Security researchers at Fidelis have published a proof-of-concept framework for a new covert channel for data exchange using the Transport Layer Security (TLS) protocol. The method leverages the public key certificate standard X.509 and could allow for post-intrusion C2 communication and data exfiltration without alerting network perimeter protections. Justin Jett, Director of Audit and Compliance at Plixer commented below. Justin Jett, Director of Audit and Compliance at Plixer: “By taking advantage of TLS x.509 extensions, malicious actors will try to steal data similarly to how they have done using DNS TXT. By collecting and analyzing certificate details in IPFIX metadata…
ISBuzz Team
In response to today’s Reuters report that global news distribution service BusinessWire, owned by Warren Buffett’s Berkshire Hathaway Inc., has been hit with a sustained distributed denial of service (DDoS) cyberattack that continued as of February 6, 2018, experts with Corero and Juniper Networks commented below. Stephanie Weagle, VP of Marketing at Corero Network Security: “Cyber attackers can quickly and easily launch a DDoS attack to interrupt the service availability of any online property. In the media and communications industry, attacks against these sites can be used to silence or shut down an unfavorable individual or news story. While the motivations behind the sustained attack against BusinessWire news…
More than 12,000 business websites were used by cybercriminals to deliver malware in 2017 according to the Menlo State of the Web 2017 report. Chris Olson, CEO at The Media Trust commented below. Chris Olson, CEO at The Media Trust: “Enterprises should be concerned about the increasing frequency of website breaches attributed to compromised third-party code. Clearly, app sec, antivirus and other traditional website security solutions can’t keep pace with the thousands of malicious domains generated every month. The onus is on enterprise IT to continuously monitor all executing code – both first and third-party code – on websites and mobile…
What is Cyber Security? Cyber security is a protection protocol made to protect physical and virtual systems from theft. Protecting your files requires a coordinated efforts through an information system. Here are some common elements about cyber security: End user education Network Security Application Security Operational Security Business continuity planning One of the largest and the largest issue of cyber security is the constant security risks that tend to evolve over time. A traditional solution to this problems was to allocate most of the resources to face the biggest known threat. However, this method would leave out a multitude of…
We live in a world where connectivity is key. It’s brought conveniences to our personal lives, and organizations are adopting it into the industrial world to boost productivity. Industrial control systems (ICS), which manage utilities like water, gas, and electricity, are one such example of this ongoing trend. Organizations are putting ICS systems online so that jobs once carried out manually can now be carried out remotely or with the help of automation. One of the key concerns with growing connectivity in the industrial world is a successful cyberattack and its many consequences. As demonstrated by the June 2017 NotPetya wiper…
News broke yesterday that domain registrar NameCheap have been implicated in a server vulnerability which allows unauthorized users to create sub-domains. Tim Helming, Director of Product Management at DomainTools commented below. Tim Helming, Director of Product Management at DomainTools: “This is exactly the kind of issue which highlights the importance of domain registrars taking security as seriously as possible. Hijacking DNS credentials is a cybercriminal’s dream, as it could facilitate their picking up on established brands, and their traffic, for nefarious purposes. NameCheap should be incredibly careful moving forward regarding the verification of users’ permissions to create sub-domains, in order to keep both individuals and brands…
Hiscox publishes its annual Cyber Readiness Report today, offering a best practice blueprint for businesses to counter the growing threat of cybercrime and fraud. Without investment in prevention, detection and training, firms risk exposing themselves to costly business interruptions and brand impairment. A number of large-scale cyber-attacks have grabbed media attention in the headlines in recent years. But to protect against all cyber threats and comply with the latest regulations, companies in the commercial and financial sectors (including Fintech and eCommerce) also need to be on the lookout for online fraud, a more subtle type of cybercrime that costs UK citizens £1.4bn…
According to the Hacker News, a “simple yet serious application-level Denial of Service (DoS) vulnerability has been discovered in WordPress CMS platform that could allow anyone to take down most WordPress websites even with a single machine…” Lee Munson, Security Researcher at Comparitech.com commented below. Lee Munson, Security Researcher at Comparitech.com: “Just about everyone with a website of note knows that a Distributed Denial of Service (DDoS) attack is bad news for business as the flood of traffic takes the site down. “Fortunately, such attacks are not that common since a huge amount of bandwidth is required – typically criminals instigate a DDoS…
This morning, the UK’s National Centre for Cyber Security (NCSC) has issued a report on the first results of some of their key cybersecurity initiatives. IT security expert Bob Rudis, Chief Data Scientist at Rapid7 commented below. Bob Rudis, Chief Data Scientist at Rapid7: “The design and labour behind the National Cyber Security Centre’s Active Cyber Defence initiatives — along with the inaugural published results — are nothing short of incredible. The NCSC hasproved that with collaboration and appropriate support, it is possible to implement foundational cybersecurity monitoring, configuration, and reporting that fundamentally changes the economics for opportunistic/commodity attackers. Each initiative covered in the…
The number of industrial control systems (ICS) connected to the internet has increased year on year – meaning more and more infrastructure is sitting on the ‘net potentially open to attack. Of the 175,632 internet-accessible ICS equipment detected, approximately 42 per cent were in the US, marking a 10 per cent increase over the previous year (from 50,795 to 64,287). In Germany, which ranks second, researchers found ICS gear behind 13,242 public-accessible IP addresses, up from 12,542 in 2016. The UK ranks sixth. Paul Edon, Technical Director (EMEA) at Tripwire commented below. Paul Edon, Technical Director (EMEA) at Tripwire: “The…
