RSA Blog - October 2016

  • 10/31/2016 - Dyn DDoS Attack - How IoT Can Take Down the "Global Information Grid" Backbone (Part II) Authored by Nick Murray, Demetrio Milea, Peter Tran and Davide Veneziano In Part I, How IOT Can Take Down The “Global Information Grid” Back Bone, we discussed the mechanics of DNS in context of the Dyn DDoS attack. In Part II of this blog, we will dive a bit deeper into the anatomy of the...
  • 10/27/2016 - Enabling the Hunt: RSA NetWitness Platfrom Updates & Enhancements RSA Charge 2016, a gathering of more than 2,000 RSA customers, is off to a great start in New Orleans this week. Bringing together RSA product experts with our users and cybersecurity thought-leaders makes for great conversation, collaboration, innovation – and a little bit of fun! Our RSA NetWitness® Suite solution teams and customers have...
  • 10/25/2016 - The Dyn Attack - How IoT Can Take Down the "Global Information Grid" Back Bone (Part I) Authored by Nick Murray and Peter Tran Imagine that you are driving through downtown New York City (NYC) and only relying on your GPS for directions. All of a sudden, the GPS stops working and you are stuck in mid-town Manhattan traffic during rush hour. If you have ever tried to drive in NYC, you...
  • 10/20/2016 - Recognizing and Combating Cybercrime: A Virtual Chat The goal of cybercrime doesn’t change, but the tactics do.  This week’s theme for National Cyber Security Awareness Month is Recognizing and Combating Cybercrime.  One of the questions to be addressed is: What are cybercriminals looking to gain from attacks? With the impact of cybercrime costing the global economy about $445 billion in 2016, which is more than the market...
  • 10/19/2016 - Cybersecurity - Let's Make It A Chick Thing Time flies when you’re having fun fighting cybercriminals – we are already more than halfway through October and into the third week of Cybersecurity Awareness Month. This week’s theme is Recognizing and Combating Cybercrime, which is quite literally RSA’s raison d’etre. The focus this week is on the collaborative nature of fighting cybercrime as well...
  • 10/18/2016 - Why a Cyber Risk Assessment Is Essential for M&A Due Diligence According to J.P. Morgan, the global mergers and acquisitions (M&A) market amounted to $5 trillion in 2015 and continues to show strong levels of growth. When it comes to M&A, the due diligence process involves investigating the health of another business before engaging in any sort of transaction. This process will take many factors into account,...
  • 10/17/2016 - Multi-layered Analysis of a Threat Pattern If you do not fully know the asset, how can you protect it? This is the first challenge security practitioners face during any activity, whether it is a penetration test, code review, risk assessment, or design of a threat pattern. In a previous post, author Davide Veneziano provided an overview of the building-block required to design a consistent...
  • 10/17/2016 - Identity and Access Management Strategies: IAM Spending to Increase in Europe Businesses around the world recognize that it’s crucial to take the necessary precautions to verify identities and manage digital credentials when conducting business online. In fact, a recent study by Pierre Audoin Consultants (PAC) found that 93% of 200 polled European businesses claimed that they planned to maintain or increase their identity and access management...
  • 10/14/2016 - Where Is My Cybersecurity Rosetta Stone? This week’s theme for National Cyber Security Awareness Month is “Cyber from the Break Room to the Board Room.” Communication, like anything else worth getting better at, takes practice. Sometimes it takes planning to know what we want to say and how we want to say it. We also need to anticipate who our audience is...
  • 10/12/2016 - New Research Reveals: Phishers Launch a New Attack Every 30 Seconds
  • 10/11/2016 - Six Steps For Cybercrime Survival While recently cleaning my grandfather’s attic, I came across an old Federal Civil Defense Administration brochure titled “Six Steps to Survival – If an enemy attacked today would you know what to do?”  In our modern times, many of us are being attacked on a daily basis by cybercriminals. As such, do you know what...
  • 10/7/2016 - Your SaaS Cloud Provider Does An Awful Job At Implementing SAML And That's Totally OK The SaaS provider you just selected claims SAML compatibility? That’s awesome for you! This will enable you and your users to use this new service in a much more secure and user-friendly way. Imagine the pain if there was one more user ID and password to manage. But you know what? “SAML compatible” means very little...
  • 10/6/2016 - The Role of Money Mules in New Multi-Million Dollar Scams I have written previously about CEO fraud where employees receive an email which appears to come from a company executive directing them to erroneously wire money to an overseas bank account. Now, fraudsters are redirecting their efforts to a new internal target: accounts payable. According to IBAN, the scam works this way: The fraudsters intercept emails or compromise...
  • 10/5/2016 - Your Step-Up Authentication Compass... NIST & SMS - Finding North - Part 2 Authored by Greg Dicovitsky, Principal Solutions Architect, RSA In its recent solicitation for comment regarding its latest recommendation, the National Institute of Standards and Technology (NIST) has informed the public of its intent to eventually discontinue its recommending the use of Out-of-Band (OOB) Short Message Service (SMS) technologies to support the authentication of e-Commerce applications. [1]...
  • 10/5/2016 - The Most Important Visitor On Our Premises A customer is the most important visitor on our premises, he is not dependent on us. We are dependent on him. He is not an interruption in our work. He is the purpose of it. He is not an outsider in our business. He is part of it. We are not doing him a favor...
  • 10/4/2016 - The Life Cycle of a Threat Pattern Applying a structured approach to developing and maintaining significant threat patterns is absolutely key to successfully hunting for the advanced TTPs used by many motivated threat actors. In the post, Context in Risk-Based Threat Patterns, author Demetrio Milea suggested a simple and effective method borrowed from the Software Development Life Cycle (SDLC) to design and maintain threat patterns...
  • 10/3/2016 - Is Your Modern Marketing Cloud Infrastructure Vulnerable to Cyber Attacks? You’ve just launched your new Modern Marketing Platform in the cloud. However, there are several potential problems that marketing teams may not consider when creating a new digital infrastructure in the cloud. I’m not referring to the websites set up for online banking or strictly for transactions, I’m talking about the web platforms that are built by the...
  • 10/3/2016 - Best Advice for Digital Citizens - Stop. Think. Connect.™ October is kind of a big deal here at RSA. It’s National Cyber Security Awareness Month (NCSAM) and it gives us an opportunity to bring to the general public’s attention to a critical mission that we are focused on all year long – keeping businesses and individuals safe from cybercrime. It’s unfortunate that cybercrime is impactful...
  • 10/3/2016 - The Realm of Threat Intelligence - Attack Scenarios and Use Cases The three previous blogs in this series have covered Packet Analysis, Log Analysis and Threat Intelligence; this final article aims to bring all of this information into one cohesive solution for any SOC or Cyber Defence organisation. For further reading on this subject please see our presentation at last year’s RSA Conference in Abu Dhabi...