This week, PoC exploit code for Apache Solr RCE flaw is available online, Some Fortinet products used hardcoded keys and weak encryption for communications, Critical Flaws in VNC Threaten Industrial Environments, Twitter allows users to use 2FA without a phone number, and Smash-and-grab car thieves use Bluetooth to target cars containing tech gadgets! In the expert commentary, we welcome back Jason Wood from Paladin Security, to discuss an Iranian hacking crew that is targeting Industrial Control Systems!
Show Notes: https://wiki.securityweekly.com/HNNEpisode243
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Tim Mackey, Principal Security Strategist at Synopsys! In the Application Security News, $1M Google Hacking Prize, 1.2B Records Exposed in Massive Server Leak, How Attackers Could Hijack Your Android Camera to Spy on You, XSS in GMail s AMP4Email via DOM Clobbering, and more!
Show Notes: https://wiki.securityweekly.com/ASWEpisode86
To learn more about Synopsys, visit: https://securityweekly.com/synopsys
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
This week, we welcome Peter Liebert, CEO at Liebert Security, to discuss The Next Generation of SOCs: DevSecOps, Automation and breaking the model! In our second segment, we welcome back our friend Dave Kennedy, Founder and CEO of TrustedSec & Binary Defense, to discuss the Coalfire Incident and DerbyCon Communities! In the Security News, Disney Plus Blames Past Hacks for User Accounts Sold Online, Why Multifactor Authentication Is Now a Hacker Target, How the Linux kernel balances the risks of public bug disclosure, a critical flaw in Jetpack exposes millions of WordPress sites, and Amazon tells senators it isn't to blame for Capital One breach!
Show Notes: https://wiki.securityweekly.com/PSWEpisode628
To learn more about TrustedSec, visit: https://trustedsec.com/securityweekly
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, discussing how Sysdig supports Google Cloud Run for Anthos to secure serverless workloads in production, StackRox Kubernetes Security Platform 3.0 Introduces Advanced Features and New Workflows for Configuration and Vulnerability Management, and some acquisition and funding updates from CyberCube, 1Password, Docker, WhiteSource, and more! In our second segment, we welcome Reuven Harrison, Chief Technology Officer at Tufin, to discuss the Cloud, Containers, and Microservices! In our final segment, we welcome Jorge Salamero, Director of Product Marketing at Sysdig, to discuss the challenges of implementing security in Kubernetes Environments!
Show Notes: https://wiki.securityweekly.com/ESWEpisode162
To learn more about Sysdig, visit: https://securityweekly.com/sysdig
To learn more about Sysdig, visit: https://securityweekly.com/tufin
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk about the 2019 Verizon Payment Security Report! Why is PCI Compliance Decreasing? Why is it decreasing? What's missing? What needs to change? In the Security and Compliance News, Is My PCI Compliance Good Enough to Serve as a Network Cybersecurity Audit?, Getting Prepared for New York s Expanded Security Breach and Data Security Requirements, Virginia Builds New Model for Quantifying Cybersecurity Risk, Five Cyber Program Elements Financial Services Firms Must Cover To Stay Compliant, and more!
Show Notes: https://wiki.securityweekly.com/SCWEpisode7
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Scott Petry, CEO at Authentic8, to discuss challenges with the browser and securing web sessions! In the Leadership and Communications segment, CISOs left in compromising position as organizations tout cyber robustness, How To Get More Out Of Your Team, 8 Steps To Convert Your Commute Time To Me Time, and more!
Show Notes: https://wiki.securityweekly.com/BSWEpisode152
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Vulnerabilities in Android Camera Apps Exposed Millions of Users to Spying, what to do if surveillance has you worried, GitHub launches Security Lab to boost open source security, Disney+ Credentials Land in Dark Web Hours After Service Launch, and 146 security flaws uncovered in pre-installed Android apps! In the expert commentary, we welcome Bob Erdman, Sr. Manager of Product Management at Core Security, a HelpSystems Company, to talk about Effective Phishing Campaigns!
Show Notes: https://wiki.securityweekly.com/HNNEpisode242
To learn more about Core Security, a HelpSystems company, visit: https://securityweekly.com/helpsystems
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
The Internet of Things (IoT) promises much: from enabling the digital organization, to making domestic life richer and easier. However, with those promises come risks: the rush to adoption has highlighted serious deficiencies in both the security design of IoT devices and their implementation.
Coupled with increasing governmental concerns around the societal, commercial and critical infrastructure impacts of this technology, the emerging world of the IoT has attracted significant attention.
While the IoT is often perceived as cutting edge, similar technology has been around since the last century. What has changed is the ubiquity of high-speed, low-cost communication networks, and a reduction in the cost of compute and storage. Combined with a societal fascination with technology, this has resulted in an expanding market opportunity for IoT devices, which can be split into two categories: consumer and industrial IoT.
Consumer IoT
Consumer IoT products often focus on convenience or adding value to services within a domestic or office environment, focusing on the end user experience and providing a rich data source that can be useful in understanding consumer behavior.
The consumer IoT comprises a set of connected devices, whose primary customer is the private individual or domestic market. Typically, the device has a discrete function which is enabled or supplemented by a data-gathering capability through on-board sensors and can also be used to add functionality to common domestic items, such as refrigerators. Today’s 'smart' home captures many of the characteristics of the consumer IoT, featuring an array of connected devices and providing a previously inaccessible source of data about consumer behavior that has considerable value for organizations.
Whilst the primary target market for IoT devices is individuals and domestic environments, these devices may also be found in commercial office premises – either an employee has brought in the device or it has been installed as an auxiliary function.
Industrial IoT
Industrial IoT deployments offer tangible benefits associated with digitization of processes and improvements in supply chain efficiencies through near real-time monitoring of industrial or business processes.
The industrial IoT encompasses connected sensors and actuators associated with kinetic industrial processes, including factory assembly lines, agriculture and motive transport. Whilst these sensors and actuators have always been prevalent in the context of operational technology (OT), connectivity and the data processing opportunities offered by cloud technologies mean that deeper insight and near real-time feedback can further optimize industrial processes. Consequently, the industrial IoT is seen as core to the digitization of industry.
Examples of industrial usage relevant to the IoT extend from manufacturing environments, transport, utilities and supply chain, through to agriculture.
The IoT is a Reality
The IoT has become a reality and is already embedded in industrial and consumer environments. It will further develop and become a critical component of not just modern life, but critical services. Yet, at the moment, it is inherently vulnerable, often neglects fundamental security principles and is a tempting attack target. This requires a change.
There is a growing momentum behind the need for change, but a lot of that momentum is governmental and regulatory-focused which, as history tells us, can be problematical. The IoT can be seen as a form of shadow IT, often hidden from view and purchased through a non-IT route. Hence, responsibility for its security is often not assigned or misassigned. There is an opportunity for information security to take control of the security aspects of the IoT, but this is not without challenges: amongst them skills and resources. Nevertheless, there is a window of opportunity to tame this world, by building security into it. As most information security professionals will know, this represents a cheaper and less disruptive option than the alternative.
In the face of rising, global security threats, organizations must make systematic and wide-ranging commitments to ensure that practical plans are in place to acclimate to major changes in the near future. Employees at all levels of the organization will need to be involved, from board members to managers in non-technical roles.Enterprises with the appropriate expertise, leadership, policy and strategy in place will be agile enough to respond to the inevitable security lapses. Those who do not closely monitor the growth of the IoT may find themselves on the outside looking in.
About the author: Steve Durbin is Managing Director of the Information Security Forum (ISF). His main areas of focus include strategy, information technology, cyber security and the emerging security threat landscape across both the corporate and personal environments. Previously, he was senior vice president at Gartner.
Copyright 2010 Respective Author at Infosec IslandThis week, we welcome back Pawan Shankar, Senior Product Marketing Manager of Sysdig, to announce the launch of Sysdig Secure 3.0! In the Application Security News, Mirantis' Docker Enterprise acquisition a lifeline as industry shifts to Kubernetes, Attackers' Costs Increasing as Businesses Focus on Security, Soft Skills: 6 Nontechnical Traits CISOs Need to Succeed, and Three Ways Developers Can Worry Less About Security!
Show Notes: https://wiki.securityweekly.com/ASWEpisode85
To learn more about Sysdig, visit: https://securityweekly.com/sysdig
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dr. Kevin Harris, Program Director for Information Systems Security and Information Technology Management at the American Public University System, to talk about The Ethics of Surveillance! In our second segment, we welcome back Bryson Bort, Founder, and CEO of SCYTHE, to demonstrate how to safely simulate ransomware and a multi-staged APT with lateral movement in your production environment! In the Security News, US-CERT Warns of Remotely Exploitable Bugs in Medical Devices, McDonalds Hamburgler Account Attack, No, YouTube isn't planning to jettison your unprofitable channel, McDonalds Hamburgler Account Attack, and how Memes could be our secret weapon against pesky bots!
Show Notes: https://wiki.securityweekly.com/PSWEpisode627
To learn more about SCYTHE, visit: https://scythe.io/securityweekly
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
The hosts of Security and Compliance Weekly answer questions like what is a security program and what is a compliance program?, Aren't they the same thing?, What are some differences?, Where do they overlap or how should they work together?, Do they compete for the same budget?, and more! In the Security and Compliance News, Payment Security Compliance Declines - 1 in 3 Companies Make the Grade, RMC Agrees to $3M HIPAA Settlement Over Mobile Device Encryption, How Emerging Technologies Are Disrupting the Banking Compliance Landscape, and much more!
Show Notes: https://wiki.securityweekly.com/SCWEpisode6
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we discuss part 1 of how Artificial Intelligence and Machine Learning can be used for Compliance, including: - What is Artificial Intelligence (AI) and Machine Learning (ML)? - What are the roles of AI/ML for Compliance? - Example: Gaming In the Security and Compliance News, What does your business need to know about the California Consumer Privacy Act (CCPA)?, California AG: No CCPA Safe Harbor for GDPR Compliance, Canada data breach tally soars since new privacy laws arrived, Marijuana Compliance and the quandary for brokers and dealers, and more!
Show Notes: https://wiki.securityweekly.com/SCWEpisode5
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, discussing how STEALTHbits releases real-time threat detection and response platform StealthDEFEND 2.2, Bitdefender GravityZone enhanced with new endpoint defense capabilities, Tenable to Secure Enterprise Cloud Environments with Microsoft Azure Integration, and Aqua Security buys CloudSploit to expand into cloud security posture management! In our second segment, we welcome Baber Amin, CTO West at Ping Identity, to discuss Zero Trust Architecture! In our final segment, we welcome Ward Cobleigh, Sr. Product Manager at VIAVI Solutions, to discuss Threat Detection: The Network Scavenger Hunt!
Show Notes: https://wiki.securityweekly.com/ESWEpisode161
To learn more about VIAVI, visit: https://securityweekly.com/viavi
To learn more about Ping Identity, visit: https://securityweekly.com/ping
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
The SIEM market has evolved and today most solutions call themselves “Next Generation SIEM.” Effective NG SIEM should provide better protection and equally important, if not more, a much more effective, next gen user experience. What you should look for when evaluating a next generation SIEM?
The state of cybersecurity has evolved one threat at a time, with organizations constantly adding new technologies to combat new threats. The result? Organizations are left with complex and costly infrastructures made up of many products that are out of sync with one another, and thus simply cannot keep pace with the velocity of today’s dizzying threat landscape.
Traditional security information and event management (SIEM) solutions tried to make sense of the mess but fell short. Then came “Next Generation SIEM” or NG-SIEM. No vendor today will admit that they sell legacy SIEM, but there is no ISO style organization doling out official NG SIEM stamps of approval. So how is a security professional to know if the technology in front of him or her really brings the benefits they need, or if it’s just another legacy vendor calling itself NG-SIEM?
The basic capabilities of legacy SIEM are well known – data ingestion, analytics engines, dashboards, alerting and so on. But with these legacy SIEM capabilities your security team will still drown in huge amounts of logs. That’s because even many NG-SIEMs in the market still let copious amounts of threats and logs pass through – straight to the doorstep of your security team.
Working Down the Pyramid
A true Next Generation SIEM will enable the security team to work from the top down, rather than bottom up. If we look at the above pyramid, most security analysts have to sift through the bottom layer of logs and alerts – or create manual correlation rules for new attacks that can then move logs up the pyramid. This is extremely time-consuming and frustrating. Essentially security teams (especially small teams of one or two analysts) simply don’t have the bandwidth to go through all the logs, meaning attacks slip through the cracks (and analysts burn out).
Artificial Intelligence technologies available today can help to automatically create correlation rules for existing attacks - and even new attacks - before they occur. The significance of this for security teams is enormous: It means they can begin at the top of the pyramid by going through a small number of logs. For those threats the analyst deems require further examination, the mid-level and raw data needs to be readily available and easily searchable.
The Checklist for NG-SIEM
To make sure your NG-SIEM of choice will be effective, look for the following capabilities:
All of the above will create a SIEM with a user experience which allows security analysts to work top down rather than bottom up, starting with the highest risk data.
A SIEM platform that can tick off all these boxes will provide performance that is truly “next generation” and enable the organization to respond faster to relevant threats, at lower cost, improved ROI, and will make for a stable and happy security team.
About the author: Avi Chesla is the founder and CEO of empow (empow.co) - a cyber security startup distrupting the SIEM category with our "no rules" AI and NLP based i-SIEM, integrated with the Elastic Stack. Before empow he was CTO at Radware. Avi holds 25 patents in the cyber security arena.
Copyright 2010 Respective Author at Infosec IslandThis week, we welcome Ron Ross, a Fellow at the National Institute of Standards and Technology! His focus areas include cybersecurity, systems security engineering, and risk management. Dr. Ross leads the Federal Information Security Modernization Act (FISMA) Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States' critical infrastructure!
Show Notes: https://wiki.securityweekly.com/SCWEpisode4
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we air pre-recorded interviews from the 2019 NACD Blue Ribbon Commission Initiative! But first, in the Security and Compliance News, What is the Board's Role in Effective Risk Management?, CEOs could get jail time for violating privacy bill, California Amends Breach Notification Law, 5 Updates from PCI SSC That You Need to Know, and more!
Show Notes: https://wiki.securityweekly.com/SCWEpisode3
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, in the first segment, Mike, Matt, and John talk Security Testing! In the Application Security News, Pwn2Own Tokyo Roundup: Amazon Echo, Routers, Smart TVs Fall to Hackers, Robinhood Traders Discovered a Glitch That Gave Them 'Infinite Leverage', Bugcrowd Pays Out Over $500K in Bounties in One Week, GWP-ASan: Sampling heap memory error detection in-the-wild, and more!
Show Notes: https://wiki.securityweekly.com/ASWEpisode84
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, BlueKeep freakout had little impact on patching, Experts warn of spike in TCP DDoS reflection attacks targeting Amazon and others, Nvidia patches graphics products and GeForce Experience update tool, hackers breach ZoneAlarm's forum site, and how Apple is to fix Siri bug that exposed parts of encrypted emails! In the expert commentary, we welcome Dan DeCloss, Founder and CEO of PlexTrac, to talk about Communicating Vulnerabilities!
To learn more about PlexTrac, visit: https://securityweekly.com/plextrac
Show Notes: https://wiki.securityweekly.com/HNNEpisode241
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Brendon Macaraeg, Sr. Director of Product Marketing at Signal Sciences, to discuss how to develop an effective AppSec security program! In the Leadership and Communications segment, The CIO role, from IT operator to business strategist, 5 questions with Cisco's CISO, Gartner's strategic tech trends for 2020, and more!
Show Notes: https://wiki.securityweekly.com/BSWEpisode151
To learn more about Signal Sciences, visit: https://signalsciences.com/psw
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Peter Smith, Founder and CEO of Edgewise for an interview! In our second segment, we welcome back Kevin Finisterre & Josh Valentine, to talk about their project Arcade Hustle, and the things they ve learned during their into to the arcade scene!! In the Security News, Who is responsible for Active Directory security within your organization?, Apple publishes new technical details on privacy features, How to ensure online safety with DNS over HTTPS, and Amazons Ring Video Doorbell could open the door of your home to hackers!
Show Notes: https://wiki.securityweekly.com/PSWEpisode626
To learn more about Edgewise, visit: https://securityweekly.com/edgewise
To learn more about Arcade Hustle, visit: https://github.com/ArcadeHustle
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Alexander Niejelow, Senior Vice President, Cybersecurity Coordination and Advocacy at Mastercard for an interview! In the Security and Compliance News, New York s Breach Law Amendments and New Security Requirements, Cybersecurity, The C-Suite, & The Boardroom: The Rising Specter Of Director & Officer Liability, Kaiser says data breach exposed information on nearly 1,000 Sacramento-area patients, Companies Still Not Prepared to Comply with GDPR and Potential EU Data Breaches, The Human Factor of Cyber Security, and more!
Show Notes: https://wiki.securityweekly.com/SCWEpisode2
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we bring to you our brand new show, Security and Compliance Weekly, hosted by Jeff Man, and Co-Hosted by Scott Lyons, Josh Marpet, and Matt Alderman! In the first segment, Jeff and the hosts talk about PCI and how it affects the state of the union! In the Security and Compliance News, Important security notice about your DoorDash account, How PCI DSS compliance milestones can be a GDPR measuring stick, Companies vastly overestimating their GDPR readiness, only 28% achieving compliance, When Compliance Isn't Enough: A Case for Integrated Risk Management, and much more!
Show Notes: https://wiki.securityweekly.com/SCWEpisode1
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, talking about how Trustwave offers threat detection and response for Microsoft Azure, LogRhythm offers migration service to Splunk customers to address security challenges, CrowdStrikes Falcon security platform lands on AWS, and how GitLab plans to ban hires in China and Russia due to espionage concerns! In our second segment, we welcome back Adrian Sanabria, Advocate at Thinkst, to discuss Enterprise Deception and how Thinkst is helping in the security space! In our final segment, we welcome Tim Callan, Senior Fellow at Sectigo, to talk about Quantum Computing & what its arrival means for IT, traditional computing, and infosec!
Show Notes: https://wiki.securityweekly.com/ESWEpisode160
To learn more about Thinkst, visit: https://securityweekly.com/canary
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Henry Harrison, Co-Founder, and CTO at Garrison, to discuss how hardware security solutions from the intelligence community can help the commercial industry! In the Leadership and Communications Segment, Balancing the Company s Needs and Employee Satisfaction, Why Successful People Wear The Same Thing Every Day, What industry gets wrong about cyber insurance, and more!
Show Notes: https://wiki.securityweekly.com/BSWEpisode150
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, aggressive IoT malware that's forcing Wi-Fi routers to join its botnet army, Google discloses Chrome Zero-Day exploited in the wild on Halloween, the first Bluekeep exploit found in the wild, and oC Exploits Published for Unpatched RCE Bugs in rConfig! In the expert commentary, we welcome Sean O'Brien, Founder, and CEO of PrivacySafe, to talk about Siri, Alexa, and Google Assistant hacked via Laser Beam!
Show Notes: https://wiki.securityweekly.com/HNNEpisode240
To learn more about PrivacySafe, visit: https://securityweekly.com/privacysafe
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we interview Daniel Lowrie and Justin Dennison, Edutainers at ITProTV, to discuss how to bridge the gap between a Developer and Security! In the Application Security News, Stable Channel Update for Desktop Chrome users should upgrade to, Overcoming the container security conundrum: What enterprises need to know, Security Think Tank: In the cloud, the buck stops with you, PHP Bug Allows Remote Code-Execution on NGINX, Servers and patch details at Sec Bug #78599, Raising Security Awareness: Why Tools Can't Replace People, and much more!
Show Notes: https://wiki.securityweekly.com/ASWEpisode83
To learn more about ITProTV, visit: https://securityweekly.com/itprotv
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly