Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Top Stories

 

PODCAST: Why ‘machine learning’ is perfectly suited to mitigating network breaches

By Byron V. Acohido

The essence of  “machine learning” is that ML is perfectly suited to extracting value from large sets of data.

Thus, whether you realize it or not, ML has come to intersect with just about every aspect of daily living. ML today is used pervasively to profile our online behaviors. When we search for something on Google, make a purchase on Amazon, stream a movie from Netflix, post to Facebook, or Tweet, all of that data is stored and analyzed. And now ML advances are being applied to vehicle and driver data to rapidly steer us (pun intended) towards everyday dependence on driverless vehicles.

But there is another arena where one would expect ML to be making a much larger impact than it has to date: cybersecurity.

Related article: 2018 – Year of the CISO

Consider this: the typical corporate IT system is a sprawling amoeba generating large sets of data, minute-by-minute, day-by-day, from dozens of disparate systems. Hidden in this tumult of network logs are the fingerprints of threat actors actively stealing and disrupting – or getting into position to do so. …more

MY TAKE: How I came to cover two great ‘beats’ in my journalism career

By Byron V. Acohido

I’ve had the great good fortune to spend most of my career as a “beat reporter” covering two astounding beats.

The articles you see here on LastWatchdog are the work of my second great beat, which I’ve been immersed in since approximately 2004: cybersecurity. Or to put a finer point on it, I live and breathe developments having to do with the for-profit leveraging of the Internet, by both good guys and bad guys.

A journalist couldn’t ask for a richer topic. Cybersecurity affects how we live, work and play. Cybersecurity, at this moment, underpins the profound shifts in culture, economics, politics and national security we are all experiencing.

Related: Univerisity of San Diego lists LastWatchdog as top cybersecurity blog for 2017

Related: VPNMentor includes LastWatchog as Top 20 security blog

I’ve won my fair share of recognition for my work as a journalist. This can be attributed mainly to practicing the craft professionally since 1977, and being blessed to work alongside iconic mentors and inspiring colleagues. I reached the pinnacle of my profession covering my first great beat, aviation safety, for the Seattle Times. I was awarded the 1997 Pulitzer Prize for Beat Reporting for my coverage of a deadly design flaw incorporated into the rudder actuator of Boeing 737 jetliners.

That said, two recent acknowledgements of the work I’m doing here at The LastWatchdog on Privacy & Security are top of mind at this moment. I’d like to thank the University of San Diego for naming LW as one of the top cybersecurity blogs of 2017. And my gratitude also goes out to  vpnmentor.com for placing LW on its list of Top 20 online security blogs of 2017. …more

Q&A: How the ‘PKI ecosystem’ could be the answer to securing the Internet of Things

By Byron V. Acohido

Google is making a big push to compel website publishers to jettison HTTP and adopt HTTPS Transport Layer Security (TLS) as a de facto standard, and it’s expanding use of this important encryption technology.

Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS), are the underpinnings of secure online transactions. They come into play in the form of digital certificates issued by Certificate Authorities (CAs) —  vendors that diligently verify the authenticity of websites, and then also help the website owners encrypt the information consumers type into web page forms.

This robust protection gets implemented by leveraging an encryption and authentication framework called the public key infrastructure (PKI.) This all happens in the blink of an eye when you visit …more

MY TAKE: Equifax hack highlights exposures caused by wide use of open-source protocols

By Byron V. Acohido

A major takeaway from the Equifax debacle that hasn’t gotten enough attention is this: The massive data theft happened because of a vulnerability in an open-source component, which the credit bureau failed to lock down.

Remember Heartbleed and Shellshock, the two massive security flaws discovered in open-source internet protocols back in 2014? The waves of network attacks that preyed on those flaws showed how open-source protocols—which over the years have become so widely used in business networks—actually comprise a ripe attack vector just waiting to be exploited.

Related article: Beware of open-source vulnerabilities lurking all through your network

The hackers leveraged a vulnerability in something called Apache Struts, an open-source application framework that supports the credit bureau’s web portal. It is widely used by developers of Fortune 100 companies to build web applications. In Equifax’s case, hackers used the flaw to access and remove copies of files for over two months, between May 13 and July 30, 2017.

When it seemed like the breach couldn’t get any worse for Equifax, the company also revealed that they knew about the vulnerability and tried to patch it in March.

Vulnerabilities are common

As Jeff Williams, co-founder and CTO of Contrast Security explains, “Essentially, an attacker could send a single HTTP request—just like the ones your browser sends—except with a specially crafted header that contains the attack. Through a series of unfortunate events, the Struts framework treats this header as an expression, effectively running the attacker’s code on the server.”

…more

PODCAST: Cyphort helps companies translate an ocean of network logs into actionable intelligence

By Byron V. Acohido

More companies are deploying cyber defenses to alert employees when possible threats to data and networks are detected. That’s a good thing.

What’s not so good is that these tools and components can raise alarms so often, a company’s tech team is in a constant state of high alert.

I had the chance to speak with Cyphort Senior Director Mounir Hadad about his company’s solution to all that noise, which they like to refer to as the “Anti-SIEM.”

Related article: Security as a service catches on

“When you look at the security space in general, it’s extremely fragmented,” Hadad says. Many companies set up products to detect threats and protect systems, “and the problem is, not a single company out there …more

PODCAST: How Darklight marshals threat feeds, delivers useful intel to enterprises and MSSPs

By Byron V. Acohido

The ongoing warfare between small and midsize companies defending their networks against relentless hackers just isn’t a fair fight, says John Shearer, CEO of DarkLight.

All too many SMBs are clueless and/or lack resources dedicated to continually defending their networks against determined, innovative intruders.

Meanwhile, the attackers are “extremely organized, and they’re sharing their knowledge. They’re actually acting in an organized way to attack the small businesses. And the small businesses, unfortunately, are easy targets.”

Related article: Obama challenges security vendors to share intelligence more widely

So what if the good guys took some cues from the bad guys? I had the chance to discuss this topic in person with Shearer at Black Hat 2017. …more

INFOGRAPHIC: Studies show ‘security fatigue’ may trigger apathy in wake of Equifax hack

By Byron V. Acohido

There is no mistaking that, by now, most consumers have at least a passing awareness of cyber threats.

Two other things also are true: All too many people fail to take simple steps to stay safer online; and individuals who become a victim of identity theft, in whatever form, tend to be baffled about what to do about it.

INFOGRAPHIC: Shaking off cyber fatigue can be tough

A new survey by the nonprofit Identity Theft Resource Center, scheduled to be released in full next week, reinforce these notions. ITRC surveyed 317 people who used the organization’s services in 2017 and had experienced identity theft. The study was sponsored by CyberScout, which …more