GDPR in the US: After the British Airways Hack

Illustration: GDPR in the US: After the British Airways Hack - Authentic8 Blog

British Airways (BA) announced in September that it had fallen victim to a hack that affected the personal data of 380,000 passengers. The BA hack could be the first prominent test case for the European Union’s General Data Protection Regulation (GDPR) that went into effect in May.

How has GDPR impacted U.S.-based companies so far? Are they prepared for EU regulators cracking down on cross-border data protection failures and privacy violations? The BA attackers exploited a third-party vulnerability in the airline’s digital supply chain, taking a path we recently examined on this blog. What are the lessons to learn from the British Airways data breach?

On our Silo Sessions podcast, Authentic8 Co-founder and CEO Scott Petry discussed these questions as part of his ongoing GDPR conversation with Steve Durbin, Managing Director of the Information Security Forum (ISF).

P.S.: This Silo Sessions episode was recorded before the disclosure of the latest security breach at Facebook, a theft

Why You Should Be Fed Up With the Cycle of FUD

Illustration: Why You Should Be Fed Up With the Cycle of FUD - Authentic8 Blog

The upcoming election has created the perfect opportunity for the $100 billion cybersecurity industry to throw some fear, uncertainty and doubt — colloquially known as “FUD” — into the daily conversation.

Vendors see this as an opportunity to double down on their marketing to help congressional offices “defend democracy.” But they’re selling the same solutions that got these offices in trouble in the first place. Isn’t it time to try a different approach?

It’s important to understand that unlike other branches of government, each congressional office is responsible for their own security when it comes to their IT infrastructure. In many instances, offices outsource management of their systems to contracting agencies, which contributes to the problem.

Additionally, congressional offices and political parties were targets long before the industry took notice. Party staff are juicy targets for social engineering, phishing, and other forms of targeted attacks from APT groups. Stealing the data they’re holding can be a windfall for political adversaries

5 Must-read Resources for SOC and Threat Intelligence Professionals

Illustration: 5 Must-read Resources for SOC and Threat Intelligence Professionals - Authentic8 Blog

Have SOCs made enterprise IT more secure? Over the past months, multiple surveys, research reports and white papers on the success of Security Operations Centers (SOCs) and threat hunting were published that attempt to answer this question.

From various angles, researchers have gauged the impact SOCs and threat intelligence gathering (manually and automated) have on improving the IT security posture of companies in the U.S. and worldwide.

Businesses made significant investments in AI/machine learning-based automated threat detection and prevention tools over the past year. So what do they have to show for it?

If you’re planning a SOC or devising the budget plan for an existing one, check out the reports reviewed below for useful facts and actionable insights.

*

1) Security Operations Centers: Not a Success Story (Yet)

Security operations centers (SOCs) are facing critical staffing and retention issues that prevent them from realizing their full potential. This is one key takeaway from the new report The Definition of

10 Top Tools for Threat Hunters from Black Hat USA 2018

Illustration: 10 Top Tools for Threat Hunters from Black Hat USA 2018 - Authentic8 Blog

You weren't able to make it to Las Vegas this year? Check out these ten short reviews of useful tools for threat intelligence researchers and threat hunters presented at Black Hat USA 2018:

Xori: Automated Disassembly

Black Hat USA 2018: 10 Top Tools - Xori

Malware disassembly can be quite tedious, even with a bells-and-whistles IDA Pro license. If only there was a way to automate all of it. That’s where Xori comes in.

Amanda Rousseau and Rich Seymour created a new automated disassembly platform that’s not only free, but fast. Reverse engineers often come across dozens of sample variants from the same family of malware. Having the ability to dissect all the assembly code and tell the results apart, automated and at a fast pace is something need in their arsenal of tools.

There are two modes in Xori, light and full emulation. Light emulation enumerates all the paths in CPU registers, the stack, and you’ll see some instructions. Full emulation follows the code’s path (shows

Supply Chain Attacks: Shipping the Exploits

Illustration: Supply Chain Attacks: Shipping the Exploits - Authentic8 Blog

Malware inserted along the business supply chain can be far more effective than directly compromising a single company’s network. Local browsers, used by vendors and customers alike, open the door for attackers.

*
What do banks and airlines, law firms and software makers, shipping companies and concert ticket sellers all have in common? Their day-to-day business depends on tightly integrated networks of service providers and product vendors.

Without functioning IT, most of these supply chains would break down. Network breaches can - and with increasing frequency do - result in significant damages.

A different kind of box office hit

Two recent incidents illustrate the broad spectrum and impact of web-borne third-party risks. Vendor vulnerabilities pose a growing threat not only to digital commerce but also to traditional sectors, such as the global shipping and logistics industry.

  • The first example, from June, involved online box office Ticketmaster. The incident highlights the vulnerability of the digital economy to exploits introduced into the software supply