Next Page: 10000

          Worst malware and threat actors of 2018 so far      Cache   Translate Page      

What’s the worst malware so far into 2018? The worst botnets and banking trojans, according to Webroot, were Emotet, Trickbot, and Zeus Panda. Crysis/Dharma, GandCrab, and SamSam were the worst among ransomware. The top three in cryptomining/cryptojacking were GhostMiner, Wanna Mine, and Coinhive.

And included in the list of top 10 threat actors so far this year, we find Lazarus Group, Sofacy and MuddyWater coming in the top three spots, according to AlienVault. Lazarus Group took the top spot from Sofacy this year. The reported locations for the top 10 threat actors are North Korea, with two groups; Russia, with three groups; Iran, with two groups; China, with two groups; and India, with one. Microsoft Office was the most exploited application, but Adobe Flash, WebLogic, Microsoft Windows, Drupal and GPON routers were also listed in the top 10.

To read this article in full, please click here


          VB2018 paper: Uncovering the wholesale industry of social media fraud: from botnet to bulk reseller panels      Cache   Translate Page      
Today, we publish the VB2018 paper by Masarah Paquet-Clouston (GoSecure) who looked at the supply chain behind social media fraud.

Read more
          Willkommen im Botnet: Über die Unsicherheit der Dinge      Cache   Translate Page      
Christoph M. Kumpa, Digital Guardian

Gastbeitrag: Christoph M. Kumpa benennt sieben Punkte zur Verbesserung der IoT-Security

The post Willkommen im Botnet: Über die Unsicherheit der Dinge appeared first on datensicherheit.de Informationen zu Datensicherheit und Datenschutz.


          Shellbot Botnet      Cache   Translate Page      
The Shellbot Botnet is a major project, which appears to be orchestrated by a cybercriminal group that goes by the name ‘Outlaw.’ In the past, they have been associated with similar botnets like the N3-Shellbot, but this one appears to be far more advanced in terms of both functionality and reach. The attackers appear to […]
          Worst malware and threat actors of 2018 so far      Cache   Translate Page      

What’s the worst malware so far into 2018? The worst botnets and banking trojans, according to Webroot, were Emotet, Trickbot, and Zeus Panda. Crysis/Dharma, GandCrab, and SamSam were the worst among ransomware. The top three in cryptomining/cryptojacking were GhostMiner, Wanna Mine, and Coinhive.

And included in the list of top 10 threat actors so far this year, we find Lazarus Group, Sofacy and MuddyWater coming in the top three spots, according to AlienVault. Lazarus Group took the top spot from Sofacy this year. The reported locations for the top 10 threat actors are North Korea, with two groups; Russia, with three groups; Iran, with two groups; China, with two groups; and India, with one. Microsoft Office was the most exploited application, but Adobe Flash, WebLogic, Microsoft Windows, Drupal and GPON routers were also listed in the top 10.

To read this article in full, please click here


          Shellbot Botnet Targets Linux, Android Devices      Cache   Translate Page      
An IRC bot built using Pearl is targeting Internet of Things (IoT) devices and Linux servers, but can also affect Windows systems and Android devices, Trend Micro warns. read more Source link
          卡巴斯基2018 Q3全球DDoS攻击分析报告      Cache   Translate Page      
在DDoS攻击方面,2018年第三季度相对平静。所谓“相对”,是因为主要资源上没有出现很多高级别或者连续多日的DDoS攻击。然而,犯罪分子攻击能力日趋增强,而攻击的总数却丝毫没有显示出下降的迹象。 7月初对“暴雪娱乐”的攻击成为今年夏天的头条新闻。Battle.net服务器被脱机发送控制,近三天时间内,玩家不能登录启动游戏。一个名为PoodleCorp的组织声称对此负责,该团体曾经在Twitter上露面。声称如果他们的消息被转发2000次以上,他们承诺将离开公司。不久之后,“暴雪娱乐”发布报告说“已经解决了玩家遇到不能登录的技术问题。” 在7月底之前,又发生了一系列针对另一家游戏发行商Ubisoft的攻击。结果,玩家无法登录他们的帐户,不能开启多人游戏模式。据该公司发言人称,用户数据没有受到损害。没有关于行动目的的报告。攻击者可能已经考虑到财务收益,或者只是针对最近游戏进行的一些更新提出抗议。 另外一个重大且持续数天的攻击,英语区的三大扑克类游戏网站:America’s Card Room,PokerStars和Partypoker非常恼火。受害的经营者被迫取消他们的一些活动,引起了网站成员的不满,因此他们失去了大笔资金。 与往常一样,DDoS攻击几乎可以肯定是由政治紧张造成的。8月底,瑞典社会民主党网站长达六分钟的中断,就是这种攻击的一个鲜明例子。同样,政治原因也被认为导致了加利福尼亚民主党国会候选人网站攻击。一个月之后,“政治”的标签也可能受到激进分子的推动,助长了对德国RWE的攻击:通过点击他们的网站,活动人士试图引起公众注意。 无论如何,一般公众仍然对导致南非共和国劳动部遭受痛苦的原因感到茫然(对其网络资源的攻击发生在9月初,据该部发言人称,没有内部系统或数据受到损害)。关于荷兰政府服务DigiD袭击事件背后的动机存在同样的不确定性:7月底,它在一周内遭到三次袭击,使许多公民无法获得与税收相关的其他功能。同样,没有报告表明数据存在泄漏。 DDoS攻击者的工具集没有太多更新;虽然一些好奇的新技术和一些新的漏洞确实在专家的视线范围内。因此,在7月20日,他们发现了针对D-Link路由器的大规模“招募活动”,该路由器使用了超过3,000个IP和一个命令服务器。该漏洞利用在企业环境中并不十分成功;还有待观察它是否能够创建一个新的用户路由器僵尸网络(以及它有多大)。 谈到特洛伊木马,报道于7月底开始传播有关新设计的特洛伊木马死亡案例,该案件通过招募监控摄像机来构建僵尸网络。臭名昭着的黑客Elit1Lands使用这个恶意软件AVTech漏洞,于2016年10月公开。安全研究员Ankit Anubhav设法联系网络犯罪分子并了解到目前为止僵尸网络尚未用于大规模DDoS攻击。 此外,在8月底和9月初,安全专家首先看到了新版本的Mirai和Gafgyt僵尸网络,利用了SonicWall和Apache Struts中的漏洞(在最后一种情况下,与信用参考中的大量数据泄露相关的错误相同)局Equifax)。 与此同时,Mirai的原始版本的三位作者,他们已经公开发布,最终被判刑。阿拉斯加联邦法院命令Paras Jha,Josiah White和Dalton Norman支付大量的补偿金,并提供2,500小时的社区服务。从表面上看,他们将代表FBI工作,而这句话的实际温和性是由于在这个过程中三名受试者与联邦调查人员正式合作:根据法庭文件,这三名男子已经积累通过将他们的专业知识用于至少十几项调查,提供超过1,000小时的社区服务。 此外,英国警方逮捕了我们上次报告中提到的针对ProtonMail的DDoS攻击背后的一名入侵者。这位19岁的新秀黑客成了英国公民,也参与了对学校,学院和航空公司制造恶作剧炸弹的威胁。他的父母坚持认为,通过玩“我的世界”游戏,他在网上被“认真的人”“整理”了。这个故事很难以年轻神童的工作结束,尽管他确实面临可能引渡到美国:根据调查,他的曝光主要是因为他没有实践非常好的操作安全。 季度趋势 与去年第三季度相比,由于9月份,DDoS攻击次数略有增加,而在夏季和全年,DDoS攻击次数明显减少。 2017 – 2018年卡巴斯基DDoS保护失败的季度DDoS攻击次数(2017年攻击次数为100%) 上图显示,与去年相比略有增加归因于9月,占所有攻击的最大份额(约为2017年的5倍)。相反,7月和8月与去年相比变得更安静了。2017年,没有观察到这种不成比例。 卡巴斯基DDoS保护在9月遭到DDoS攻击,与2017年和2018年的Q3总量成比例 DDoS恰好在9月份出现了一个相当普遍的事情:年复一年的主要目标是教育系统,针对学校,大学和测试中心的网络资源进行攻击。英国一所顶尖学校 - 爱丁堡大学于9月12日开始并持续近24小时的攻击,成为今年最大的头条新闻。 根据统计数据,这种情况往往归咎于国家的敌人,但这些指控是没有根据的。因此,在我们的私人调查过程中,我们发现攻击主要发生在大学生在学时间,并在休假期间消退。英国非营利组织Jisc得到了几乎相同的结果:通过收集有关大学攻击的统计数据,它了解到学生在度假时受到的攻击较少。每日课外时间也是如此:主要的DDoS干扰是学校在上午9:00到下午4:00期间经历的。 当然,这可能表明肇事者只是将他们的行为与大学的作息时间同步……但解释越简单,就越有可能:这些攻击也很可能是由年轻人设计的,可能有一些“好”的理由来惹恼他们的老师,其他学生或一般学校。与此假设一致,我们的专家能够在社交网络中找到DDoS攻击准备的痕迹;虽然我们来自英国的同事遇到了一个相当有趣的案例:一名针对宿舍服务器的攻击由一名学生发起,企图打败他的网络游戏对手。 从各方面来看,这些周期性的爆发将在未来再次发生 - 要么所有的教育机构都要坚持不懈的防御,要么直到所有的学生和他们的老师都对DDoS攻击及其后果有了全新的认识。然而,应该提到的是,虽然大多数攻击是由学生组织的,但并不意味着没有任何“严重”攻击。 例如,在9月份发起的针对美国供应商Infinite Campus 的DDoS活动,为其所在地区的许多学校提供家长门户服务,是如此强大和旷日持久以至于引起美国国土安全部的注意。学龄儿童的努力难以解释。 无论如何,虽然9月份好转的原因很可能与新学年的到来有关,但解释经济衰退有点困难。我们的专家认为,大多数僵尸网络所有者已经将其能力重新配置为更有利可图且相对更安全的收入来源:加密货币挖掘。 DDoS攻击最近便宜了很多,但仅限于客户。至于组织者,他们的成本仍然很高。至少,必须购买处理能力(有时甚至装备数据中心),编写自己的木马或修改现有木马(例如流行的Mirai),使用木马来组装僵尸网络,找到一个客户,发动攻击等等。更不用说这些东西都是非法的。执法部门可以采取一切措施:Webstresser.org的垮台随后是一系列逮捕行为就是一个很好的例子。 另一方面,加密货币挖掘现在几乎是合法的:唯一的非法方面是使用别人的硬件。在某些安排到位的情况下,采矿系统上的采矿过于明显对其所有者来说很明显,没有太多机会不得不处理网络警察。网络犯罪分子还可以重新利用他们已经拥有的硬件用于挖掘,从而完全逃脱了执法部门的注意力。例如,最近有关于新僵尸网络的报道MikroTik路由器,最初是作为加密货币挖掘工具创建的。还有间接证据表明,许多具有当之无愧声誉的僵尸网络的所有者现在已将其重新配置为采矿。因此,成功的僵尸网络yoyo的DDoS活动已经下降得非常低,尽管没有关于它被拆除的信息。 逻辑中有一个公式,其中包含:相关性并不意味着因果关系。换句话说,如果两个变量以类似的方式变化,则这些变化不一定有任何共同之处。因此,尽管将加密货币开采的增长与今年DDoS攻击的松弛联系起来似乎是合乎逻辑的,但这并不能说是最终的事实。而是一个有效的假设。 卡巴斯基实验室在打击网络威胁方面有着悠久的历史,包括各种类型和复杂性的DDoS攻击。该公司的专家使用卡巴斯基DDoS智能系统监控僵尸网络。 作为卡巴斯基DDoS保护的一部分,DDoS智能系统拦截并分析机器人从其管理和控制服务器接收的命令。要启动保护,不必等到用户设备被感染或直到攻击者的命令被执行。 此报告包含2018年第3季度的DDoS Intelligence统计信息。 就本报告而言,单独的(一个)DDoS攻击是指僵尸网络繁忙时段之间的间隔不超过24小时。例如,如果相同的资源在24小时或更长时间的暂停后第二次被同一僵尸网络攻击,则会记录两次攻击。如果属于不同僵尸网络的僵尸程序查询相同的资源,则攻击也被视为单独的。 DDoS攻击和命令服务器的受害者的地理位置根据其IP进行注册。该报告按季度统计中的唯一IP地址数计算唯一DDoS目标的数量。 DDoS Intelligence统计数据仅限于卡巴斯基实验室迄今为止检测和分析的僵尸网络。还应该记住,僵尸网络只是用于DDoS攻击的工具之一,本节并未涵盖给定时期内每一次DDoS攻击。 季度总结 和以前一样,中国在攻击次数最多的地方(78%)名列前茅,美国已经重新获得第二名(12.57%),澳大利亚排名第三(2.27%) - 比以往任何时候都高。虽然进入门槛低得多,但韩国有史以来第一次进入前10名。 在独特目标的分布方面也出现了类似的趋势:韩国已经跌至评级列表的最底层;澳大利亚已攀升至第三位。 在数量方面,使用僵尸网络实现的DDoS攻击在8月份达到了主要的高峰;7月初观察到最安静的一天。 持续攻击的数量有所下降;然而,持续时间不足4小时的短期增长17.5 pp(至86.94%)。独特目标的数量增加了63%。 Linux僵尸网络的份额仅比上一季度略有增长。在这种情况下,DDoS攻击的类型分布没有太大变化:SYN洪水仍然排在第一位(83.2%)。 在过去的一个季度中,托管命令服务器数量最多的国家/地区列表发生了巨大变化。像希腊和加拿大这样的国家,以前已进入前十名,现在已经排在榜单的前列。 攻击地理 中国仍然占据上限,其份额从59.03%飙升至77.67%。美国重新获得第二个位置,尽管它已经增长了0.11个百分点,达到12.57%。这就是惊喜的开始。 首先,自监测开始以来,韩国首次跌出前十名:其份额从上季度的3.21%下降至0.30%,从第四位到第十一位下坡。与此同时,澳大利亚从第六位攀升至第三位:现在它占传出DDoS攻击总数的2.27%。这表明过去几个季度出现的非洲大陆的增长趋势仍然存在。香港从第二位升至第四位:其份额从17.13%下降至1.72%。 除了韩国,马来西亚也排名前十;这两个被新加坡(0.44%)和俄罗斯(0.37%)分别取代 - 分别排名第七和第十位。他们的股价从第二季度开始增长很少,但由于中国的飞跃,准入门槛变得不那么苛刻了。法国的例子证明了这一点:第二季度法国排名第十,占DDoS攻击总数的0.43%;本季度其份额降至0.39%,但该国仍然排名第八。 同样,来自前10名以外的所有国家的综合百分比从3.56%下降到2.83%。 各国的DDoS攻击,2018年第2季度和第3季度  在各国的独特目标评级中也发生了类似的过程:中国的份额增长了18个百分点,达到70.58%。目标数量的前五个位置看起来与攻击次数基本相同,但排名前十的位置有点不同:韩国仍然存在,尽管它的份额大幅减少(从下降到0.39%) 4.76%)。此外,评级表失去了马来西亚和越南,取而代之的是俄罗斯(0.46%,第八名)和德国(0.38%,第十名)。 按国家,2018年第二季度和第三季度的独特DDoS目标 动态DDoS攻击次数 第三季度的开始和结束并没有充分的攻击,但是8月和9月初的特征是锯齿状的图形,有很多山峰和山谷。最大的峰值发生在8月7日和20日,间接与大学收集申请人的论文并公布录取分数的日期相关。7月2日结果最安静。尽管不是很忙,但本季度末的攻击仍然比开始时更多。 2018年第三季度DDoS攻击数量动态  本季度的分配日相当均匀。星期六现在是本周最“危险”的一天(15.58%),从周二(13.70%)夺走了手掌。星期二在攻击次数方面倒数第二,仅在星期三之前,目前是本周最安静的一天(12.23%)。 按星期几,二季度和2018年第三季度进行DDoS攻击 DDoS攻击的持续时间和类型 第三季度最长的袭击持续了239个小时 - 短短10天。只是提醒你,上一季度最长的一个开启了将近11天(258小时)。 大规模,长期攻击的比例大幅下降。这不仅适用于持续时间超过140小时的“冠军”,也适用于所有其他类别长达5小时的冠军。最显着的下降发生在持续5到9小时的类别中:这些攻击从14.01%下降到5.49%。 然而,不到4个小时的短暂攻击增长了近17.5个百分点,达到86.94%。与此同时,目标数量比上一季度增长了63%。 按持续时间,小时,Q2和Q3 2018进行DDoS攻击 按攻击类型分布的数据几乎与上一季度相同。SYN Flood一直保持着第一的位置;其份额增长甚至达到83.2%(第二季度为80.2%,第一季度为57.3%)。UDP流量排在第二位;它也小幅上涨至11.9%(上一季度为10.6%)。其他类型的攻击损失了几个百分点但在相对发生率方面没有变化:HTTP仍然是第三,而TCP和ICMP分别是第四和第五。 按类型,Q2和Q3 2018进行DDoS攻击 (下载) Windows和Linux僵尸网络的比例与上一季度的比例大致相同:Windows僵尸网络已经上升(并且Linux下降了1.4个百分点)这与攻击类型变化动态相关。 Windows vs. Linux僵尸网络,2018年第3季度  僵尸网络分布地理 在僵尸网络命令服务器数量最多的十大区域列表中出现了一些重组。美国保持第一,但其份额从上季度的44.75%下降至37.31%。俄罗斯的市场份额从2.76%上升至8.96%,上升至第二位。希腊名列第三:它占指挥服务器的8.21% - 从0.55%上升到上一季度前十名之外。 中国仅有5.22%,仅为第五,被加拿大击败,得分为6.72%(比第二季度的数字高出数倍)。 与此同时,前十名以外国家的合计份额大幅增加:增长近5个百分点,目前为16.42%。 Botnets按国家/地区命令服务器,2018年第3季度 (下载) 结论 过去三个月没有发生过重大的高调袭击事件。与夏季放缓相反,9月份对学校的袭击事件特别明显。它已经成为卡巴斯基实验室多年来观察到的循环趋势的一部分。 另一个显着的发展是长期攻击数量的减少以及越来越多的独特目标:僵尸网络所有者可能正在用小型攻击取代大规模攻击(有时在英语媒体中被称为“爬行”攻击),通常无法区分“网络噪音”。我们已经看到过去几个季度这种范式变化的前奏。 就C&C僵尸网络数量而言,前十大阵容正在连续第二季度突然重组。可能是攻击者试图扩展到新的地区或试图安排其资源的地理冗余。原因可能是经济(电价,暴露于不可预见的情况下的业务稳健性)和合法的反网络犯罪行为。 过去两个季度的统计数据使我们相信DDoS社区目前正在展开某些转型过程,这可能会在不久的将来严重重新配置这一领域的网络犯罪活动。 *本文作者:bingbingxiaohu,转载请注明来自FreeBuf.COM
          Hidden Costs of IoT Vulnerabilities      Cache   Translate Page      

IoT devices have become part of our work and personal lives. Unfortunately, building security into these devices was largely an afterthought.

Another day, another hack. Whether it's a baby monitor used to spy on mother and child, or anFBI warning to reset home wireless routers due to Russian intrusion, the question continues to be: What's next?

Internet of Things (IoT) devices are part of both our work and personal lives. Unfortunately, building security into these devices was largely an afterthought ― the ramifications of which we are now seeing on a near-daily basis. However, let's look beyond the headlines at the hidden costs of IoT security vulnerabilities. These fall into five categories: device security, intellectual property (IP) protection, brand protection, operational cost containment, and user experience.

Device Security

Once hacked, some devices can do a disproportionate amount of physical damage. It all depends on the degree of criticality to the nation-state, community, or individual.

The agriculture industry, for example, is as valuable to a country as any other strategic asset, such as utilities, finance, or communications. Many big farms today are automated via field sensors and autonomous vehicles. Let's imagine that someone hacks the sensors to erroneously indicate that the corn is ready to be cut, even though it's three months too early. Or that a hack signals an autonomous tractor to spread too much fertilizer, burning and causing the loss of an entire crop. This potentially catastrophic hack, as well as the corresponding financial losses or risk to the nation-state and its citizens, seem endless.

It is highly recommended that you closely examine the security of your IoT devices via the lens of worst-case scenarios. Ensuring the integrity of the data coming from your remote sensors is especially important because this data drives automated decisions with long-term implications.

IP Protection

It's astounding how many organizations will spend millions of dollars on R&D and then put that valuable intellectual property on an insecure IoT device. In this case, a hack could mean the end of your business.

Now, let's presume that you are investing heavily in building sophisticated algorithms to enable machine learning, artificial intelligence, or facial recognition. As you look to deploy these proprietary algorithms for use in an IoT device, you are ultimately left with two choices: 1) Protect the algorithm in the cloud, forcing the IoT device to run back-and-forth to run the process and adversely affecting the customer experience, or 2) install the algorithm into the OS stack on the IoT device and risk a hack that steals your algorithm ― essentially making you toss your entire R&D investment into the wastebasket.

Brand Protection

Apathy and inertia are creating a sense of "hack numbness," though the consequence of turning a blind eye depends on where you sit.

Let's say you make devices that help protect or enhance the life of children, with cameras or microphones that are always on and always watching. Consider a hack on these devices, and the misuse of the information they have access to, now being consumed by unsavory characters.

This is a brand killer. No matter how noble your IoT device and its application, if you cannot protect children, the market will make sure your future is cut short.

Consequently, security can't be ignored because you became numb to attacks. This is especially true if you're in a business that requires your IoT devices to gather sensitive information. Couple this with an emotionally invested customer base, such as users of child-monitoring devices, and a hack will mean the end of your business.

Operational Cost Containment

Satellite time is expensive. Within the broadest construct of the many new IoT devices, some will have a component that relies on satellites for data communication. It does not need to be said (but I'll say it anyway) that satellite time is a very expensive path for data backhaul.

Imagine a hack where a botnet starts a distributed denial-of-service attack on a music-streaming server, which then causes the IoT device to start rapidly and overwhelmingly pinging the music streaming service. As the IoT device is battery powered and using satellite for its backhaul, every ping now statistically shorts the life of the IoT device.

This scenario serves as a double whammy of cost containment. If you're leveraging satellites in your IoT strategy, you must examine where potential vulnerabilities are because they could affect your overall costs of operation and maintenance.

User Experience

As the saying goes, everyone has been hacked, but there are some who don't know it yet. While there may be no disruption of service at the time of a hack, what happens when there is some type of glitch?

Let's imagine that you get up one morning and ask Alexa to open the blinds, but they don't open. Now you have to check if there's Internet service into the house, and then confirm that the Wi-Fi network is broadcasting and that Alexa is enabled properly, and, finally, you have to ensure that the app for "my blinds" is connected and working. Considering how much time this could take, it would be quicker to get out of bed and just open the blinds manually.

Consequently, adding a path to ensure that the original code base is not corrupted through attestation, we can minimize the impact on the user with a highly secure device update, but the hidden cost is the impact on their time.

Conclusion

The world is catching on to the idea that IoT device security is of paramount importance. Frankly, if end users were affected in a meaningful way (say, something involving their TVs) through one significant hack, the demand for security would become "top of mind." The question is how many of these hidden costs will affect organizations while we work toward a more secure ecosystem.

In my opinion, embedding security in the IoT ecosystem can't come soon enough.

Related Content: 7 Serious IoT Vulnerabilities IoT Bot Landscape Expands, Attacks Vary by Country New Report: IoT Now Top Internet Attack Target A Cybersecurity Weak Link: linux and IoT
Hidden Costs of IoT Vulnerabilities

Black Hat Europe returns to London Dec. 3-6, 2018, with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

Carl Nerup's experience is a powerful mix of proven marketing and sales leadership an
          Press Releases: NTT Security ajoute la détection des infrastructures de botnets à ses services de sécurité managés (MSS)      Cache   Translate Page      
Grâce à cela, l’entreprise renforce ses capacités de surveillance, de détection et de neutralisation en temps réel des cybermenaces qui planent sur les entreprises.
          IoT Botnets and the Economics of DDoS Protection      Cache   Translate Page      
The effort and money we’ve been expending to build defenses is no longer proportional to attackers’ investments. It is time to review the attack landscape, re-evaluate the architecture of defense mechanisms and consider how best to defend against higher-order-of-magnitude attacks.

Request Free!

          Shellbot Botnet Targets Linux, Android Devices      Cache   Translate Page      

An IRC bot built using Pearl is targeting Internet of Things (IoT) devices and Linux servers, but can also affect Windows systems and Android devices, Trend Micro warns.

read more


          Ataki DDoS w III kw. 2018 r. Organizacje edukacyjne na celowniku       Cache   Translate Page      
Najnowszy raport Kaspersky Lab poświęcony atakom DDoS pokazuje, że w trzecim kwartale 2018 roku botnety zaatakowały zasoby zlokalizowane w 82...
          Security Practitioners! 5 Ways to Make your Boss Hear your Needs      Cache   Translate Page      

Having trouble getting senior management to buy-in to your security recommendations? Try these essential tips.


Security Practitioners! 5 Ways to Make your Boss Hear your Needs

One of the most oft-heard complaints among IT and network admins concerns how to convince senior management of the importance of a robust and comprehensive security solution. From SMEs who think they are not a target and can’t afford “the expense” of security, to corporate managers more worried about compliance than compromise, applying the principles of cybersecurity wisdom can be a challenging and frustrating task if management aren’t on board.

Some managers are more interested in ticking boxes for Quality Assurance than the impact of a malicious breach. After all, if all the boss’s boxes are ticked, responsibility for any problems will fall elsewhere, and probably on you! But if ticking your boxes requires getting senior stakeholders to recognize the reality of today’s threatscape, what can you do? Here’s our top 5 tips for making your boss hear your needs.

1. Speak a Language They Understand

When bosses naively ask “Are we safe?”, don’t say “Security isn’t a binary question!” Do say “It isn’t a simple Yes/No question.” You know security is a company-wide practice and a mindset, but your boss may think it’s just another task that you should have completed already! That means, like it or not, you’re in the business of education. And the first step along that long road is for you to learn their language. Don’t expect your boss to understand yours!

So, be light on the jargon and technical specifics when discussing your needs, and be heavy on the effects on productivity, efficiency, staff morale and other quantifiers bosses understand. They don’t necessarily need to know all the details of how your domain came under a DDOS botnet attack for the last 24 hours. They do need to know that there’s a security situation which requires either some specific amount of time or budget (or both) to deal with. Point out the cost to the company of not putting into effect your recommended solution.

2. Share Ownership

Bosses typically don’t want to know about the reality of security because as far as they see it that’s your job, not theirs. “Don’t talk to me about cyber! Dealing with this is what I hired you for!” But the boss is just a specific example of a more general problem. When it comes to security, managers are just one of your many users, and promoting security awareness among all your users should be one of your key priorities.

The important thing here is to get staff (including bosses!) to buy-in to the idea that security is a company-wide responsibility. Ask permission for and implement staff awareness programs. Do people know how easy it is to phish passwords? Engage them with social media like this

Who says hacking is difficult!
Security Practitioners! 5 Ways to Make your Boss Hear your Needs
It’s fun.

So, what’s your password? #Cybersecurity #cyber #hack #hacking #Hacked #hacker #informationsecurity #infosec #informationtechnology #infowars #socialengineering #cybersecurityawareness #cyberawareness #digitalsecurity #password pic.twitter.com/zxKpTz6q9d

― Mohit Kumar (@unix_root) October 29, 2018

or seek permission from HR to conduct a simulated spear-phishing test like this .

How willing are your staff to plug in unknown USB devices that could be malicious? Do they know how easy it is for hackers to turn a regular USB device into a malicious weapon? Run campaigns. Don’t ask for funding, just permission where necessary.

3. Be a Solution Provider, Not a Problem Bringer

Informing management of problems may get you labeled as a complainer and your ideas nothing more than an eye-roll. Raise security issues in the context of how they affect others rather than yourself, and then spend time discussing solutions. Similarly, if like the proverbial messenger, you don’t want to get “shot” for being the bearer of bad news, learn to deliver your problems with a heavy dose of answers. Ideally, present a range of solutions for consideration, but angle the pros and cons to favour what you know is for the best.

Your task here is to lead your managers to the right security solution because it’s a benefit to the company as a whole.

4. Present Proposals, Not Demands

You have some obsolete hardware and infrastructure that one department desperately wants to keep. Maintaining it is a security issue for you, but bosses are more swayed by the department’s argument that “it’s necessary for their work”. Often-times, staff are invested in ways of doing things and no one likes change. Spend time looking at solutions that would improve not just your security concerns but also their productivity. For example, try asking them what equipment they would buy if they were setting up their department anew. Wave away “oh, but we’d never get budget for that here” protests. Find out what they need, and then promote it or something close to it to senior management as a solution not just to their problems, but yours too.

Aligning security with a costed business case for other improvements makes for a more compelling argument than going it alone. Write a clear, costed proposal that not only provides a budget but also estimates, in quantitative terms, the projected benefit to the company. Ideally, you want a package that the boss can sign-off on and justify in terms managers understand: cost-benefit analysis.

5. Don’t “Hide in the Basement” If senior managers aren’t aware of how security issue
          Shellbot Botnet Targets IoT devices and Linux servers      Cache   Translate Page      

Security experts at Trend Micro have spotted an IRC bot dubbed Shellbot that was built using Perl Shellbot. The malware was distributed by a threat group called Outlaw, it was able to target Linux and Android devices, and also Windows systems. “We uncovered an operation of a hacking group, which we’re naming “Outlaw” (translation derived from the Romanian word haiduc, […]

The post Shellbot Botnet Targets IoT devices and Linux servers appeared first on Security Affairs.


          IoT botnet infects 100,000 routers to send Hotmail, Outlook, and Yahoo spam      Cache   Translate Page      
Botnet infects routers and uses them to relay connections to webmail services.
          Cyber security and fake news      Cache   Translate Page      
LIMASSOL, Cyprus – With only several days to the US midterm elections and European Parliament elections in May 2019, cyber security threats, misinformation, and influencing public opinion is a major concern, an Internet security expert told New Europe. “The big danger is botnet networks,” Andrey Yarnykh, head of strategic projects at Kaspersky Lab, told New
          Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw      Cache   Translate Page      
A sophisticated proxy code has infected hundreds of thousands of devices already.
          IoT botnet infects 100,000 routers to send Hotmail, Outlook, and Yahoo spam      Cache   Translate Page      
none


Next Page: 10000

Site Map 2018_01_14
Site Map 2018_01_15
Site Map 2018_01_16
Site Map 2018_01_17
Site Map 2018_01_18
Site Map 2018_01_19
Site Map 2018_01_20
Site Map 2018_01_21
Site Map 2018_01_22
Site Map 2018_01_23
Site Map 2018_01_24
Site Map 2018_01_25
Site Map 2018_01_26
Site Map 2018_01_27
Site Map 2018_01_28
Site Map 2018_01_29
Site Map 2018_01_30
Site Map 2018_01_31
Site Map 2018_02_01
Site Map 2018_02_02
Site Map 2018_02_03
Site Map 2018_02_04
Site Map 2018_02_05
Site Map 2018_02_06
Site Map 2018_02_07
Site Map 2018_02_08
Site Map 2018_02_09
Site Map 2018_02_10
Site Map 2018_02_11
Site Map 2018_02_12
Site Map 2018_02_13
Site Map 2018_02_14
Site Map 2018_02_15
Site Map 2018_02_15
Site Map 2018_02_16
Site Map 2018_02_17
Site Map 2018_02_18
Site Map 2018_02_19
Site Map 2018_02_20
Site Map 2018_02_21
Site Map 2018_02_22
Site Map 2018_02_23
Site Map 2018_02_24
Site Map 2018_02_25
Site Map 2018_02_26
Site Map 2018_02_27
Site Map 2018_02_28
Site Map 2018_03_01
Site Map 2018_03_02
Site Map 2018_03_03
Site Map 2018_03_04
Site Map 2018_03_05
Site Map 2018_03_06
Site Map 2018_03_07
Site Map 2018_03_08
Site Map 2018_03_09
Site Map 2018_03_10
Site Map 2018_03_11
Site Map 2018_03_12
Site Map 2018_03_13
Site Map 2018_03_14
Site Map 2018_03_15
Site Map 2018_03_16
Site Map 2018_03_17
Site Map 2018_03_18
Site Map 2018_03_19
Site Map 2018_03_20
Site Map 2018_03_21
Site Map 2018_03_22
Site Map 2018_03_23
Site Map 2018_03_24
Site Map 2018_03_25
Site Map 2018_03_26
Site Map 2018_03_27
Site Map 2018_03_28
Site Map 2018_03_29
Site Map 2018_03_30
Site Map 2018_03_31
Site Map 2018_04_01
Site Map 2018_04_02
Site Map 2018_04_03
Site Map 2018_04_04
Site Map 2018_04_05
Site Map 2018_04_06
Site Map 2018_04_07
Site Map 2018_04_08
Site Map 2018_04_09
Site Map 2018_04_10
Site Map 2018_04_11
Site Map 2018_04_12
Site Map 2018_04_13
Site Map 2018_04_14
Site Map 2018_04_15
Site Map 2018_04_16
Site Map 2018_04_17
Site Map 2018_04_18
Site Map 2018_04_19
Site Map 2018_04_20
Site Map 2018_04_21
Site Map 2018_04_22
Site Map 2018_04_23
Site Map 2018_04_24
Site Map 2018_04_25
Site Map 2018_04_26
Site Map 2018_04_27
Site Map 2018_04_28
Site Map 2018_04_29
Site Map 2018_04_30
Site Map 2018_05_01
Site Map 2018_05_02
Site Map 2018_05_03
Site Map 2018_05_04
Site Map 2018_05_05
Site Map 2018_05_06
Site Map 2018_05_07
Site Map 2018_05_08
Site Map 2018_05_09
Site Map 2018_05_15
Site Map 2018_05_16
Site Map 2018_05_17
Site Map 2018_05_18
Site Map 2018_05_19
Site Map 2018_05_20
Site Map 2018_05_21
Site Map 2018_05_22
Site Map 2018_05_23
Site Map 2018_05_24
Site Map 2018_05_25
Site Map 2018_05_26
Site Map 2018_05_27
Site Map 2018_05_28
Site Map 2018_05_29
Site Map 2018_05_30
Site Map 2018_05_31
Site Map 2018_06_01
Site Map 2018_06_02
Site Map 2018_06_03
Site Map 2018_06_04
Site Map 2018_06_05
Site Map 2018_06_06
Site Map 2018_06_07
Site Map 2018_06_08
Site Map 2018_06_09
Site Map 2018_06_10
Site Map 2018_06_11
Site Map 2018_06_12
Site Map 2018_06_13
Site Map 2018_06_14
Site Map 2018_06_15
Site Map 2018_06_16
Site Map 2018_06_17
Site Map 2018_06_18
Site Map 2018_06_19
Site Map 2018_06_20
Site Map 2018_06_21
Site Map 2018_06_22
Site Map 2018_06_23
Site Map 2018_06_24
Site Map 2018_06_25
Site Map 2018_06_26
Site Map 2018_06_27
Site Map 2018_06_28
Site Map 2018_06_29
Site Map 2018_06_30
Site Map 2018_07_01
Site Map 2018_07_02
Site Map 2018_07_03
Site Map 2018_07_04
Site Map 2018_07_05
Site Map 2018_07_06
Site Map 2018_07_07
Site Map 2018_07_08
Site Map 2018_07_09
Site Map 2018_07_10
Site Map 2018_07_11
Site Map 2018_07_12
Site Map 2018_07_13
Site Map 2018_07_14
Site Map 2018_07_15
Site Map 2018_07_16
Site Map 2018_07_17
Site Map 2018_07_18
Site Map 2018_07_19
Site Map 2018_07_20
Site Map 2018_07_21
Site Map 2018_07_22
Site Map 2018_07_23
Site Map 2018_07_24
Site Map 2018_07_25
Site Map 2018_07_26
Site Map 2018_07_27
Site Map 2018_07_28
Site Map 2018_07_29
Site Map 2018_07_30
Site Map 2018_07_31
Site Map 2018_08_01
Site Map 2018_08_02
Site Map 2018_08_03
Site Map 2018_08_04
Site Map 2018_08_05
Site Map 2018_08_06
Site Map 2018_08_07
Site Map 2018_08_08
Site Map 2018_08_09
Site Map 2018_08_10
Site Map 2018_08_11
Site Map 2018_08_12
Site Map 2018_08_13
Site Map 2018_08_15
Site Map 2018_08_16
Site Map 2018_08_17
Site Map 2018_08_18
Site Map 2018_08_19
Site Map 2018_08_20
Site Map 2018_08_21
Site Map 2018_08_22
Site Map 2018_08_23
Site Map 2018_08_24
Site Map 2018_08_25
Site Map 2018_08_26
Site Map 2018_08_27
Site Map 2018_08_28
Site Map 2018_08_29
Site Map 2018_08_30
Site Map 2018_08_31
Site Map 2018_09_01
Site Map 2018_09_02
Site Map 2018_09_03
Site Map 2018_09_04
Site Map 2018_09_05
Site Map 2018_09_06
Site Map 2018_09_07
Site Map 2018_09_08
Site Map 2018_09_09
Site Map 2018_09_10
Site Map 2018_09_11
Site Map 2018_09_12
Site Map 2018_09_13
Site Map 2018_09_14
Site Map 2018_09_15
Site Map 2018_09_16
Site Map 2018_09_17
Site Map 2018_09_18
Site Map 2018_09_19
Site Map 2018_09_20
Site Map 2018_09_21
Site Map 2018_09_23
Site Map 2018_09_24
Site Map 2018_09_25
Site Map 2018_09_26
Site Map 2018_09_27
Site Map 2018_09_28
Site Map 2018_09_29
Site Map 2018_09_30
Site Map 2018_10_01
Site Map 2018_10_02
Site Map 2018_10_03
Site Map 2018_10_04
Site Map 2018_10_05
Site Map 2018_10_06
Site Map 2018_10_07
Site Map 2018_10_08
Site Map 2018_10_09
Site Map 2018_10_10
Site Map 2018_10_11
Site Map 2018_10_12
Site Map 2018_10_13
Site Map 2018_10_14
Site Map 2018_10_15
Site Map 2018_10_16
Site Map 2018_10_17
Site Map 2018_10_18
Site Map 2018_10_19
Site Map 2018_10_20
Site Map 2018_10_21
Site Map 2018_10_22
Site Map 2018_10_23
Site Map 2018_10_24
Site Map 2018_10_25
Site Map 2018_10_26
Site Map 2018_10_27
Site Map 2018_10_28
Site Map 2018_10_29
Site Map 2018_10_30
Site Map 2018_10_31
Site Map 2018_11_01
Site Map 2018_11_02
Site Map 2018_11_03
Site Map 2018_11_04
Site Map 2018_11_05
Site Map 2018_11_06
Site Map 2018_11_07