Over September 15-17 at the 1st Interpol Information Security Conference (iisc2010.org), more than 300 delegates from 188 countries came to Hong Kong, and under the care of Interpol and the Hong Kong Police Department, spoke candidly and collaboratively about Information Security and the common challenges we all face. In his welcoming address, Interpol’s Secretary-General Ron Noble mentioned how a Facebook page was created in his name in an attempt to confuse others and socially engineer colleagues. The Hong Kong Commissioner of Police opened his address by comparing technology to the moon: it has a bright side and a dark side. Both speeches hold in common that technology is ubiquitous, we must continue to keep criminal activity at bay, and that the Internet’s global reach means we all share in its continued success and must remain vigilant to protect it from the threats against it. Read More »
Will PCI 2.0 Bring Virtual Relief to Real Questions?
PCI Data Security Standard (PCI DSS) 1.2.1, which is a set of standards for retail and other verticals that defines the requirements for security compliance, is relatively simple and straightforward. 12 requirements define the spirit and intent of the standard. These are good, common sense guidelines and best practices that are derived from decades of experience keeping customer data secure. However, there are areas where PCI DSS could do a better job of handling what has become common, well accepted practices; virtualization is one of those areas. Read More »
This week brought us a wide variety of news about the ZeuS malware platform and its criminal users. While the platform has been very successful at stealing banking credentials and money from its victims, it may be showing some promising signs of weakness to the security community. While it has long been recognized as a modular and adaptable platform, the rising complexity in the system may be exposing it to security concerns found in traditional enterprise software. Identifying and exploiting these weaknesses may be an essential factor in disrupting its botnets and tracking down its controllers.
One of those features, highlighted in this week’s Cyber Risk Report, was a jump into mobile malware. One particular ZeuS adaptation has appeared as a combined threat between desktops and smartphones, with the ultimate goal of intercepting not only keyboard-entered user credentials, but also SMS messages from banks used for out-of-band user authentication.
On Monday morning, I woke up and started my weekly routine by looking through the spam captured by our traps over the weekend. It feels as though I am still dreaming, because the most notorious pharmacy affiliate program, Spamit, seems to have made good on its threat of closing its doors. Brian Krebs blogged about this last week, citing that “Spamit administrators blamed the impending closure on increased public attention to its program.” So far, we have seen no sign of spam advertising “Canadian Pharmacy” and our SenderBase and SpamCop services are both showing a significant decrease in global spam volumes.
Sun Tzu famously said, “Keep your friends close, and your enemies closer.” Spamit, along with the rest of the fake online pharmacy community, has been very near and dear to us at Cisco Security Intelligence Operations (SIO) for several years. We visited the Subway restaurant in Toronto, Canada supposedly occupied by “My Canadian Pharmacy,” an affiliate program run by bulker.biz, Spamit’s main competitor. Read More »
Few aspects of networking have experienced as much change in recent years as the network firewall. Once considered a desktop security device, then embraced as the cadre of gateway security for businesses of all sizes, the firewall has lost its “place”. Don’t get me wrong, I’m not belittling the importance of the network firewall – in fact, my intention is quite the opposite!
Today Cisco made an announcement that supports the notion that the network firewall is more important than ever. But where does it belong? Marketers and IT professionals, alike, are all guilty of using the silly “brick wall” graphic in all our presentations. I’ve done it myself more times than I can count – right there, between the network edge and the DMZ. After all, that’s where it has traditionally lived, right?
The problem is that with the advent of cloud computing, virtualization, and the ability to gain anytime/anywhere access to data from a wide range of devices, it’s hard to tell where the network begins and where it ends these days. And if we can’t find the network edge, where do we place the firewall? How do we protect our network assets from the deluge of Internet-borne threats? Read More »