Last news post of February is already upon us. How time flies. We do have some good stories for you this week though, so enjoy!
- First story of the week is an interesting one, brought to us by Krebs. He looks at a breach of “Altair Technologies Ltd” and more specifically the fact that their disclosure of said breach was not exactly ideal. The notification was buried, and vague.
- Read More @ https://krebsonsecurity.com/2017/02/how-to-bury-a-major-breach-notification/
- Next, more on the not so great situation when it comes to Cybersecurity talent. This time though the narrative is a bit different as it talks about the available talent being largely under qualified. A report at RSA 2017 conference by ISACA mention that based on their report only about a 4th of the candidates seem to be qualified for the positions in question. Having conducted interviews and been a part of hiring for a major company I will say this is not terribly surprising. Worse yet, I believe the situation is likely to get worse before it gets better.
- Read More @ http://www.darkreading.com/vulnerabilities—threats/fewer-than-one-fourth-of-cybersecurity-job-candidates-are-qualified/d/d-id/1328244
- Next, a great report by Kaspersky on a not-so-new botnet spreading “Mirai” malware. Due to the “Mirai” source code becoming public, we were bound to see new variants come out and this is an example of someone taking the next step with the available source code.
- Read More @ https://securelist.com/blog/research/77621/newish-mirai-spreader-poses-new-risks/
- Next, possibly the biggest story of the week. Google has long been advocating for a move away from using SHA-1 for certificate signing and now there is a good reason to listen as the folks at Google and CWI Institute in Amsterdam have created the first SHA1 collision. While the attack is not exactly practical at the moment, the fact that this succeeded at all is reason enough to start moving towards SHA-2, and SHA-3.
- Read More @ https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
- Last story of the day is one that we saw coming given the chain of events preceding this. But it looks like Yahoo and Verizon have agreed a $350m price reduction due to the breaches that have effected the Yahoo over the past few years. At this point, Yahoo should be happy the transaction is going through at all. For a while there I was fairly convinced Verizon would back out.
- Read More @ https://www.infosecurity-magazine.com/news/yahoo-and-verizon-agree-350m-price/
- First webcast is by Raytheon Foreground Security and is a great webcast on how to build a solid threat hunting team, process, etc. Some really great information here. Take a look.
- Watch @ https://www.brighttalk.com/webcast/288/230987
- Next, a great webcast on how to audit and properly log PowerShell. Given the rising use of PowerShell in malware campaigns, knowing how to distinguish legitimate use of Powershell from malicious use is critical. This webcast provides a great look into how to do exactly this.
- Watch @ https://www.brighttalk.com/webcast/14907/233583