reports – Page 3 – WindowsTechs.com

NASA’s Insider Threat Program

Posted on March 23, 2022 by Bruce Schneier

The Office of Inspector General has audited NASA’s insider threat program:

While NASA has a fully operational insider threat program for its classified systems, the vast majority of the Agency’s information technology (IT) systems — including many containing high-value assets or critical infrastructure — are unclassified and are therefore not covered by its current insider threat program. Consequently, the Agency may be facing a higher-than-necessary risk to its unclassified systems and data. While NASA’s exclusion of unclassified systems from its insider threat program is common among federal agencies, adding those systems to a multi-faceted security program could provide an additional level of maturity to the program and better protect agency resources. According to Agency officials, expanding the insider threat program to unclassified systems would benefit the Agency’s cybersecurity posture if incremental improvements, such as focusing on IT systems and people at the most risk, were implemented. However, on-going concerns including staffing challenges, technology resource limitations, and lack of funding to support such an expansion would need to be addressed prior to enhancing the existing program…

Continue reading NASA’s Insider Threat Program→

Friday Squid Blogging: The Costs of Unregulated Squid Fishing

Posted on March 18, 2022 by Bruce Schneier

Greenpeace has published a report, “Squids in the Spotlight,” on the extent and externalities of global squid fishing.
News article.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t co… Continue reading Friday Squid Blogging: The Costs of Unregulated Squid Fishing→

On the Irish Health Services Executive Hack

Posted on February 11, 2022 by Bruce Schneier

A detailed report of the 2021 ransomware attack against Ireland’s Health Services Executive lists some really bad security practices:

The report notes that:

The HSE did not have a Chief Information Security Officer (CISO) or a “single responsible owner for cybersecurity at either senior executive or management level to provide leadership and direction.

It had no documented cyber incident response runbooks or IT recovery plans (apart from documented AD recovery plans) for recovering from a wide-scale ransomware event.

Under-resourced Information Security Managers were not performing their business as usual role (including a NIST-based cybersecurity review of systems) but were working on evaluating security controls for the COVID-19 vaccination system. Antivirus software triggered numerous alerts after detecting Cobalt Strike activity but these were not escalated. (The antivirus server was later encrypted in the attack).
…

Continue reading On the Irish Health Services Executive Hack→

An Examination of the Bug Bounty Marketplace

Posted on January 17, 2022 by Bruce Schneier

Here’s a fascinating report: “Bounty Everything: Hackers and the Making of the Global Bug Marketplace.” From a summary:

…researchers Ryan Ellis and Yuan Stevens provide a window into the working lives of hackers who participate in “bug bounty” programs — programs that hire hackers to discover and report bugs or other vulnerabilities in their systems. This report illuminates the risks and insecurities for hackers as gig workers, and how bounty programs rely on vulnerable workers to fix their vulnerable systems.

Ellis and Stevens’s research offers a historical overview of bounty programs and an analysis of contemporary bug bounty …

Continue reading An Examination of the Bug Bounty Marketplace→

How to export report and media in MD-VIDEO

Posted on December 7, 2021 by HancomWITH

We’ve been introducing various features of MD-VIDEO this year and this is the last episode of the how-to video of MD-VIDEO.

You can learn how to export reports and media from MD-VIDEO.Check out various types of options to export … Read … Continue reading How to export report and media in MD-VIDEO→

Excellent Write-up of the SolarWinds Security Breach

Posted on August 30, 2021 by Bruce Schneier

Robert Chesney wrote up the Solar Winds story as a case study, and it’s a really good summary.
Continue reading Excellent Write-up of the SolarWinds Security Breach→

Forensic Focus Legal Update July 2021: Reliability And Credibility Of Digital Evidence

Posted on July 19, 2021 by Forensic Focus

This quarter’s edition of our legal update starts with a look at improving digital forensics experts’ credibility, as well as the reliability of the evidence they find — all while dealing with rapidly advancing technology Two recent academic pape… Continue reading Forensic Focus Legal Update July 2021: Reliability And Credibility Of Digital Evidence→

Insurance and Ransomware

Posted on July 1, 2021 by Bruce Schneier

As ransomware becomes more common, I’m seeing more discussions about the ethics of paying the ransom. Here’s one more contribution to that issue: a research paper that the insurance industry is hurting more than it’s helping.

However, the most pressing challenge currently facing the industry is ransomware. Although it is a societal problem, cyber insurers have received considerable criticism for facilitating ransom payments to cybercriminals. These add fuel to the fire by incentivising cybercriminals’ engagement in ransomware operations and enabling existing operators to invest in and expand their capabilities. Growing losses from ransomware attacks have also emphasised that the current reality is not sustainable for insurers either…

Continue reading Insurance and Ransomware→

Banning Surveillance-Based Advertising

Posted on June 24, 2021 by Bruce Schneier

The Norwegian Consumer Council just published a fantastic new report: “Time to Ban Surveillance-Based Advertising.” From the Introduction:

The challenges caused and entrenched by surveillance-based advertising include, but are not limited to:

privacy… Continue reading Banning Surveillance-Based Advertising→

The Future of Machine Learning and Cybersecurity

Posted on June 21, 2021 by Bruce Schneier

The Center for Security and Emerging Technology has a new report: “Machine Learning and Cybersecurity: Hype and Reality.” Here’s the bottom line:

The report offers four conclusions:

Machine learning can help defenders more accurately detect and triage potential attacks. However, in many cases these technologies are elaborations on long-standing methods — not fundamentally new approaches — that bring new attack surfaces of their own.

A wide range of specific tasks could be fully or partially automated with the use of machine learning, including some forms of vulnerability discovery, deception, and attack disruption. But many of the most transformative of these possibilities still require significant machine learning breakthroughs.
…

Continue reading The Future of Machine Learning and Cybersecurity→