As usual, here it is the second part of the Cyber Attacks Timeline for the month of May 2012: a month particularly rich of Cyber Events. As you will probably know, the Flame malware has monopolized the attention, deserving the most attention from the Information Security Professional.
Actually this post is nearly a couple of weeks in delay (last week I was skiing in at the Italian Dolomites!!). (Un)fortunately now that I am back to home (and to work), I have choosen this Friday The 13th, while preparing my traditional Cyber Attacks Master Index for the first half of January 2012, to give a quick look to the past year in terms of my blogging activity in order to discover which where the posts which collected most views (more than 60,000 in total), of course excluding the home page.
We have not completely assimilated the BEAST vulnerability, and here it comes, from Bochum, Germany, another serious flaw involving Encryption, or better, involving XML Encryption.
XML Encryption, is a W3C standard widely used to securely transmit information inside Application-to-Application Web services connections. It was believed to be a robust standard mechanism to protect data exchange between a wide class of applications using web services and deployed in different sectors, for instance business, e-commerce, financial, healthcare, governmental and military applications. For the generic user a typical scenario involves, for example, credit card information encryption for a payment within an XML-based purchase order.
Advanced Persistent Threats are probably the most remarkable events for Information Security in 2011 since they are redefining the infosec landscape from both technology and market perspective.
I consider the recent shopping in the SIEM arena made by IBM and McAfee a sign of the times and a demonstration of this trend. This is not a coincidence: as a matter of fact the only way to stop an APT before it reaches its goal (the Organization data), is an accurate analysis and correlation of data collected by security devices. An APT attack deploys different stages with different tactics, different techniques and different timeframes, which moreover affect different portion of the infrastructure. As a consequence an holistic view and an holistic information management are needed in order to correlate pieces of information spread in different pieces of the networks and collected by different, somewhat heterogeneous and apparently unrelated, security devices.
Today the Information Security Arena has been shaken by two separate, although similar, events: IBM and McAfee, two giants in this troubled market, have separately decided to make a decisive move into the Security Information And Event Management (SIEM) market by acquiring two privately held leading companies in this sector.
The intention by UK-headquartered company Sophos to acquire Astaro, the privately-held security company co-headquartered in Karlsruhe, Germany and Wilmington, Massachusetts (USA) is simply the last effect of the process of vendor consolidation acting in the information security market. It is also the trigger for some random thoughts…
How many times, stuck in traffic on a hot August day, we hoped to have a pair of wings to fly through the clouds and free from the wreckage of burning metal.
Unfortunately, at least for me (even if my second name in English would sound exactly like Sparrows) no wing so far, miraculously, popped up to save me, nevertheless I am quite confident that, in a quite near future, I will be saved by the clouds even if I will not be able to fly, or better said, I will be saved by cloud technologies that will help me, and the other poor drivers bottled between the asphalt and the hot metal, under the ruthless August sun to avoid unnecessary endless traffic jams on Friday afternoons.
In the wake of the infamous LizaMoon which has flooded an impressive number of databases all over the world with SQL Injection, infecting more than 1,500,000 URLs according to Google Search, the next frontier of Information Security to which security vendors are likely to move, is the branch of application security. The last vendor in order of time to make an acquisition (just a couple of days before LizaMoon was detected) was
Intel McAfee, which decided to enter the database security market (estimated more than $ 600 million in 2012) acquiring Sentrigo, a Santa Clara based company focused on database security, former member of the SIA Technology Partnership Program (McAfee Security Innovation Alliance) and currently linked to McAfee by an OEM partnerships.
Il titolo dell’articolo apparentemente richiama la romantica Cloud City, città tra le nuvole che contraddistingue le gesta di Han Solo e Lando Calrissian nell’Episodio V di Guerre Stellari. In realtà alla Cloud City basta aggiungere un aggettivo ecologico per creare il termine Green Cloud City che identifica il progetto su cui stanno lavorando, su tre filoni paralleli, altrettanti colossi del settore, Cisco, IBM e Microsoft (in rigoroso ordine alfabetico) con l’intenzione di realizzare la Città del futuro, dove Mobility, Green ICT e Tecnologie Cloud si sposano per garantire servizi avanzati ai cittadini.
Il 2011 sarà l’anno della definitiva consacrazione del Cloud (soprattutto per le implicazioni di sicurezza). A conferma di questo arriva la notizia che la NATO adotterà tecnologia Cloud IBM per il proprio quartier generale di Norfolk.
Sebbene si preveda una diffusione massiccia da parte di tutta l’Alleanza Atlantica, è bene non farsi prendere da facili entusiasmi: all’inizio il sistema verrà usato da pochi utenti in un ambito ristretto (e isolato da Internet).