Tag Archive for: principles

Spanish hacker arrested, UK offensive cyber principles, eFile malware

/in


Prominent Spanish hacker arrested

Spanish police arrested José Luis Huertas, known by the alias Alcaseca, believed responsible from multiple notable cyberattack in the country. Among other activities, he created the Udyat search engine used for selling stolen personal information. Police launched an investigation into his activity back in November, after a network breach at Spain’s national council of the judiciary that stole data on over half a million taxpayers. He’s also charged with impersonating a media executive and money laundering. 

(Bleeping Computer)

The UK’s Offensive Cyber Capabilities Principles

The UK’s National Cyber Force, or NCF shared its principles it uses to conduct covert  offensive cyber operations. The NCF qualified these by saying it “would rarely if ever get involved” if another response from the government would more effectively deal with a challenge from another nation state. Overall the NCF outline three overall principles, operations need to be accountable, precise, and calibrated. Its operation can include attacks against IT networks and technology to make it less effective or unable to function entirely. The document further places the NCF’s actions within the UK’s existing legal framework, attempting to show how the agency assess targets for escalation and de-escalation. 

(InfoSecurity Magazine)

eFile site serving malware

Bleeping Computer confirmed that the IRS-authorized e-file software service provider eFile.com delivered a malicious JavaScript file since at least April 1st. Some users on Reddit reported seeing suspicious behavior with the eFile site as far back as mid-March. The file prompts users to download a next stage payload. Researchers at MalwareHunterTeam say this payload contained a Windows backdoor that could eventually give full access to machines, essentially communicating with a C2 server to enroll the machine into a full on botnet. The malware is no longer on the site, and did not impact the IRS’ e-file infrastructure. Antivirus solution are also reportedly spotting the malicious file. 

(Bleeping Computer)

Most organizations identify high OT risk…

Source…

Applying Aristotle’s ‘First Principles’ to revolutionise cybersecurity

/in


Article by Virsec A/NZ regional director Robert Nobilo.

‘First Principles’ is a concept that emerged during the time of Aristotle. He used this approach to break down a complicated problem into its most basic elements and reassemble it from the ground up, using only the irrefutable truths that remain.

Fast forward 2,000 years, and Paypal Co-founder Peter Thiel and Netflix CEO Reed Hastings are among a group of industry leaders who use the ‘first principles’ decision-making strategy to build companies that disrupt and improve entire industries.

Today, we can also apply ‘first principles’ to the challenge of cybersecurity. Unfortunately, traditional security approaches that were once effective in preventing basic cyber-attacks are no match for today’s sophisticated adversaries. As the techniques of hackers continue to evolve and become more complex, our approach to security needs an overhaul as well.

First, let’s take a look at why traditional security approaches are outdated and ineffective.

Why traditional security approaches just don’t cut it nowadays

Digital transformation, cloud connectivity and remote work have enabled companies to be more competitive, generate revenue and increase productivity. However, with this connectivity and an expanded attack surface comes increased risk. Cyber threats are also evolving.

A surge in supply chain attacks like Log4j, SolarWinds, PrintNightmare and Kaseya all continue to exploit vulnerabilities in this software, impacting millions of users downstream while costing billions of dollars to contain and remediate. These attacks take advantage of hyperconnectivity and application vulnerabilities as gateways to bypass traditional security solutions such as endpoint detection and response (EDR), allowing the adversary to control the software and launch malicious activity in a matter of seconds.

Despite prioritising security and investing in upgrades, CISOs and organisations are falling further behind. Conventional security approaches aren’t effective because they focus from the outside in—chasing evolving threats and plugging porous perimeters. This abstracted approach has proven to create an endless game of cyber…

Source…

Key Principles That Should Guide a Software Security Framework

/in


These days, software development frameworks used to create applications are better than ever. It is now relatively easy to build an app and make it available to the public. Unfortunately, this advancement in technology is matched by an improvement in the tactics hackers use for cyberattacks.

There are also hacking groups that can coordinate large-scale botnet attacks. In some cases, hackers are backed by powerful nations and are encouraged to launch attacks against their enemies.

The internet is now widely used, and software connects many people across the globe. People in different locations transfer sensitive files to one another, which cybercriminals can intercept. This means security should play an important role when developing software. The security systems must be able to withstand numerous hours of runtime and cyberattacks.

Sadly, no application software is 100% secure, and there will always be bugs and hackers that can slip through the cracks. Fortunately, it is possible to create software with a rigorously secure application design, which would limit the damage. Software developers have to follow some essential principles when designing applications, such as the following

  • Principle of Least Privilege

This means that people on a network should only be granted as much as they need to get tasks done. For example, a company that keeps its customers’ personal information should make that information only available to people critical to the business. Junior-level employees should be restricted from that sensitive data and information from other departments. These restrictions would limit the information hackers can access if they ever gain access to an employee’s account.

  • Principle of Defense in Depth

This principle guides software developers to design their programs such that intruders will not have access to it in the first place. It is done by programming the system to inform cybersecurity personnel once it has been breached. This alert will make the personnel take actions that will ward away the hacker before they can cause any harm to the system.

  • Principle of Failing Securely

Application defense systems should be designed to lock down the entire system when it…

Source…

WEF unveils new internet security principles to help protect up to 1 bn users – ETTelecom.com

/in

WEF unveils new internet security principles to help protect up to 1 bn users  ETTelecom.com
“internet security news” – read more