The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls
DATAINSIDER

Digital Guardian's Blog

Friday Five: 10/7 Edition



It's Friday! Catch up on the top infosec headlines with our weekly news roundup.

1. Source code of Mirai botnet responsible for Krebs On Security DDoS released online by Charlie Osborne

One of the largest DDoS attacks was on Brian Krebs’ security blog, Krebs on Security. It was caused by an army of IoT devices, raising concern about the security of smart homes, security cameras, and other “smart” devices connected to a network. Recently the source code for the botnet, dubbed Mirai, was published online by someone nicknamed “Anna-senpai”. Mirai spreads by scanning the web for IoT devices with either default or hard-coded passwords. This makes it easy for Mirai to gain access to vast networks of devices with little effort. Unfortunately, with the source code out in public and for free, this could and probably will lead to many more botnet attacks. For more info, read the full article.

2. You Can All Finally Encrypt Facebook Messenger, So Do It by Andy Greenberg

Following in WhatsApp's footsteps, parent company Facebook has now rolled out end-to-end encryption on its Facebook Messenger feature. If opted in, any of the 900 million users will be able to protect their messages from not only Facebook itself but also law enforcement and intelligence agencies. To opt in, users will find the "secret" option on the top right corner of a "new message" screen. Users will also be able to choose an expiration date for messages. Secret Conversations utilizes the Signal encryption system, developed by Open Whisper Systems. For more on Secret Conversations, head over to Wired.

3. Infographic: How to identify and avoid phishing attacks by Alison DeNisco

To ring in October, otherwise known as Cyber Security Month, DG created an infographic to help spread awareness of one of the greatest and most common threats to computer users of all kinds: phishing attacks. The first quarter of 2016 alone saw a 250% increase in phishing sites and associated email traffic, according to the APWG 2016 Phishing Trends Report. The infographic contains not only tips on how to mitigate the risks of a phishing attack but also covers how to identify many different types of attacks from text to email. For more info on phishing awareness, check out the full article.

4. N.S.A. Contractor Arrested in Possible New Theft of Secrets by Jo Becker, Adam Goldman, Michael S. Schmidt and Matt Apuzzo

Another contractor from Booz Allen Hamilton is being investigated for stealing highly confidential information from the NSA. While Snowden exposed surveillance programs in the US and abroad through a large amount of documents handed over to journalists, Harold T. Martin III possibly disclosed computer code developed by the NSA to hack into foreign state networks.Though the arrest took place in August, authorities are still unsure whether he leaked the code, passed it to a third party or just downloaded it. Either way, this high profile breach highlights the dangers of insider threats and the necessity for organizations to protect themselves. Read the full article on the NY Times.

5. Hacker Releases Tons Of Emails From Clinton State Department Insider by Chuck Ross

Once again, a hacker strikes against the Clinton campaign, adding to the score of political hacks against both parties. Believed to be operating for the Russian Government, this hacker leaked thousands of emails from Capricia Penavic Marshall, who worked under Clinton at the State department. The emails are separated into 8 categories from "Atlantic Council" and "Clinton Foundation" to "fundraising" and several more. The emails, dated from March 2015 through June 2016, appear to be authentic. Marshall not only served as chief of protocol from 2009 to 2013 at the State department but also worked during Bill Clinton's presidential campaign in 1992 as well as Hillary's senatorial campaigns. Head over to Daily Caller for more on the latest political hack.

Ellen Zhang

WHITEPAPERS

Stopping Cyber Threats: Your Field Guide to Threat Hunting

Ellen Zhang

Ellen is the Acquisition Marketing Manager at Digital Guardian, with nearly half a decade of experience in the cybersecurity industry. As the company's SEO and PPC manager, Ellen has spent numerous hours researching information security topics and headlines.