Friday Five: 1/29 Edition
Friday is here! Catch up on this week’s top security news.
Since its inception, Internet of Things technology has seen rapid adoption by consumers, but not without cautioning from the security industry. Internet of Things security was a hot topic this week after search engine Shodan introduced a new feature that enables users to search for webcams openly connected to the internet. Since then, researchers have been able to find vulnerable webcam feeds of just about anything you can imagine: from classrooms to banks and even webcam baby monitors. Read the article for more on this IoT security issue.
The BlackEnergy Trojan made news earlier this month when it was linked to a power outage in Ukraine believed to be caused by a malware attack. New information on BlackEnergy came to light this week when researchers uncovered more details on how the malware is spread. It turns out the malware – which is commonly used to target SCADA systems – has been spreading through Microsoft Office documents bundled with malicious macros. The latest research also indicates that the malware is likely being deployed by insiders with authorized access at target companies and may have been created as part of a nation-sponsored campaign. Read the article for the latest on the BlackEnergy Trojan.
This week started off with a frenzy around reports that Israel’s power grid had been hit by a “severe” malware attack. As more details of the story emerged, it became clear that the attack was a simple ransomware attack against the Israel Electric Authority and not the massive, state-sponsored critical infrastructure attack that it was initially believed to be. While the attack did impact the IEA’s internal network, it did not impact Israel’s power grid or any other critical infrastructure. For more on the story, read The Register’s article.
Amazon user Eric Springer published a blog post this week telling the story of a social engineering attack on Amazon Customer Service that exposed Springer’s personal information to an impersonator. With little more than Springer’s name and the details of a whois query of domains registered to Springer (mind you, Springer had deliberately used a spoofed home address when registering the domains so that the whois information would not be accurate), the attacker was able to trick an Amazon Customer Service rep into disclosing Springer’s real home address, partial order history, and account balance. While subsequent attempts by attackers impersonating Springer to try to reveal his credit card number failed, the incident exposed some serious authentication issues that make many customer service platforms breeding grounds for social engineering attacks. Read the article for more on Eric’s story.
5. Digital Guardian is a Leader in the 2016 Gartner Magic Quadrant for Enterprise DLP… AGAIN! By Greg Funaro
Yesterday saw the release of the 2016 Gartner Magic Quadrant for Enterprise Data Loss Prevention – Gartner’s first MQ covering DLP since 2013 – and we’re thrilled to see Digital Guardian positioned as a leader for the 4th consecutive time. The DLP market has without a doubt changed dramatically since the last report; solutions have grown more advanced while several vendors have consolidated, rebranded, or even left the DLP market entirely. Even deployment methods have changed, with leading vendors introducing managed DLP services in addition to traditional on-premise deployment options. Gartner offers a highly favorable review of Digital Guardian in the latest DLP Magic Quadrant – in fact, DG was the only vendor in the Leaders quadrant whose ranking increased along both axes: “Ability to Execute” and “Completeness of Vision.” Read the article and download the report for more.