It’s happening every day. People are inadvertently sharing one of the most personal and private pieces of information, the infamous social security number (SSN). For Jonathan Barnett, the unbelievable became a reality when he discovered that nearly 50 names were connected to his SSN. The irony is that his credit report and social security earnings records are clean. The nation’s creditors, employers, and many others depend on this identity system predicated on SSNs.
The Cyber Risk Report for November 7 through 13 covered the second consecutive Social Engineering Capture the Flag event that was organized by Defcon 19 (a prominent industry “underground” security conference). The event proposes a challenge to competitors with the focus of leveraging social engineering tactics to successfully obtain key company information from a list of prospective companies, with the ultimate goal (based on the past two years) of raising awareness of the threat impact social engineering has on organizations. Furthermore, the competition highlights the common tactics and aspects that social engineers employ. As this year’s competition drew to a close, the Social Engineering CTF Results Report (which provides a debrief of the event, outcomes, and lessons learned) puts an emphasis on the techniques utilized, and the reasons why the respective techniques ultimately succeeded or failed.
Black holes, from a network security perspective, are placed in the network where traffic is forwarded and dropped. When an attack has been detected, black-holing can be used to drop all attack traffic at the edge of an Internet service provider (ISP) network, based on either destination or source IP addresses. Remotely triggered black hole (RTBH) filtering is a technique that uses routing protocol updates to manipulate route tables at the network edge or anywhere else in the network to specifically drop undesirable traffic before it enters the service provider network.
One of the most enjoyable parts of my job as a product manager is launching a new product. Typically this is a shiny new widget or a great piece of software. But for a cloud-based service like Cisco’s ScanSafe Web Security solution, the infrastructure is a big part of the product.
For those not familiar with the product, ScanSafe offers web security solutions to organizations ranging from global enterprises to small businesses. The service provides multiple layers of malware protection and acceptable use controls to block users from specific websites and categories. It does this by redirecting end-user web traffic directly to the cloud where every web request is analyzed using artificial intelligence-based “scanlets” to determine the associated security risk. With such heavy processing and computation, the nature of the cloud is as important as the service in the cloud.
That is why today, I am pleased to welcome Canada to ScanSafe’s cloud with the addition of two datacenters—the first in Vancouver and the second in Toronto. Canada has been an early adopter of SaaS-based technologies, and our newest datacenters will help us serve our customers in the region. In addition, companies with branch offices in these locations will now benefit from a local internet breakout.
Either someone is doing some serious academic work in researching password strengths, or someone is building a really great hashed password dictionary. The Steam community forum compromise, in which attackers gained access to a database containing usernames, encrypted passwords, and e-mail addresses, is just the latest in a series of compromises targeting a subset of the online community: gamers.
It’s difficult to say whether these attacks are increasing in frequency or whether media reporting and voluntary disclosure has created the illusion of a growing trend. In either case, our activities are continually moving online, often protected only by a username and password, instead of staying safe and warm in hard disks on our home desktop computers. The attack surface is increasing as more web services require more usernames and passwords and the opportunity for password reuse increases.
Read More »