Who’s Attacking Whom? Realtime Attack Trackers — Krebs on Security It seems nearly every day we’re reading about Internet attacks aimed at knocking sites offline and breaking into networks, but it’s often difficult to visualize this type of activity. In this post, we’ll take a look at multiple ways of tracking online attacks and attackers around the globe and in real-time. A couple of notes about these graphics. Much of the data that powers these live maps is drawn from a mix of actual targets and “honeypots,” decoy systems that security firms deploy to gather data about the sources, methods and frequency of online attacks. Also, the organizations referenced in some of these maps as “attackers” typically are compromised systems within those organizations that are being used to relay attacks launched from someplace else. The Cyber Threat Map from FireEye recently became famous in a 60 Minutes story on cyberattacks against retailers and their credit card systems. FireEye’s “Cyber Threat Map” The Honeynet Project’s Honey Map Update, 1:25 p.m.
Who really sets global cybersecurity standards? Herding wild cats may be easier than settling issues or making over-arching decisions that affect international cybersecurity. This week in a report that was critical about how the US will face global cybersecurity events, the Government Accountability Office identified 19 global organizations" whose international activities significantly influence the security and governance of cyberspace." What would your ultimate network security look like? The organizations range from information-sharing forums that are non-decision-making gatherings of experts to private organizations to treaty-based, decision-making bodies founded by countries. So who are they? Asia-Pacific Economic Cooperation (APEC) is a cooperative economic and trade forum designed to promote economic growth and cooperation among 21 countries from the Asia-Pacific region. Follow Michael Cooney on Twitter: nwwlayer8 Layer 8 Extra Check out these other hot stories: Sun storm promises Northern light show extravaganza
Expert Internet Security Predictions for 2015. It’s December, and in the security industry that means one thing: predictions from experts about what trends will emerge in the next year. As always, some stuff is new, while other items show up on these lists every year. Below are nine predictions from Kaspersky Lab’s Global Research and Analysis Team. Cybercriminals Merge with APT Groups, Tactics This is, in fact, one of the most interesting predictions. However, whether they intended to or not, my researcher friends here at Kaspersky brought to my mind a second interesting possibility: that state-sponsored, advanced persistent threat hacking groups, like we’ve seen in cases such as DarkHotel, Regin and Crouching Yeti/Energetic Bear, will begin to merge with hacking campaigns perpetrated by criminals, like those targeting JP Morgan Chase, Target and others. There are a couple of ways that I see this potentially working: the nation-state groups could work together with criminal groups towards a common goal. ATMs had a bad year too.
Alert Details - Security Center - Cisco Systems Contents VulnerabilityAttacks and CompromisesPrivacyUpcoming Security ActivityAdditional Information Listen to the Podcast (6:17 min) Vulnerability Vulnerability activity for the period remains consistent with previous periods. Vulnerabilities for the period included updates for GNU coreutils and glibc, and updates for Wireshark, which is widely used by privileged network administrators. Cisco released the following Security Notices, available at Cisco Security Advisories, Responses, and Notices: Cisco IOS Software IPSec MTU Vulnerability Cisco Wireless LAN Controller Buffer Overread Vulnerability Cisco Wireless LAN Controller Cross-Frame Scripting Vulnerability Cisco IOS Software MLDP Denial of Service Vulnerability Cisco IOS XE AAA DHCP Denial of Service Vulnerability For holiday shoppers using online orders and shipping, the spam campaigns targeting these themes continue to be at high levels. IntelliShield published 149 events last week: 77 new events and 72 updated events. Privacy
Open-source intelligence Open sources for intelligence OSINT includes a wide variety of information and sources: OSINT is distinguished from research in that it applies the process of intelligence to create tailored knowledge supportive of a specific decision by a specific individual or group. Definers for OSINT OSINT is defined by both the U.S. Director of National Intelligence and the U.S. OSINT is, as of 2005[update], defined by the U.S. Open-source intelligence (OSINT) collection/processing A wide variety of vendors sell information products specifically within this category. Open-source intelligence under one name or another has been around for hundreds of years. OSINT is especially helpful in addressing global coverage, a term encompassing all of the countries and topics that are not considered by the secret or national security worlds to be "vital." Competitive intelligence Risks for practitioners Value Process History OSINT communities Government