What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-29 11:00:00 | 5 Tips for protecting your connected vehicle against Cyberattacks (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. As more connected vehicles hit the road, cyberattacks are increasing. Deloitte estimates that there will be over 470 million connected cars in use by 2025 if their popularity continues to grow at the current rate. And because each connected car produces about 25 GB of data every hour, they are a tempting challenge for cybercriminals and bad actors with malicious intent. Connected vehicles come with enhanced features that give drivers more to love about their favorite car brands, but cybersecurity in automobiles has a long way to go. If you drive a connected car or are considering buying one, you need to know how to protect your new car against a potential cyberattack. In this article, we’ll talk about how hackers can infiltrate your vehicle and what you can do to protect yourself and your car from a serious attack. Can your car get hacked? Cars today are built using hundreds of sensors connected to computers that help monitor how your car operates, add internet capabilities, and enable connected apps. While these technologies are helpful and convenient for drivers, they can also lead to data theft and even threaten your safety while driving. For example, remote manipulation, identity theft, and vehicle theft are all ways that bad actors can exploit the security vulnerabilities of your connected car. The push toward electric vehicles also poses a unique threat to connected car owners. A recent survey revealed that 79% of two-car households are considering an electric car for their next purchase, but ethical hacking exercises have shown that electric vehicles can easily be drained by remote hackers. This can potentially put drivers in a dangerous situation if they are stranded without a means of charging their vehicle. There are many ways that bad actors can hack into your car. They can manipulate the signal from a key fob to unlock your doors, change the code in the apps to create a backdoor to steal your data, learn about your driving habits, control your vehicle’s security response systems, and much more. Cars today are essentially human-assisted computers, which means they can be hacked just as easily as any other IoT device. How to protect your connected vehicle from a cyberattack Connected vehicles provide users convenience and peace of mind while traveling across the country or making their daily commute. But they also pose a significant threat when bad actors execute attacks for data theft, taking over vehicle controls, and even tracking your location. If you’re going to take advantage of connected vehicle features, you need to know how to protect yourself from becoming the victim of an automotive cyberattack. Here are five tips to protect your connected vehicle from an attack: Remove dongles Dongles are small devices that plug into the diagnostic port and allow companies to monitor your driving habits for various reasons. It can be used to monitor vehicle performance, improve gas mileage, and set more accurate insurance rates based on driving activity. Many people choose to use dongles to save money and ensure their car is running at top performance, but these devices can be an | Hack Threat Guideline | Deloitte Deloitte | ★★★ |
 |
2022-10-04 16:00:00 | Optus Confirms Hack Exposed Data of Nearly 2.1 Million Australians (lien direct) | The company confirmed it has employed Deloitte to lead a forensic review of the cyber-attack | Hack Guideline | Deloitte Deloitte | |
|
2022-08-09 10:00:00 | Are SASE and Zero Trust the key for manufacturers grappling with IoT cyber risks? (lien direct) | As manufacturers dash headlong into smart factory initiatives, the number of IoT devices operating in factories, warehouses, and across supply chain infrastructure is exploding. Manufacturers seek to utilize IoT in a range of places, be it video camera inspection devices on the assembly line, temperature sensors on refrigeration units, or maintenance telemetry sensors on factory equipment. But as they seek to reap tremendous business gains from smart devices in industrial IoT, they also must balance that upside with the potential risks that IoT is increasingly introducing to manufacturing environments. New cyber challenges are arising in the face of this explosion of IoT in manufacturing. They require organizations in this sector to design modern security architecture that can meet them head on. Smart manufacturing and the rise in IoT Consensus across recent industry studies shows that manufacturers are making big bets on smart manufacturing and IoT as the lynchpins to their success in the coming years. According to Deloitte’s 2022 Manufacturing Industry Outlook, some 45% of manufacturing executives expect increases in operational efficiency from investments in IoT that connects machines and automates processes. Meantime, the State of Smart Manufacturing report published in 2022 by Plex found that 83% of manufacturers say that smart manufacturing is a key to their organization’s future success. Smart devices and IIoT are among the most used projects to bring smart manufacturing to fruition. Some 49% of organizations have already deployed smart devices and 45% have put IIoT into production, with another 35% and 36%, respectively, planning to use these technologies. This is rapidly pushing a lot of manufacturing compute out to the edge. AT&T’s own recent analysis for the AT&T Cybersecurity Insights Report: Securing the Edge-A Focus on Manufacturing study found that the manufacturing vertical is one of the furthest along in implementing edge use cases. The report reveals that 78% of manufacturers globally are planning, have partially, or have fully implemented an edge use case - that’s ahead of energy, finance, and healthcare industry organizations. This kind of progress noted by the report is in sync with other industry studies watching the progress of digital transformation in manufacturing. For example, a study by Palo Alto Networks says the demand for secure remote access in manufacturing is rapidly outstripping other industries. Amid many cited edge use cases such as smart warehousing, remote operations, and augmented maintenance, video-based inspection was the number one edge priority cited by manufacturing respondents to the AT&T Cybersecurity Insights Report . This is a prime example of how IoT is being leveraged to improve efficiency, quality and speed on factory floor, while helping manufacturers also overcome workforce challenges. Unpatchable IoT devices raises manufacturing risk profile Video-based inspection also provides an excellent example of how IoT devices can at the same time potentially increase cyber risk in manufacturing environments. In use cases like this one, IoT devices such as cameras are increasingly connected to OT networks and devices on the manufacturing shop floor. Simultaneously, they’re also opening up access outside th | Threat Studies Patching Guideline | Deloitte | |
 |
2022-07-21 11:38:00 | Deloitte expands its managed XDR platform (lien direct) | Deloitte announced an update this week to its Managed Extended Detection and Response platform. The upgrade boosts the platform's capabilities to collect intelligence, hunt for threats, and secure mobile devices. Among the new modules added to Deloitte's MXDR offering: Cyber Security Intelligence, which adds to Deloitte's tools and proprietary sources intelligence from CrowdStrike Falcon X. The combination will provide users with actionable indicators of compromise (IoCs), threat notifications, threat actor profiles, industry landscapes, automated sandbox analysis, and threat briefing requests for information. "CSI allows us to be much more proactive in our detection, prevention, and understanding of threats so we can be more proactive in planning with our clients," says Deloitte MXDR leader Curt Aubley. Dynamic Adversary Intelligence, which provides clients with "over-the-horizon" adversary investigations. DAI uses passive intelligence collection methods, including global telemetry, industry-leading application programming interface integrations, refined tradecraft, proprietary analytics of publicly available information, and proprietary sources via Splunk. "DAI gives clients an inside-out view of attackers," Aubley explains. "It can also give a client the information they need to give to authorities to track down adversaries." Digital Risk Protection, which lets a client follow their digital footprint online. "We can fingerprint a client's intellectual property," Aubley says. "Using that information, along with data like domain names, email addresses, and others, we can look on the open web, deep web, and dark web and see if that information has gotten into the hands of an adversary. Then we can let a client know how to best manage any potential crisis that might arise from that leak. We can also look inside their environment to determine how the leak happened." Active Hunt and Response, which includes the use of a "dissolvable agent" that can be planted in the memory of an endpoint and collect data about an attacker while remaining invisible to them. In addition, a new Mobile Prevent, Detection, and Response module has been added to the MXDR platform. It has expanded hunting capabilities and is fully integrated with CrowdStrike Falcon for Mobile Endpoint Detection and Response and CrowdStrike's mobile threat defense.To read this article in full, please click here | Threat Guideline | Deloitte Deloitte | |
 |
2022-01-20 07:01:28 | CrowdStrike Powers MXDR by Deloitte, Offering Customers Risk Mitigation with Powerful Customized and Managed Security Services (lien direct) | Deloitte, a leader in managed security services, has launched MXDR by Deloitte â a Managed Extended Detection and Response suite of offerings â within which the CrowdStrike Falcon® platform will power a number of solutions. MXDR by Deloitte combines an integrated, composable and modular managed detection and response SaaS platform with managed security services in […] | Guideline | Deloitte Deloitte | |
 |
2021-06-14 15:09:05 | 75% of CFOs are bullish on the North American economy (lien direct) | Tech leaders are optimistic about their companies' financial prospects, and 62% believe they will be better a year out, according to Deloitte's Q2 CFO Signals survey. | Guideline | Deloitte | |
|
2021-06-03 10:00:00 | (Déjà vu) Ransomware and Energy and Utilities (lien direct) | This is a blog series focused on providing energy and utility industries with helpful insights and practical, helpful information on cybersecurity. Intro The exponential growth of IoT devices in the energy and utilities industry has greatly increased focus on cybersecurity. Focus on cybersecurity across industries has increased recently, no doubt due to factors like COVID-19 forcing a jump in remote work. In 2020, we saw cybersecurity move from being a technical problem to a business issue. Along with the recognition that businesses really need to lead with a security-first mindset to be resilient, the CISO was elevated to a seat at the proverbial table as a true C-suite leader and trusted board advisor. Energy and utilities face unique challenges compared to other industries. According to McKinsey: “In our experience working with utility companies, we have observed three characteristics that make the sector especially vulnerable to contemporary cyberthreats. First is an increased number of threats and actors targeting utilities: nation-state actors seeking to cause security and economic dislocation, cybercriminals who understand the economic value represented by this sector, and hacktivists out to publicly register their opposition to utilities’ projects or broad agendas. The second vulnerability is utilities’ expansive and increasing attack surface, arising from their geographic and organizational complexity, including the decentralized nature of many organizations’ cybersecurity leadership. Finally the electric-power and gas sector’s unique interdependencies between physical and cyber infrastructure make companies vulnerable to exploitation, including billing fraud with wireless “smart meters,” the commandeering of operational-technology (OT) systems to stop multiple wind turbines, and even physical destruction.” Let’s look at one type of common and profitable attack that could impact energy and utility companies – ransomware. What is ransomware? Ransomware is exactly as the name implies – something valuable to your business is being kept from you until a ransom is paid for its return. In simple terms, ransomware is extortion. Ransomware, a form of malicious software, blocks you from accessing your computer systems or files until you pay the cyber adversary to allow you access to your information. The ransom is typically requested in crypto currency because of its anonymity and ease of online payment – this translates to no tracing of the origin or destination of the funds, a common tactic of cyber criminals. Knowingly infecting a system with ransomware and requesting payment to unlock the system is a crime. Law enforcement agencies recommend not paying the ransom associated with ransomware. The thought is that if the ransom is paid, you as the victim of ransomware are then identified as an easy target for further cybercrime and the ransomware attack is perpetuated against others. Who is the target of ransomware? Cyber criminals seek the path of least resistance in their targets and strike against businesses that are easy targets. Ransomware is a business and the perpetrators, like any good businessperson, are looking for a strong ROI. The C | Ransomware Malware Tool Vulnerability Guideline | Deloitte | |
|
2021-06-03 10:00:00 | Ransomware and energy and utilities (lien direct) | This is a blog series focused on providing energy and utility industries with helpful insights and practical, helpful information on cybersecurity. Intro The exponential growth of IoT devices in the energy and utilities industry has greatly increased focus on cybersecurity. Focus on cybersecurity across industries has increased recently, no doubt due to factors like COVID-19 forcing a jump in remote work. In 2020, we saw cybersecurity move from being a technical problem to a business issue. Along with the recognition that businesses really need to lead with a security-first mindset to be resilient, the CISO was elevated to a seat at the proverbial table as a true C-suite leader and trusted board advisor. Energy and utilities face unique challenges compared to other industries. According to McKinsey: “In our experience working with utility companies, we have observed three characteristics that make the sector especially vulnerable to contemporary cyberthreats. First is an increased number of threats and actors targeting utilities: nation-state actors seeking to cause security and economic dislocation, cybercriminals who understand the economic value represented by this sector, and hacktivists out to publicly register their opposition to utilities’ projects or broad agendas. The second vulnerability is utilities’ expansive and increasing attack surface, arising from their geographic and organizational complexity, including the decentralized nature of many organizations’ cybersecurity leadership. Finally the electric-power and gas sector’s unique interdependencies between physical and cyber infrastructure make companies vulnerable to exploitation, including billing fraud with wireless “smart meters,” the commandeering of operational-technology (OT) systems to stop multiple wind turbines, and even physical destruction.” Let’s look at one type of common and profitable attack that could impact energy and utility companies – ransomware. What is ransomware? Ransomware is exactly as the name implies – something valuable to your business is being kept from you until a ransom is paid for its return. In simple terms, ransomware is extortion. Ransomware, a form of malicious software, blocks you from accessing your computer systems or files until you pay the cyber adversary to allow you access to your information. The ransom is typically requested in crypto currency because of its anonymity and ease of online payment – this translates to no tracing of the origin or destination of the funds, a common tactic of cyber criminals. Knowingly infecting a system with ransomware and requesting payment to unlock the system is a crime. Law enforcement agencies recommend not paying the ransom associated with ransomware. The thought is that if the ransom is paid, you as the victim of ransomware are then identified as an easy target for further cybercrime and the ransomware attack is perpetuated against others. Who is the target of ransomware? Cyber criminals seek the path of least resistance in their targets and strike against businesses that are easy targets. Ransomware is a business and the perpetrators, like any good businessperson, are looking for a strong ROI. The C | Ransomware Malware Tool Vulnerability Guideline | Deloitte | |
|
2021-05-25 16:41:37 | 5 reasons organizations should be using enterprise business planning (lien direct) | CFOs who lead transformation efforts need to build resilient, long-term strategies, and EBP unites different functions to help make better decisions, according to Deloitte. | Guideline | Deloitte | |
|
2021-05-04 18:43:13 | After 25 years of trying to close the digital divide, challenges remain (lien direct) | A new report by Deloitte says striving for "broadband for all" would not only provide opportunities for the underserved but also would lead to an overall economic boom in the US. | Guideline | Deloitte Deloitte | |
|
2020-06-15 11:00:00 | Cybersecurity in education: Securing schools as they transition to online learning (lien direct) | This blog was written by an independent guest blogger. Whether they were prepared for it or not, schools around the world have been forced to adopt an online learning model for students thanks to the COVID-19 pandemic. One of the biggest concerns educators need to have in this situation is exactly how to create a fully secure remote learning environment in order to keep sensitive information for both the schools and individual students safe from hackers. Data breaches cause real-world damage and tarnish the credibility of the organizations that fall prey to them (including schools and educational institutions). As schools across the globe turn digital due to students studying from home, they are also becoming more vulnerable targets to cyberattacks. Schools are finding themselves outmatched as these threats intensify. Parents likewise need to learn about and ensure safe cybersecurity practices for their kids, and would therefore also benefit from learning about the security methods that we are about to cover. In this article, we’ll discuss how school technology leaders can develop the necessary strategies to protect against and mitigate breaches by procuring technology and developing risk management policies and planning for incidents before they occur. Why Are Schools At Risk of Cyber Attacks? In the face of the COVID-19 pandemic, the focus and attention of most of the cybersecurity community have been on protecting government institutions, the airline industry, and the healthcare industry from hackers. This is good, but educational institutions are at just as much risk from malicious hackers as the above industries and organizations are as well. If anything, this risk has only increased significantly due to the record numbers of students who are now attending school via online learning platforms, video conferences, and e-learning environments. In the United States, the Federal Bureau of Investigation has warned extensively about the greatly increased cybersecurity risks of teleconferencing and online classrooms. The FBI specifically cites examples of malicious cybercriminals delivering threatening content to Zoom classroom calls (colloquially referred to as Zoom-bombing), which has even resulted in numerous school districts pulling out of Zoom and seeking alternative platforms. This highlights a larger issue of schools and school districts using technology that has either not been properly vetted or that educators and students are not prepared to use safely. In other words, even as school districts turn to alternative teleconferencing options besides Zoom, they can still be a major risk of falling prey to hackers and cybercriminals. This leads us to our next question: what exactly can school districts and educational inst | Malware Vulnerability Guideline | Deloitte | |
|
2020-04-09 20:16:10 | Deloitte highlights top 9 challenges for enterprises during COVID-19 crisis (lien direct) | Now's the time for organizations large and small to return to the basics with cyber hygiene protocols, the firm's cyber risk services leader says. | Guideline | Deloitte | |
|
2019-11-07 15:53:30 | Software companies continue the winning streak on Deloitte\'s Fast 500 list (lien direct) | Tech firms hold 343 spots with SaaS and enterprise software leading the way while biotech/pharma firms make up the second most prevalent sector. | Guideline | Deloitte | |
 |
2019-10-18 13:25:14 | Bypassing LLMNR/NBT-NS honeypot (lien direct) | AbstractMITRE ATT&CK™ [https://attack.mitre.org/] “is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations” which recommends the Conveigh honeypot [https://github.com/Kevin-Robertson/Conveigh] for detection of the LLMNR/NBT-NS Poisoning and Relay | Threat Guideline | Deloitte | ★★ |
|
2019-08-01 12:30:00 | For mid-sized enterprises to win the cybersecurity race, the game needs to change (lien direct) | Why does AT&T Cybersecurity get me so excited on behalf of the mid-sized enterprises that make up the bulk of business around the globe? Well, one example I like to share is from a bicycle manufacturer I had the pleasure of visiting a few years ago. As a cycling enthusiast myself, I know these manufacturers are true experts, with deep knowledge and passion for the businesses they run and technology they develop. Unsurprisingly, they were dismayed about the need to also become experts in cybersecurity. Even if they were experts, it still might not help. Could they really afford to follow the security blueprint defined by global banks and other elite security teams? According to a Deloitte survey, large enterprises spend thousands per employee and up to hundreds of millions of dollars per annum on cybersecurity, often deploying dozens or even hundreds of expensive and sophisticated security solutions along the way. For our bike manufacturer, it’s impossible to wade through all of the solutions on offer from the thousands of cybersecurity vendors out there. Their business is at risk through no fault of their own and the “solution” to mitigating that risk is beyond reasonable allocation of resources. Mind you, it’s not just the bicycle company in this race. There’s the contract manufacturer that actually assembles the bikes, the advertising agency that promotes them, the distributors that get them into stores and perhaps 20 other major partners and subcontractors who support the core business. And this is just one major bicycle brand! There are millions of other mid-sized enterprises around the globe with the exact same problem. Every business, including the Fortune 500, would relish the opportunity to be more efficient in cybersecurity and to put more money back into the business. But for mid-sized companies, who don’t have the same resources to protect themselves, it’s a matter of survival. Our bicycle brand should be focused on engineering the perfect machine to break a 36mph Tour de France stage speed, not on cybersecurity. This shouldn’t be something that soaks up resources and diverts attention from the core business. That’s precisely why AlienVault automated threat detection and streamlined response, and why we continue to focus on making security more accessible as AT&T Cybersecurity. What gets me excited for customers like the bicycle manufacturer is the ability to do all that and more, on a much grander scale, because of what AT&T brings to the table. With a core mission of connecting people where they live and work for more than 140 years, security is in AT&T’s DNA. Ever since there was something of value carried over a network, AT&T has been a leader—including what is now called cybersecurity. Serving more than 3 million companies globally from the smallest business to nearly all the Fortune 1000 has given AT&T unrivaled visibility into the threats and needs of business customers. And as a trusted advisor that provides countless integrated business solutions around the globe, AT&T has assembled a broad portfolio of nearly all of the leading security vendors to help in the mission. We now have the opportunity to integrate AT&T’s unparalleled threat intelligence, AlienVault’s proven strengths in automation, and the world’s best cybersecurity solutions into one unified platform that eliminates cost and complexity for millions of companies both large and small. The bicycle manufacturer can choose to use the platform to manage security themselves, outsource the work completely, or utilize a collaborative model that utilizes collective expertise and capabilities. This is enabled through the AT&T consulting and managed services teams or through | Threat Guideline | Deloitte | |
|
2019-01-22 14:44:03 | 4 ways leaders can prepare for the coming Fourth Industrial Revolution (lien direct) | Successful leaders of Industry 4.0 must be committed to doing good and aggressive in developing their workforce, according to a Deloitte report. | Guideline | Deloitte | ★★★★ |
 |
2019-01-11 18:00:00 | Security Experts Believe Skills Gap Can Be Bridged – Deloitte Disruption Index (lien direct) | Business leaders’ confidence in the digital skills of new entrants to the workplace has improved in the last six months, according to the latest Digital Disruption Index by Big Four accountant Deloitte. A growing number of business leaders think that school leavers and graduates have the right digital skills and experience, according to the new report. Experts … The ISBuzz Post: This Post Security Experts Believe Skills Gap Can Be Bridged – Deloitte Disruption Index | Guideline | Deloitte | |
 |
2018-12-13 13:01:01 | Context Appoints Dave Spence As Director Of Response. (lien direct) | Dave Spence has been appointed Director of Response at leading cyber security consultancy, Context Information Security. Before joining Context, Dave spent the past 10 years at Deloitte advising clients and Boards about how to best manage their technical and business cyber risks and most recently running the UK Cyber Defence team including incident response, red […] | Guideline | Deloitte | |
|
2018-07-08 12:50:05 | (Déjà vu) NIST Framework Components (lien direct) | As part of Tulin’s CyberSec Series, Tulin highlights three components of NIST Framework i.e., Core, Impementation Tiers and Profiling. Tulin SevginCyber Risk Management Lead, Senior Consultant Tulin is a strategic thinker and cyber risk management specialist with experience in public and private sectors. Tulin has held senior positions with Commonwealth Bank, Westpac, Optiver and Deloitte. Whilst … The ISBuzz Post: This Post NIST Framework Components | Guideline | Deloitte | ★★ |
|
2018-06-27 14:34:03 | Deloitte\'s 5 vectors of progress prove IoT is a solid investment (lien direct) | Considerable improvements in technology are bolstering the Internet of Things (IoT), according to Deloitte, and business leaders should take notice. | Guideline | Deloitte | ★★★ |
|
2018-06-23 14:00:02 | (Déjà vu) Tulin\'s CyberSec Talk – Cyber Security Management Best Practices (lien direct) | In this video Tulin highlight the best practices to develop successful cyber security managment program. Tulin SevginCyber Risk Management Lead, Senior Consultant Tulin is a strategic thinker and cyber risk management specialist with experience in public and private sectors. Tulin has held senior positions with Commonwealth Bank, Westpac, Optiver and Deloitte. Whilst Tulin's working experience … The ISBuzz Post: This Post Tulin’s CyberSec Talk – Cyber Security Management Best Practices | Guideline | Deloitte | |
 |
2018-03-29 12:10:04 | (Déjà vu) The CNN Factor Adds More Complexity to Security Operations (lien direct) | >Security Teams Need the Ability to Collaborate and Coordinate to Make Better Use of the Talent and Data They Already Have We all know that security teams are drowning in a sea of alerts, largely driven by a defense-in-depth strategy with layers of protection that aren't integrated and create a massive amount of logs and events. If you need further evidence, Cisco's 2018 Annual Cybersecurity Report (PDF) found that among organizations using 50+ vendors, 55 percent say orchestrating security alerts is very challenging and for those with 21-50 vendors, 43 percent are struggling. The result? On average, 44 percent of alerts are not investigated and of those investigated and deemed legitimate, nearly half (49 percent) go un-remediated! Compound that reality with the “CNN Factor” – global cyberattacks that garner widespread interest and trigger calls from management – and you've got a situation that is quickly becoming untenable. It isn't sufficient for security teams to prevent, detect and respond to attacks. Security teams also must be able to proactively investigate and understand what the latest, large-scale cyber campaign means to their organization. Yet Cisco's study finds, “One reason [alerts go un-remediated] appears to be the lack of headcount and trained personnel who can facilitate the demand to investigate all alerts.” So how can security teams handle the fallout from the headlines along with their daily list of “to-dos?” They need a force multiplier – the ability to collaborate and coordinate to make better use of the talent and data they already have. This will not only help them respond more effectively and efficiently to alerts, but also address the inevitable flurry of questions every time a large-scale attack happens and take action as needed. Collaborate. It isn't just security tools that are siloed, security teams typically operate in silos as well and that includes all the members of your threat intelligence program – threat intelligence analysts, security operations centers (SOCs) and incident handlers, to name a few. When one team member researches an event or alert and doesn't find information that is relevant to them, they tend to put that information aside and move on to the next task. But what if someone else in threat operations, conducting a separate investigation, could have benefitted from that work? Without the ability to collaborate as part of the workflow, key commonalities are missed so investigations take longer or hit a dead end. What's needed is a single, shared environment that fuses together threat data, evidence and users, so that all team members involved in the inve | Guideline | Deloitte | |
|
2018-03-14 15:42:02 | The Value of Threat Intelligence is Clear, But Are You Capturing It All? (lien direct) | Take Relevance Into Account When Analyzing Threat Data Parents are nervous. High school seniors are nervous. It's that time of year again when college decision letters and emails start to arrive. We all know there's tremendous value in education, and a college degree is a pre-requisite for many career paths. But which school is the best fit? Will your child get the most value possible from his or her college experience? For each student, what defines and drives value from the college experience is different. It may be studying in an environment where they feel comfortable and can thrive; attending a university that offers a major in a field they want to pursue; having an opportunity to play the sport they love and excel in; or any number and combination of factors. Likewise, we all know there is tremendous value in threat intelligence, and various factors come into play to create value. The recent SANS 2018 Cyber Threat Intelligence Survey (PDF) finds 81% of cybersecurity professionals affirm that threat intelligence is providing value and helping them do their jobs better. The millions of threat-focused data points available, the many sources of global threat data we subscribe to, and the internal threat and event data from our layers of defense and SIEMs provide a significant amount of threat intelligence. But are we capturing all the value we can to truly strengthen our defenses and accelerate detection and response? As I've said before, not all threat intelligence is equal. Threat intelligence that is of value to your organization, may not be of value to another. How do you get the most value from your threat intelligence? It comes down to relevance, and that's determined by your industry/geography, your environment and your skills/capabilities. Industry/Geography. Threat data focused on attacks and vulnerabilities specific to your industry and geography is much more relevant than generic data that includes threats that target a specific sector and/or region you are not in. External threat feeds such as those from national/governmental Computer Emergency Response Teams (CERTs) and Information Sharing and Analysis Centers (ISACs) organized by industry, can prove useful. Complementing the data in your central repository with data from these types of sources can help reduce noise and allow you to focus on threats occurring locally in your sector. Environment. Depending on your environment or infrastructure, some indicators are more relevant than others. For example, if your workforce is highly distributed and endpoint protection is key, hashes are important because they enable you to detect malicious files on those devices. On the network, domain names and IPs are more relevant indicators allowing you to track suspicious traffic. To get the most value from your threat intelligence, you need tools that aggregate indicators in a c | Guideline | Deloitte | |
 |
2018-03-09 08:00:03 | RGPD : J -100 où en sommes-nous ? (lien direct) |  Le 15 novembre dernier, Mailjet, leader européen du pilotage d'emails marketing et transactionnels et ses partenaires (Taj-Deloitte, Les Echos, Generali, AFNOR et PeopleDoc) organisaient le premier grand événement dédié au RGPD (Règlement Général sur la Protection des Données) à Paris. |
Guideline | Deloitte | |
|
2017-09-29 09:54:51 | Deloitte Hacked – Client Emails, Usernames & Passwords Leaked (lien direct) |  It seems to be non-stop lately, this time it's Deloitte Hacked, which has also revealed all kinds of publically accessible resources that really should be more secure (VPN, RDP & Proxy services).
The irony is that Deloitte positions itself as a global leader in information security and offers consulting services to huge clients all over the planet, now it seems they don't take their own advice. Honestly this is not all that uncommon, it's human nature to leave your own stuff last as it doesn't directly impact revenue or value (until you get hacked).
Read the rest of Deloitte Hacked – Client Emails, Usernames & Passwords Leaked now! Only available at Darknet.
|
Guideline | Deloitte | |
 |
2016-08-26 23:01:43 | Notes on that StJude/MuddyWatters/MedSec thing (lien direct) | I thought I'd write up some notes on the StJude/MedSec/MuddyWaters affair. Some references: [1] [2] [3] [4].The story so fartl;dr: hackers drop 0day on medical device company hoping to profit by shorting their stockSt Jude Medical (STJ) is one of the largest providers of pacemakers (aka. cardiac devices) in the country, around ~$2.5 billion in revenue, which accounts for about half their business. They provide "smart" pacemakers with an on-board computer that talks via radio-waves to a nearby monitor that records the functioning of the device (and health data). That monitor, "Merlin@Home", then talks back up to St Jude (via phone lines, 3G cell phone, or wifi). Pretty much all pacemakers work that way (my father's does, although his is from a different vendor).MedSec is a bunch of cybersecurity researchers (white-hat hackers) who have been investigating medical devices. In theory, their primary business is to sell their services to medical device companies, to help companies secure their devices. Their CEO is Justine Bone, a long-time white-hat hacker.Muddy Waters is an investment company known for investigating companies, finding problems like accounting fraud, and profiting by shorting the stock of misbehaving companies.Apparently, MedSec did a survey of many pacemaker manufacturers, chose the one with the most cybersecurity problems, and went to Muddy Waters with their findings, asking for a share of the profits Muddy Waters got from shorting the stock.Muddy Waters published their findings in [1] above. St Jude published their response in [2] above. They are both highly dishonest. I point that out because people want to discuss the ethics of using 0day to short stock when we should talk about the ethics of lying."Why you should sell the stock" [finance issues]In this section, I try to briefly summarize Muddy Water's argument why St Jude's stock will drop. I'm not an expert in this area (though I do a bunch of investment), but they do seem flimsy to me.Muddy Water's argument is that these pacemakers are half of St Jude's business, and that fixing them will first require recalling them all, then take another 2 year to fix, during which time they can't be selling pacemakers. Much of the Muddy Waters paper is taken up explaining this, citing similar medical cases, and so on.If at all true, and if the cybersecurity claims hold up, then yes, this would be good reason to short the stock. However, I suspect they aren't true -- and they are simply trying to scare people about long-term consequences allowing Muddy Waters to profit in the short term.@selenakyle on Twitter suggests this interest document [4] about market-solutions to vuln-disclosure, if you are interested in this angle of things.The 0day being droppedWell, they didn't actually drop 0day as such, just claims that 0day exists -- that it's been "demonstrated". Reading through their document a few times, I've created a list of the 0day they found, to the granularity that | Guideline | Deloitte |
1
We have: 26 articles.
We have: 26 articles.
To see everything:
Our RSS (filtrered)
