Tag Archives: Cybersecurity

ICANN and FIRST Sign Memorandum of Understanding on DNS Threats Mitigation

ICANN announced the signature of a Memorandum of Understanding (MoU) with the Forum of Incident Response and Security Teams, Inc. (FIRST) Friday last. The MoU aims to strengthen the relationship between ICANN and FIRST and enhance its collaborative efforts to support a safer, more secure, and resilient Domain Name System (DNS).

Continue reading ICANN and FIRST Sign Memorandum of Understanding on DNS Threats Mitigation

Positive Technologies: darkweb market is packed with offers to purchase access to corporate networks

Positive Technologies experts have analysed illegal marketplaces on the dark web and found a flood of interest in accessing corporate networks. In Q1 2020, the number of postings advertising access to these networks increased by 69 percent compared to the previous quarter. This may pose a significant risk to corporate infrastructure, especially now that many employees are working remotely. “Access for sale” on the darkweb is a generic term, referring to software, exploits, credentials, or anything else that allows illicitly controlling one or more remote computers.

Continue reading Positive Technologies: darkweb market is packed with offers to purchase access to corporate networks

Verizon Data Breach Report: DoS Skyrockets, Espionage Dips

ThreatPost logo

Denial-of-service (DoS) attacks have spiked over the past year, while cyber-espionage campaigns have spiraled downwards. That’s according to Verizon’s 2020 Data Breach Investigations Report (DBIR) released Tuesday, which analyzed 32,002 security incidents and 3,950 data breaches across 16 industry verticals.

Continue reading Verizon Data Breach Report: DoS Skyrockets, Espionage Dips

China’s Military Is Tied to Debilitating New Cyberattack Tool

On the morning of Jan. 3, an email was sent from the Indonesian Embassy in Australia to a member of the premier of Western Australia’s staff who worked on health and ecological issues. Attached was a Word document that aroused no immediate suspicions, since the intended recipient knew the supposed sender.

Continue reading China’s Military Is Tied to Debilitating New Cyberattack Tool

17,000 Coronavirus-Related Domains Registered In First 2 Weeks Of April; 23% Malicious Or Suspicious: Check Point

There have been 68,000 coronavirus-related domains registered since the beginning of the Coronavirus outbreak in January 2020 with an escalation in the number of coronavirus-related domains being registered since mid-February according to Check Point Research. In the past two weeks (since 2 April), there have been almost 17,000 new coronavirus-related domains had been registered (16,989 to be exact) with 2% found to be malicious and another 21% suspicious.

And with the pandemic now reaching almost every corner of the globe, many governments have announced economic stimulus packages, and as Check Point Research note on their recent glob post, “where there’s money, there will also be criminal activity. Hackers and threat actors want to cash in on the rush to get these vital payments and fill their own pockets at the expense of others. To do this, they are evolving the scam and phishing techniques that they have been using successfully since the start of the pandemic in January. Google recently reported that in just one week from 6 to 13 April, it saw more than 18 million daily malware and phishing emails related to Covid-19 scams – and that’s in addition to the 240 million daily spam messages it sees related to coronavirus.”

To take advantage of these stimulus packages, Check Point Research found 4,305 domains relating to new stimulus/relief packages have been registered since January with a total of 2081 new domains registered (38 malicious; 583 suspicious) in March and 473 (18 malicious, 73 suspicious) in the first week of April.

Check Point Research also observed a major increase in the week starting 16 March “during which the American government proposed the stimulus package to taxpayers. The number of new domains registered that week was 3.5 times higher compared to the average of previous weeks.”

“These scam websites use the news of the coronavirus (Covid-19) financial incentives, and fears about Coronavirus to try and trick people into using the websites or clicking on links. Users that visit these malicious domains instead of the official Government websites risk having their personal information stolen and exposed, or payment theft and fraud.”

Check Point Research has also observed a rise in “scam websites that use the news of the coronavirus (Covid-19) financial incentives, and fears about Coronavirus to try and trick people into using the websites or clicking on links. Users that visit these malicious domains instead of the official Government websites risk having their personal information stolen and exposed, or payment theft and fraud.”

For more information, or to see the Check Point Research blog post in full, go to: https://blog.checkpoint.com/2020/04/20/coronavirus-update-as-economic-stimulus-payments-start-to-flow-cyber-attackers-want-to-get-their-share-too/

A Call to Action on Advancing Cyberstability: Global Commission Launches Final Report

[news release] The Global Commission on the Stability of Cyberspace (GCSC) issued today [12 Nov] its final report Advancing Cyberstability, as part of a panel held at the 2019 Paris Peace Forum. Stef Blok, Minister of Foreign Affairs of the Netherlands, Jean-Yves Le Drian, Minister of Europe and Foreign Affairs of France, and David Koh, Chief Executive, Cyber Security Agency of Singapore, launched the report and placed the findings in the context of ongoing global efforts to enhance international security in cyberspace. Commission Co-Chairs, Michael Chertoff and Latha Reddy, along with former Chair Marina Kaljurand, presented recommendations and commented on the strategic approach and work of the GCSC.

This report represents the culmination of the Commission’s work over the last three years, offering a cyberstability framework, principles, norms of behavior, and recommendations for the international community and wider ecosystem.

“Earlier this year, 28 EU-member states backed a framework for sanctions targeting malicious cyber activities. Today, the GCSC consolidates a set of norms and principles for behavior of state and non-state actors. This is an important contribution to a digital space in which order and peace must prevail,” commented Stef Blok, Minister of Foreign Affairs of the Netherlands, a co-founder of the GCSC. “Since stability in cyberspace is directly linked with stability in the ‘real world,’ such a cyberstability framework is more crucial than ever. The next step in this multilateral process is to collect evidence and hold those who break the rules responsible. Together we must increase accountability and combine all pieces of the puzzle, between governments, tech and security firms, and civil society.”

The work of the Commission originated out of a desire to address rising social and political instability as a result of malicious actions in cyberspace. The situation has further deteriorated as evidenced by the rise in the number and sophistication of cyber attacks by state and non-state actors, which increasingly puts the considerable benefits of cyberspace at risk. In this increasingly volatile environment, there is an apparent lack of mutual understanding and awareness among communities working on issues related to international cybersecurity. With this report, the GCSC seeks to contribute to international efforts to address these challenges.

“Cyberstability and governance are inextricably and naturally linked,” added Michael Chertoff, GCSC Co-Chair. “As the digital age evolves so rapidly, governments and societies lack the desired level of exchange, let alone the decision-making processes needed to ensure the stability of cyberspace. The GCSC’s effort complements the work of other organizations, and will serve to influence how critical actors can engage with one another and collaborate towards a stable cyberspace.”

Emphasizing a concerted, multistakeholder approach, the framework reflects technological, product and operational measures, as well as a focus on behavioral change required among all stakeholders.

“The publication of this final report is not the end, but rather the beginning of a new profound effort toward implementing the suggested principles, norms, and recommendations,” stated Latha Reddy, GCSC Co-Chair. “The onus is on all stakeholders—governments, industry, civil society—to collaborate, adopt and implement accepted practices to help strengthen cyberstability. The stakes are higher than ever, which dictates a response in kind.”

Following the release, the GCSC members will continue to advocate and engage with their respective communities. Input and feedback from these groups were reflective of interactions with both state and non-state experts and will form the basis of advocating for the report going forward.

For an overview, see the Fact Sheet and for a copy of the report, visit Advancing Cyberstability.

About the Commission

Launched at the 2017 Munich Security Conference, the mission of the Global Commission on the Stability of Cyberspace is to develop proposals for norms and policies to enhance international security and stability and guide responsible state and non-state behavior in cyberspace. The Commission helps to promote mutual awareness and understanding among the various cyberspace communities working on issues related to international cybersecurity. For more information, please visit www.cyberstability.org.

This news release was sourced from: https://cyberstability.org/news/a-call-to-action-on-advancing-cyberstability-global-commission-launches-final-report/

Webinar: How DomainTools and Splunk>Phantom Work in Harmony so you can SOAR

Cybersecurity as an industry is seeing an ever-widening skills gap. As roles go unfilled, practitioners find themselves increasingly unable to meet the needs of their organizations in terms of security posture and maturity. Security Orchestration, Automation, and Response has the ability to help organizations with security processes, automation of specific actions, and intelligently inform teams, with the end goal of efficiency.

With the new features that DomainTools has built into Splunk Phantom, organizations are able to leverage this integration for purpose-built work with the Iris Investigate API. The rich Iris dataset is available not only for ad-hoc research on specific incidents in Splunk Phantom, but also for automated actions in Splunk Phantom playbooks.

In this webinar, learn:

  • How organizations are leveraging DomainTools for Splunk Phantom for Incident Response, IoC Hunting, Network Access Control, and Intelligence Sharing
  • How to get the Single Pane of Glass in Splunk Phantom with DomainTools’ Domain and DNS-based adversary intelligence
  • Where to leverage Domain Risk Score to automate workflows

Join Mark Kendrick, Director of Product Integrations at DomainTools, for this 30 minute webinar on 16 May.

To register, go to: domaintools.com/resources/webinars/how-domaintools-and-splunkphantom-work-in-harmony-so-you-can-soar

DomainTools Webinar: 2019: No Oscars for the Bad Threat Actors

2018 isn’t over and we have already seen a massive increase in the number and types of cybersecurity threats from ransomware to phishing. So what will 2019 bring and what can be done to prevent the next wave of cyber attacks?

Join subject matter experts from DomainTools in a lively discussion of what’s next for information security. CTO Bruce Roberts, Director of Product Management, Tim Helming, Senior Security Advisor, Corin Imai, and Senior Data Scientist, Sean McNee will conduct a round-table discussion on their information security predictions. Highlights include:

  • Let’s Get Critical (The political process is the new critical infrastructure under attack)
  • Breaches and Woes (Change in public perception of breaches)
  • The Automation Invasion (Automation will continue to create more issues than solutions if organizations)
  • Mind the (Skills) Gap

December 11, 2018 at 10 AM PT/1 PM ET

To register for this free DomainTools webinar, go to:
https://www.domaintools.com/resources/videos/webinar-2019-no-oscars-for-the-bad-threat-actors