Inside Security - August 1st, 2016

Inside Security (Aug 1st, 2016)


David’s Take
DNS attacks continue to be in the news, but there are now some new products worth looking at that can help protect your infrastructure. Apple shows off some of the new iOS 10 security features at Black Hat, and if you are looking for another conference to attend I have a recommendation for September in San Jose. And why you should watch your computing if you visit Dubai.

-- David Strom, editor of Inside Security
New and noteworthy products
If you are looking to protect your infrastructure, you might be interested in two new DNS security services: Domain Sentry, which alerts companies of any real-time changes to their domains or when existing domains use different mail servers, and Brand Sentry, which alerts companies to any abuse of their brand domains or hostnames, including similar-looking domains that may be malicious. The services are useful to detect domain hijacking and can help prevent domain theft. The founder of the firm behind these services is Paul Vixie, who has played significant roles in the development of DNS and other Internet protocols. Pricing starts at $19,500 per year for each service. – FARSIGHT SECURITY
 
Here is a product that can help protect your documents whether they reside on-premises or in the cloud. Called Kiteworks, it integrates with various content management systems and scans all sent and received files to identify any viruses or malware that could lead to a data breach. The price is $15 per user per month. – ACCELLION
 
Threats and attacks
A site posing as a free DNS source is actually malware that is used to redirect traffic to malicious sites, according to security researchers. The analysis shows leftovers from the Conficker worm , a virus that was a big deal back in 2008. If you use the FreeDNS service or the registrar NameCheap, there are several things you should do to prevent this exploit. It is also a reminder to check your DNS records periodically too. -- SUCURI BLOG
 
Have you seen this worm lately? 
Cyber attacks by China have taken down various Vietnamese airports in the last week. The flight info screens at airports in Ho Chi Minh City and Saigon displayed profanities and other offensive English messages, forcing several airlines to shut down operations and use manual methods to schedule and check in flights.  A separate attack within Thailand has brought down the Senate government website by having many users coordinate a simple DDOS by manually hitting their browser refresh key. – NATIONAL CYBERSECURITY
 
Reports and evaluations
The Cybersecurity Risk to Knowledge Assets report co-authored by Kilpatrick Townsend & Stockton law firm and the Ponemon Institute surveyed more than 17,000 security professionals and corporate executives. They found that 74% of respondents thought they have failed to detect any data breaches and almost as many said their assets are in a competitor’s hands.  Half of those surveyed also said that the risk of this kind of theft is increasing, especially in the areas of careless staffers and poorly vetted cloud-based providers.  -- KT LAW FIRM
The report Hacking the Talent Shortage examines the current cybersecurity workforce crisis. A majority of respondents report a skills shortage that can result in measurable damage and make their organizations more of a hacking target. The report also estimates the largest cybersecurity markets by country. Interestingly, in many organizations the CISO now reports directly to the board of directors. Intel Security commissioned market researchers Vanson Bourne
 to interview 775 IT cybersecurity decision makers. – INTEL/MCAFEE
Methods and tools
There are seven ways that users can be convinced to give up their passwords to complete strangers, including a free chocolate bar or baked goods, cash (in some cases not much cash either), and a cheap pen. Yes, there are various research studies cited for each of these depressing situations. -- DARK READING
 
Have you seen any of these come-ons with your staffers?
 
A nice summary of how to perform technical due diligence when acquiring another company is broken down into five steps. Included is how to perform both architecture and code reviews, understanding the new company’s culture and how it differs from your own. -- HELPNET SECURITY
 

Here is a nice primer on understanding microservices such as Docker. The post explains what are the main drivers, some of the benefits and drawbacks and the differences between them and service-oriented architectures. -- APPCELERATOR BLOG
 
Are you concerned about Docker security?
 
Tomer Simon, writing an academic research paper in an upcoming issue of the journal Computers in Human Behavior, reveals his finds about spreading rumors via WhatsApp messages. During the project, they found the majority of rumors spread were actually true, and respondents perceived WhatsApp to be more private than Facebook messages. The project, conducted in Israel where WhatsApp was invented and has widespread use, can be useful to help security teams respond during emergency situations. – JOURNAL LINK
 
Self Serving Dep't
Apple engineer Ivan Krstic will give one of the keynotes at Black Hat this week, going into details about just in time hardening mechanisms to be supported in iOS 10.They claim this is its first public discussion, but the talk will also include other security measures such as data protection, the iCloud keychain and the secure enclave feature that became popular earlier this year as a result of the San Bernardino shootings. For reference, here is a summary of other iOS 10 new features. – BLACK HAT

For a successful attack to happen, this article reviews the six necessary steps: recon, scanning, access and privilege escalation, data exfiltration, being able to stick around, hiding in place, and an optional seventh step of possibly doing an assault. The self-serving part: a recommended use of privilege management by the author, who works for a vendor of this tool. – IT SECURITY GURU
 
What privilege escalation management tools do you use currently?

This blog post, by a vendor who also sells continuous vulnerability solutions, is worth reading. It explains why you need to do such scans, particularly as numerous new IT devices are connected in increasing numbers and because IT organizations need to respond more quickly to threats and breaches. The days of the quarterly scans are over. -- TENABLE BLOG

This news item isn’t quite self-serving, but we’ll include here. If you travel to any of the United Arab Emirates, you probably know that their top two telecom companies, Etislat and Du, have banned VoIP usage. Now the country is also prohibiting VPNs, claiming that they could be a security breach. -- ZDNET
 
Have you had problems traveling to UAE?
Noteworthy seminars

If you missed Monica Lewinsky’s great TED talk, you have another chance to see her in person at the Privacy, Security and Risk conference put on by the IAPP and Cloud Security Alliance in San Jose September 13. Other speakers include privacy and security execs from Google, PwC, Adobe, and Fidelity Bank among others.   
 
Just for fun
 

This photo of an ATM sent to Brian Krebs (the leading expert on ATM skimmers), takes security to a new low. Yes, that is indeed an access port and network switch on top of the ATM unit located in a grocery store. Need a handy LAN port to plug into?  As he says, if you can’t maintain physical security, you can’t have cybersecurity. -- BRIAN KREBS
 

Two IBM security geeks have put together an interactive game that will be featured at their Black Hat booth this week. The game is constructed from brain wave sensors, 3-D printed models, cheap electronic motors, four Arduinos and repurposed components from the popular board games Hungry Hungry Hippos and Mind Flex. Your brain activity will directly determine the responsiveness and speed of the corresponding player’s hippo. -- IBM SECURITY INTELLIGENCE
 
There are some valuable lessons that you can learn from watching the popular Game of Thrones series, including taking care of smaller problems before they become unmanageable, issues with anonymous access and firewalls, and how the dead can come back to haunt you. You probably can’t watch the shows during working hours, though. -- CSO ONLINE
 


















For those of you that hate Comic Sans fonts, this sign should be amusing.
 
How likely are you to recommend Inside Security to a friend or colleague?

          
Inside Security is supported by Varonis, a leading provider of software solutions that protect data from insider threats and cyberattacks. Learn more about Varonis.
Copyright © 2016 Inside, All rights reserved.


You're receiving this email because you are subscribed to Inside Security. If you don't want to receive it anymore, go ahead and unsubscribe – or just hit reply and tell us how to make it better.

Subscribe to Inside Security