Tag Archive for: hat.

Black Hat: We Should Have Seen The Colonial Ransomware Attack Coming

/in


Few need to be reminded of the fears that the Colonial Pipeline hack caused in May of 2021, in which airlines scrambled to keep their planes fueled for long-haul flights and Americans across the eastern seaboard panic-bought gas in expectation of supply disruptions.

The severity of the Colonial Pipeline attack was a wake up call for cybersecurity industry leaders, government officials and the media. But speaking at the Black Hat Briefings conference last week, Kim Zetter, an award winning cybersecurity journalist, said that the private sector and the federal government should have seen the attack coming.  

AppSec/API Security 2022

Zetter, whose 2015 book Countdown to Zero Day provided the most thorough accounting to date of the Stuxnet worm attack on Iran’s nuclear enrichment facility at Natanz, used a keynote speech at this week’s Black Hat Briefings in Las Vegas to declare the Colonial Pipeline hack “foreseeable,” pointing to countless warnings given by government entities and cybersecurity experts on the high probability of attackers targeting these entities. 

AdobeStock_433257199_Colonial_Pipeline_sized

25 years of alarms on critical infrastructure cyber risk

And many of those warnings are not of recent vintage. For example, Zetter cited a 1997 warning by U.S. Federal Government officials about possible cyber attacks on critical infrastructure. In October of 1997, President Clinton’s Commission on Critical Infrastructure Protection emphasized the “increasing vulnerability of control systems to cyber attacks.” The Chairman of this same Commission wrote to the President in their report that the “capability to do harm–particularly through information networks–is real (…) and we have little defense against it.” 

Colonial’s cybersecurity is the norm, not the exception

Despite that, the state of America’s critical infrastructure has not changed drastically over the past 2 decades, with the American Society of Civil Engineers giving America’s critical infrastructure a “C-” grade in 2021. The capabilities of cybercriminals have improved as a result of vast advancements made in technology generally. What hasn’t changed over the years is these same criminals’ desire to target CI entities. 

In fact, there…

Source…

Ukraine’s cyber chief comes to Black Hat in surprise visit • The Register

/in


Black Hat In Brief Victor Zhora, Ukraine’s lead cybersecurity official, made an unannounced visit to Black Hat in Las Vegas this week, where he spoke to attendees about the state of cyberwarfare in the country’s conflict with Russia. The picture Zhora painted was bleak.

Zhora, who is the deputy director of Ukraine’s State Service of Special Communications and Information Protection, said cyber incidents in the country have tripled since February, when Russia invaded. 

Zhora told attendees that Ukraine had detected over 1,600 “major cyber incidents” so far in 2022, but reports don’t include elaboration on how such incidents are classified. A number of huge incidents happened between March and April, Zhora said, including discovery of the “Industroyer2,” an apparent successor to the Industroyer malware discovered in 2017.

Industroyer was a particularly nasty strain that was able to control electrical substation software and cause power blackouts, as well as damage equipment. Ukraine was hit by a similar malware called BlackEnergy in 2015.

Online attacks against Ukraine were a common tactic in the leadup to Russia’s invasion of the country in late February he said. DDoS attacks took many of Ukraine’s government agencies offline, and new malware strains were discovered in the leadup to the invasion as well. 

The Russo-Ukraine conflict has had global cybersecurity implications, including leading to a large spike in data-wiping malware, of which six significant new strains have been found this year.

Fortinet, which reported the jump, said it hadn’t uncovered more than one significant file wiper a year since 2012, and several years when it didn’t spot a new one at all. Of the strains discovered in 2022, all have been used against Ukrainian infrastructure and organizations – in other words the gloves are off. 

Back at Black Hat, Zhora…

Source…

Gravwell CEO Corey Thuen to Speak at Black Hat USA 2022

/in


Security Researcher to Discuss the How to Go Beyond the Limits of the SIEM with a Security Data Lake

 IDAHO FALLS, Idaho, July 27, 2022 /PRNewswire/ — Black Hat USA 2022, one of the leading computer security conferences in the world, provides security consulting, training, and briefings to hackers, corporations, and government agencies.

Gravwell (PRNewsfoto/Gravwell)

Gravwell (PRNewsfoto/Gravwell)

Crunch massive amounts of security data, gain observability at light speed, and improve threat hunting.

Security practitioners and leaders who want to learn why data lakes are becoming critical to improving security operations (i.e., SecOps) and how to use them to crunch massive amounts of security data, gain observability at light speed, and improve threat hunting should attend the session, “Go Beyond the Limits of the SIEM with a Security Data Lake.”

The session, led by Gravwell CEO and Cofounder Corey Thuen, will explore the fundamentals of time-series data lakes, how they differ from other ways of centralizing logs, and deep dives into some outlandish examples. The session will take place on Thursday, August 11 12:40pm-1:30pm PT at Mandalay Bay Resort & Casino in Las Vegas, NV.

Gravwell is also a sponsor at the Black Hat USA 2022 Conference. The company will demonstrate the latest innovations and technical enhancements to their enterprise data fusion platform that enables security teams to investigate, collaborate, and analyze data from any source, on-demand, all with unlimited data collection and retention. The company will discuss how the Gravwell platform is helping organizations prevent, detect and respond to the latest cyber attacks. The Gravwell booth is Booth #2817 and located in the Business Hall near Innovation City.

Interested parties can schedule a meeting with a Gravwell team member to discuss the latest in data analytics, get a platform demo and discover how Gravwell is transforming the way organizations interact and manage enterprise data. https://www.gravwell.io/blackhat

Who:
Corey Thuen, CEO and Cofounder, Gravwell

When:
Thursday, August 11th, 2022
12:40pm-1:30pm Pacific Time

Where:
Mandalay Bay K

Interview Opportunities:           
Corey Thuen is available to discuss the security…

Source…

Learn White Hat Hacking For Less with This Pre-Black Friday Sale

/in


Partner content by StackCommerce

We all think of hackers as mischievous troublemakers who wear hoodies and chug mountain dew, but despite what television shows you, these computer geniuses can work for good guys too. White hat hacking is one of the most well-known and lucrative sectors of the cybersecurity industry, and anyone who knows their way around it can set themselves up for a high-earning career. If this interests you, then you need to start with some education.

Check out The Ultimate 2021 White Hacker Certification Bundle, which is on sale for just $33.99 (reg. $1,345) with code SAVE15NOV during our Pre-Black Friday Sale. Once you’ve taken the 10 courses and near 1,000 lessons available in the bundle, you will have what it takes to defend any system from digital attacks. Immerse yourself in content on cybersecurity, ethical hacking, and more with leadership from top instructors Joe Parys and Nathan House.

House is a leading cyber security expert with nearly a quarter-century of experience and a 4.5/5 star instructor rating. His course The Complete Cyber Security Course, Vol. 1 Hackers Exposed has earned 25,373 positive ratings from nearly 150,000 students enrolled. It will show you how to stop hackers, prevent tracking, and counter government surveillance. There are 4 volumes of this course.

This bundle also features important certification preparation like the CompTIA CySA+ Cybersecurity Analyst (CS0-001) Prep Course, which helps students ace the high-stakes security analyst certification exams and become trusted professionals in the field. This class teaches students everything they need to know when responding to cybersecurity threats and attacks, and it will leave you ready to pass the pivotal CompTIA exam.

Check out The Ultimate 2021 White Hacker Certification Bundle, which is on sale for just $33.99 (reg. $1,345) with code SAVE15NOV during our Pre-Black Friday Sale.

Source…