"The 2018 Year in Review covers CIS' advances in cybersecurity via the EI-ISAC®, MS-ISAC®, CIS Benchmarks™, CIS SecureSuite®, CIS Hardened Images™, CIS Controls™, and CIS CyberMarket®." - via Center for Internet Security
via the United States Cybersecurity and Infrastructure Security Agency (CISA), the embedded video is an Awareness Briefing on the Peoples Republic of China (PRC) Chinese Malicious Cyber Activity. This CISA webinar provides background data and mitigation/remediation techniques on the PRC Malicious Cyber Activity targeting Managed Service Providers (MSPs). While this webinar is now over 30 days old, the issues discussed in the video are still very relevant.
In a not-too-astounding announcement, it seems MIT Academicians have found a new use for super-computational resources: The utilization of super comuting resources targeting so-called 'compressed bundles' with the ostensible outcome of attack detection. I'll wager there are foreword thinking data scientists bent over the same workwheel using so-called 'Cloud Computing' for the same task (at tenth of a percent of the cost per flop). Just sayin...
'"If you're trying to detect anomalous behavior, by definition that behavior is rare and unlikely," says Vijay Gadepally, a senior staff member at the Lincoln Laboratory Supercomputing Center (LLSC). "If you're sampling, it makes an already rare thing nearly impossible to find."' - via The Lincoln Laboratory at the Masachusetts Institute of Technology
Bad news for the Department of Defense (which nearly always translates into bad news for ourselves and our allies). Via Robert N. Charette, writing at the IEEE's Spectrum Magazine, of a recently released GAO Report detailing significant downside to the DoD's Weapons Systems Cyber Security posture...
'The GAO’s conclusions can be summed up in two words: unsurprisingly abysmal. The report states, “Nearly all major acquisition programs that were operationally tested between 2012 and 2017 had mission-critical cyber vulnerabilities that adversaries could compromise.”' - via Robert N. Charette, writing at the IEEE's Spectrum Magazine
Terrific blog post by Gerhard Jacobs, writing at the Imperva Cybersecurity blog, and discussing IoT and ML with Gilad Yehudai (Gilad is a Security Research Engineer at Imperva), this time, where connected devices and machine learning interact in concert with and inform warfighting and warrior, and machine capabilities. Today's Must Read.
The Journal of Physical Security (JPS) has just released it's latest edition (August 11(1). JPS (ISSN 2157-8443) is hosted over at Right Brain Sekurity, LLC, and the editor is Roger G. Johnston, Ph.D., CPP. If you are into Security in any form, this Journal should draw your immediate interest. Free for the asking (just download it), I cannot stress how important the information contained therein can be to Information, Cyber and Physical Security Professionals.
Behold: A well crafted white paper, targeting security related white papers, that is apparently a blog post, and most importantly, dripping with the sweet, sweet wine of security sarcasm. Today's Must Read!
via Rob Knake, writing at the Council on Foreign Relations' online outlet: Foreign Affairs and in the Snapshot section, comes this astute examination of the co-called cyberwarfare space's soft underbelly - power generation. Fear, Uncertainty and Doubt aside: Successful attacks on electrical power generation and equally crucial power distribution capabilites would relegate vast swaths of the population into feudal vassals of regional political power (not too mention the demoralization of those populations). Today's Must Read.
"The digital infrastructure that serves this country is literally under attack,” Director of National Intelligence Dan Coats warned starkly last week. Most commentators took his declaration that “the warning lights are blinking red” as a reference to state-sponsored Russian hackers interfering in the upcoming midterm elections, as they did in the 2016 presidential election. But to focus on election interference may be to fight the last war, fixating on past attacks while missing the most acute vulnerabilities now. There’s reason to think that the real cyberthreat from Russia today is an attack on critical infrastructure in the United States—including one on the power grid that would turn off the lights for millions of Americans." - via Rob Knake, writing at Foreign Affairs
Superb journalism in the form of an article posted by Ellen Nakashima and Aaron Gregg of The Washington Post detailing critical work of United States National Security Agency trained malware hunters - now the co-founders of Dragos, a highly respected cybersecurity firm. If you read anything today on public infrastructure security read Ellen Naksshima and Aaron Gregg's important piece at The Washington Post. You'll be glad you did.
The cyber threat hunters had honed their chops at the National Security Agency — the world’s premier electronic spy agency. And last fall, they were analyzing malware samples from around the world when they stumbled across something highly troubling... - via Ellen Nakashima and Aaron Gregg of The Washington Post**
A new research paper has attracted my attention at arXiv.org; and from Mordechai Guri, Boris Zadov, Dima Bykhovsky, Yuval Elovici, all from the astonishingly prolific Ben-Gurion University of the Negev, in southern Israel's blooming desert - the Negev. Interestingly, all working in the Cyber-Security Research Center a component - if you will - of the Department of Software and Information Systems Engineering.
This is one of those seemingly easy to grasp, easy to execute (for the right entities, and with the apropos hardware and software exfiltration tools) in which, data may be slurped-up, with minimal invasive telltale artifacts left behind, simply from sampling the modulated goodness of the electrical power connection to the targeted device.
Importantly, this form of attack would be devestating to the target, of which, has essentially no in-built incusion defense watching over the electrical power flow into the machies PDU (other than the usual gatekeeping set up around and amongst whatever payload is being sought (think diretory services, database passwords, API security, tokens, et cetera). Certainly, today's Must Read.
Seemingly yearly, we see new printer vectored network attacks due to slovely written code in the printer or the offending machine's drives. Here's the latest debacle courtesy of Hacker Noon on their Medium blog.
'Hacking unsecured printers is easy. Unfortunately, according to a Spiceworks survey only 16% of IT industry respondents think printers are at high risk of a security breach! 43% of surveyed companies ignore printers in their endpoint security approach. Well, what adminstrators don’t know will hurt them. Corporations invest in securing their computing devices. Why not printers?' - via Hacker Noon on Medium
Terrific bit of reportage by Richard Chirgwin, whilst writing at El Reg and detailing the so-called cost-benefit methodology explaining efforts underway to further protect browser bits; and, while you're at it, examine if you will the research paper mentioned in the post, quite likely one of the more interesting papers you may read today.
Very bad tidings greets us on Monday morning... via the always enlightening journalism of Catalin Cimpanu, writing at Bleeping Computer. Catlain reports the latest Something As A Service - is, in this case, Ransomware As A Service; the kicker in this is (again, reportedly): The service is free. Very bad news, indeed...