Another NSA tool leaked. Although this one never made it to implementation and it was never fully deployed in the field. It was designed to be a intelligence sharing application.
Weekly News Article
https://www.darkreading.com/endpoint/new-banking-trojan-similar-to-dridex-zeus-gozi/d/d-id/1330407?
A newly discovered banking Trojan called IcedID looks monitors online activity. It sets up a local proxy and intercepts traffic, sounds like something we learned in class!
Weekly News Article
https://www.darkreading.com/analytics/security-monitoring/unstructured-data-the-threat-you-cannot-see–/a/d-id/1330070
A good area where AI, and machine learning will help the cyber industry. Information is critical to an IT organization especially during an incident. With unstructured data, data that is not in their SIEMs, it is a challenge for them to get ahead of threats.
Weekly News Article
https://www.darkreading.com/endpoint/phishing-kits-regularly-reused-by-cybercriminals/d/d-id/1330269?
Cyber criminals are getting a ROI, re-using phishing kits. Brings up the question, why aren’t monitoring tools picking these up before they are delivered to a user’s inbox.
Weekly News Article
A new IoT Botnet, compared to Mirai. Called “IoT_reaper” was first reported in September.
https://thehackernews.com/2017/10/iot-botnet-malware-attack.html
Week 7 – News Article
Interesting malware, DoubleLocker, can reset your PIN and encrypts your data. Interesting that is does both.
https://www.darkreading.com/mobile/doublelocker-delivers-unique-two-punch-hit-to-android–/d/d-id/1330134?
News Article -Week 6
https://thehackernews.com/2017/10/formbook-password-stealer.html
Malware as a service is becoming more popular, a keystroke capturing and password stealing program is available for purchase.
News Article – Week 5
https://www.technewsworld.com/story/84801.html
Interesting article where Apache strikes back against the Equifax breach being caused by a vulnerability in their framework.
They note no one at the @equifax domain has been in contact with them, insinuating they haven’t managed their environment, and that Equifax didn’t use database encryption.
The article also goes into a good explanation of a zero day vulnerability.
News Article
https://www.darkreading.com/partner-perspectives/f5/where-do-security-vulnerabilities-come-from/a/d-id/1329951?
I thought this article was timely, considering we are reviewing a company’s footprint. The author states security vulnerabilities come from three places, code quality, complexity and overly trusting data inputs.
I found it fascinating that “the current version of the Firefox browser, which contains 16 million lines of code written by 5,094 developers over ten years” and cannot imagine the complexity.
The author suggests reducing your exposure to only what you need, limit what you expose to the internet, perform risk assessments and test often.