Russian State-Sponsored Cyber Actors Targeting Network Infrastructure

Yesterday, US-CERT posted a bulletin about Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices ( https://www.us-cert.gov/ncas/alerts/TA18-106A ). Our take on this is that this is something one must always assume to be happening, and if the bulletin is accurate then it’s not something Russia is alone in doing: https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ https://www.engadget.com/2016/08/21/nsa-technique-for-cisco-spying/ It is vital to have critical controls in place to protect against these types of attacks, and to be prepared to take action based on concrete Indicators of Compromise provided in alerts and threat intelligence. Basefarm is a member of FIRST.org, TF-CSIRT and Swedish CERT-Forum, which helps us gather intelligence such as this in a timely manner.   (Blogpost image by Erik Mandre, “Karu-Ursus arctos-Erik Mandre.jpg“, Creative Commons Attribution-Share Alike)

Are you prepared for social engineering and the Next Corporate hack?

Have you opened the front door for anyone who came knocking or made way for an unknown contractor? If so, you might have been victim of social manipulation-based hacking. Training, exercise and countermeasures can help, and this also applies to the Next Big Corporate hack which surely can strike even you.

Are you prepared for DDoS attacks?

How can you protect yourself from hackers and more specifically, DDOS attacks?

Malware is so 2017: five security trends to watch out for

Remember when several massive ransomware attacks went global and hit many big businesses? Fredrik Svantes, Senior Information Security Manager at Basefarm, discussed with us the latest developments that keep the cybersecurity community busy.

TLS 1.3 – Internet Security Gets a Boost

TLS 1.3 updates the most important security protocol on the Internet, delivering superior privacy, security, and performance.

10. august marks the formal publication of an overhaul of the Transport Layer Security (TLS) protocol. TLS is an Internet standard used to prevent eavesdropping, tampering, and message forgery for various Internet applications. It is probably the most widely deployed network security standard in the world. Often indicated by the small green padlock in a web browser’s address bar1, TLS  is used in financial transactions, by medical institutions, and to ensure secure connections in a wide variety of other applications.

We believe the new version of this protocol, TLS 1.3, published as RFC 8446, is a significant step forward towards an Internet that is safer and more trusted.

TLS 1.3 represents a significant security win for the Internet and its users. We look forward to using it and tracking its adoption on the Internet.

An Overview of TLS 1.3 – Faster and More Secure

 

Top 5 Security links

 

Security is Not a One-Person Job

Security is not a one-person job. It can’t be accomplished with one person, it can’t be accomplished with one company.

“Security is not a one-person job. It can’t be accomplished with one person, it can’t be accomplished with one company,” says Walls. “So we need partners, and we need friends in the industry to work together.” No statement could better summarize what building a culture of security looks like. Learn more about how Walls and Prime Therapeutics implemented DLP to protect highly sensitive data for millions of people.

Read more..

 

Top 5 Security links

 

What we learned from DEF CON 26

Cyber security is increasingly important to companies. We went to DEF CON to see what the hackers were doing.

Check for the Security-First Mindset Across All Teams

Check for the Security-First Mindset Across All Teams

“Embedding security as a way of life is not a one-time event. It requires ongoing education through a variety of channels. Setting the tone from executive leadership is key, but this must be reinforced by direct management and across peer groups.”

Read more..

 

Top 5 Security links

 

Blocking cyber attacks; Why you should understand adversary playbooks

This blog post is a summary of this weeks Information Security News put together by our Security Incident Response Team (SIRT).

It’s time to get off the treadmill: Why you should understand adversary playbooks

“Flipping the equation on known adversaries by developing and deploying controls at locations on the intrusion kill chain designed specifically for these known playbooks will increase a company’s ability to block an attack. The cybersecurity industry must collaborate to identify all know adversary playbooks and share this knowledge with each other and the public.”

Read more..

 

Top 5 Security links

5 tips for better cloud security

This blog post is a summary of this weeks Information Security News put together by our Security Incident Response Team (SIRT). Lees meer