Comments
72% of Government Agencies Hit with Security Incidents
Newest First  |  Oldest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
8/29/2017 | 8:09:23 AM
Re: Endpoint Security
No kidding on this one - right now our malware forensics group is tackling a download campaign, looking for "doc.pdf" openings!!!!!
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/28/2017 | 4:47:20 PM
Re: Endpoint Security
"Typically users don't understand the potential ramifications of their downloads." I agree, it comes back to awareness trainings, it should be an ongoing process.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/28/2017 | 4:46:15 PM
Re: Endpoint Security
"opening unknown compromised DOC and PDF attachments " That is really true, why would anybody open a document from an unknown source, that is no upside on it.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/28/2017 | 4:44:45 PM
Re: Endpoint Security
" If users could simply understand the DANGER of downloading and installing malicious software" That makes sense. Main problem are the users downloading malware from their emails mainly.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/28/2017 | 4:43:25 PM
Re: Endpoint Security
"include regular User Awareness Training" I would agree, awareness would be the key for it.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/28/2017 | 4:42:34 PM
72% of Government Agencies
This number seems so big and surprising. It shows the government is seen as a target for many, mainly other governments I would guess.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
8/25/2017 | 7:02:51 AM
Re: Endpoint Security
That's a great point. Typically users don't understand the potential ramifications of their downloads. Many won't until they have been personally burnt by the stove themselves. Reminds me of a statement my father makes, smart people learn from their mistakes but brilliant people learn from others'. Makes me hopeful that this sentiment could be utilized from a security perspective through user awareness.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
8/24/2017 | 3:05:06 PM
Re: Endpoint Security
Agree totally - you hit the three concentric rings of endpoint.  Training which should be mandatory and updated every six months.  A good security department (few firms have a dedicated one), search engine like Carbon Black and firm rules on user access to data (which prevents that other posted subject - data theft).  If users could simply understand the DANGER of downloading and installing malicious software AND opening unknown compromised DOC and PDF attachments --- JUST THOSE 2 THINGS  --- our security world would be MUCH BETTER off.  
RyanSepe
0%
100%
RyanSepe,
User Rank: Ninja
8/24/2017 | 7:24:51 AM
Endpoint Security
So action items moving forward need to include regular User Awareness Training, some type of SOC either onsite or third party, a heuristics malware detection engine, and limiting of user access (both administrative and internet based).


6 Ways Greed Has a Negative Effect on Cybersecurity
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA ,  6/11/2018
Weaponizing IPv6 to Bypass IPv4 Security
John Anderson, Principal Security Consultant, Trustwave Spiderlabs,  6/12/2018
'Shift Left' & the Connected Car
Rohit Sethi, COO of Security Compass,  6/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10997
PUBLISHED: 2018-06-17
Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL injection in the POST parameters txUserName and txPassword.
CVE-2018-11218
PUBLISHED: 2018-06-17
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
CVE-2018-11219
PUBLISHED: 2018-06-17
An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.
CVE-2018-10377
PUBLISHED: 2018-06-17
PortSwigger Burp Suite before 1.7.34 has Improper Certificate Validation of the Collaborator server certificate, which might allow man-in-the-middle attackers to obtain interaction data.
CVE-2018-10969
PUBLISHED: 2018-06-17
SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid.