutting edge technology to form the most effective line of cyberdefense. Download this eBook to learn more.

Request Free!

Future Risks: Be Prepared

The following is external content provided as a free resource for blog readers.
When it only takes a single breach to inflict serious damage on your business, defending against the majority of attacks isn't enough. That's why it's best to focus our attention on the most dangerous threats we face, rather than those we face most often.

Request Free!

Endpoint Security for Business: Technology in Action

The following is external content provided as a free resource for blog readers.
Thinking you're too small to be of interest is exactly the mindset that cybercriminals are exploiting to launch increasingly sophisticated malware against your business. They know what many SMBs don't: You are a target.

Request Free!

AWS Cloud Security Report for Risk & Security Professionals

The following is external content provided as a free resource for blog readers.

Key Takeaways

AWS Is Serious About Information Security

There has been too much hype about cloud security being different and inherently insecure. Cloud security is no different from other solutions we deploy. Security pros should apply the same security standards to cloud workloads applied to on-premises workloads.

In The AWS World, Security Is A Shared Responsibility

AWS is not going to secure your applications or software infrastructure for you. AWS’ responsibility stops at the abstraction point between its services and the applications you deploy. It’s up to security and risk pros to engineer the correct security atop AWS. AWS provides key security building blocks, but it’s still your responsibility.

AWS Demonstrates Strong Cloud Security Processes and Controls

AWS has a very comprehensive security program for its platform. AWS has foundational security controls for its services that enable customers to build secure applications. Where AWS does not have a solution, third parties are working to provide security technology as SaaS and virtual appliances for the AWS environment. 



Request Free!

Cloud Security Concerns and the Perceived Effectiveness of Traditional Security Solutions in a Cloud Environment

The following is external content provided as a free resource for blog readers.

The report presents research from a survey of high-level security professionals at major North American organizations on their attitudes toward cloud security, key adoption drivers, and the effectiveness of traditional security solutions in cloud environments.



Request Free!

Your Cloud Servers Are Under Attack: How Can You Tell?

The following is external content provided as a free resource for blog readers.

Exploding threats and attacks against private, public and hybrid cloud workloads put enormous pressure on enterprises trying to maintain visibility into their compute infrastructure. Traditional security tools simply don’t work well in this dynamic environment. Download this Solution Brief to learn more about gaining visibility into your cloud or virtual infrastructure.



Request Free!

IT Leaders: Have You Done Everything You Can to Prevent a Data Breach?

The following is external content provided as a free resource for blog readers.
In this eBook, you will gain valuable insight into who's at risk (the answer might surprise you), and what you can do to protect your organization. Highlights include:
  • 6 key tools you can use to fight back against cybercrime
  • Questions you should use to vet a potential managed security provider
  • The significant difference between being “compliant” and “secure”
Take the included 7-point security quiz to see if you've left the door open for a breach. Download your free copy today!

Request Free!

IT Leaders: Hear Key Takeaways from Recent Disasters and What They Mean for Your DR Plan

The following is external content provided as a free resource for blog readers.
Watch now to gain perspective from analysis of recent disasters' costs and lessons, how to prepare using today's technologies, and which technologies will best mitigate disaster outcomes. You can expect answers to questions such as:
  • What have I overlooked in my current plan?
  • What new technologies can I leverage to enable quick recovery from an outage, or avoid one altogether?
  • Is Disaster Recovery as a Service (DRaaS) right for me?
  • Should I consider the cloud for Disaster Recovery?
Your organization depends on you to plan for every kind of disaster – and you can depend on this webinar to provide the insight you need. Watch this free webinar today!

Request Free!

Six Steps to Strong Security for SMBs

The following is external content provided as a free resource for blog readers.
Small to Medium Sized Businesses (SMBs) often assume they can escape attacks usually directed at larger businesses. In reality, SMBs can face even greater challenges to network security—from smaller budgets to fewer qualified staff. Since it won't be possible to do everything you want with limited resources, SMBs must look for smarter ways to increase security. By going for quick, easy wins first, a majority of attacks can be prevented.

In this white paper, you'll learn how to identify high-risk areas, so you can prioritize your efforts to fend off attack efficiently and cost-effectively. Plus, discover the most important considerations needed for all SMBs to track compliance and identify security gaps.

Download the white paper now to learn more about the six steps you can take right now for effective security that reduces risk at your organization.

Request Free!

2015 State of Application Security: Closing the Gap

The following is external content provided as a free resource for blog readers.
Despite some agreement, this report outlines the ongoing challenges for both builders and security managers to find ways to work together. Plus, see how this fragile collaboration is further complicated by the rapid development of applications and lack of control over hosting them in the cloud.

Download the report now to learn about the issues preventing better engagement between developers and defenders, and get valuable insights into approaches for overcoming these challenges and securing your applications.

Request Free!

Vulnerability Management for Dummies, 2nd Edition

The following is external content provided as a free resource for blog readers.
If you are responsible for network security, you need to understand how to prevent attacks by eliminating network weaknesses that leave your business exposed and at risk. Whether your network consists of just a handful of computers or thousands of servers distributed around the world, this newly revised, 6-part eBook will clearly help:
  • Explain the critical need for Vulnerability Management (VM)
  • Describe the essential steps of a successful VM Program
  • Outline solution options - including the pros & cons of each
  • Highlight the award-winning Qualys VM solution
  • Note the benefits of using automation to continuously monitor your network
  • Provide a 10-point checklist for removing vulnerabilities
Understanding these six parts can help you eliminate network weaknesses and prevent attacks on your network.

Request Free!

Space Weather Outlook July 13, 2015 at 12:31AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-28 2015 July 12 at 10:14 p.m. MDT (2015 July 13 0414 UTC) **** SPACE WEATHER OUTLOOK **** Summary For July 6-12 Category R1 (Minor) radio blackouts were observed on 06 Jul due to flare activity from active sunspot Region 2381. Category G1 (Minor) geomagnetic storms were observed on 10 and 11 Jul due to coronal hole high speed stream effects. Outlook For July 13-19 No space weather storms are expected. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Implementing SSL/TLS Using Cryptography and PKI (FREE for a limited time!) Valued at $39.99

The following is external content provided as a free resource for blog readers.
If you are a network professional who knows C programming, this practical book is for you. Focused on how to implement Secure Socket Layer (SSL) and Transport Layer Security (TLS), this book guides you through all necessary steps, whether or not you have a working knowledge of cryptography. The book covers SSLv2, TLS 1.0, and TLS 1.2, including implementations of the relevant cryptographic protocols, secure hashing, certificate parsing, certificate generation, and more.

Coverage includes:
  • Understanding Internet Security
  • Protecting against Eavesdroppers with Symmetric Cryptography
  • Secure Key Exchange over an Insecure Medium with Public Key Cryptography
  • Authenticating Communications Using Digital Signatures
  • Creating a Network of Trust Using X.509 Certificates
  • A Usable, Secure Communications Protocol: Client-Side TLS
  • Adding Server-Side TLS 1.0 Support
  • Advanced SSL Topics
  • Adding TLS 1.2 Support to Your TLS Library
  • Other Applications of SSL
  • A Binary Representation of Integers: A Primer
  • Installing TCPDump and OpenSSL
  • Understanding the Pitfalls of SSLv2
Set up and launch a working implementation of SSL today with this practical guide.

Request Free!

Two-Factor Authentication Evaluation Guide

The following is external content provided as a free resource for blog readers.
Discover key areas of difference between two-factor authentication solutions and gain insight on concrete criteria for evaluating technologies and vendors with Duo Security's free two-factor evaluation guide.

In this guide, you will learn:
  • How to evaluate the security, reliability, and scalability of a two-factor solution
  • What kind of solution allows you to detect and react to potential threats
  • How to determine the time and costs involved in rolling out a two-factor solution
  • Key criteria to drive user adoption and increase productivity


Request Free!

Contemporary Cryptography

The following is external content provided as a free resource for blog readers.

Cryptography is an enabling technology (or tool) to secure the information infrastructures we build, use, and count on in daily life. Computer scientists, electrical engineers, and applied mathematicians should care about (and be educated in) the principles and applications of cryptography. Download these slides from Prof. Dr. Rolf Oppliger to help continue your Cryptography research.



Request Free!

Fed Employees, Contractors, and Spouses Identities Compromised

According to the U.S. Office of Personnel Management, the personal information of all current, former, and prospective Federal employees, contractors, and their spouses, who have been subject of a background investigations since 2000. The 21.5 million individuals compromised includes 19.7 million individuals that applied for a background investigation, and 1.8 million non-applicants, primarily spouses or co-habitants of applicants.

Types of information in the incident involving background investigation records:

  • Social Security Numbers
  • Residency and educational history
  • Employment history
  • Information about immediate family and personal and business acquaintances
  • Health, criminal and financial history

Some records could also include:

  • Findings from interviews conducted by background investigators
  • Fingerprints. 
  • Usernames and passwords used to fill out your forms


This is probably the worst possible data breach for the Federal government, and not because they're going to have to offer credit monitoring for everyone affected.

Noticeably absent from the release is any mention of "who" was responsible for this breach.
Many news sources believe the breach was the work of the Chinese government.

U.S. Senator Sasse believes the database will be used for spy recruitment, and even blackmail, according to Wired.

As a Federal contractor, I'm quite honestly terrified. While the Federal Government is offering identity theft protection, they are taking no steps to protect affected employees and contractors from blackmail attempts - and how could they? At this point, the only way to protect affected employees and contractors would be to give them, as well as their families, a completely new identity. Obviously, with 21.5 million affected individuals, this won't happen.

At the same time, I feel very betrayed, as I'm sure many Federal contractors and employees currently feel. If the Federal government did not take the protection of our personal information seriously, what's to ensure they will do so in the future? This could seriously impact the ability of the Federal government to gain new or retain existing employees or contractors - including myself.

Private sector - now's your chance! There are a lot of disgruntled Federal contractors who will probably jump at a chance to leave, and go somewhere their personal information will actually be protected. Start posting those open positions, and let the mass exodus from Federal contracting begin.

STRATEGIES FOR GUARDING AGAINST HEALTHCARE CYBER THREATS

The following is external content provided as a free resource for blog readers.

Emerging cyber threats

From 2012-2013, HIPAA data breaches rose 138 percent, with medical-related identity theft accounting for 43 percent of all identity thefts reported in the U.S. in 2013.

Medical-device manufacturers are being singled out as the primary target in 2014. The reason for all this unwanted attention is simple: healthcare data is approximately 50 times more valuable on the black market than credit card data because it exposes information such as a person’s height, eye color and other physical characteristics, which can be used to create comprehensive fake identities Healthcare security systems, however, are lagging compared to other industries in addressing this problem.



Request Free!

Space Weather Outlook July 06, 2015 at 01:39AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-27 2015 July 5 at 11:23 p.m. MDT (2015 July 6 0523 UTC) **** SPACE WEATHER OUTLOOK **** Summary For June 29-July 5 A category R1 (Minor) radio blackout occurred on 03 July due to flare activity from active sunspot Region 2378. Category G1 (Minor) geomagnetic storm levels were observed on 04-05 July with category G2 (Moderate) on 05 July due to recurrent coronal hole high speed stream activity. Outlook For July 6-12 There is a chance for R1-R2 (Minor-Moderate) radio blackouts for the forecast period (06-12 July) due to potential flare activity from evolving Region 2381 coupled with the return of old Regions 2367 and 2371. There is a chance for G1 (Minor) geomagnetic storming on 10-11 July due to coronal hole high speed stream activity. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

How to Overcome the Top 5 Business Vulnerabilities

The following is external content provided as a free resource for blog readers.
Establishing a thriving business takes dedication and hard work. But all too often, business owners and managers find themselves too busy working to protect what they've worked so hard for to make time to put in place preventative measures as well. To make sure that more businesses are aware of the risks, Tyco IS listed the top five vulnerabilities business owners face every day. From burglary to vandalism to liability, see how you can tackle the risks with the right strategies.

Request Free!

Three Steps to Prevent Workplace Crime

The following is external content provided as a free resource for blog readers.
You know security is a priority – but where do you start? If you're not a security professional, initiating where to first spend your time and money can be the hardest part. In order to get you started, we've consulted the experts. From understanding what you need in a security review to gaining the power to control your entries to simply understanding the general mind of an opportunistic criminal, you can make a big difference in your company's security.

Request Free!

The Case for Mobile Security Management

The following is external content provided as a free resource for blog readers.
Since embezzlement and internal theft are leading causes of mid-sized business failure, making sure your company is secure on the inside isn't paranoia – it's smart business. Learn how you can implement simpler security measures with the convenience of your smartphone or tablet. Like never before, you can maximize your most precious non-renewable resource: your time. Give yourself one less thing to worry about and learn how to safeguard your business with your fingertips.

Request Free!

Forrester Research Webinar: The Human Firewall Strengthening Email Security

The following is external content provided as a free resource for blog readers.
The numbers are alarming – 91% of hacks begin with an email attack and 23% of phishing emails are opened. Employees, the humans, have always been the weakest link in an IT security strategy. Attackers know this, and prey on them with spear-phishing and social engineering attacks.

Listen to guest speaker Nick Hayes from Forrester Research and Steve Malone from Mimecast for insight into how technology and awareness together can strengthen defenses.

The webinar covers:
  • Why your existing IT security strategy is failing
  • How to strengthen security with better employee threat awareness
  • New ways to think about technology and security training together


Request Free!