Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats //

Advanced Threats

Could The Sony Attacks Happen Again? Join The Conversation

Check out Dark Reading Radio's interview and live chat with CrowdStrike founder and CEO George Kurtz and Shape Security executive Neal Mueller.

If you’re a security professional, you’ve probably been asked many questions about the December attack on Sony, the pre-emption of the movie The Interview, and the possible implications for enterprises and cyber conflict in the future. Now’s your chance to have that conversation with top experts and your peers in the IT security industry. 

On Jan. 21 at 1pm Eastern/10am Pacific, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it. Hosted by Dark Reading editors Tim Wilson and Sara Peters, the discussion will feature two special guests: CrowdStrike founder and CEO George Kurtz and Shape Security executive Neal Mueller, both of whom have extensive experience in the study of cyber criminal behavior and methodology.

This special Dark Reading Radio show will address a wide range of questions, including: Was the attack really perpetrated by North Korea, and how did they do it? What could Sony have done to prevent it? How could they have responded differently? If the threat of further attacks prevented some U.S. theaters from showing a movie, could cyber attackers use similar methods to stop other organizations from conducting business? What implications/conclusions should security pros draw from this attack? 

This online radio program will not only allow you to listen in, but you can also ask questions of the experts and participate in a chat-style online discussion. Register to participate right now!

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Joe Stanganelli
100%
0%
Joe Stanganelli,
User Rank: Ninja
1/26/2015 | 9:46:02 PM
False flag?
A tiny part of me (the itty-bitty ridiculous-conspiracy-theory part) wonders if the whole thing was a false flag attack perpetrated by Sony itself as a publicity stunt for The Interview.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
1/23/2015 | 4:38:14 PM
Re: Awesome topic, great speakers
So noted, Gonz. We may not be hitting this exact topic immediately. But we've got some other great show in the pipeline, so stay tuned.  
GonzSTL
100%
0%
GonzSTL,
User Rank: Ninja
1/23/2015 | 3:20:27 PM
Re: Awesome topic, great speakers
@Marilyn: One hour was not nearly enough for that topic. It would be nice if we can revisit it with different speakers, so see other viewpoints. I thoroughly enjoyed that DR Radio episode. We need more!
Marilyn Cohodas
100%
0%
Marilyn Cohodas,
User Rank: Strategist
1/23/2015 | 1:59:54 PM
Re: Awesome topic, great speakers
The chat thread had some good comments about the significance of this event. From CrowdStrike's George Kurtz:

I think this attack will set a blue print for others.  Can you imagine an enterprise wide crypto locker.  So instead of making a political statement, the groups will say wire $10M bucks in 2 hours or you won't have any systems.  How many companies will pay?  I bet a lot.

More here. 
jries921
50%
50%
jries921,
User Rank: Ninja
1/22/2015 | 1:26:36 PM
Re: Awesome topic, great speakers
I think the question is a no-brainer; of course it will happen again.  The technology exists and vigilantism has long been rife among those who claim the right to regulate the speech, political activity, and artistic output of others.  The questions are what can be done about it and how effective contemplated measures are likely to be.

 
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
1/21/2015 | 10:41:36 PM
Re: Available After Broadcast?
All Dark Reading Radio shows are archived on the site--just visit the link to the show, and you will be able to play it back. Thank you for your interest!
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
1/21/2015 | 6:01:31 PM
Re: Available After Broadcast?
Yes. That is something I wonder too, is it recorded at all. It will be good to hear what other would say.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
1/21/2015 | 5:59:44 PM
Re: probably...
I think it is less about locking down the network but more about applying right security measure at the right place. If the administrator is willing to share their passwords you have security awareness and training issues that need to be addressed.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
1/21/2015 | 5:57:26 PM
Re: Awesome topic, great speakers
Yes, I was wondering their point of view. Obviously this subject does not go away because of lack of information and disagreement between government and experts on security.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
1/21/2015 | 5:55:07 PM
No, not really
Sorry I missed this. Exciting subject. While I doubt that Sonny attack would happen again as it was executed and impact of it, I am sure we will experience far more serious security breaches. Cyberattacks are just starting with this level of sophistication and it involves governments any more. So wait and see.
Page 1 / 2   >   >>
Zero-Factor Authentication: Owning Our Data
Nick Selby, Chief Security Officer at Paxos Trust Company,  2/19/2020
44% of Security Threats Start in the Cloud
Kelly Sheridan, Staff Editor, Dark Reading,  2/19/2020
Firms Improve Threat Detection but Face Increasingly Disruptive Attacks
Robert Lemos, Contributing Writer,  2/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8813
PUBLISHED: 2020-02-22
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
CVE-2020-9039
PUBLISHED: 2020-02-22
Couchbase Server 4.x and 5.x before 6.0.0 has Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).
CVE-2020-8860
PUBLISHED: 2020-02-22
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. User interaction is required to exploit this vulnerability in that the target must answer a phone call. T...
CVE-2020-8861
PUBLISHED: 2020-02-22
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1330 1.10B01 BETA Wi-Fi range extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue ...
CVE-2020-8862
PUBLISHED: 2020-02-22
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2610 Firmware v2.01RC067 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords. The issue results from the ...