Attackers Making Use Of PowerShell and Macros for Malicious Activity

Sources: http://www.securityweek.com/powerware-ransomware-abuses-powershell-office-macros http://www.securityweek.com/powersniff-malware-attacks-abuse-macros-powershell Goes over Sandbox and VM Conciousness: http://www.theregister.co.uk/2016/03/15/attackers_packing_malware_into_powershell/ Malicious MS-Office macros are being used to both compromise machines and deliver ransomware. Powersniff is a file-less malware that runs completely in memory. Powerware is ransomware ran via PowerShell. Powersniff targets victims mostly in the United Continue Reading

New USB malware that steals data – USB Thief

Source: http://www.scmagazine.com/new-usb-based-data-stealing-malware-detected-in-wild/article/485140/ Win32/PSW.Stealer.NAI aka USB Thief is a data stealing type malware that is hard to detect and leaves no trace behind. The malware is used to steal data off networks and uses encryption. This could be a tool intended for targeted use.

The Importance of Information Governance in Information Security

Source: http://www.darkreading.com/operations/why-marrying-infosec-and-info-governance-boosts-security-capabilities/a/d-id/1324572?_mc=RSS_DR_EDT The article begins with the importance of data security. There is too much focus on defending the perimeter and not enough attention on actually protecting sensitive customer and proprietary data. Data Loss Prevention technologies are not enough. U.S. legal penalties and EU privacy Continue Reading

Dell open sources DCEPT honeypot tool

Source: https://www.helpnetsecurity.com/2016/03/08/dell-open-sources-dcept-honeypot-tool-detecting-network-intrusions/ Dell SecureWorks researchers have developed a honeypot tool for Windows system administrators to detect network intrusions and pinpoint the original source. (ex: compromised endpoints). The great thing is that now Dell has made it available to everybody. The tool uses a honey token, or Continue Reading

Should I Hack Them Back? No. No, You Shouldn’t…

Source: https://threatpost.com/gentle-reminder-at-rsa-hacking-back-is-a-bad-idea/116564/ The RSA Conference 2016 just took place last week, but I felt that this was an important topic for all organizations to consider. Regardless if your organization is being hacked, there are various consequences an entity could face if they hack back an intruding Continue Reading

Smart Cars, Hacking, and the Legislation Behind It All

Source: https://threatpost.com/car-industry-three-years-behind-todays-cyber-threats/116524/ US SPY Car Act of 2015: https://www.congress.gov/bill/114th-congress/senate-bill/1806/all-info Veracode recently reported on the need of the automobile industry to secure their smart car systems. 50% of the people they polled (1,072 drivers in the UK and Germany) were very concerned about the security of their smart car Continue Reading

ROI of Infosec: 11 Dos and Don’ts for Management Buy In

Posted February 27, 2016 Source: http://www.darkreading.com/operations/the-roi-of-infosec-11-dos-and-donts-for-management-buy-in/a/d-id/1324451?_mc=RSS_DR_EDT This is a great must read article for IT Managers and Information Security Managers to help communicate with upper management and other departments the importance of implementing a sound security architecture and strategy. Mitigated risks, managed liabilities, and less cost Continue Reading

Australia Experiencing Rise in Cyber-Attacks

Source: http://www.lexology.com/library/detail.aspx?g=bd2486da-3be6-43f8-a95e-eb9672e5a58a Posted: February 18 2016 Australia has experienced a 64 percent increase in data breaches for the year 2014-2015. The most prominent victim of cyber-attacks is Kmart Australia whose customer billing, purchase, and personal information were stolen from its systems. The breach was reported to the Continue Reading

HSBC online banking hit by DDOS attack

Source: The Independent – HSBC Down due to cyber attack HSBC was surprised with a distributed denial-of-service attack (DDoS) last week that targeted their customer’s online banking. No mention was made as to which region(s) of the world were affected as HSBC does business internationally. HSBC worked Continue Reading