In-brief: Is the massive breach at the U.S. Government’s Office of Personnel Management a success story? Given the dire state of risk management within the federal government, the answer may be ‘yes.’
correlation
Mobilizing SQL Injection Attacks: Same Pig, New Lipstick?
In-brief: New research from Akamai suggests that attackers are using new methods to carry out and cover up for malicious attacks, among them: harnessing harmless mobile carrier networks to carry out attacks such as SQL injection.
SMEs Face Advanced Threat Sophistication Gap
In-brief: Cisco Vice President Scott Harrell says that small and mid-sized organizations are in the crosshairs of sophisticated cyber criminals. Unfortunately, such firms often lack the tools and skills to identify and contain such threats.
N.S.A. Breached North Korean Networks Before Sony Attack – NY Times
The New York Times claims that the U.S. National Security Agency used intelligence gleaned from a clandestine operation to compromise North Korea’s cyber warfare unit to pin the blame for the Sony Pictures Entertainment hack on the reclusive Communist country. According to the story by David Sanger and Martin Fackler, the Obama Administration’s decision to quickly blame the hack on the DPRK grew out of a four year-old National Security Agency (NSA) program that compromise Chinese networks that connect North Korea to the outside world. The classified NSA program eventually placed malware that could track the internal workings of the computers and networks used by the North’s hackers and under the control of the Reconnaissance General Bureau, the North Korean intelligence unit, and Bureau 121, the North’s hacking unit, which mostly operates out of China. It has long been recognized that North Korea, which lacks a mature information technology infrastructure, does much of […]
Cat and Mouse: Web Attacks Increasingly Sidestep WAF Protections
Recently, the Akamai Threat Research Team unveiled a unique distributed brute force attack campaign targeting nearly five hundred WordPress applications. What’s interesting about this campaign? It clearly demonstrates how Web attackers are becoming more sophisticated, attempting to evade security controls – specifically Web Application Firewalls (WAFs) and rate control protections. A Short Primer to Brute-Force Attacks Brute force Web attackers attempt to gain privileged access to a Web application by sending a very large set of login attempts, within a short period of time. Using volumetric single source of attack is easily mitigated by blacklisting. Today’s brute force attacks are typically characterized by volumetric attacks coming from distributed IPs. In this way, if the attacker’s source IP is detected, they can still continue with the attack campaign by switching a source IP. As part of this cat-and-mouse evolution, WAFs are enhanced with several rate control measures that detect and block […]
