How to Fail at “Know Your Enemy”?!

As a security professional, you’ve heard the slogan “Know Your Enemy” more than a few times in your career. Armchair security strategists love to mindlessly quote Sun Tzu such as by uttering things like “If you know the enemy an… Continue reading How to Fail at “Know Your Enemy”?!

Breaking Research: LockerGoga Ransomware Impacts Norsk Hydro

It was reported today that Norsk Hydro has temporarily stopped aluminum production at several plants following an attack by the ransomware known as LockerGoga.
Nozomi Networks Labs has conducted a preliminary evaluation of LockerGoga. Read on to learn … Continue reading Breaking Research: LockerGoga Ransomware Impacts Norsk Hydro

China’s new law calls on private industry to hand over valuable cyber threat data

The new year marked the beginning of yet another Chinese cybersecurity law that could have a big impact on U.S.-based technology companies. Known as the “Public Internet Cybersecurity Threat Monitoring and Mitigation Measures,” the rules call on private companies conducting business in China to report and hand over cyberthreat information to the government’s Ministry of Industry and Information Technology (MIIT). China founded the MIIT in 2008 in order to regulate the country’s burgeoning information technology industry. The law instructs companies to turn over information regarding both cyberattacks they’ve faced and also any “cyber threat intelligence” they own. Cyber threat intelligence is typically collected by cybersecurity firms and software giants like Microsoft and used to strengthen security operations. The regulation states: “after cybersecurity threats are discovered by relevant professional organizations, basic telecommunication enterprises, cybersecurity enterprises, Internet companies, domain name registration management and service organs … information shall be submitted to MIIT, provincial, autonomous […]

The post China’s new law calls on private industry to hand over valuable cyber threat data appeared first on Cyberscoop.

Continue reading China’s new law calls on private industry to hand over valuable cyber threat data

Dark web intelligence firm Flashpoint raises $28M to expand operations

New York City-based Flashpoint, an intelligence firm that mines the dark web for information about hackers, today ended a $28 million Series C funding round. A new investor, Georgian Partners, took the lead. Flashpoint executives describe the company’s mission as providing cyber intelligence, referred to as business risk intelligence (BRI), that goes beyond the realm of threat detection and alert notifications. The company sells access to a digital platform that allow customers to assess cyber threats aimed at their organizations. Flashpoint’s new partnership with Georgian Partners, an equity firm focused on software and security ventures, will provide additional resources for the company to expand its product portfolio and other services. “Georgian Partners brings with it not only a significant investment into Flashpoint’s expansion … but a unique expertise in applied analytics, machine learning, and natural language processing, which will help us further mature our offerings,” said Josh Lefkowitz, CEO and […]

The post Dark web intelligence firm Flashpoint raises $28M to expand operations appeared first on Cyberscoop.

Continue reading Dark web intelligence firm Flashpoint raises $28M to expand operations

FBI warns InfraGard members of ‘malicious,’ copy cat website

The FBI has warned members of its InfraGard program that a website is mimicking its genuine Infragard.org property, requesting login credentials for the bureau’s information sharing platform. “Please be aware www.InfraGard.com is not associated with the InfraGard Program. This site is maliciously collecting information that is entered. You are strongly advised not to visit this site or enter any personal/account information,” an alert sent Friday to InfraGard members reads. The FBI’s threat sharing website has been domain squatted pic.twitter.com/7bVSmPzNIW — Sean Cassidy (@sean_a_cassidy) March 25, 2017 When it was still up and running, the InfraGard.com website offered duplicate forms for new applicants to input sensitive information, including social security numbers. If a user tried logging into the fake site, it would redirect them to the real site’s error page. InfraGard.com was most recently taken down on March 24. The fake site (left) looks pretty close to the real site (right). Easily will fool […]

The post FBI warns InfraGard members of ‘malicious,’ copy cat website appeared first on Cyberscoop.

Continue reading FBI warns InfraGard members of ‘malicious,’ copy cat website