HP Security Research OSINT (OpenSource Intelligence) articles of interest--May 9, 2014

Key Articles of Interest

 

Ponemon: 2014 Cost of Data Breach Study: Global Analysis
The ninth annual Cost of Data Breach Study: Global Study. According to the research, the average total cost of a data breach for the companies participating in this research increased 15 percent to $3.5 million. The average cost paid for each lost or stolen record containing sensitive and confidential information increased more than 9 percent from $136 in 2013 to $145 in this year’s study. For the first time, our study looks at the likelihood of a company having one or more data breach occurrences in the next 24 months.

 

Microsoft: New Data Sheds Light on Shifting Cybercriminal Tactics
New data released today suggests that the security mitigations that Microsoft has included in newer software has helped make malicious cyber acts more difficult for would-be attackers. Effective security mitigations raise the cost of doing business for cybercriminals. The data also indicates that cybercriminals are increasingly utilizing deceptive tactics in their attempts to compromise systems.

 

Microsoft Security Intelligence Report, Volume 16
Volume 16 of the Microsoft Security Intelligence Report (SIRv16) provides in-depth perspectives on software vulnerabilities in Microsoft and third-party software, exploits, and malicious code threats. Microsoft developed these perspectives based on detailed trend analyses over the past several years, with a focus on the second half of 2013.

 

Appriver Quaterly Threat & Spam Report
The first quarter of 2014 did not disappoint, even coming on the heels of some very big events that closed out 2013. This report discusses cyberthreat issues, as well as recent trends in spam and malware from an email and web perspective. We'll also share some insight about what we can expect for the rest of the year. 

 

Why 95 percent of cybercrimes committed in Spain are going unpunished
Around 95 percent of cybercrimes, or offenses related to new technologies, are going unpunished in Spain, according to a new report from the Interior Ministry. “The phenomenon of cybercrime is of significant international and national importance, not only for the threat it represents to society, but also for the dangers it poses to the economy and key infrastructure,” reads the report.

 

InfoSec Handlers Diary Blog--New DNS Spoofing Technique: Why we haven’t covered it
The last couple of days, a lot of readers sent us links to articles proclaiming yet another new flaw in DNS. "Critical Vulnerability in BIND Software Puts DNS Protocol Security At Risk," claimed one article, going forward to state: "The students have found a way to compel DNS servers to connect with a specific server controlled by the attacker that could respond with a false IP address."  So how bad is this really?

 

Imperva: The Non-Advanced Persistent Threat
Advanced Persistent Threat (APT) is a name given to attacks that specifically and persistently target an entity. The security community views this type of attack as a complex, sophisticated cyber-attack that can last months or even years. The skill and scope required to instigate an attack of this magnitude and sophistication are believed to be beyond the reach of individual hackers. Therefore, APT is generally attributed to governments, hacktivists, and cyber criminals.

 

RSA: THE CURRENT STATE OF CYBERCRIME 2014 - An Inside Look at the Changing Threat Landscape
Web threats and fraud tactics continue to increase in number and sophistication as the profitability of cybercrime transforms the nature of the game. In 2013, phishing alone resulted in $5.9 billion in losses to global organizations, and three in four data breaches were attributed to financial or fraud motives1. Cybercriminals have become more organized and adaptive, and continue to develop fraud-as-a-service models which make some of the most innovative and advanced threat and fraud technologies available to a much wider user base.

 

The life of National Councillor Balthasar Glättli under surveillance
All communications, including all telecommunications, within Switzerland are subject to data retention. This surveillance pertains to the whole population, regardless of any prior suspicion. In theory, what is stored is known. However, until now, there was no practical example so that the impact of what can be deduced from the stored data could be evaluated. Swiss National Councillor Balthasar Glättli (Green Party) voluntarily submitted six months of some of his retained personal data, in order to visualize them.

 

If you find these articles interesting, feel free to peruse last week's articles

Labels: HP| security
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation