The people at techcrunch.com published a interesting article on the recent Blue Cross Breach. The original post can be found HERE. According to datalossdb.orb, they listed the following lost.
“Up to 11,000,000 member names, Social Security numbers, dates of birth, addresses, phone numbers, email addresses, member identification numbers, financial and medical claims details possibly accessed by hackers”
Now this isn’t as big as the Anthem breach (80,000,000) but still very substantial. Here is the post from techcrunch. Continue reading →
This post will cover how to install Cisco Sourcefire FireSIGHT / Defense Center on a environment aka a virtualized FireSIGHT manager. The purpose is to setup the management system for central management of ASAx series appliances running the FirePOWER services. For more information on how to use Cisco Soucefire FireSIGHT and FirePOWER services go HERE. For more information on licensing go HERE. For more information on setting up the ASAx with FirePOWER services go HERE. Continue reading →
Earl Carter and Craig Williams from the Cisco Security Blog posted a great article on a recent wave of taxed related spear-phishing attacks (original post found HERE). What is interesting is how attackers leverage current trends as the theme for their malware. For example, we will probably see a bunch of March Madness attacks along with Tax related phishing this month since thats what people are searching for online. This contradictions the old belief that “safe searching” aka not going to adult websites or searching for free software will keep you safe from malware. The reality is the attackers want the most bang for their buck so they will target where the most people are at. In March, thats Tax season and March Madness. Here is the post from Cisco. Continue reading →
I have been asked a bunch of times “Which is the more secure mobile platform? Android or iOS?”. There are tons of articles on this topic found by searching on Google. Here is my two cents on the topic.
When looking at AppleiOS and Android, both take completely different approaches to security giving pros and cons to each option. Apple is extremely strict with how applications can leverage resources while Android is open source. For example, Apple devices sandbox APPs meaning they can’t interact with other APPs. Only “jail broken” phones open up the ability for applications to interact with other resources. So for those thinking its smart to jailbreak your iPhone, just be warned that you are also putting your device at risk for compromise. Continue reading →
My buddy Aamir Lakahni at drchaos wrote a interesting post about criminals using RAT tools to steal boat loads of money from banks. The original post can be found HERE.
Another week, another hack. A group of cybercriminals used phishing attacks to install remote access toolkits (RATs) and steal over $300 million from banks and other financial institutions (source: http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html)
Using RATs is not new, and common method cybercriminals use. We had an in-depth look at njRAT and the Sweet Orange Exploit on this site. It is also not uncommon to use phishing and other social engineering attacks by attackers to trick users into installing sophisticated malicious tools. Continue reading →
NSS Labs just released their latest Threat Capabilities Report found HERE. Its a short yet interesting report covering widely used applications that were exploited after September of 2014. They list the top applications, operating systems and countries hosting command and control call homes. This one is free to download. Below is a summary from the report.
Data breaches continue to hit the news yet are only a fraction of what is being reported. Some recent ones are Sony (more on this HERE … and yes I saw The Interview because of the press behind this) and Anthem (more on this HERE). The reasons why organizations don’t report a breach vary from the fear of having critical infrastructure confiscated (which today usually isn’t the case like it was in the past), have negative press or costs associated with an investigation. Hopefully these and other concerns don’t become barriers for reporting data crimes. The more criminals get away with crimes, more likely they will do it again with less concern of being caught.
One really good resource you can check out to learn more about known data breaches is datalossdb.org. The people at Open Security Foundation do a pretty good job keeping up with documenting data breaches as they become public. Continue reading →
The people at Propublica.org wrote a really cool piece on the creature of GPG, Enigmail and GPG4Win Werner Koch (original post can be found HERE). Until recently, Werner has been the one man band behind developing and maintaining a few versions of free email encryption software applications. Large organizations and governments tend to dump funds into spying and cyber defense yet can’t seem to fund developers of really important things such as email encryption. PGP isn’t good enough so its great to see Werner finally received some funding.
The man who built the free email encryption software used by whistleblower Edward Snowden, as well as hundreds of thousands of journalists, dissidents and security-minded people around the world, is running out of money to keep his project alive. Continue reading →