Topic   Web Sites   
   
McAfee Labs Threats Report: June 2017
Overview: Excerpt from the report: 
  • "Malware: New malware samples rebounded in Q1 to 32 million. The total number of malware samples increased 22% in the past four quarters to 670 million samples.
  • Ransomware: New ransomware samples rebounded in Q1 primarily due to Congur ransomware attacks on Android OS devices. The number of total ransomware samples grew 59% in the past four quarters to 9.6 million samples. (We will discuss the WannaCry ransomware in our next quarterly report.)
  • Mobile malware: Reports from Asia doubled in Q1, contributing to a 57% increase in global infection rates. Total mobile malware grew 79% in the past four quarters to 16.7 million samples.
  • Incidents: We counted 301 publicly disclosed security incidents in Q1, an increase of 53% over Q4. The health, public, and education sectors comprised more than 50% of the total. 78% of all publicly disclosed security incidents in Q1 took place in the Americas."
     
Author: McAfee Labs   Web Site: securingtomorrow.mcafee.com   Date: 6/19/2017
Topics: Malicious Software Controls

Verizon 2017 Data Breach Investigations Report
Overview: The tenth annual Verizon Data Breach Investigations Report (DBIR) has been released for 2017. 
 
Author: Verizon   Web Site: www.verizonenterprise.com   Date: 4/27/2017
Topics: General Security Awareness

Latest Intelligence for March 2017
Overview: Symantec reports: "Number of blocked web attacks increases to highest level since July 2016 and Necurs botnet returns with new spam campaigns."
 
Author: Symantec Security Response   Web Site: www.symantec.com   Date: 4/14/2017
Topics: Malicious Software Controls

McAfee Labs Threats Report: April 2017
Overview: Excerpt from the McAfee Labs Threats report: "We discuss the background and drivers of threat intelligence sharing, various threat intelligence components, sources, and sharing models, and how mature security operations can use shared threat intelligence. We examine Mirai, which is notable because it detects and infects poorly secured IoT devices, transforming them into bots to attack its targets."
 
Author: McAfee Labs   Web Site: www.mcafee.com   Date: 4/10/2017
Topics: Malicious Software Controls, Network Security, Security Monitoring

Windows Management Instrumentation (WMI) Offense, Defense, and Forensics
Overview: FireEye reports: "Throughout the past few months, FireEye Labs has observed an increased use of Windows Management Instrumentation (WMI) queries for environment detection and evasion of dynamic analysis and virtualization engines. WMI provides high-level interaction with Windows objects using C/C++, VBScript, JScript, C#, etc. in the form of WMI Query Language (WQL). Last year, FireEye published a white paper detailing an in-depth analysis of WMI infrastructure and potential abuses of WMI services by malware writers."
 
Author: William Ballenthin, Matt Graeber, Claudiu Teodorescu FireEye Labs Advanced Reverse Engineering (FLARE) Team, FireEye, Inc.   Web Site: www.fireeye.com   Date: 10/7/2016
Topics: Application Security, Malicious Software Controls

McAfee Labs Threats Report: September 2016
Overview: Excerpt: "The latest edition of the Quarterly Threats Report (QTR) was released this week by McAfee Labs.  If you’re not familiar with them, McAfee Labs is our research organization tasked with researching all the latest threats that people are seeing out there in the wild as well as looking as trends that help indicate what the bad guys are going to target next."
 
Author: McAfee Labs   Web Site: www.mcafee.com   Date: 9/14/2016
Topics: Malicious Software Controls, Vulnerability Management

Endpoint Security Survival Guide: A Field Manual for Cyber Security Professionals
Overview: Excerpt from the Tripwire guide (requires email registration): "Endpoint Detection and Response (EDR) is a new, proactive approach that focuses on behavior that indicates an attack is underway rather than just indicators of compromise (IoC). EDR relies on the deployment and active management of key security controls for your business-critical assets. These controls provide crucial information that allows endpoint incidents to be quickly detected, identified, monitored and handled."
 
Author: Tripwire   Web Site: www.tripwire.com   Date: 8/29/2016
Topics: Configuration Management

DDoS, Web Attacks Surge; Repeat Attacks Become The Norm
Overview: Akamai today announced the release of the Q4 2015 State of the Internet – Security Report. An excerpt from the report: "The quarterly report provides analysis and insight into malicious activity observed across the Akamai Intelligent Platform™ and provides a detailed view of the global cloud security threat landscape. It can be downloaded at www.stateoftheinternet.com/security-report."
 
Author: Rob Morton and Tom Barth   Web Site: www.akamai.com   Date: 2/29/2016
Topics: Network Security

Akamai Releases Q3 2015 State Of The Internet - Security Report
Overview: Akamai released the Q3 2015 State of the Internet – Security Report.

An Excerpt from the report: 
  • "Akamai mitigated a record 1,510 DDoS attacks, a 180% increase over Q3 a year ago; and 23% more than last quarter
  • The use of reflection-based DDoS methods by DDoS-for-hire sites resulted in  smaller attacks on average than we have observed from infection-based botnets
  • Retail suffered the vast majority of web application attacks—55%; online gaming hit by the most DDoS attacks; media and entertainment faced more of the biggest DDoS attacks."
     
Author: Rob Morton and Tom Barth   Web Site: www.akamai.com   Date: 12/8/2015
Topics: Network Security

Akamai Releases Findings Of Increased Attacks And More Aggressive Tactics From DD4BC Extortionist Group
Overview: Excerpt: "Akamai shared details of an increase in distributed denial of service (DDoS) attacks from the Bitcoin extortionist group DD4BC, based on PLXsert’s observation of attack traffic targeted at customers from September 2014 through August 2015."
 
Author: Akamai   Web Site: www.akamai.com   Date: 9/9/2015
Topics: Network Security

Windows Management Instrumentation (WMI) Offense, Defense, and Forensics
Overview: The FireEye team published a new white paper about threats against the Windows Management Instrumentation (WMI): "The FLARE team is now publishing a whitepaper that takes a deep dive into the architecture of WMI, reveals case studies in attacker use of WMI in the wild, describes WMI attack mitigation strategies, and shows how to mine its repository for forensic artifacts."
 
Author: William Ballenthin, Matt Graeber, Claudiu Teodorescu FireEye Labs Advanced Reverse Engineering (FLARE) Team, FireEye, Inc.   Web Site: www.fireeye.com   Date: 8/8/2015
Topics: General Security Awareness

Akamai Releases First Quarter 2015 'State Of The Internet' Report
Overview: Akamai released a new report: "Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today released its First Quarter, 2015 State of the Internet Report." 
 
Author: Akamai   Web Site: www.akamai.com   Date: 6/24/2015
Topics: Network Access Control (NAC)

PCI DSS Penetration Testing Guidance
Overview: Excerpt: "The objective of this information supplement is to update and replace PCI SSC’s original penetration testing information supplement titled “Payment Card Industry Data Security Standard (PCI DSS) Requirement 11.3 Penetration Testing” published in 2008. This information supplement has additional guidance to what is in PCI DSS and is written as general penetration testing guidelines that are intended to extend into future versions of PCI DSS." 
 
Author: Penetration Test Guidance Special Interest Group PCI Security Standards Council   Web Site: www.pcisecuritystandards.org   Date: 3/29/2015
Topics: Application Security, Vulnerability Management

Akamai’s State of the Internet: Q4 2014 Report
Overview: Excerpt from report: 
  • Global average peak connection speed increased 8.4% to 26.9 Mbps; South Korea leads at 22.2 Mbps
  • Bulgaria achieved highest broadband adoption rate at 96%
  • China, United States accounted for more than half of all observed attack traffic
     
Author: Akamai   Web Site: www.stateoftheinternet.com   Date: 3/25/2015
Topics: General Security Awareness, Network Security

HP Cyber Risk Report 2015
Overview: HP Security Research reported: "Earlier this week, we released our annual Cyber Risk Report, which provides a recap of what mattered in 2014 and where we believe the security world is heading in 2015. This year’s edition is our most robust ever, both in scope and data. To help summarize the data, we pulled some of the more interesting data points to create this infographic, which you can see by clicking on the image to your left or download from the link below."
 
Author: Hewlett Packard   Web Site: www8.hp.com   Date: 2/26/2015
Topics: Information Security Program

Internet of Things: Privacy & Security in a Connected World
Overview: The Federal Trade Commission issued a report titled "Internet of Things: Privacy & Security in a Connected World," and warned that internet connected devices present serious data protection and privacy risks.

In the report excerpt, the FTC says "companies should build security into their devices at the outset, rather than as an afterthought. As part of the security by design process, companies should consider: (1) conducting a privacy or security risk assessment; (2) minimizing the data they collect and retain; and (3) testing their security measures before launching their products..."
 
Author: FTC Staff Report   Web Site: www.ftc.gov   Date: 1/27/2015
Topics: Data Privacy

Trend Micro Security Predictions for 2015 and Beyond
Overview: Download this TrendLabs report "Trend Micro Security Predictions for 2015 and Beyond."
 
Author: TrendLabs   Web Site: www.trendmicro.com   Date: 11/3/2014
Topics: General Security Awareness

APT28: A Window Into Russia's Cyber Espionage Operations?
Overview: FireEye Research, Analysis Exposes Long-Standing Operations by APT28 Targeting Government, Military, and Security Groups of Interest to Russia.
Author: FireEye   Web Site: www.fireeye.com   Date: 10/28/2014
Topics: General Security Awareness

McAfee Labs Threats Report: August 2014 (2nd Quarter)
Overview: McAfee Labs releases their 2nd Quarter Threats Report in August 2014.
 
Author: McAfee Labs   Web Site: www.mcafee.com   Date: 8/31/2014
Topics: Malicious Software Controls, Vulnerability Management

McAfee Labs Threats Report: June 2014 (1st Quarter)
Overview: McAfee Labs releases their 1st Quarter Threats Report in June 2014.
 
Author: McAfee Labs   Web Site: www.mcafee.com   Date: 6/30/2014
Topics: Malicious Software Controls, Vulnerability Management

Verizon 2014 Data Breach Investigations Report (DBIR)
Overview: Verizon issued on Tuesday its annual Data Breach Investigations Report (DBIR) for 2014. In this year's report, Verizon analyzed 63,000 incidents and studied 1,367 confirmed breaches to help describe the threat landscape affecting organizations of all sizes across 95 different countries.
Author: Verizon   Web Site: www.verizonenterprise.com   Date: 4/22/2014
Topics: General Security Awareness

McAfee Labs Threats Report Fourth Quarter 2013
Overview: McAfee Labs has released the Threats Report: Fourth Quarter 2013. McAfee summarizes in its introduction:
"As we kick off the New Year, we take a fresh approach to our Threats Reports. Beginning with this edition, we present a shorter publication, with “Key Topics” covering top threats or security issues from the quarter. We also focus (on a rotating basis) on threat concerns surrounding the four IT megatrends: mobile, social, cloud, and big data. The report is now visually richer and easier to navigate."
 
Author: McAfee Labs   Web Site: www.mcafee.com   Date: 3/9/2014
Topics: General Security Awareness, Malicious Software Controls

SANS Health Care Cyberthreat Report
Overview: As noted from the executive summary: "The intelligence data that SANS examined for development of this report was specific to the health care sector and was collected between September 2012 and October 2013. The data analyzed was alarming. It not only confirmed how vulnerable the industry had become, it also revealed how far behind industry-related cybersecurity strategies and controls have fallen..."

Author: Barbara Filkins   Web Site: pages.norse-corp.com   Date: 2/19/2014
Topics: Information Security Program, Legal, Regulatory and Compliance

Cisco 2014 Annual Security Report
Overview: The Cisco 2014 Annual Security Report highlights the most current security concerns, such as shifts in malware, trends in vulnerabilities, and the revival of distributed denial-of-service (DDoS) attacks.

Author: Cisco   Web Site: www.cisco.com   Date: 1/16/2014
Topics: General Security Awareness, Information Security Program

Immediate Opportunities for Strengthening the Nation's Cybersecurity
Overview: In a letter to the president, the President’s council of advisors on Science and technology (PCAST) wrote that "the document points to areas where executive action can accelerate progress toward protecting the nation’s information systems and assets—a topic of growing concern given that society and the economy have become increasingly dependent on Internet-connected devices and information systems."

Author: President’s council of advisors on Science and technology   Web Site: www.whitehouse.gov   Date: 11/22/2013
Topics: General Security Awareness, Information Security Program