Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
The Evolution Of Malware
Newest First  |  Oldest First  |  Threaded View
opensourceintel
50%
50%
opensourceintel,
User Rank: Apprentice
10/15/2015 | 11:36:39 AM
An appropriate follow up!
The Author states; "Only using trusted sites;" A personal anecdote;  While hosting on GoDaddy, with a registeredbusiness name, and a SSL certificate I can make any site appear trusted;  Even phishing sites.  Googleaccountservices.com is one in the distant past that proves nothing can be trusted. 

What would be layered security measures? If your running a hosting company or an enterprise;  Your IDS, VPN, Firewall, Bastion Host and copy server are all useless...the insecurity of the modern web is in the web applications themselves that allow the User to pass input;  The user being able to do this can circumvent any security hardware/software unless all applications have invested in equal resources to build security in and than field test them---over and over.

A backup strategy?  Attackers want access;  They don't want your network down;  The want it up, to see what data they can conintously gather.  A backup may just bring back old backdoors, malware...Scrub it all instead.

Checking a  financial statement may detect a shady financial advisor, script kiddie or breached card...but if its a breached card;  Likely  the attacker will NOT be caught. 

Just some thoughts:  [email protected]  Kris Richey twitter.com/darkartsofwar  www.opensourceintelsite.wordpress.com

 

 

The author wrote the following which I decided to take exception with:

 
  • Remain vigilant; don't let your security practice become complacent
  • Add layered security measures
  • Only use trusted sites
  • Have a reliable backup strategy 
  • Review financial accounts regularly for suspicious activity. Sometimes a victim won't realize they have been attacked. Catching breaches early helps stop the attack, recuperate damages, and possibly even catch the attacker.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41152
PUBLISHED: 2021-10-18
OpenOlat is a web-based e-learning platform for teaching, learning, assessment and communication, an LMS, a learning management system. In affected versions by manipulating the HTTP request an attacker can modify the path of a requested file download in the folder component to point to anywhere on t...
CVE-2021-41153
PUBLISHED: 2021-10-18
The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In `evm` crate `< 0.31.0`, `JUMPI` opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. Thi...
CVE-2021-41156
PUBLISHED: 2021-10-18
anuko/timetracker is an, open source time tracking system. In affected versions Time Tracker uses browser_today hidden control on a few pages to collect the today's date from user browsers. Because of not checking this parameter for sanity in versions prior to 1.19.30.5601, it was possible to craft ...
CVE-2021-42650
PUBLISHED: 2021-10-18
Cross Site Scripting (XSS vulnerability exists in Portainer before 2.9.1 via the node input box in Custom Templates.
CVE-2021-41151
PUBLISHED: 2021-10-18
Backstage is an open platform for building developer portals. In affected versions A malicious actor could read sensitive files from the environment where Scaffolder Tasks are run. The attack is executed by crafting a custom Scaffolder template with a `github:publish:pull-request` action and a parti...