By Marcos Colón

January 13, 2017

Big data and the Internet of Things are two buzzwords that rang through the halls and show floors of security conferences across the nation for quite some time. Although ambiguous, the terms took the industry by storm. Then there's security analytics; another buzzword that security marketing heads have been pushing heavily. But none of these terms have earned as much attention in a short period of time as threat intelligence. Alas! Finally a phrase that seemingly captures it all. 

Read more ...

By Katherine Teitler

January 12, 2017

Take me to the river

As the results of the Anthem breach investigation make their rounds, the security industry is reminded once again that phishing is a highly effective attack method. Barriers to entry are low, and once an attacker invests the time and effort to create a convincing and effective phishing email, that same phish can be easily used again and again until a single user falls victim, opening doors for the attacker to waltz right through.

Read more ...

By Katherine Teitler

January 10, 2017

Empire state of mind

The Children’s Commissioner for England released a report last week stating the need for sweeping changes to terms and conditions on social networking sites, particularly those with audiences largely comprised of children and young adults. The report begins, “The internet is an extraordinary force for good but it is not designed with children in mind.” And while, according to the report, children as young as 3-4 years are now spending an average of 8 hours and 18 minutes per week online (!!), greater transparency around how users’ data is collected and consumed is warranted in general.

Read more ...

By Katherine Teitler

January 6, 2017

Get the party started

After planning to prepare to attend a security conference and deliberating your engagement strategy onsite, the next step in maximizing your security conference experience is thinking through how to get the most out of the information, ideas and advice provided during the event. Conferences can deliver an overwhelming amount of information, and it’s not unusual for attendees to feel sensory overload. Therefore, developing a method for handling all of that information is key to a better conference experience, both while onsite and afterward when you return to your office.

Read more ...

By Katherine Teitler

January 5, 2017

Get the party started

In part one of this series on “Maximizing Your Security Conference Experience in 2017” we explored how preparing to attend an industry conference can yield positive results in terms of extracting value onsite. It’s not enough, though, to create a plan then sit back and wait for it to unfold. 

Read more ...

By Katherine Teitler

January 4, 2017

Get the party started

Jumping back into work at the start of a new year propels many to evaluate plans and commit to better habits, greater value, and generally getting the most out of work and/or life. It’s good to take a step back and think through what worked during the past year, what didn’t, and muse on how to maximize one’s efforts. Self-reflection is an empowering tool, and though “be a better conference attendee” might not have made your list of New Year’s resolutions, security practitioners spend a lot of time at industry conferences; there’s much to be gained by attending conferences, yet most people don’t make optimal use of their own time (and possibly their company’s funding) during adventures out of the office.

Read more ...

Locky

Locky is ransomware that was first detected on Tuesday, February 16, 2016 as Trojan.cryptolocker.AF. It is a massive malware campaign which encrypts files and adds a .locky extension. Each extension is preceded by a unique 16 character file name.

Locky is spread primarily through spam or phishing campaigns. Each email contains a Word attachment masquerading as an invoice for the recipient. When the user opens the Word doc,text is scrambled anduser is prompted to enable macros to read the text. The macros are malicious, however.

Keep reading...

December 26, 2016

Colossal data breaches, massive distributed denial-of-service botnets taking down popular websites, and Russian hackers interfering with the U.S. election – a lot has happened in 2016, and InfoSec Insider has kept up with the news along the way. Rather than regurgitate the headline-grabbing news items that have dominated the information security industry, we’ve worked toward providing a relatable, outside-in view that encourages security practitioners to think about problems differently. As we continue to ramp up our efforts in providing you with a resourceful library of content you can rely on, we’ve decided to reflect on some of the top InfoSec insider articles of 2016, based on the engagement we’ve received from our readers.

Read more ...

Blank space

By Katherine Teitler

December 22, 2016

Many uncertainties await the world when the new United States administration takes office on January 20, 2017. The President-elect, while extremely vocal on the campaign trail, has been disconcertingly cagey in the weeks leading up to inauguration. As it pertains to technology and cybersecurity, Donald Trump held closed-door meetings with some of the tech industry’s top executives last week, but the Electronic Frontier Foundation (EFF) wasn’t satiated. Spurred on by Trump’s previous promises of increased surveillance, his condemnation of Apple during the encryption debate with the FBI, and his late-night Twitter rants challenging certain individuals’ rights to free speech, the EFF bought a full-page ad in Wired that urges technology companies to “unite with the Electronic Frontier Foundation in securing our networks against this threat.” 

Read more ...

Waiting on the world to change

By Katherine Teitler

December 21, 2016

The New Year is close upon us and many security firms and media outlets are busy publishing 2017 predictions or “the year in review.” Rather than following suit, I’d like to propose a New Year’s resolution to all security practitioners (and office workers, in general, really):

Read more ...

Someone like you (Van Morrison version)

By Katherine Teitler

December 20, 2016

Forming a threat intelligence team, as a supplement or specialized subset of the security team, requires not only a particular set of skills that may be outside security’s traditional core competency, but also more bodies to fill those roles. In security, where human resources are tight to begin with, thinking about where you’re going to find the best individuals to staff a threat intelligence team can quickly turn into a headache.

Read more ...

Marcher Trojan

The Marcher Android Trojan is a malware variant which first emerged in late 2013. Sold on underground forums, the early malware targeted predominantly Russian Android users. Marcher appeared as an overlay “payment” page in Google Play when the user tried to download or install an app, its intent to trick users into entering payment information. The payment information, along with other device information, would then be sent back to the attackers’ command and control (C&C) so the attackers could siphon money and monitor for the launch of other applications which could be configured to allow the attackers to steal more money. 

Keep reading...

Titanium

By Katherine Teitler

December 16, 2016

Operational resilience is the name of the game when it comes to how business leaders evaluate cybersecurity program effectiveness. While security practitioners are thinking about exploits, vulnerabilities, controls, and threat actors’ TTPs, what executives really want to know is, “When the company is the victim of an attack, what effect will that have on the rest of the company, how quickly can employees resume ‘business as usual,’ and what hard and soft costs will be incurred?” 

Read more ...

Let the sunshine in

By Katherine Teitler

December 14, 2016

“Security has a secret power: threat intelligence,” quipped Dave Ockwell-Jenner, Senior Manager, Security Threat & Operational Risk Management (STORM) at SITA, during MISTI’s recent Threat Intelligence Summit in New Orleans, Louisiana. True enough, if the ability to look into the future exists even somewhat, that ability is reliant upon intelligence, in security’s case, cyber threat intelligence.

Read more ...

Sever Message Block

A server message block (“SMB,” not to be confused with “small and medium businesses,” another common abbreviation) is an application layer network file-sharing protocol which allows systems within the same network to share and access files and resources easily. SMBs facilitate network communication between client applications and the server. 

Keep reading...

Teach your children

By Katherine Teitler

December 12, 2016

Last week in New Orleans, Louisiana MISTI held its second annual Threat Intelligence Summit. Event Chair, Tim Callahan, SVP & CISO at Aflac, kicked off the event by saying that threat intelligence “is our best defense against our adversaries,” noting that effective, successful security departments are “not hunkered down behind the perimeter” waiting to identify signs of cyber attacks that are few and far between. 

Read more ...

Runtime Application Self-Protection

Runtime Application Self-Protection (RASP) is a technology that embeds security protections (detection, alerting, and mitigation) directly into an application and runs as the application is executed. RASP runs on the server and is touted for its ability to detect and prevent real-time application attacks from within the application itself.

RASP is an automated, self-monitoring technology; it intercepts requests to the app then analyzes behavior and context of behavior. If the request is valid, it is validated and allows the application to execute per usual.

Keep reading...

Every breath you take

By Katherine Teitler

December 5, 2016

“Insider threat” — it’s a term that gets thrown around a lot in cybersecurity circles. Practitioners want to know who is responsible for attacks and how attacks are being perpetrated so defenses can be appropriately implemented and provisioned. The problem with the term “insider threat,” though, is that different individuals, organizations, and media outlets all have various interpretations for what constitutes an insider threat.

Read more ...

Event Search

Download Catalog Dark Blue 300x58

Subscribe to Newsletter LightBlue 2 300x58

Register Cloud Security eSummit 300x58

MIS|TI Tweets

ACL MISTI Grey 300x58

Please choose your region

Submit
Select a Region
United States
United Kingdom/Ireland
Africa
Americas
Asia-Pacific
Europe
Middle East

By continuing to use misti.com you will be agreeing to the website Terms and Conditions, the Privacy Policy, and the Use of cookies while using the website.