Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
The Evolution Of Malware
Newest First  |  Oldest First  |  Threaded View
opensourceintel
50%
50%
opensourceintel,
User Rank: Apprentice
10/15/2015 | 11:36:39 AM
An appropriate follow up!
The Author states; "Only using trusted sites;" A personal anecdote;  While hosting on GoDaddy, with a registeredbusiness name, and a SSL certificate I can make any site appear trusted;  Even phishing sites.  Googleaccountservices.com is one in the distant past that proves nothing can be trusted. 

What would be layered security measures? If your running a hosting company or an enterprise;  Your IDS, VPN, Firewall, Bastion Host and copy server are all useless...the insecurity of the modern web is in the web applications themselves that allow the User to pass input;  The user being able to do this can circumvent any security hardware/software unless all applications have invested in equal resources to build security in and than field test them---over and over.

A backup strategy?  Attackers want access;  They don't want your network down;  The want it up, to see what data they can conintously gather.  A backup may just bring back old backdoors, malware...Scrub it all instead.

Checking a  financial statement may detect a shady financial advisor, script kiddie or breached card...but if its a breached card;  Likely  the attacker will NOT be caught. 

Just some thoughts:  [email protected]  Kris Richey twitter.com/darkartsofwar  www.opensourceintelsite.wordpress.com

 

 

The author wrote the following which I decided to take exception with:

 
  • Remain vigilant; don't let your security practice become complacent
  • Add layered security measures
  • Only use trusted sites
  • Have a reliable backup strategy 
  • Review financial accounts regularly for suspicious activity. Sometimes a victim won't realize they have been attacked. Catching breaches early helps stop the attack, recuperate damages, and possibly even catch the attacker.


Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29040
PUBLISHED: 2021-05-16
The JSON web services in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 20 and 7.2 before fix pack 10 may provide overly verbose error messages, which allows remote attackers to use the contents of error messages to help launch another, more focused att...
CVE-2021-29041
PUBLISHED: 2021-05-16
Denial-of-service (DoS) vulnerability in the Multi-Factor Authentication module in Liferay DXP 7.3 before fix pack 1 allows remote authenticated attackers to prevent any user from authenticating by (1) enabling Time-based One-time password (TOTP) on behalf of the other user or (2) modifying the othe...
CVE-2021-29047
PUBLISHED: 2021-05-16
The SimpleCaptcha implementation in Liferay Portal 7.3.4, 7.3.5 and Liferay DXP 7.3 before fix pack 1 does not invalidate CAPTCHA answers after it is used, which allows remote attackers to repeatedly perform actions protected by a CAPTCHA challenge by reusing the same CAPTCHA answer.
CVE-2021-22668
PUBLISHED: 2021-05-16
Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (with ScreenEditor Version 1.01.2) and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code.
CVE-2021-29039
PUBLISHED: 2021-05-16
Cross-site scripting (XSS) vulnerability in the Asset module's categories administration page in Liferay Portal 7.3.4 allows remote attackers to inject arbitrary web script or HTML via the site name.