ANCHOR CYBER FEED

FBI Sees Massive Increase in Espionage, Including Industrial Espionage, Against the US The FBI on Thursday issued a press release discussing what they believe is an increasing threat of economic espionage against US companies. They estimate that such espionage may cost the US as much as "hundreds of billions" of dollars a year. This espionage is not just directed against large industrial companies, but any place where trade secrets and innovations might be found, including third-party organizations (e.g. business partners, vendors, consultants, lawyers, etc.) affiliated with targeted companies. A key take-away is that the threat is more widespread than most people think, and that few organizations are immune. https://www.fbi.gov/news/pressrel/press-releases/fbi-announces-economic-espionage-awareness-campaign http://www.cnn.com/2015/07/24/politics/fbi-economic-espionage/ Microsoft Releases Out-of-Cycle Patch for Critical Font Driver Bug A flaw uncovered in connecti...

This post is one in a series of blog posts on the fundamentals of an information security program. You can see the complete list of posts in this series here . At their most basic, cyber security breaches are characterized by unauthorized access. However, that unauthorized access is usually carried out by leveraging the access rights of one or more authorized users. It might be hackers on the other side of the world gaining access to a user's PC via a browser vulnerability and abusing the user's account to find and steal data around the network to which that user has access, whether intentionally or not. Or it might be an insider or disgruntled former employee abusing their legitimate (or formerly legitimate) account to gain access to things to which nobody ever intended them to have access. Ensuring that user accounts are created with appropriate access rights, that access is removed when no longer needed, that when new accesses are granted only the necessary access...

Adobe Releases Updates for Two More Serious Zero-Day Flash Vulnerabilities Last Tuesday Adobe released updates to resolve two new serious Flash vulnerabilities that allowed for remote code execution (CVE-2015-5122/23). This was the regularly-scheduled update cycle for Adobe, and they released updates for Shockwave and Acrobat as well. The Flash vulnerabilities are being actively exploited in the wild, and it is essential for all organizations to update Flash as soon as possible. http://www.theregister.co.uk/2015/07/14/adobe_flash_patch_tuesday/ https://helpx.adobe.com/security/products/flash-player/apsb15-18.html Mozilla and Google Take Steps to Block or Restrict Flash in Browsers After weeks of frequent new revelations of serious vulnerabilities in Flash, Mozilla and Google have taken steps to restrict how and when Flash runs within their Firefox and Chrome browsers. Facebook's security chief also called for a plan to end the use of Flash altogether. These actions ...

We are posting a list of fundamental security practices and controls that all organizations should have in place in some form or other. While these practices are basic, many organizations have very immature programs in some of these areas. These basics are a good place to start in thinking about your security program. The complete list of posts: Security Basics: Know What's on Your Network Security Basics: Patching Vulnerabilities Security Basics: Managing User Accounts Security Basics: Multi-Factor Authentication Security Basics: Full-Disk Encryption Security Basics: Privileged Account Management Security Basics: Malware Protection Security Basics: Database Security Security Basics: Vulnerability Detection Security Basics: Firewalls Security Basics: Email Security Security Basics: Networking Gear Security Basics: Configuration Baselines

Adobe Issues Emergency Patch for Flash Last Tuesday Adobe issued an emergency patch for its Flash product. The patch fixes a critical vulnerability which Adobe stated was already being exploited in the wild on a limited basis in targeted attacks. This is not the first emergency patch for Flash this year, in addition to the several critical patches that have been released in their normal monthly patch cycle. Flash continues to be one of the most common sources of vulnerabilities on desktops, and one of the most frequently-exploited applications out there. Every organization should be watching closely to ensure they are patching Flash rapidly, as well as perhaps considering measures to block or limit its use. http://krebsonsecurity.com/2015/06/emergency-patch-for-adobe-flash-zero-day/ https://helpx.adobe.com/security/products/flash-player/apsb15-14.html OPM Breach Investigation Stymied by Lack of Log Data When a breach occurs (or is suspected) one of the first thing an invest...

This post is one in a series of blog posts on the fundamentals of an information security program. You can see  the complete list of posts in this series here . Vulnerabilities happen. In most major pieces of software, such as Windows, Office, Java, Acrobat, Flash, Chrome, Firefox, Oracle, or anything else that runs on your servers and workstations, you can count on there being new flaws that affect your systems' security being announced frequently, often monthly. While installing patches is a fundamental security activity, many organizations do not make a strong and comprehensive effort in this area. A recent study showed that organizations typically take months to install a patch from the time is it released. The time varied significantly by industry, with technology-centric companies taking just under two months, while financial services companies averaged almost six months. Key factors to keep in mind in considering a vulnerability management program include: ...

Snapchat Adding Two-Factor Authentication Popular video-chat service Snapchat has been plagued by security issues for some time, and one measure they are taking to remedy that is introducing two-factor authentication. Users will have the option of enabling this feature, which requires the user to enter a verification code sent by text message any time they log on using a new device. "Passwords are dead" is a common saying in information security circles today, and it is true that the use of passwords as a sole authentication mechanism is rapidly falling out of favor. But what is the most common place that most people still use just a password to prove their identity when logging on? Work. As more consumer-oriented email apps, banking services, and the like start using two-factor authentication, workplace users are become more familiar with the concept and more understanding of the need for it. Is your organization applying multi-factor authentication for your systems? ...