Tag Archive for: started

Twitch’s security problems started long before this week’s hack

/in


A massive security breach at Twitch has exposed a wealth of information pertaining to the website’s source code, unreleased projects, and even how much the top streamers make. As data analysts and journalists work to decipher what exactly is contained in the hundreds of gigabytes of information, others are still wondering how this happened.





© Illustration by Alex Castro / The Verge


Such a breach seemed like it was increasingly likely to some. The Verge has spoken to multiple sources who claim that during their time at Twitch, the company valued speed and profit over the safety of its users and security of its data.

Loading...

Load Error

This data breach, which Twitch blames on an error to a server configuration, is the latest in a series of security and moderation problems that have plagued the Amazon-owned streaming platform. In August, hate raids in which marginalized streamers were subjected to uncontrollable numbers of bots spamming hate speech erupted across Twitch.

Streamers banded together to create the #twitchdobetter hashtag and organized a walkout on September 1st to bring attention to the problem and spur Twitch to deploy safety measures to stem the hate tide. In response, Twitch acknowledged streamers’ complaints, urged patience, and promised it was working on tools that would help to better protect streamers and their communities.

“You’re asking us to do better, and we know we need to do more to address these issues,” Twitch said in its response.

But hate raids didn’t just suddenly appear this summer and, according to a former Twitch employee, alarms were raised about the potential abuses of raids long before their hate variety exploded in August.

One source, who spoke to The Verge on the condition of anonymity, worked at Twitch from 2017 to 2019. They described an atmosphere where employees were very concerned about…

Source…

Malware analysis for beginners: Getting started

/in


Staying ahead of hackers and the latest malware requires a knowledgeable security team. Malware, especially ransomware, is constantly in the news, as hacker groups use it to attack companies and government agencies. More than 13 million attempted malware attacks on just Linux systems were detected during the first half of 2021.

The cybersecurity industry is struggling to find qualified infosec professionals to fill all the open positions. About 95% of security professionals say the security skills shortage hasn’t changed over the past few years. Now is a perfect time to get into the cybersecurity industry. So, how to get started?

Dylan Barker, a senior analyst at CrowdStrike, wrote Malware Analysis: Techniques: Tricks for the triage of adversarial software as an introduction to one part of the industry. “I thought it would be great if there was a quick reference out there,” Barker says. “I also wanted to inspire people just getting into the infosec industry. When people enter the infosec industry, they often think the only path for them is either sitting in a SOC [security operations center] and staring at Splunk all day or being a pen tester. There really are more exciting paths out there for blue teams [security analysts within a company] that maybe aren’t quite as popular.”

Barker calls malware analysis exciting and interesting. “We can gather all these IOCs [indicators of compromise] together and weaponize them. This will make life difficult for the adversary — or more difficult than we’ve historically made it. We can also assist coworkers, sys admins and other stakeholders defending a company’s systems.”

To help beginners entering the field of malware analysis, Barker’s book introduces key techniques and software. Readers learn how to set up a malware analysis lab. Barker also covers static and dynamic analysis methods and de-obfuscation techniques.

In this interview, Barker explains malware analysis for beginners looking to enter the field. He breaks down what to know and offers advice on how smaller security teams can succeed against malware attacks.

Editor’s note: The following interview was edited for length and clarity.

How would you recommend someone enter…

Source…

Identity management and zero trust: Where to get started

/in


The past year has taught us all a few things, from how much we value our health to what we take for granted regarding IT.

OPIS

The impact of the last year should be obvious, but the Verizon 2021 Data Breach Investigations Report laid it out clearly. During the past year, privilege abuse was the biggest cause of data breaches by far, and phishing, ransomware and use of stolen credentials all went up.

David Smith and Bernard Wilson, the US Secret Service agents quoted in the report appendix also pointed to lack of identity management as an ingredient for data breaches in more companies: “Organizations that neglected to implement multi-factor authentication, along with virtual private networks (VPN), represented a significant percentage of victims targeted during the pandemic. The zero-trust model for access quickly became a fundamental security requirement rather than a future ideal.”

So, after a tough year where security teams moved heaven and earth to keep their companies both productive and secure, it’s time to take stock. While some new identity management program implementations will be effective for the longer term, others will find gaps and assumptions that could lead to unnecessary risk. Reviewing your approach now should help you spot any areas where you can continue to improve and move toward a zero-trust security model.

Core identity and authentication

Zero trust starts with who you are authenticating and what they should have access to – otherwise called identity trust. Based on the directory which is your single source of truth and core identity provider, or IdP, this is what stores and authenticates the identities your users use to log in to their devices, applications, files servers, and more (depending on your configuration).

Traditionally, many organizations use a directory as their single source of truth, such as Microsoft Active Directory (AD) or an implementation of OpenLDAP. However, these approaches tend to be aimed towards larger organizations and require on-premises servers, networks, and hardware.

Today, the move to remote working has put more emphasis on cloud directory services that can support both cloud applications and the range of…

Source…