This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). “A massive government data belonging to the Oklahoma Department of Securities (ODS) was left unsecured on a storage server for at least a week, exposing a whopping 3 terabytes of data containing millions of […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). The Australian “Telecommunications Assistance and Access Bill 2018,” also known as the Anti-Encryption Bill, was passed on the 6th of December, and it’s expected that it becomes law in early 2019. This new bill […]
You’ve done your homework and decided your company needs a Security Operations Center (SOC) to keep yourself protected and your customers’ data secure. You have a few options available: should you build your own SOC or find a provider for SOC as a service? The benefit of having your own SOC is having your own […]
Your company has digital assets that need to be protected. GDPR requires that a company detect any security incident involving personal data and report them within 72 hours, so you also have a legal obligation to be secure. You have responsibly defended yourself with cyber security tools like firewalls, antivirus and intrusion detection. So you’re […]
You’re working to keep your company secure. You have all the right tools and decided that you need a Security Operations Center (SOC). You’ve done your research and decided that SOC as a service is right for you. But what do you look for in a SOC provider? Judge your friends by the company they […]
The digital transformation is speeding up and the world is increasingly running on data. In its wake cyber criminals are getting a whole lot smarter and over the past year we’ve seen massive ransom- and malware attacks resulting in global headlines, and cybersecurity is now a priority for everyone. But building huge walls in order […]
Yesterday, US-CERT posted a bulletin about Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices ( https://www.us-cert.gov/ncas/alerts/TA18-106A ). Our take on this is that this is something one must always assume to be happening, and if the bulletin is accurate then it’s not something Russia is alone in doing: https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ https://www.engadget.com/2016/08/21/nsa-technique-for-cisco-spying/ It is vital to have critical controls […]
Facebook On Tuesday and Wednesday this week, Mark Zuckerberg took part of congressional hearings regarding Cambridge Analytica and privacy concerns regarding Facebook. There are multiple news outlets covering the story, and KrebsonSecurity also wrote an article about how one should not trust these type of quizzes and such may receive data about you and your […]
AMD Vulnerabilities This week, CTS-Labs sent out an advisory regarding AMD Vulnerabilities. What’s worth noting about this is that the vulnerabilities all require local administrator access to exploit, and if an attacker already got that access it means that it’s basically game over in either case. There are also concerns that this was done in […]
NCCGroup rebuilt NotPetya, replacing its destructive payload with telemetry and safeguards to see what the impact could have been. They found the following: The customer ran it on one machine in their engineering network with no privileges. It found three machines unpatched. It exploited those three machines to obtain kernel level access. It infected those […]