I am a big fan of the Enigma machine, the German encoding typewriter-like device that was broken by a collaborative effort of Brits and Poles during World War II. For a great demonstration of how the actual Colossus machinery that broke the code worked, check out this hour-long video. I came across this wonderful site that has developed code that can crack some simple Enigma configurations in just a few seconds, when Colossus took days with its vacuum tube technology. Also this week another spat between Google and Microsoft over a Windows bug, a capture the flag contest over a water treatment plant attack, and why security teams need to play nice with the remediation folks.
-- David Strom, editor of Inside Security
Top story: Netcraft and the UK Cyber Center
A British cabinet minister announced plans to work with computer research vendor Netcraft, who provide a variety of Internet security services including anti-fraud and anti-phishing services and analyzes the web server market share. The government will spend two billion pounds to develop better automatic defenses to reduce the impact of cyber attacks affecting the UK. These automated tools are needed to identity and take down attacks, particularly as spear phishing websites stay active for less and less time to ply their malware. This is part of an effort by the GCHQ-backed National Cyber Security Center, which opened its doors for the first time last month and has plans to eventually hire hundreds of analysts. Recent research suggested that Britain is particularly susceptible to data breaches involving compromised employee account data. – NETCRAFT
There is a major upgrade to Omnipeek, a network performance diagnostics and troubleshooting tool. Version 10 adds security investigations and dramatically streamlines network troubleshooting using powerful packet data analytics and visualizations that can be adapted to any workflow. It is a one-stop solution to ensure that network and network-related security issues can be found and dealt with quickly and effectively. Pricing for Omnipeek Enterprise is $4,995 with lower prices for simplified versions. -- SAVVIUS
Attacks and exploits
A team of security researchers from Uber joined several groups of college students at Cal Poly Pomona, Georgetown and Carnegie Mellon University to design a tabletop model of a water treatment plant in a unique capture-the-flag hackathon. The goal was to demonstrate various online hacks that could potentially damage the real thing. A team from Tenable Network Security was pitted against various student teams to try to solve the various security threats that hit the water treatment model in real time. The event was sponsored by Passcode, the Christian Science Monitor’s cybersecurity-focused publication. -- NEXTGOV
Last week Google reported that it had found two vulnerabilities in Adobe and Windows. The Adobe Flash bug was fixed, but they hadn’t yet heard back from Microsoft on the latter bug. The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape. Microsoft said they are working on a fix for next week and fired back their own blog post here.-- GOOGLE SECURITY BLOG
Methods and tools
Here is a tutorial on hacking Kerberos authentication technology, a review of the kerberoasting tools and presentations available to crack it, and a better hacking method using Windows Powershell scripts. Why bother doing this? Several reasons: you can break into various Windows service accounts, escalate privileges, and gain access and impersonate any valid Active Directory user. – HARMJ0Y BLOG
Security teams are responsible for identifying the risks, vulnerabilities, and threats confronting the business, but they most often won’t be responsible for actually solving those issues. Security teams are reliant upon remediation teams—the individuals who typically don’t have security in their titles, but are essential players in security implementation. However, the two teams don’t always work alongside each other, or use the same metrics, or see things the same way. It is time for the two sides to bury the hatchet and get along. This post suggests some solutions for the security teams, such as being more empathetic, assessing remediation resources, aligning resources and being a part of the solution, not just the problem. – KENNA BLOG
Reports and evaluations
A recent survey of 2,000 security executives at large global enterprises found that focused, targeted breach attempts succeeded a third of the time. Still, 75 percent of respondents were confident they were doing the right things with their security strategies. Entitled High Performance Security Report, it documents this disconnect, such as stating that on average businesses will face more than 100 attacks over the course of the year. To succeed, CISOs have to step beyond their comfort zones and materially engage with enterprise leadership. The report mentions seven methods (shown here) for success. -- ACCENTURE
The latest OPSWAT AV market share report is available, and shows that the top AV tools are Avast, Malwarebytes, McAfee and Symantec. These vendors account for more than half of the users surveyed. What is noteworthy are the limitations of the survey that are described: only English-speakers, concentration of more home users, and users of the company’s own free Metadefender tools. – OPSWAT BLOG
Just for fun
This post links to numerous modern efforts to break the Enigma code, and has a more efficient algorithm that under certain circumstances can break messages as short as 50 characters in less than 30 seconds. – PRACTICAL CRYPTO
How likely are you to recommend Inside Securityto a friend or colleague?
MORE FROM INSIDE
Did we get anything wrong or miss a story? We realize that many of our readers are smarter and more informed than we are – so please hit reply and let us know when we miss something!
Did you know we're crowdfunding the cost of an investigative journalist for the Inside Daily Brief? Check out our Patreon campaign to see the perks at various levels. And, many thanks to the following patrons for being above the $75/month level, which includes a link in every issue of the IDB: