You are viewing 'cyberintelligence'
See below for Solutionary Minds blogs about cyberintelligence.
Observations of the Trends and Statistics that Shaped Cybersecurity in 2015
Now in its fourth year of publication, the 2016 Global Threat Intelligence Report (GTIR) highlights observations and details about global threats. In this year’s report we continue tracking trends that have affected our clients over the last few years, as well as identify the new threats that presented themselves in 2015.
This year’s GTIR provides actionable intelligence, guidance about what attackers are doing, and comprehensive security controls designed to disrupt attacks. Controls recommended in this report will contribute to an organization’s survivability and resiliency in the face of an attack.
To develop this year’s annual report, we collaborated with several well-respected organizations, including Lockheed Martin, Recorded Future, Wapack Labs, and the Center for Internet Security. These contributors provided key feedback and observations from their unique perspectives of the cyber... read more >
2016 RSA Conference Surveys
As readers of this blog are well aware, there are many challenges when it comes to running a successful cybersecurity program. One of the most important is making sure that not only do security teams get the right support they need, but that security managers, CISOs and business executives are all aligned on what the goals of the cybersecurity program are and what must be done to achieve those goals. We recently published a post on some of the personality traits found within enterprises that often hold these efforts back in, “The Seven Deadly Sins of Business and Information Security Alignment.”
While cybersecurity is now reportedly a boardroom level issue – we are not seeing that concern follow through in organizational action. At least we are not seeing this nearly as much as we should, as revealed in a number of surveys released at the... read more >
How many times have you heard a new technology or startup described as “innovative and revolutionizing,” “value added solution,” “disrupting industry,” or “making the world a better place”? Personally, I’ve heard these descriptions too many times to count. There are not many technologies that I can think back on and say “yep, they were right!” The advancement and application of big data, however, is definitely at the top of my list.
Big data analytics is an old “new” way of analyzing data. The concepts predate existing technologies, with probabilistic and statistical math. In the last few years, however, the technology has improved, making big data analytics simpler and more accessible. This old “new” way has recently become its own field of expertise and has revolutionized several industries.Big data in the news
Investment banks now have people they lovingly... read more >
CVE-2016-0728: Evaluating the Threat Level
On January 14, 2016 researchers at Perception Point identified a 0-day local privilege escalation vulnerability (CVE-2016-0728) in Linux Kernel versions 3.8 to 4.4 (2012 – 2016). This flaw exists due to the kernel’s keyrings security facility used to retain cached security data, authentication keys, encryption keys and other data. Using a local user account, one can free a referenced keyring object and overwrite it to be executed in the kernel, escalating privileges to root. Based on statistics provided by Perception Point, tens of millions of personal computers (PCs), servers and 66% of all Android devices may be vulnerable.
Black Energy (BE) malware is back in the news as of early January 2016. This time it is being blamed for contributing to a power outage on December 23, 2015 in Ukraine, which left nearly half the populace in the Ivano-Frankivsk region without power for several hours.
Discovered in 2007, BE was originally designed as a distributed-denial-of-service (DDoS) toolkit but has since evolved to its current state, supporting a multitude of plug-ins. The newest features of the BE malware include:
- KillDisk, a destructive data-wiping utility capable of destroying an estimated 4000 file types, including registry files. This function could render the host unbootable, and depending on the infected host, could have dire consequences. Based on the malware’s typical target set of Industrial Control Systems (ICS), an infected host could prove to be disastrous, not to mention expensive.
- Researchers also identified a previously unknown Secure Shell (SSH) backdoor...