HP Security Research OSINT (OpenSource Intelligence) articles of interest--June 27, 2014

Key Articles of Interest

2014: The Year Extortion Went Mainstream
The year 2014 may well go down in the history books as the year that extortion attacks went mainstream. Fueled largely by the emergence of the anonymous online currency Bitcoin, these modern-day shakedowns are blurring the lines between online and offline fraud, and giving novice computer users a crash course in modern-day cybercrime.

Hacking Team’s Tradecraft and Android Implant
This report analyzes Hacking Team’s Android implant, and uses new documents to illustrate how their Remote Control System (RCS) interception product works. This work builds on our previous research into the technologies and companies behind “lawful interception” malware.  

Terrorists’ Use of the Internet: A Symposium
Cyberspace is now widely recognized as a key strategic environment with governments, businesses and citizens facing a range of cyber threats from cybercrime and disruptive network attacks to emerging forms of destructive cyber arms. The significance of these threats will continue to rise in the coming years as more and more aspects of public and private life migrate online and dependence upon the Internet and digital networks grows still further with networked healthcare and growing numbers of smart objects such as vehicles and home appliances.

The Akamai State of the Internet Report
Akamai’s globally-distributed Intelligent Platform allows us to gather massive amounts of information on many metrics, including connection speeds, attack traffic, network connectivity/availability issues, and IPv6 growth/transition progress, as well as traffic patterns across leading Web properties and digital media providers. Each quarter, Akamai publishes the State of the Internet Report.

A look at Interflow, Microsoft’s threat information exchange platform
Microsoft recently announced the private preview of Microsoft Interflow, a security and threat information exchange platform for analysts and researchers working in cybersecurity, and they believe that this project ticks both of the aforementioned boxes.

The ‘Fly’ Has Been Swatted
A Ukrainian man who claimed responsibility for organizing a campaign to send heroin to my home last summer has been arrested in Italy on suspicion of trafficking in stolen credit card accounts, among other things, KrebsOnSecurity.com has learned. 

The Golden Rule of Keeping Your Real Identity Secret Online: Compartmentation
It can be hard to lead a double life, especially when one of those lives involves a criminal enterprise. Whether that’s being a digital drug dealer, a hacker-for-hire, or an internet scammer, making sure that your online personality doesn’t reveal your real identity can be half the work.

BSA: The Compliance Gap
Around the world, less than half of enterprise IT managers say they are very confident that their organizations are using software that is properly licensed, even though most believe unlicensed software poses security risks. This and other findings from BSA’s Global Software Survey underscore the benefits of implementing proven best practices for managing software assets — benefits that start in the enterprise and extend into the broader ecosystem of the IT marketplace.

Big Data and Innovation, Setting the Record Straight: De-identification Does Work
In the coming years, analytics will offer an enormous opportunity to generate economic and social value from data. But much of the success of data analytics will depend on the ability to ensure that individuals’ privacy is respected. One of the most effective ways in which to do this is through strong “de-identification” of the data — in essence, storing and sharing the data without revealing the identity of the individuals involved.

Raising Lazarus - The 20 Year Old Bug that Went to Mars
It’s rare that you come across a bug so subtle that it can last for two decades. But, that’s exactly what has happened with the Lempel-Ziv-Oberhumer (LZO) algorithm. Initially written in 1994, Markus Oberhumer designed a sophisticated and extremely efficient compression algorithm so elegant and well architected that it outperforms zlib and bzip by four or five times their decompression speed.

Information Security as Counterinsurgency
In Information Security, the rapidly escalating and innovating threat actors coupled with the ever changing business technology architecture have changed the security game forever. Preventative controls are increasingly less effective in mitigating threats and they are too cumbersome to keep up with the pace of technology change. This shift necessitates a shifting of balance from preventative control focus to rapid security intelligence and response.

 

 

Miss last week's articles? Click here.

Labels: HPSR
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation