Articles about incident response

ANZ Bank staffers drop slick incident response tool for Mandiant mobs

Security boffins at ANZ, one of Australia's largest banks, have offered their nightHawk incident response tools for organisations running free Mandiant tools. Mandiant's open source platform is fit for enterprises requiring incident response at scale, and can run off a laptop for many investigations. ANZ bank security …
Darren Pauli, 15 Jul 2016
Image by Walther S http://www.shutterstock.com/gallery-955900p1.html

The six stages of post-security incident grief avoidance

AusCERT Audio Security and forensics man Ashley Deuble has outlined the six stages of good incident response that if followed could bring an enterprise in line with Fortune 50 best practice. The Griffith University security manager says the steps of preparation; identification; containment; eradication; recovery, and lessons learned are …
Darren Pauli, 26 May 2016
wham_bang by Roy Lichtenstein

Israeli military techies cook up security alerts software

Lessons from building the threat intelligence platform for the Israeli Defence Force form the technical foundations of a new security startup called Siemplify. Siemplify’s tech is designed to contextualise threat alerts from the disparate array of security technologies on enterprise networks (anti-malware, intrusion detection …
John Leyden, 18 Feb 2016

Malware, restoring data: What keeps data center techies up all night

A majority of organizations polled in a data center and cloud security survey are dissatisfied with their malware containment and recovery times. More than half (55 per cent) of survey respondents were dissatisfied with the length of time it takes them to contain and recover from hacker infiltrations and malware infections, …
John Leyden, 15 Oct 2015
The Bundestag in Berlin. Pic: Hernán Piñera

Banking trojan besieges Bundestag … for the second time

Online banking trojan Swatbanker has been brought into play in a second round of attacks against the German Bundestag, reports security software firm G DATA. Investigation of the configuration files embedded in the malware have revealed that the Swatbanker botnet integrated new filter functions for the domain "Bundestag.btg …
John Leyden, 17 Jun 2015

Here's why the Pentagon is publishing its cyber-warfare rulebook – if China hasn't already hacked in and read it

The Pentagon has published an outline of its cyber-warfare strategy for the first time, revealing the conditions under which it will hack enemy nations. And Defense Secretary Ashton Carter, speaking at Stanford University, has named China, Russia, Iran, and North Korea as the US's greatest adversaries in computer security. …
John Leyden, 24 Apr 2015
JP Morgan HQ at Canary Wharf

JPMorgan Chase mega-hack was a simple two-factor auth fail

Hackers broke into JPMorgan's network through a giant security hole left open by a failure to switch on two-factor authentication on an overlooked server. The New York Times reports that technicians at JPM had failed to upgrade one of its network servers, meaning that access was possible without knowing a combination of a …
John Leyden, 23 Dec 2014

State Dept shuts off unclassified email after hack. Classified mail? That's CLASSIFIED

The State Department has suspended its unclassified email system in response to a suspected hacking attack. The unprecedented shutdown on Friday was reportedly applied to give technicians an opportunity to repair possible damage, as well as to apply security improvements. A senior department official said possible problems …
John Leyden, 17 Nov 2014
The Blue Mosque in Istanbul

HSBC Turkey WON'T reissue cards despite 2.7 MILLION account details going AWOL

HSBC Turkey has confessed to a security breach exposing the details of 2.7m credit card accounts but the bank has made a decision not to reissue cards after deciding that the data exposed is not enough to make fraudulent transactions. The compromise – limited to the international bank's business in Turkey – exposed credit card …
John Leyden, 14 Nov 2014
Photo of the White House at dusk

WHITE HOUSE network DOWN: Nation-sponsored attack likely

Hackers have disrupted computer operations at the White House after breaking into its unclassified internal network. The attack, blamed by US government sources on Russian hackers, has resulted in the disruption of some services while incident response teams work to contain the intrusion. The White House network is under …
John Leyden, 29 Oct 2014

FBI: Your real SECURITY TERROR? An ANGRY INSIDE MAN

Disgruntled workers are causing more problems for their employers, the FBI warns. Employees, ex-workers or contractors with a grudge against their former paymasters are abusing cloud storage sites or remote access to enterprise networks to steal trade secrets, customer lists or other sensitive information. Insider threats …
John Leyden, 25 Sep 2014
Lecpetex

Facebook scuttles 250k-strong crypto-currency botnet

Facebook has taken down a Greek botnet that at its peak compromised 50,000 accounts and infected 250,000 computers to mine crypto-currencies, steal email and banking details and pump out spam. The scuttled Lecpetex botnet spread malware including the DarkComet remote access trojan by social engineering techniques and was adept …
Darren Pauli, 9 Jul 2014
Cyber friends - Kiwicon 7

Australia and USA strike closer cyber defence alliance

Australia and the United States will forge tighter bonds in information security defence and incident response on the back of a White House meeting between the nation's leaders. The announcement contained scant detail on the arrangement and came as Prime Minister Tony Abbott and President Barack Obama agreed to new defence …
Darren Pauli, 13 Jun 2014
Photo of the White House at dusk

OK, Mr. President, those cybersecurity guidelines you ordered are HERE

The Obama administration has taken wraps off the Cybersecurity Framework, a new set of voluntary guidelines outlining ways that organizations involved in energy, water, transportation, and other critical infrastructure can shore up their digital security. The guide is the result of a yearlong collaboration between the National …
Neil McAllister, 13 Feb 2014

US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak

A US Department of Commerce agency has been chastised for spunking $2.7m chasing down a supposed major malware infection that was actually limited to a handful of PCs. The Economic Development Administration adopted a scorched earth policy - isolating itself from the internet before destroying more than $170,000 worth of …
John Leyden, 10 Jul 2013

Create a news alert about incident response, or find more stories about incident response.

Biting the hand that feeds IT © 1998–2018