Fear not, after a week without update because I was busy galavanting around at Infosecurity Europe and picking up awards, regular service has been resumed.
Empathy in Incidence Response
His email message to the SOC was succinct. “I clicked on a suspicious link,” he wrote, “What do I do now?”
My first reaction wasn’t that of anger or contempt. I was relieved, actually. Relieved that he alerted the team. (I don’t think I even want to know how many clicks on suspicious links go unreported.) I was eager to take on this challenge and I quickly located the email in question and I examined it.
Then, I called him. On the phone. To talk to him. In person.
Empathy in Incident Response | Tracy Z. Maleeff
Foiling A $110M Bank Heist
Bancomext would later learn that hackers suspected to be from North Korea had tried to siphon off more than $110 million, forcing the lender to temporarily suspend operations in its international payment platform. These accounts of cyberattacks are based on conversations with individuals briefed on the details of the incidents, who asked not to be identified because investigations by authorities haven’t been completed.
On the topic of robbing banks,
When Your Talk Submission Is Rejected
We've all seen people get disheartened and even angry that their talks to conferences, particularly the big ones, don't get accepted.
Joe FitzPatrick breaks down the rejection process and how you can learn and grow from your rejections.
Congratulations, your submission has been declined! | Securing Hardware
Further Down The Trello Rabbit Hole
Last month’s story about organizations exposing passwords and other sensitive data via collaborative online spaces at Trello.com only scratched the surface of the problem. A deeper dive suggests a large number of government agencies, marketing firms, healthcare organizations and IT support companies are publishing credentials via public Trello boards that quickly get indexed by the major search engines.
Further down the Trello rabbit hole | Krebs On Security
Cloud Leaks Data
I bet you thought this was going to be another story about an insecure AWS S3 bucket. For once, you're wrong.
Google groups has had a glitch whereby an estimated 10,000 companies are leaking private data. Google denies it, and has been telling people to read the manual. But it looks like it could be a case of fixing the UX.
Demand More From Your WAF
I want to let you in on a little secret.
About a year ago I had a conversation with a recently departed senior executive from one of the leading legacy WAF vendors. It was a short call and mostly one where I was explaining Signal Sciences and our progress on reinventing the WAF market but it ended with this seemingly puzzling exchange.
Me: Thank you again for your time! You all have paved the way for the WAF market over the last 10 years. Any advice for some ambitious upstarts as you pass the torch?
Him: (Pausing thoughtfully) Well this may seem basic but I think this is the most important lesson I’ve learned in my position. Don’t ignore customers after you close the deal to just focus on the next new deal.
Demand More From Your Web Application Firewall | Signal Sciences
Why Facebook Shared Data With Device Makers
The scrutiny over Facebook’s data-sharing partnerships highlights how critical APIs are to modern development, and how important it is to restrict how much data can be accessed through these interfaces.
Services like Facebook provide application programming interfaces (APIs) to third-party developers so that they can include the data to create games and other apps for the users.
The API owners control what kind of information, and how much, data is available to an API call. If they aren’t careful, they can expose too much. If they don't pay attention to how APIs are being used, they may not notice when someone is abusing the access. If they don't keep track of all their APIs, they don't have a complete picture of who has access to their data.
Why Facebook shared data with device makers | Decipher
Seeing as we're talking about Facebook,
Dixons Carphone Beach
According to the company, the vast majority of the cards (5.8M) were protected by chip-and-PIN technology — and it says the data accessed in respect of these cards contains “neither pin codes, card verification values (CVV) nor any authentication data enabling cardholder identification or a purchase to be made”.
However around 105,000 of the accessed cards were non-EU issued, and lacked chip-and-PIN, and it says those cards have been compromised.
It's not paranoia, and your phone actually is listening, but to get bars in trouble for illegally broadcasting football (soccer) games.
In the UK, credit scores are mostly used to determine whether people can get a credit card or loan. But in China, the government is developing a much broader “social credit” system partly based on people’s routine behaviours with the ultimate goal of determining the “trustworthiness” of the country’s 1.4 billion citizens.
A few other stories I enjoyed reading recently.
How raising $5.5m, over 12 rounds of funding and five years nearly killed me | Jenene Crossan, Medium
Just How Bad Is Business Travel for Your Health? Here’s the Data. | Harvard Business Review
Blockchain beyond the hype... What is it good for? | 451 Research