Network Forensics Tracking Hackers Through Cyberspace
The Ten-Day MBA 4th Ed.: A Step-By-Step Guide To Mastering The Skills Taught In America's Top Business Schools
Wired for War: The Robotics Revolution and Conflict in the 21st Century
Blogs / News -
SC Media - Applying the 80/20 Rule to Cloud Security -
How can we apply Pareto’s principle to cloud security? Within your security activities, what is the key 20 percent that will produce 80 percent of your results when it comes to reducing risk?
One effort that absolutely falls into the 20 percent bucket is reducing threat actor dwell time. Just like a small kitchen fire is far less damaging than a full house fire, the faster you can identify and respond to an incident the more likely it is you escape it without serious damage. If a threat is swiftly and effectively addressed following detection, then subsequent cost factors such as lost business and reputational damage are drastically reduced if not eliminated completely. The 80/20 rule at work!
BBC - China demands US response over CIA hacking claims -
The Chinese Foreign Ministry has asked the US for a "clear explanation" after claims the CIA had been hacking targets in China for at least 11 years.
The allegations were made by Qihoo, a well-known cyber-security firm based in Beijing.
The company said it had found evidence in malware suggesting the CIA had targeted airlines, petrol companies and government agencies.HITB Security News - FBI working to ‘burn down’ cyber criminals’ infrastructure -
Unsophisticated cyber criminals now have the power to paralyze entire hospitals, businesses and police departments, Wray said during a conference on cybersecurity at Boston College. The ever-changing threat has forced law enforcement to get creative and target the dark web sites and other tools at hackers’ disposal, he said.Tech Crunch - SF poised to pass Prop E, which could significantly reduce new supply of startup office space -
Prop E‘s passing, which seemed likely Wednesday afternoon following Tuesday’s election, ties office development approval to the city’s ability to meet affordable housing goals, something that the city and its developers haven’t proven themselves all that capable of doing in recent years. Amid skyrocketing rents and a homeless crisis, there have been ample concerns that the structures in the city are being overstressed, low and moderate income residents are being pushed out and that the influx of tech startups is exacerbating the problem.Bank Info Security - Huawei CSO Responds to 5G Security and Espionage Concerns -
In response to White House warnings that 5G infrastructure equipment built by Huawei could be subverted by China to conduct espionage, Andy Purdy of Huawei Technologies USA says his company has pledged full transparency and urges competitors to follow suit.CyberScoop - Huawei execs admit they don't know whether their tech is used for surveillance -
In order to answer to each and every accusation, Huawei sent two of its top cybersecurity officials — Chief Security Officer Andy Purdy and Vice President of Risk Management and Partner Relations Tim Danks — to the RSA Conference in San Francisco last week. In an interview with CyberScoop, the company’s executives continued toeing the company line: that all the pressure exerted by the U.S. government is only going to hurt American businesses.
But a new wrinkle in their argument emerged when pressed on alleged surveillance operations: the executives indicated they don’t really have visibility into how their technology is used.
...
Purdy, a former Department of Homeland Security official, told CyberScoop that despite his defense of Huawei, he understands the U.S. government’s position, given recent revelations on the U.S. government’s history with backdoors in equipment made by private companies.
A report in the Washington Post last month revealed a decades-long joint operation between the CIA and NSA to undermine encryption in machines produced by Crypto AG so intelligence officers could spy on adversaries and allies alike. And just as the U.S. injected cash into Crypto AG in order to maintain its spying operations, Huawei is heavily subsidized by the Chinese government.
Dark Reading - EternalBlue Longevity Underscores Patching Problem -
EternalBlue, the exploit publicly leaked three years ago next month, continues to threaten unpatched Windows servers connected to the Internet, with more than 100 different sources using it to attack systems on a daily basis, according to a new report by cybersecurity firm Rapid7.
...
While some businesses need to keep the SMB port open to support critical legacy applications, for the most part companies are failing to detect and secure their attack surface, says Bob Rudis, chief data scientist for Rapid7
...
In the end, companies should be re-evaluating whether difficult-to-protect protocols, such as SMB, are worth having exposed to the Internet. For Rapid7's Rudis, the answer is a firm "no."
"If you are running SMB on the Internet, it's either a honeypot or you're an idiot — it really comes down to those two things," Rudis says. "You can't secure it."
Techdirt - Turns Out Most People Still Don't Hate 'Big Internet' As Much As Politicians And The Media Want Them To -
The good folks over at The Verge have done a big consumer survey of people's general opinions of various big internet companies and it shows that most people still like these internet services, and believe, on the whole, that they make their lives better, not worse. Even the services that get the "worst" grades, still get over a 60% "favorable" rating, while Amazon, Google, YouTube, Netflix, Microsoft, and Apple all come in over 80% positive (with Amazon, Google, and YouTube breaking 90%).
No comments:
Post a Comment