Kategorie

Mezinárodní fotbalová federace se stala obětí hackerského útoku, který se odehrál letos v březnu. Informace, které hackeři získali, začnou podle listu The New York Times v příštích dnech zveřejňovat různá evropská média. FIFA útok na své počítačové systémy odsoudila.

News Overview

The third quarter 2018 turned out relatively quiet in terms of DDoS attacks. “Relatively” because there were not very many high-level multi-day DDoS onslaughts on major resources. However, the capacities employed by cybercriminals keep growing year after year, while the total number of attacks shows no signs of decline.

The early July attack on Blizzard Entertainment has made some of this summer’s top headlines. Battle.net servers were sent offline, preventing players from logging in and launching their games for almost three days. The responsibility was claimed by a group called PoodleCorp, which made an appearance on Twitter promising to leave the company alone if their message were retweeted 2,000 times or more. Soon after their condition was satisfied, Blizzard reported “having fixed the technical issues earlier experienced by players.”

Towards the end of July there followed a series of attacks on another game publisher – Ubisoft. As a result, players were having trouble logging on to their accounts and using the multiplayer mode. According to the company spokesmen, user data was not compromised. There were no reports as to the purpose of the action. The attackers might have had financial gains in mind or just protested against some of the recent updates made to the games.

One more attack deserving the epithet of ‘major’ was, for several days, plaguing the three largest poker websites in the English-speaking segment: America’s Card… Room, PokerStars and Partypoker. The victimized operators were forced to cancel some of their events, sparking resentment on the part of players, who thus lost major sums of money.

As always, there were also DDoS attacks almost certainly resulting from political tension. The six-minute long disruption of the Swedish Social Democratic Party’s website at the end of August has been a stark example of such an attack. Likewise, politics is believed to have driven a similar attack on the website of a Democratic congressional candidate in California, which followed a month later. The tag of ‘political’ is also likely deserved by the activism-inspired (or rather environmental) motives which had fuelled the attack on the German RWE: by hitting their website the activists were trying to draw public attention to the impending clearing of the Hambach forest.

One way or another, the general public is still at a loss as to what had caused the affliction of the Ministry of Labor of the Republic of South Africa (the attack on its web resource took place in early September and, according to the Ministry spokesman, no internal systems or data were compromised). There is equal uncertainty as to the motives behind the attacks on the governmental service DigiD in Netherlands: at the end of July it was attacked thrice within one week, leaving many citizens unable to access its taxation-related and other features. Again, no data leaks were reported.

There are not many updates to the DDoS attackers’ toolset; although some curious new techniques and a couple of fresh vulnerabilities did get within sight of the experts. Thus, on July 20, they detected a mass “recruiting campaign” targeting D-Link routers, which used over 3,000 IPs and just one command server. The exploit was not very successful in corporate environments; yet it is still to be seen whether it was able to create a new botnet of user routers (and how big at that).

Speaking of “ready” or almost ready Trojans, reports began to circulate at the end of July about the newly devised Trojan Death, which builds its botnet by recruiting surveillance cameras. The handiwork of the notorious hacker Elit1Lands, this malware uses the AVTech vulnerability, made public back in October 2016. Security researcher Ankit Anubhav has managed to contact the cybercriminal and learn that so far the botnet has not been used for mass DDoS attacks; yet the author has great expectations about it, especially as Death turned out equally suitable for spam mailouts and spying.

In addition, in late August and early September, the security specialists first saw the new versions of Mirai and Gafgyt botnets exploiting the vulnerabilities in SonicWall and Apache Struts (in the last case, the same bug associated with the massive data breach at the credit reference bureau Equifax).

Meanwhile, the three authors of the original version of Mirai, who had made it publically available, finally got their court sentence. An Alaskan federal court ordered Paras Jha, Josiah White and Dalton Norman to pay considerable restitutions and serve 2,500 hours of community service. In all appearance, they will work on behalf of FBI, and the actual mildness of the sentence was due to the fact that during the process the three subjects had duly collaborated with the federal investigators: according to court documents, the three men have already accumulated more than 1,000 hours of community service by lending their expertise to at least a dozen investigations.

In addition, the British police arrested one of the intruders behind the DDoS attack on ProtonMail, mentioned in our last report. The 19-year-old rookie hacker turned out a British citizen, also involved in making hoax bomb threats to schools, colleges and airlines. His parents insist that he was “groomed” by “serious people” online through playing the game Minecraft. This story will hardly end with the young prodigy’s employment, although he does face possible extradition to the US: according to the investigation, his exposure was mainly due to the fact that he did not practice very good operational security.

Quarter Trends

Compared to Q3 of last year, the number of DDoS attacks slightly increased due to September, while in the summer and throughout the year, there was a noticeable drop in the number of DDoS attacks.

!function(e,t,n,s){var i="InfogramEmbeds",o=e.getElementsByTagName(t)[0],d=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(s)&&(s=d+s),window[i]&&window[i].initialized)window[i].process&&window[i].process();else if(!e.getElementById(n)){var a=e.createElement(t);a.async=1,a.id=n,a.src=s,o.parentNode.insertBefore(a,o)}}(document,"script","infogram-async","https://e.infogram.com/js/dist/embed-loader-min.js");

Quarterly number of DDoS- attacks defeated by Kaspersky DDoS Protection in 2017–2018 (100% is the number of attacks in 2017) (download)

The graph above shows that the slight increase from last year is owed to September, which accounts for the lion’s share of all attacks (about 5 times more compared to 2017). July and August, quite the opposite, turned out quieter versus last year. In 2017, no such disproportion was observed.

!function(e,t,n,s){var i="InfogramEmbeds",o=e.getElementsByTagName(t)[0],d=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(s)&&(s=d+s),window[i]&&window[i].initialized)window[i].process&&window[i].process();else if(!e.getElementById(n)){var a=e.createElement(t);a.async=1,a.id=n,a.src=s,o.parentNode.insertBefore(a,o)}}(document,"script","infogram-async","https://e.infogram.com/js/dist/embed-loader-min.js");

DDoS attacks defeated by Kaspersky DDoS Protection in September in proportion to Q3 total in 2017 and 2018 (download)

DDoS upsurge exactly in September is a fairly common thing: the primary target, year after year, is the education system, attacks being directed at the web resources of schools, universities and testing centers. The attack on one of England’s leading schools – Edinburgh University, which began on September 12 and lasted for nearly 24 hours, made the biggest headlines this year.

The onsets of this sort are often blamed on enemies of state, but these allegations are unfounded, according to statistics. Thus, in the course of our private investigations we discovered that attacks mostly occur during term time and subside during vacations. The British non-profit organization Jisc got almost the same result: by collecting statistics about attacks on universities it learned that there were fewer attacks when students were on vacation. The same is true for daily out-of-class hours: the main DDoS disturbances are experienced by schools during the period from 9:00 AM to 4:00 PM.

This, of course, may suggest that the perpetrators simply synchronize their actions with the daily pulse of the universities… But the simpler the explanation, the more likely it is: in all probability these attacks, too, are devised by the young ones, who may have quite a few “good” reasons to annoy their teachers, other students, or schools in general. Consistent with this assumption, our experts were able to find traces of DDoS attack preparations in the social networks; while our colleagues from Great Britain have come across a rather amusing case of their own: an attack targeting dorm servers was launched by a student in an attempt to defeat his online game adversary.

In all appearance, these cyclical outbursts will recur in the future – either until all educational institutions have secured themselves with impenetrable defenses, or until all students and their teachers have developed a whole new awareness of DDoS attacks and their consequences. It should be mentioned, however, that while most attacks are being organized by students, it does not mean that there aren’t any “serious” ones.

For example, launched in September, the DDoS campaign against the American vendor Infinite Campus, which provides the parent portal service for many school in its district, was so powerful and protracted as to come into notice of the US Homeland Security. It can hardly be explained by schoolchildren’s efforts alone.

Anyway, while the reasons behind the September upturn are most likely connected with the coming of the new school year, it is a bit tougher to explain the downturn. Our experts believe that most botnet owners have reconfigured their capacities towards a more profitable and relatively safer source of revenue: cryptocurrency mining.

DDoS attacks have gone a lot cheaper of late, but only for the customers. As to the organizers, their costs still run high. At the very least, one has to purchase the processing power (sometimes even to equip a data center), write a Trojan of one’s own or modify an existing one (such as the ever popular Mirai), use the Trojan to assemble a botnet, find a customer, launch the attack, etc. Not to mention that these things are illegal. And the law enforcement is up to every move: the downing of Webstresser.org followed by a chain of arrests is a case in point.

On the other hand, cryptocurrency mining is almost legal these days: the only illegal aspect is the use of someone else’s hardware. Mining, with certain arrangements in place, being too light on the donor system to become apparent to its owner, there is not much of a chance of having to deal with cyberpolice. A cybercriminal can also repurpose the hardware they already own for mining thus escaping the attention of law enforcement altogether. For example, there were recent reports of a new botnet of MikroTik routers, originally created as a cryptocurrency mining tool. There is also indirect evidence that owners of many botnets with deservedly unsavory reputation have now reconfigured them to mining. Thus, the DDoS activities of the successful botnet yoyo have dropped very low, although there was no information about it having been dismantled.

There is a formula in logic which reads: correlation does not imply causation. In other words, if two variables change in a similar way, such changes do not necessarily have anything in common. Therefore, while it appears logical to link the growth in cryptocurrency mining with the slack in DDoS attacks in this year, this cannot claim to be the ultimate truth. Rather a working assumption.

Statistics Methodology

Kaspersky Lab has a long history of combatting cyberthreats, including DDoS attacks of various types and complexities. The company’s experts monitor botnets using Kaspersky DDoS Intelligence system.

A part of Kaspersky DDoS Protection, the DDoS Intelligence system intercepts and analyzes the commands the bots receive from their management and control servers. To initiate protection it is not necessary to wait until a user device gets infected or until the attackers’ commands get executed.

This report contains DDoS Intelligence statistics for Q3 2018.

For the purpose of this report, a separate (one) DDoS attack is that during which the intervals between the botnet’s busy periods do not exceed 24 hours. For example, if the same resource was attacked by the same botnet a second time after a pause of 24 hours or more, two attacks are recorded. Attacks are also considered to be separate if the same resource is queried by bots belonging to different botnets.

The geographic locations of victims of DDoS attacks and command servers are registered based on their IPs. The report counts the number of unique DDoS targets by the number of unique IP addresses in the quarterly statistics.

DDoS Intelligence statistics is limited to botnets detected and analyzed by Kaspersky Lab to date. It should also be remembered that botnets are but one of the tools used for DDoS attacks, and this section does not cover every single DDoS attack over the given period.

Quarter summary

• As before, China tops the list for the highest number of attacks (78%), the US has reclaimed its second position (12.57%), Australia comes in third (2.27%) – higher than ever before. For the first time, South Korea has left the top 10 list, even though the entry threshold got much lower.
• Similar trends are observed in distribution of unique targets: South Korea has dropped to the very bottom of the rating list; Australia has climbed to the third position.
• In terms of number, DDoS attacks effected using botnets had their main peaks in August; the quietest day was observed in early July.
• The number of sustained attacks has declined; however, short ones with duration of under 4 hours grew 17.5 p.p. (to 86.94%). The number of unique targets has increased by 63%.
• The share of Linux botnets has grown only slightly from the last quarter. In this context, the by-type distribution of DDoS attacks has not changed much: SYN flood still comes first (83.2%).
• The list of countries hosting the greatest number of command servers has changed a great deal over the last quarter. Countries like Greece and Canada, previously way out of the top 10, are now high up in the list.

Attacks geography

The top line is still occupied by China, its share having soared from 59.03% to 77.67%. The US reclaimed its second position, even though it has grown the negligible 0.11 p.p. to 12.57%. This is where the surprises begin.

First off, South Korea has tumbled out of the top 10 for the first time since monitoring began: its share shrank from 3.21% last quarter to 0.30% for a downhill ride from fourth to eleventh position. Meanwhile Australia has climbed from sixth to third place: now it accounts for 2.27% of the total number of outgoing DDoS attacks. This suggests that the growth trend for the continent, which has emerged over the past few quarters, is still there. Hong Kong descended from second to fourth position: its share plummeted from 17.13% to 1.72%.

Other than South Korea, Malaysia, too, has left the top ten; these two were replaced by Singapore (0.44%) and Russia (0.37%) – seventh and tenth places respectively. Their shares have grown but little from Q2, yet because of China’s leap the admittance threshold became somewhat less demanding. The example of France demonstrates this very well: in Q2 France was tenth with 0.43% of the total number of DDoS attacks; this quarter its share reduced to 0.39% but the country still has made it to the eighth place.

Likewise, the combined percentage of all the countries from outside the top 10 has dropped from 3.56% to 2.83%.

!function(e,t,n,s){var i="InfogramEmbeds",o=e.getElementsByTagName(t)[0],d=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(s)&&(s=d+s),window[i]&&window[i].initialized)window[i].process&&window[i].process();else if(!e.getElementById(n)){var a=e.createElement(t);a.async=1,a.id=n,a.src=s,o.parentNode.insertBefore(a,o)}}(document,"script","infogram-async","https://e.infogram.com/js/dist/embed-loader-min.js");

DDoS attacks by country, Q2 and Q3 2018 (download)

Similar processes are taking place in the unique targets rating of countries: China’s share grew 18 p.p. to 70.58%. The first five positions for the number of targets look basically the same as those for the number of attacks, but the top 10 list is a bit different: South Korea is still there, although its share shrank a great deal (down to 0.39% from 4.76%). In addition, the rating list lost Malaysia and Vietnam, replaced by Russia (0.46%, eighth place) and Germany (0.38%, tenth place).

!function(e,t,n,s){var i="InfogramEmbeds",o=e.getElementsByTagName(t)[0],d=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(s)&&(s=d+s),window[i]&&window[i].initialized)window[i].process&&window[i].process();else if(!e.getElementById(n)){var a=e.createElement(t);a.async=1,a.id=n,a.src=s,o.parentNode.insertBefore(a,o)}}(document,"script","infogram-async","https://e.infogram.com/js/dist/embed-loader-min.js");

Unique DDoS targets by country, Q2 and Q3 2018 (download)

Dynamics of the number of DDoS attacks

The beginning and end of Q3 were not abundant in attacks, yet August and early September feature a jagged graph with plenty of peaks and valleys. The biggest spikes occurred on August 7 and 20, which indirectly correlates with the dates when universities collect the applicants’ papers and announce admission score. July 2 turned out the quietest. The end of the quarter, although not very busy, was still marked with more attacks than its beginning.

!function(e,t,n,s){var i="InfogramEmbeds",o=e.getElementsByTagName(t)[0],d=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(s)&&(s=d+s),window[i]&&window[i].initialized)window[i].process&&window[i].process();else if(!e.getElementById(n)){var a=e.createElement(t);a.async=1,a.id=n,a.src=s,o.parentNode.insertBefore(a,o)}}(document,"script","infogram-async","https://e.infogram.com/js/dist/embed-loader-min.js");

Dynamics of the number of DDoS attacks in Q3 2018 (download)

The day of week distribution was fairly even this quarter. Saturday now is the most “dangerous” day of the week (15.58%), having snatched the palm from Tuesday (13.70%). Tuesday ended up second to last in terms of the number of attacks, just ahead of Wednesday, currently the quietest day of the week (12.23%).

!function(e,t,n,s){var i="InfogramEmbeds",o=e.getElementsByTagName(t)[0],d=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(s)&&(s=d+s),window[i]&&window[i].initialized)window[i].process&&window[i].process();else if(!e.getElementById(n)){var a=e.createElement(t);a.async=1,a.id=n,a.src=s,o.parentNode.insertBefore(a,o)}}(document,"script","infogram-async","https://e.infogram.com/js/dist/embed-loader-min.js");

DDoS attacks by day of week, Q2 and Q3 2018 (download)

Duration and types of DDoS attacks

The longest attack in Q3 lasted 239 hours – just short of 10 days. Just to remind you, the previous quarter’s longest one was on for almost 11 days (258 hours).

The share of mass, protracted attacks considerably declined. This is true not only for the “champions”, which lasted upward of 140 hours, but also for all the other categories down to 5 hours. The most dramatic decline occurred in the 5 to 9 hours duration category: these attacks were down to 5.49% from 14.01%.

Yet short attacks of under 4 hours grew almost 17.5 p.p. to 86.94%. At the same time, the number of targets grew 63% from the last quarter.

!function(e,t,n,s){var i="InfogramEmbeds",o=e.getElementsByTagName(t)[0],d=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(s)&&(s=d+s),window[i]&&window[i].initialized)window[i].process&&window[i].process();else if(!e.getElementById(n)){var a=e.createElement(t);a.async=1,a.id=n,a.src=s,o.parentNode.insertBefore(a,o)}}(document,"script","infogram-async","https://e.infogram.com/js/dist/embed-loader-min.js");

DDoS attacks by duration, hours, Q2 and Q3 2018 (download)

The distribution by type of attack was almost the same as the previous quarter. SYN flood has kept its first position; its share grew even more to 83.2% (from 80.2% in the second quarter and 57.3% in Q1). UDP traffic came in second; it also edged upward to settle at 11.9% (last quarter the figure was 10.6%). Other types of attacks lost a few percentage points but suffered no change in terms of relative incidence: HTTP is still third, while TCP and ICMP – fourth and fifth respectively.

!function(e,t,n,s){var i="InfogramEmbeds",o=e.getElementsByTagName(t)[0],d=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(s)&&(s=d+s),window[i]&&window[i].initialized)window[i].process&&window[i].process();else if(!e.getElementById(n)){var a=e.createElement(t);a.async=1,a.id=n,a.src=s,o.parentNode.insertBefore(a,o)}}(document,"script","infogram-async","https://e.infogram.com/js/dist/embed-loader-min.js");

DDoS attacks by type, Q2 and Q3 2018 (download)

Windows and Linux botnets have split in about the same proportion as the last quarter: Windows botnets have gone up (and Linux ones down) by 1.4 p.p. This correlates pretty well with the attack type variation dynamics.

!function(e,t,n,s){var i="InfogramEmbeds",o=e.getElementsByTagName(t)[0],d=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(s)&&(s=d+s),window[i]&&window[i].initialized)window[i].process&&window[i].process();else if(!e.getElementById(n)){var a=e.createElement(t);a.async=1,a.id=n,a.src=s,o.parentNode.insertBefore(a,o)}}(document,"script","infogram-async","https://e.infogram.com/js/dist/embed-loader-min.js");

Windows vs. Linux botnets, Q3 2018 (download)

Botnet distribution geography

There was some shakeup in the top ten list of regions with the largest number of botnet command servers. The US remained first, although its share declined from 44.75% last quarter to 37.31%. Russia climbed to the second place, having tripled its share from 2.76% to 8.96%. Greece came in third: it accounts for 8.21% of command servers – up from 0.55% and from its position way outside the top ten the previous quarter.

China, with 5.22%, is only fifth, outplayed by Canada which scored 6.72% (several times more than its own figure in Q2).

At the same time, there was a major increase in the combined share of the countries outside the top ten: up almost 5 p.p., it now stands at 16.42%.

!function(e,t,n,s){var i="InfogramEmbeds",o=e.getElementsByTagName(t)[0],d=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(s)&&(s=d+s),window[i]&&window[i].initialized)window[i].process&&window[i].process();else if(!e.getElementById(n)){var a=e.createElement(t);a.async=1,a.id=n,a.src=s,o.parentNode.insertBefore(a,o)}}(document,"script","infogram-async","https://e.infogram.com/js/dist/embed-loader-min.js");

Botnets command servers by country, Q3 2018 (download)

Conclusion

No major high-profile attacks were reported over the last three months. In contrast with the summer slowdown, the September’s upsurge of attacks on schools was particularly noticeable. It has become a part of the cyclic trend Kaspersky Lab has observed for many years.

Another conspicuous development is the shrinking number of protracted attacks paired with growing number of unique targets: botnet owners may be replacing large-scale offensives with small attacks (sometimes referred to in English-speaking media as “crawling” ones), often indistinguishable from the “network noise”. We have seen preludes to such change of paradigm over the previous quarters.

The top ten lineup in terms of the number of C&C botnets is being abruptly reshuffled for the second quarter in a row. It may be that the attackers try to expand into new territories or attempt to arrange for geographic redundancy of their resources. The reasons for that may be both economical (electricity prices, business robustness when exposed to unforeseen circumstances) and legal – anti-cybercrime action.

The statistics for the last two quarters has led us to believe that certain transformation processes are currently unfolding in the DDoS community, which may seriously reconfigure this field of cybercriminal activities in the near future.

Cybersecurity researchers have revealed an unpatched logical flaw in Microsoft Office 2016 and older versions that could allow an attacker to embed malicious code inside a document file, tricking users into running malware onto their computers. Discovered by researchers at Cymulate, the bug abuses the 'Online Video' option in Word documents, a feature that allows users to embedded an online

Národní bezpečnostní tým CSIRT, který je provozován sdružením CZ.NIC, varoval před nově objevenou bezpečnostní chybou, která se týká různých verzí operačního systému Linux. Útočníci kvůli ní získají administrátorská práva na napadeném systému.

Američtí vulkanologové vydali aktualizaci svého hodnocení vulkanického ohrožení na území Spojených států. Z celkového počtu 161 sopek jich hned osmnáct považují za „velmi vysokou“ hrozbu. Zpráva se seznamem aktivních sopek byla poprvé vydána v roce 2005 a toto je její první aktualizace. Dočtete ...

Introduction In recent weeks, the Magecart cybercrime group has conducted a number of successful attacks against e-commerce websites worldwide. The group specializes in compromising e-commerce websites to steal payment details belonging to visitors that make purchases online. The group has been active since at least 2015, and recently it has hacked several websites, including Ticketmaster […]

The post The Magecart Cybercrime Group Is Threatening E-Commerce Websites Worldwide appeared first on InfoSec Resources.

The Magecart Cybercrime Group Is Threatening E-Commerce Websites Worldwide was first posted on October 30, 2018 at 5:58 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Introduction What are organizational leaders going to do about today’s IT skills gap and to help keep their non-technical employees current with the rapid pace at which the tech sector is evolving? The answer could be upskilling the workforce with a certification like CompTIA’s IT Fundamentals+. This credential is quickly gaining an important role as […]

The post CompTIA IT Fundamentals+ Certification: An Overview appeared first on InfoSec Resources.

CompTIA IT Fundamentals+ Certification: An Overview was first posted on October 30, 2018 at 5:37 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Introduction Technology plays a huge role in a student’s life on campus. It’s how they socialize with friends and family, work on assignments and handle their finances. Like anything that plays such a large role in life, it’s important to keep it safe. That’s where security awareness comes into play! Essentially, security awareness is the […]

The post 6-Step Security Awareness Checklist for College Students appeared first on InfoSec Resources.

6-Step Security Awareness Checklist for College Students was first posted on October 30, 2018 at 5:20 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

LetsEncrypt is a free way to set up your websites to use HTTPS, or Hypertext Transfer Protocol Secure. In this article, we will explore the benefits of doing so and how to accomplish it using LetsEncrypt. LetsEncrypt and HTTPS Before getting into the specifics of using LetsEncrypt, it’s important to make sure that everyone is […]

The post LetsEncrypt: The Free HTTPS Certificate Generator [product overview] appeared first on InfoSec Resources.

LetsEncrypt: The Free HTTPS Certificate Generator [product overview] was first posted on October 30, 2018 at 5:05 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

What Is the OpenVAS Vulnerability Scanner? The Open Vulnerability Assessment System (OpenVAS) is a vulnerability scanner maintained and distributed by Greenbone Networks. It is intended to be an all-in-one vulnerability scanner with a variety of built-in tests and a Web interface designed to make setting up and running vulnerability scans fast and easy while providing […]

The post A Brief Introduction to the OpenVAS Vulnerability Scanner appeared first on InfoSec Resources.

A Brief Introduction to the OpenVAS Vulnerability Scanner was first posted on October 30, 2018 at 4:50 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Extended Validation (EV) certificates are an advanced type of digital certificate that websites use to enable HTTPS. Their purpose is to help fight phishing sites by allowing the official websites of legitimate companies to show the name of the company in the URL bar. In practice, though, EV certificates can be dangerous when dealing with […]

The post The Dangers of HTTPS and Extended Validation Certificates appeared first on InfoSec Resources.

The Dangers of HTTPS and Extended Validation Certificates was first posted on October 30, 2018 at 4:35 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

In the early 2000s, there was a lot of work around defining what digital identity was and how it could be used in a connected digital world. In 2005, Kim Cameron of Microsoft came up with a set of laws for a digital identity metasystem. He named them the “Laws of Identity.” Within the remit […]

The post Taking an Identity Selfie – Self-Sovereign Identity and the Blockchain appeared first on InfoSec Resources.

Taking an Identity Selfie – Self-Sovereign Identity and the Blockchain was first posted on October 30, 2018 at 4:25 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

We all hear about endpoint protection solutions in our daily lives, but how many of us have actually looked at the current state of play in the market? In this article, we have compiled a list of the top ten endpoint protection software solutions that are available today, and what their specific pros and cons […]

The post Top 10 Endpoint Protection Software Solutions appeared first on InfoSec Resources.

Top 10 Endpoint Protection Software Solutions was first posted on October 30, 2018 at 4:18 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Popular card readers like Square and PayPal have various flaws that allow attacks ranging from fraud to card data theft.

With the growing number of data breaches and the increased penalties associated with them, the need for an enterprise-wide solution for data encryption is essential. However, according to a survey by Thales eSecurity and the Ponemon Institute, only 43% of organizations have an encryption strategy that is consistently applied throughout the enterprise. Trend Micro’s Endpoint […]

The post Trend Micro: Endpoint Encryption Data Protection Solution [product overview] appeared first on InfoSec Resources.

Trend Micro: Endpoint Encryption Data Protection Solution [product overview] was first posted on October 30, 2018 at 4:06 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Introduction Sophos Endpoint Protection is an easy-to-use, simple application for your endpoint devices, whether they run Windows, Linux or Mac OS. It is able to protect a wide variety of systems against malware and threats to your network and computer systems. Sophos has created an endpoint security system that integrates technologies such as malicious traffic […]

The post Sophos: Endpoint Protection [product overview] appeared first on InfoSec Resources.

Sophos: Endpoint Protection [product overview] was first posted on October 30, 2018 at 3:55 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Introduction Crowdstrike Endpoint Protection is a cloud-based solution that provides protection for devices such as computers and laptops. It was recently awarded “Highest IN Execution & Furthest in Vision” in the “Visionaries Quadrant” of the 2018 Gartner Magic Quadrant For Endpoint Protection Platforms. Its success is due to the key performance features that it has […]

The post Crowdstrike: Cloud-Delivered Endpoint Protection [product overview] appeared first on InfoSec Resources.

Crowdstrike: Cloud-Delivered Endpoint Protection [product overview] was first posted on October 30, 2018 at 3:48 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Introduction Symantec Endpoint Protection is an award-winning platform that allows organizations to lock down the security of their networks on user-based equipment such as laptops and desktop systems. These endpoints are the most vulnerable section of a network, so having a security solution that protects both users and infrastructure is critical. At this point you […]

The post Symantec: Endpoint Protection [product overview] appeared first on InfoSec Resources.

Symantec: Endpoint Protection [product overview] was first posted on October 30, 2018 at 3:41 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Introduction Project management connects projects, processes and all associated activities together. There are a variety of activities associated with project management, and they are categorized into five major processes: Initiating, Planning, Executing, Monitoring and Controlling and Closing. We will be discussing the fourth domain, Monitoring and Controlling Process, which covers 25% of the PMP exam. […]

The post PMP®️ Domain #4: Monitoring and Controlling appeared first on InfoSec Resources.

PMP®️ Domain #4: Monitoring and Controlling was first posted on October 30, 2018 at 3:13 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

The Project Management Professional (PMP) is a registered mark of the Project Management Institute, Inc. Introduction The Project Management Professional®️ (or PMP®️) is a professional credential offered by the Project Management Institute (PMI). PMI’s process assesses the practitioner’s competence based on knowledge and task-driven guidelines and defines the levels of clarity, critical facilities and degree […]

The post PMP Domain #3: Executing appeared first on InfoSec Resources.

PMP Domain #3: Executing was first posted on October 30, 2018 at 3:04 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com