Another news week is upon us, and we have some good stuff as usual. Enjoy.
- First news of the week is in relation to the Sony Pictures breach from last year. It looks like we finally have a dollar figure to associate with the cost of the breach, and it’s about $15 million. Honestly, I expected this to be much higher, given the profile of the hack and the reactions at the time. At $15 million, while still a good chunk of change, it’s not nearly as devastating to Sony as I would think the hackers responsible would have hoped.
- Read More @ http://www.afterdawn.com/news/article.cfm/2015/03/21/sony-hack-will-end-up-costing-the-company-15-million-this-quarter
- Before you get too excited, this is most likely not going to pass, but a pair of lawmakers are attempting to pass a new piece of legislation dubbed the “Surveillance State Repeal Act” that would repeal most of the terrible parts of the Patriot Act. At least it’s good to see that someone out there thinks the Patriot Act is as terrible as the rest of us think.
- Read More @ http://thehill.com/policy/technology/236769-house-effort-would-completely-dismantle-patriot-act
- Next, a rather interesting article that takes a look at some of the capabilities, and challenges facing the Threat Intelligence Analysts in the FBI. Pretty good read that provides some insight into agency operations when it comes to Threat Intelligence.
- Read More @ http://www.darkreading.com/fbi-threat-intelligence-analysts-still-marginalized-in-agency/d/d-id/1319618
- Next, another week, another breach. This time it looks like the service in question is “Twitch”. According to an email sent to it’s users, they noticed unauthorized access to some of the user accounts, and as a result have expired the passwords in question.
- Read More @ http://www.afterdawn.com/news/article.cfm/2015/03/25/twitch-sees-unauthorized-access-to-some-of-its-user-s-accounts
- We haven’t had an exploit kit article for a while, so I am happy to have one to share this week. Malwerebytes researchers have written a good article taking a look at the Malvertising campaign spreading the “Hanjuan” exploit kit. I have to admit, this is a new one to me. Good read.
- Read More @ https://blog.malwarebytes.org/exploits-2/2015/03/hanjuan-eks-march-madness-malvertising-campaign
- Another cyber-security bill is making its way through the house. The primary aim is to enable better intelligence sharing between the government and the private sector, in order to improve protections against breaches, and in order to hopefully allow for faster detection and analysis of breaches.
- Read More @ http://www.usatoday.com/story/news/politics/2015/03/24/house-intelligence-committee-cybersecurity-information-sharing-bill/70375004/?linkId=13127670
- Keeping up with the breach theme for the week, the last article of the day is, you guessed it, related to another breach. Slack, the business communication app, makers announced that a small number of users had their information accessed by unauthorized party in February, for a period of 4 days or so. No payment related information was accessed. Since, slack has added Two-Factor-Authentication in order to strengthen its security.
- Read More @ http://www.pcmag.com/article2/0,2817,2479171,00.asp