Recent Posts

Painting of Flowers

One Reason Security Is So Hard? Really Bad Reports.

Security is hard. Everyone knows that. The question is: why? After all, our understanding of cyber threats improves with each day. The tools we use to secure our systems have also improved over time – antivirus software, firewalls, application firewalls, intrusion detection, data leak prevention, and so on. And yet, when we look at the data, there’s not much evidence that better understanding and better tools are leading to better security. According to Jonathan Grier, an independent security consultant, the answer to the question ‘Why aren’t we getting better at stopping attacks and protecting data?’ is that we’re not doing a good job of learning from the data we have. In a conversation with The Security Ledger, Grier, the founder of Grier Forensics,  said that, despite a wealth of security data, the security industry’s approach to analyzing it is immature. Grier likes working on the cutting edge of computer forensics and application security. […]

What’s In Your Bucket? Data For The Taking In Amazon S3 Containers

Security is one of the main obstacles to greater cloud adoption. When it gets right down to it: companies that own sensitive data are reluctant to release control of it to a third party without ample reassurance that it won’t be lost or stolen. Given that’s the case, the results from an analysis of Amazon’s cloud-based Simple Storage Service (S3) by the security firm Rapid7 won’t ease privacy and security fears surrounding cloud-based storage and applications. In that study, Rapid7 researchers surveyed 12,328 Amazon S3 “buckets” – virtual containers for stored data. The results: 1,951 of those buckets were publicly accessible – around 1 of every 6. Within those 2,000-odd public buckets were 126 billion (with a “B”) files. That’s right – 126 billion. The sheer amount of data was too large for Rapid7 to audit each file individually, so the company sampled 40,000 publicly visible files and found that […]

Spammers Using Yahoo, Google To Whitewash Links

If the gigantic distributed denial of service (DDoS) attacks against the spam blacklisting operation Spamhaus wasn’t proof enough: spammers have trouble steering around blacklists and other reputation-based filters. Even if the language in their message is generic enough to avoid detection, dropping a link to a known, malicious- or compromised domain is plenty to get an entire message dropped. Spammers without a legion of 100,000 bots at their fingertips have to get creative about getting their message into the target’s inbox. Lately, a method that’s drawing attention is to leverage low-security redirection services to whitewash a link to a ‘known-malicious’ or merely suspicious sites. Barracuda Networks said that it has captured spam attacks that are combining a Yahoo based URL shortening service with Google’s free Translate service to whitewash links in spam e-mail messages and evade automated detection. The message, which was sent to a Barracuda “honeypot” system  includes a […]

Mobile Phone Use Patterns: The New Fingerprint

Mobile phone use may be a more accurate identifier of individuals than even their own fingerprints, according to research published on the web site of the scientific journal Nature. Scientists at MIT and the Université catholique de Louvain in Belgium analyzed 15 months of mobility data for 1.5 million individuals who the same mobile carrier. Their analysis, “Unique in the Crowd: the privacy bounds of human mobility” showed that data from just four, randomly chosen “spatio-temporal points” (for example, mobile device pings to carrier antennas) was enough to uniquely identify 95% of the individuals, based on their pattern of movement. Even with just two randomly chosen points, the researchers say they could uniquely characterize around half of the 1.5 million mobile phone users. The research has profound implications for privacy, suggesting that the use of mobile devices makes it impossible to remain anonymous – even without the use of tracking […]

Messy And Loud Hack In South Korea Doesn’t Look State Sponsored

A researcher who has studied the malicious software used in the attacks on media outlets and banks in South Korea this week said the attacks were coordinated, but messy and loud, without many of the hallmarks of a state sponsored hacking operation. Richard Henderson, a Security Strategist at Fortilabs at Fortinet Inc. said that the malware used in the attack was programmed to begin operating at 2:00pm local time, suggesting that those behind it had planned their operation for weeks or months before launching it. Still, Henderson said many details of the attack make it dissimilar from so-called “advanced persistent threat” or APT-style hacks that are carried out by foreign governments or groups working on their behalf. Henderson said that Fortinet analysts first obtained a copy of the malware on March 19, a day before the attacks. Researchers there had already identified the “time bomb” hidden in the code, which was […]