ANCHOR CYBER FEED

As the Internet of Things (IoT) market progresses, the number of malware threats targeting the sector is rising as well. The ultimate goal for many of these IoT threats is to build solid botnets in order to launch distributed denial of service (DDoS) attacks. Some of the threats that lack DDoS capabilities might still install DDoS-capable malware, researchers say. “DDoS attacks remain the main purpose of IoT malware. With the rapid growth of IoT, increased processing power in devices may prompt a change of procedures in the future, with attackers branching out into cryptocurrency mining, information stealing, and network reconnaissance,” Symantec concludes. http://www.securityweek.com/ddos-attacks-are-primary-purpose-iot-malware ​ http://www.securityweek.com/linux-xor-ddos-botnet-flexes-muscles-150-gbps-attacks

A few weeks ago a vulnerability was publicized in the VPN functionality of Cisco PIX firewalls, along with a tool to exploit it. This exploit was part of the Shadow Brokers dump of tools allegedly stolen from the NSA; in this case it was the BENIGNCERTAIN tool. This exploit was viewed as being of limited impact, since Cisco discontinued support for the PIX firewall years ago in favor or their newer ASA firewall line. This weekend it was announced that the same vulnerability exists in the IOS software that powers the vast majority of Cisco devices. This means that Cisco routers and routing switches with VPN functionality can be exploited with the BENIGNCERTAIN tool as well, rendering their VPN sessions subject to snooping. The vulnerability affects all versions of IOS going back to 12.2, as well as most versions IOS XR and IOS XE. Cisco has not yet released updated software to fix this issue, and they say there are no work-arounds; they have, however, published intrusion detectio...

Last week, former Secretary of State General Colin Powell became the latest public figure to have his personal email account hacked and his messages exposed publicly, to great embarrassment to himself and others. He joins a long list of political, government, and entertainment figures who have endured this same fate. Organizations cannot ignore the potential impact of such an incident occurring to one of their personnel, especially senior management in highly visible roles. The good news is that this type of incident is avoidable. The majority of these incidents have happened when a user's password was guessed, obtained via keystroke monitoring or other snooping, or reset via social engineering. The social engineering method that has been used against many prominent people, including the Director of the CIA and the Director of National Intelligence, was to contact their Internet provider or phone company and request a password reset. These methods can be largely defeated using ...

This post is one in a series of blog posts on the fundamentals of an information security program. You can see the complete list of posts in this series here . If anti-virus is the most basic control people think of in securing a computer, then firewalls serve the same role in network security. To many laypersons, “firewall” is synonymous with network security. But it was not until the late 1980s that practical network packet filters were introduced, allowing organizations to connect two networks while controlling what types of traffic were allowed, to which endpoints, and in which directions. Firewalls these days have evolved into “next-generation firewalls” or even “unified threat management devices.” These names denote two trends in the evolution of firewalls: the ability to filter traffic based on more detailed traffic properties, and the incorporation of other security functions (such as intrusio detection/prevention) that were traditionally provided by other devices. The f...

In many organizations, more and more work is being conducted via “mobile devices” like smartphones and tablets rather than traditional PCs and laptops. The most common of these by far are those running Apple’s iOS (iPhones and iPads) and those running Google’s Android OS. These devices are light, portable, convenient, handy, and generally easy to maintain and manage. However, they are still powerful computing devices that can store a lot of critical information and can also prevent serious security challenges. Some basic measures that you should take include: Set a password and set your phone to lock automatically after a short period of non-use. It’s so easy to lose a phone on a bus or train or in a restaurant, and if someone picks it up while it’s unlocked they can do and access pretty much everything on the device. Consider enabling a function to wipe the data and settings from your device if the passcode is entered incorrectly enough times. This function does allow for some...

This post is one in a series of blog posts on the fundamentals of an information security program. You can see the complete list of posts in this series here . The most basic of basic security principles is that you must know what you are defending in order to defend it. It sounds obvious at first blush, but it is an oft-neglected step in securing your network, your systems, and your information. Getting a handle on what devices are present on your network is essential to a proper security program. One of the notes in the Office of Personnel Management (OPM) Inspector General's report on their systems security in November 2014 (just before they suffered a massive breach) was that the office did not "maintain a comprehensive inventory of servers, databases, and network devices." 1 This shortcoming clearly underlies many of the other shortcomings there, including the failure to conduct comprehensive vulnerability scans -- you can't be sure if you're scanning...

Let us discuss the importance of using strong, complex passwords, and being diligent to use different passwords for everything. Most of us can agree that is good advice, but many of us don't follow it. The reason is simple: it is too hard to remember all those passwords! I understand completely; I personally have about 300 passwords right now! The old wisdom was to never write down your passwords and never record them ANYWHERE. However, the big threat to your data today is not someone who finds your password hidden under your keyboard, but someone on the other side of the world cracking or guessing your password. So to make complex and unique passwords possible, many security professionals recommend the use of a "password manager" software or service. Password managers are apps used to safely store ALL of your passwords and keep them safely encrypted in one place. Most are offered by providers who will store the data in the cloud so that you can sync it to all your ...