Information Security Buzz
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • Register
  • Log In
Top Posts
Data Loss Prevention: Artificial Intelligence vs. Human Insight
Expert On How The UK Police Data Loss...
Cyber Criminals Left Stolen Phishing Credentials Exposed To...
Cyber Expert On Malware Found On Laptops Provided...
OpenText Research Offers A Snapshot Of UK Attitudes...
How Much Are You Worth On The Dark...
Experts Reaction On World Economic Forum 2021 Report...
Major Security Flaws Found In Signal And other...
Comment On IoT Risks Of Peloton Bike
Top‌ ‌3‌ ‌Priorities‌ ‌For‌ ‌CISOs’‌ ‌2021‌ ‌Security‌ ‌Programs
Information Security Buzz

Connecting Security Experts

  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • Register
  • Log In
Expert(s): November 30, 2020
Richard Bejtlich
Principal Security Strategistfeature_status*/ ?>
Corelight

Comments Dotted : 22
September 03, 2020

Experts Reaction On CISA And FBI Rebut Reports About Hacked Voter Data On Russian Forum

It's not enough to install security devices that only try to stop malicious activity or create alerts on suspicious activity.
Every election network should be instrumented with a network security monitoring platform that creates an audit record of all activity on the wire. It's not enough to install security devices that only try to stop malicious activity or create alerts on suspicious activity. It's also important to have a neutral record of how the election network was used, not only for analysis at the time of the election, but as evidence to prove in the future that the elections were not subjected to tampering.
Like(0)  (0)

Linkedin Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"It\'s not enough to install security devices that only try to stop malicious activity or create alerts on suspicious activity...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reaction-on-cisa-and-fbi-rebut-reports-about-hacked-voter-data-on-russian-forum

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"It\'s not enough to install security devices that only try to stop malicious activity or create alerts on suspicious activity...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reaction-on-cisa-and-fbi-rebut-reports-about-hacked-voter-data-on-russian-forum

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
August 11, 2020

Expert On China Is Now Blocking All Encrypted HTTPS Traffic That Uses TLS 1.3 And ESNI

The Chinese Communist Party decided that level of encryption was beyond the capabilities of their Great Firewall to inspect.
Those who developed TLS 1.3 and ESNI believed that they could enable privacy by encrypting almost every aspect of a connection. The Chinese Communist Party decided that level of encryption was beyond the capabilities of their Great Firewall to inspect, so they are now blocking *all* TLS 1.3 and ESNI connectivity. This is a setback for those in China trying to access the free Internet, and probably not what the designers of TLS 1.3 and ESNI expected. I personally believe that liberal democracies .....Read More
Those who developed TLS 1.3 and ESNI believed that they could enable privacy by encrypting almost every aspect of a connection. The Chinese Communist Party decided that level of encryption was beyond the capabilities of their Great Firewall to inspect, so they are now blocking *all* TLS 1.3 and ESNI connectivity. This is a setback for those in China trying to access the free Internet, and probably not what the designers of TLS 1.3 and ESNI expected. I personally believe that liberal democracies worldwide should be working to undermine the Great Firewall. However, I also believe that cyber freedom fighters should think a step or two beyond their immediate purview when imagining how their protocols will be perceived by the very authoritarian regimes they also seek to undermine.  Read Less
Like(0)  (0)

Linkedin Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The Chinese Communist Party decided that level of encryption was beyond the capabilities of their Great Firewall to inspect...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-on-china-is-now-blocking-all-encrypted-https-traffic-that-uses-tls-1-3-and-esni

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The Chinese Communist Party decided that level of encryption was beyond the capabilities of their Great Firewall to inspect...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-on-china-is-now-blocking-all-encrypted-https-traffic-that-uses-tls-1-3-and-esni

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
June 15, 2020

Comment: US Congress Wants To Know What Commercial Spyware Other Countries Are Using

While PESTs have some benefit as resources for red teams, the cost of their use by intruders far outweighs any benefits.
While it’s useful to understand the prevalence of commercial spyware use by foreign actors, Congress would be shocked to learn that most threat actors rely on publicly available post exploitation software tools (PESTs) to compromise targets in the US and elsewhere. While PESTs have some benefit as resources for red teams, the cost of their use by intruders far outweighs any benefits.
Like(0)  (0)

Linkedin Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"While PESTs have some benefit as resources for red teams, the cost of their use by intruders far outweighs any benefits...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/comment-us-congress-wants-to-know-what-commercial-spyware-other-countries-are-using

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"While PESTs have some benefit as resources for red teams, the cost of their use by intruders far outweighs any benefits...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/comment-us-congress-wants-to-know-what-commercial-spyware-other-countries-are-using

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
April 16, 2020

US Issues Guidance On North Korean Hackers, Offers $5M Reward – Expert Comment

Offering a $5 mil award for information to identify and attribute DPRK hackers is a great idea.
Offering a $5 mil award for information to identify and attribute DPRK hackers is a great idea. It’s a comparatively low cost method to gain intelligence on a hard target, and plays to the economic incentives attractive to those in the criminal hacking scene.
Like(0)  (0)

Linkedin Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Offering a $5 mil award for information to identify and attribute DPRK hackers is a great idea...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/us-issues-guidance-on-north-korean-hackers-offers-5m-reward-expert-comment

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Offering a $5 mil award for information to identify and attribute DPRK hackers is a great idea...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/us-issues-guidance-on-north-korean-hackers-offers-5m-reward-expert-comment

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
April 08, 2020

The DarkHotel (APT-C-06) Attacked Chinese Institutions Abroad via Exploiting SangFor VPN Vulnerability

Qihoo would not be able to publish and maintain its findings without the approval of the Chinese government.
If we accept that Qihoo has correctly attributed this activity to Dark Hotel, and that Dark Hotel is a North Korean actor, this report presents a few interesting findings. First, it is surprisingly risky for a North Korean actor to target assets in an allied country, especially one that provides financial and other critical support. Second, Qihoo would not be able to publish and maintain its findings without the approval of the Chinese government, so the PRC might be signalling its disapproval.....Read More
If we accept that Qihoo has correctly attributed this activity to Dark Hotel, and that Dark Hotel is a North Korean actor, this report presents a few interesting findings. First, it is surprisingly risky for a North Korean actor to target assets in an allied country, especially one that provides financial and other critical support. Second, Qihoo would not be able to publish and maintain its findings without the approval of the Chinese government, so the PRC might be signalling its disapproval to the DPRK. Third, a combined approach that integrates server-side and client-side techniques, at the scale indicated by Qihoo, is a sign that the DPRK has improved its offensive asset management capabilities.  Read Less
Like(0)  (0)

Linkedin Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Qihoo would not be able to publish and maintain its findings without the approval of the Chinese government...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/the-darkhotel-apt-c-06-attacked-chinese-institutions-abroad-via-exploiting-sangfor-vpn-vulnerability

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Qihoo would not be able to publish and maintain its findings without the approval of the Chinese government...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/the-darkhotel-apt-c-06-attacked-chinese-institutions-abroad-via-exploiting-sangfor-vpn-vulnerability

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
March 31, 2020

Experts Insight On A Mysterious Hacker Group Is Eavesdropping On Corporate Email And FTP Traffic

There are encrypted alternatives for all of them.
The four TCP ports reported in this story are unencrypted communications channels. There are encrypted alternatives for all of them. If organizations remove these unencrypted protocols from their environment, they would mitigate the consequences of this threat actor's current mode of operation.
Like(0)  (0)

Linkedin Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"There are encrypted alternatives for all of them...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-a-mysterious-hacker-group-is-eavesdropping-on-corporate-email-and-ftp-traffic

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"There are encrypted alternatives for all of them...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-a-mysterious-hacker-group-is-eavesdropping-on-corporate-email-and-ftp-traffic

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
March 27, 2020

Chinese Hacker Group APT41 Uses Recent Exploits To Target Companies Worldwide

Intruders continue to target infrastructure, not just endpoints and servers.
Intruders continue to target infrastructure, not just endpoints and servers. Defenders cannot ignore infrastructure devices like routers, switches, and VPN concentrators, assuming they are trustworthy and safe to use. Instrument those devices using network security monitoring tools and methods to ensure that your trust is well-placed.
Like(0)  (0)

Linkedin Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Intruders continue to target infrastructure, not just endpoints and servers. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/chinese-hacker-group-apt41-uses-recent-exploits-to-target-companies-worldwide

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Intruders continue to target infrastructure, not just endpoints and servers. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/chinese-hacker-group-apt41-uses-recent-exploits-to-target-companies-worldwide

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
March 13, 2020

Experts Comments On Cyberspace Solarium Commission Report – US At Risk Of A “Catastrophic cyber-attack”

The new report integrates these recommendations, but it remains to be seen if anything changes in the federal government.
While this is yet another in a long line of reports projecting digital disaster, I was pleased to see an emphasis on incident detection and response via threat hunting as one of the more prominent recommendations. I began arguing in 2007, before 'threat hunting' was a defined term, that federal security teams should be 'projecting friendly forces' on their networks, assuming that they were already compromised. The new report integrates these recommendations, but it remains to be seen if.....Read More
While this is yet another in a long line of reports projecting digital disaster, I was pleased to see an emphasis on incident detection and response via threat hunting as one of the more prominent recommendations. I began arguing in 2007, before 'threat hunting' was a defined term, that federal security teams should be 'projecting friendly forces' on their networks, assuming that they were already compromised. The new report integrates these recommendations, but it remains to be seen if anything changes in the federal government.  Read Less
Like(0)  (0)

Linkedin Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The new report integrates these recommendations, but it remains to be seen if anything changes in the federal government...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-comments-on-cyberspace-solarium-commission-report-us-at-risk-of-a-catastrophic-cyber-attack

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The new report integrates these recommendations, but it remains to be seen if anything changes in the federal government...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-comments-on-cyberspace-solarium-commission-report-us-at-risk-of-a-catastrophic-cyber-attack

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
February 03, 2020

NEC Defense Contracts Info Potentially Compromised In Breach

Japanese defense contractors, and other elements of Japan's commercial sector, have been attacked for years.
In the early 2000s, defense contractors became the first non-military, non-intelligence targets of advanced persistent threats. Japanese defense contractors, and other elements of Japan's commercial sector, have been attacked for years. The company reported that the intruders enjoyed a seven month dwell time (December 2016 through June 2017), meaning they could operate at their leisure. This is far too long and methods like network security monitoring can decrease this period down to minutes if .....Read More
In the early 2000s, defense contractors became the first non-military, non-intelligence targets of advanced persistent threats. Japanese defense contractors, and other elements of Japan's commercial sector, have been attacked for years. The company reported that the intruders enjoyed a seven month dwell time (December 2016 through June 2017), meaning they could operate at their leisure. This is far too long and methods like network security monitoring can decrease this period down to minutes if implemented properly.  Read Less
Like(1)  (0)

Linkedin Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Japanese defense contractors, and other elements of Japan\'s commercial sector, have been attacked for years...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/nec-defense-contracts-info-potentially-compromised-in-breach

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Japanese defense contractors, and other elements of Japan\'s commercial sector, have been attacked for years...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/nec-defense-contracts-info-potentially-compromised-in-breach

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 27, 2020

U.S. Govt Agency Hit With New CARROTBALL Malware Dropper

Because some network traffic analysis and monitoring systems log and parse FTP, and can extract the files transferred.
Because of the protocols used in this campaign, network security monitoring practitioners have a chance to gather the evidence they need to detect and respond to individual attacks. The intruders used file transfer protocol to transfer files that are executed as commands on victim systems. Because some network traffic analysis and monitoring systems log and parse FTP, and can extract the files transferred, defenders can leverage network forensics to identify the scope and nature of this.....Read More
Because of the protocols used in this campaign, network security monitoring practitioners have a chance to gather the evidence they need to detect and respond to individual attacks. The intruders used file transfer protocol to transfer files that are executed as commands on victim systems. Because some network traffic analysis and monitoring systems log and parse FTP, and can extract the files transferred, defenders can leverage network forensics to identify the scope and nature of this activity.  Read Less
Like(1)  (0)

Linkedin Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Because some network traffic analysis and monitoring systems log and parse FTP, and can extract the files transferred...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/u-s-govt-agency-hit-with-new-carrotball-malware-dropper

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Richard Bejtlich , Principal Security Strategist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Because some network traffic analysis and monitoring systems log and parse FTP, and can extract the files transferred...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/u-s-govt-agency-hit-with-new-carrotball-malware-dropper

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.

SECURELY DOTTED BY

Matias Madou, Co-founder and CTO, Secure Code Warrior

"It’s imperative that all developers are trained in how to code securely from the outset. "

Expert On How The UK Police Data Loss Could Have Been Easily Prevented

Stephen Kapp, CTO and Founder, Cortex Insight

"Pixlr should look to improve its internal processes by holding user information. "

Expert Commentary: Hacker Posts 1.9 Million Pixlr User Records For Free On Forum

George Glass, Head of Threat Intelligence, Redscan

"Gamarue is able to spread across a user’s local network and is also capable of installing additional strains of malware. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Jake Moore, Cybersecurity Specialist, ESET

"Gamarue.1 is an old virus from quite a few years ago. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Niamh Muldoon, Senior Director of Trust and Security EMEA, OneLogin

"New and young students using online learning for the first time are most vulnerable. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Chris Hauk, Consumer Privacy Champion, Pixel Privacy

"All computers, no matter the make, model, or operating system should run some type of antivirus or anti-malware protection. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Chris Hauk, Consumer Privacy Champion, Pixel Privacy

"Department of Education should be putting security parameters. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Sam Curry, Chief Security Officer, Cybereason

"The National Cyber Security Centre offer free advice on secure home working. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Brian Higgins, Security Specialist, Comparitech.com

"The potential for malicious software to be used against recipients is not limited to the children. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Chloé Messdaghi, VP of Strategy, Point3 Security

"The attack approach was also clever. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Saryu Nayyar, CEO, Gurucul

"Organizations still need to maintain strong perimeter and interior defenses. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Oliver Cronk, Chief IT Architect, EMEA, Tanium

"This story is part of a wider challenge facing schools at the moment. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Andy Teichholz, Senior Industry Strategist, Compliance and Legal, OpenText

"In our new digital economy, people around the world are becoming acutely aware of how their information is being collected, stored, and used. "

OpenText Research Offers A Snapshot Of UK Attitudes Towards Data Privacy

Lou Blatt, Senior Vice President and CMO, OpenText

"Digital is now central to almost every business interaction – generating more data for companies to manage and secure. "

OpenText Research Offers A Snapshot Of UK Attitudes Towards Data Privacy

Greg Bell, CEO, Corelight

"This type of network infiltration is often difficult to identify. "

A Chinese Hacking Group Is Stealing Airline Passenger Details

WORKING WITH US

About Us

Advertise With Us

Information Security Companies

Contact Us

THE PAGES

Privacy Policy

Terms & Conditions

RSS Feeds

INFORMATION SECURITY EXPERTS

Information Security Experts: Comments Dotted

Register and Comments

Categories

  • Facebook
  • Twitter

Copyright © 2020 ISBuzz Pty Ltd is a company registered in Australia with company number 605 203 772 whose registered office is 14 Alanvale Street, Harrison, ACT 2914.


Back To Top
Information Security Buzz
  • Home
  • Experts Comments on News
  • Security Articles
  • Vendor News
  • Study & Research
  • ISBuzz Expert Panel