Data Breach Costs Rise 23%

by on | Leave a comment
Filed under Industry News and tagged , , , .

data breach costs on the rise

The Ponemon Institute’s new “2014 Global Report on the Cost of Cyber Crime” is confirming what many CISOs and other network security professionals have been saying for months: data breach costs are on the rise.

The Report, which was commissioned by HP, surveyed 257 large organizations in seven countries, and analyzed more than 1,700 attacks. When the numbers were all crunched, researchers found that the average data breach takes 31 days to remediate and costs about $640,000 — which is a 23% jump from last year. Continue reading

Improved Reporting, More Threat Data [Product Update]

by on | Leave a comment
Filed under Product Updates and tagged , , .

Seculert high-five

Improved Reporting of DGA Incidents
Among different classification criteria, threat types can be classified according to the pattern they use to call a command and control server (C&C). One category of threats that stands out is malware that uses a Domain Generation Algorithm (DGA) to call to seemingly random command and control (C&C) host names. The number of different C&C host names can reach thousands in a span of a few days before the sequence is repeated again. This technique helps threats avoid detection or blocking since the malware calls a large number of host names. Static threat intelligence feeds have difficulty anticipating the random hostname. Continue reading

HP Revokes Digital Certificate Used to Sign Malware

by on | Leave a comment
Filed under Industry News and tagged , , , .

malware certificate

As reported by Krebs on Security, HP has performed the cyber security equivalent of a “my bad” by quietly advising customers of a digital certificate that had been used to sign malware in May 2010. The certificate, which was initially signed in error, was revoked by Verisign at HP’s request on October 21, 2014. Continue reading

DGAs: A Domain Generation Evolution

by on | Leave a comment
Filed under Research Lab and tagged , , , , , , , .

dga evolution

You may remember hearing about Domain Generating Algorithms, aka DGAs, from our coverage of the PushDo malware or from the malware we dubbed DGA.Changer, or more recently from our post on the Tinba Trojan. Malware threats that contain DGAs are not new, but they are more difficult to prevent and detect.

The experts in Seculert’s Research Lab have identified an increasingly disturbing trend in the use of DGAs by cyber criminals. Continue reading

Better Results, More Incident Format Options [Product Update]

by on | Leave a comment
Filed under Product Updates and tagged .

iStock_000026381109Small

New Information in Elastic Sandbox Analysis Results
Seculert’s Elastic Sandbox analysis results now indicate if a communication was found to a known Command and Control (C&C) server. In addition, to ensure that you always access the most up-to-date data, every time you view the results it is checked against the live C&C list. Continue reading

SECURITY INFOGRAPHIC: Why the US Needs More Cyber Security Professionals

by on | Leave a comment
Filed under Industry News and tagged , , .

security professionals

In a blog post published in back in May, my colleague Doug McLean wrote that an enterprise’s attempt to find experienced, knowledgeable, and (reasonably) affordable Security Analysts these days is no longer a traditional human resource effort, but more like “searching for unicorns”. Continue reading

Attention Kmart Shoppers: Your Data May Have been Stolen

by on | Leave a comment
Filed under Breach Diaries, Industry News and tagged , , , , , .

kmart blue light special

Move over “clean up in aisle 3”. There’s a more important announcement for Kmart shoppers coming over the P.A. system — or rather, published on the company’s website in a bulletin from President and Chief Member Officer Alasdair James: bad actors have breached the Point of Sale (PoS) system. Continue reading

“Backoff” Malware Hits Dairy Queen

by on | Leave a comment
Filed under Breach Diaries, Industry News and tagged , , , , , .

malware dq

If you visit the Dairy Queen website, you’ll find all kinds of stuff you’d expect – like information about tasty frozen treats, a location finder, a trip planner, special promos, and more — and one thing that will take you by surprise; unless you happen to work in the network security field, and as such this probably won’t faze you at all: a bulletin from the CEO advising customers of a malware attack. Continue reading

Malware Attack at Staples: “That Was Easy”

by on | Leave a comment
Filed under Breach Diaries, Industry News and tagged , , , .

malware attack easy

Krebs on Security is reporting that bad actors have apparently smacked their version of the “easy button” in a malware attack targeting Staples stores in the US Northeast, including seven in Pennsylvania, three in New York City, and one in New Jersey. Continue reading