Cyber Warnings E-Magazine - July 2016 Edition

1 Cyber Warnings E-Magazine – July 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide

CONTENTS CYBER WARNINGS
Published monthly by Cyber Defense Magazine and
distributed electronically via opt-in Email, HTML, PDF and
Who Hacked the DNC and What’s the Lesson for You Online Flipbook formats.
and Me? .......................................................................... 3
PRESIDENT
Adaptive Trust - A New Defense for Secure Enterprise
Mobility in the Middle East .............................................. 4 Stevin Victor
stevinv@cyberdefensemagazine.com
Protecting Vulnerable Data in a Paperless Workplace .... 8 EDITOR
Tis the Season for Fraud; Online Travel Scams Heat Up Pierluigi Paganini, CEH
Pierluigi.paganini@cyberdefensemagazine.com
...................................................................................... 11
ADVERTISING
Ransomware: The Great White Shark of Malware, and
What You Need to do About it ....................................... 14 Jessica Quinn
jessicaq@cyberdefensemagazine.com
How to report a corruption within your environment? .... 20
KEY WRITERS AND CONTRIBUTORS
Getting the Most out of Data Centre Firewalls to Ensure
Michael Netterberg
Cyber Security in Middle East Enterprises .................... 23 Mari Frank
Scott Waddell
Robust Security Platform = Policy Management + Mark Kedgley
Milica Djekic
Authentication + Authorization + Accounting................. 26 Kasey Cross
Ahmed Rezk
Enterprises and Individuals – Stay Ahead of Social Greg Mancusi-Ungaro
Dotan Bar Noy
Engineers on Social Media ........................................... 30 Mark Seward
Srilekha Veena Sankaran
The Balancing Act of BYOD - Keeping Employees Happy Interested in writing for us:
and Secure on Any Device ............................................ 34 writers@cyberdefensemagazine.com
Attention CISOs: Top Questions to Ask Your Threat

Analyst .......................................................................... 37 CONTACT US:
Cyber Defense Magazine

The security of water supply systems ........................... 41
Toll Free: +1-800-518-5248
Fax: +1-702-703-5505
4 ways in which profile scraping can affect social media SKYPE: cyber.defense
businesses .................................................................... 45 Magazine: http://www.cyberdefensemagazine.com
Copyright (C) 2016, Cyber Defense Magazine, a division of

NSA Spying Concerns? Learn Counterveillance ........... 48 STEVEN G. SAMUELS LLC
848 N. Rainbow Blvd. #4496, Las Vegas, NV 89107. EIN: 454-18-
Top Twenty INFOSEC Open Sources........................... 51 8465, DUNS# 078358935.
All rights reserved worldwide. sales@cyberdefensemagazine.com
National Information Security Group Offers FREE Executive Producer:

Gary S. Miliefsky, CISSP®
Techtips ........................................................................ 52
Job Opportunities .......................................................... 53
Free Monthly Cyber Warnings Via Email ...................... 53
Cyber Warnings Newsflash for July 2016 ..................... 56

Who Hacked the DNC and What’s the Lesson for You and Me?
Friends,
There have been so many breaches as of late (remember nearly 300M

records stolen last month, alone) that it seems any group with important
information, including emails of a political organization, can easily become a
target.
According to numerous sources, the malware used in the Democratic

National Party (DNC) email breach was created by a group known as APT 29
and the malware used is called HammerToss – both of Russian origins.
Does this mean it was the Russian government? Probably not. Really smart ‘hacktivists’ (maybe those
who are pro-Bernie Sanders) might have been so upset with what they are calling a “rigged” system in the
USA, that they could have re-used this malware and rented servers in Russia, pointing at the Russian
government or APT 29 when it might have been US-based hackers. Time will tell. What’s interesting to
me, as an INFOSEC professional, is the new methods that cyber criminals have come up with to hack. I
remember recently reading how the Israeli government developed ‘eavesdropping’ software that secretly
causes the fan speed of the cooling fan on the power supply to speed up and slow down, just enough to
be audible and each change is a different bit of data (see my related
article: http://www.cyberdefensemagazine.com/fansmitter-exfiltrating-data-from-air-gapped-devices-via-
fan-noises/ at CDM).
Now, we’re looking at malware that is a remote access Trojan (RAT), nothing new here, right? We’ll,
actually, it brilliantly uses TWITTER to transmit the stolen information and allows for remote control. Most
firewalls are not blocking traffic to and from social media outlets – especially political groups like the
DNC. Therefore, having the ability to control malware remotely and steal information, such as thousands
of emails, all through a social media platform as ‘cover’ is brilliant. This is just the beginning.
It seems to me, now is the time, more than ever, to heed @Miliefsky consistent warnings about how
STRONG ENCRYPTION is good for any nations security and helps people reclaim their privacy. The
message from the DNC experience is simple – you will be hacked, the data will be stolen so why not
make it difficult to parse or read the information by leveraging strong encryption? There are so many free
and powerful open source encryption tools from OpenPGP to OpenSSL, Stunnel, OpenCA and much
more. Do some research on best email encryption tools, best hard drive encryption tools, best file
encryption tools and you might be one step ahead of the next attacker. Yes, they will get in, but no, they
won’t be able to leverage the data without having both the public and private keys. Keep them safe and
you’re being more vigilant than the DNC or any other group with valuable data waiting to be stolen.
Read on and learn more best practices in INFOSEC in this month’s edition of Cyber Warnings.
To our faithful readers, Enjoy
Pierluigi Paganini
Pierluigi Paganini, Editor-in-Chief, Pierluigi.Paganini@cyberdefensemagazine.com
Adaptive Trust - A New Defense for Secure Enterprise Mobility
in the Middle East
Summary: BYOD, cloud and the Internet of Things are changing enterprise defense plans
to guard against points of attack inside the network perimeter. These new ways of
connecting to secure resources have changed the way traditional threat radars work –
protecting threats from the outside.
An HR director, a salesperson visiting with your engineering team, and a network administrator
walk into office at 9am. Each is carrying a coffee in one hand, a smart phone in their pocket and
a laptop over the shoulder. Within minutes of entering the building, they all log in to the Wi-Fi
network and blend into the mobile workforce.
These tech-savvy, and Wi-Fi loving users expect to connect and work from anywhere on any
device – and they want connectivity without extraneous layers of security that slow them down.
It’s this workforce and expectations that are turning security inside out.
What’s happening faster than anyone imagined is the dilution of the fixed perimeter that
surrounds the enterprise. Before workforces went mobile, IT invested tons of time and
resources into building a crack-free perimeter that prevented outside threats from coming into
the enterprise. They locked down the network with gateway firewalls, intrusion prevention
systems, anti-spam, URL filtering and other security solutions to close off possible entry points.
But in our more mobile-centric world, the biggest threats now come from inside the network.
Infected laptops and smart phones walk right through the front door and connect directly to the
network without IT’s knowledge. When you count the attacks initiated from those unsecured
user devices, the loss of sensitive data on mobile devices and risky end user behavior, they add
up to more than 90 percent of enterprise security breaches.
Lost devices alone pose a serious insider threat. In 2014 thieves stole 2.1 million smartphones
in the United States and another 3.1 smartphones were lost. The missing devices are often all
someone needs to gain access to a company’s valuable data and critical business systems.
Remember the mobile workers from earlier? The HR director’s laptop could have access to the
direct deposit information for the entire company, and the network administrator most likely has
the credentials to access 70 percent of the systems in the company.
Stats are only beginning to trickle in that highlight the potential threat of the Internet of Things.
Clearly, billions of devices will connect to the Internet in the coming years, but how will they
impact the enterprise? According to The Internet of Things 2015 report, the largest adopter of
IoT ecosystems will be businesses, not consumers.

According to Gartner, businesses are projected to have from 11.2 to 20 billion IoT devices
installed by 2020. As smart meters, IV pumps, manufacturing robots, farming equipment, and
even conference rooms connect, the network must get smarter and be able to classify and
understand the behavior of IoT devices automatically in order to keep the enterprise safe.
When Context Controls Connectivity
Between the mobile devices already on the network and the IoT devices that are coming, the
inside of the network has become a soft underbelly. It demands a different type of security
approach—one that starts on the inside and extends beyond the perimeter, and can adapt to
the dynamic nature of users—and mobile-oriented threats—those that can originate from
anywhere.
The hallmarks of this security approach are: shared contextual information and adaptive
controls based on mobility needs. By recognizing that no two users are alike, an adaptive trust
approach allows IT to define more personal policies that are mapped to individuals or groups
that share similar roles and business objectives.
Going back to our initial trio, the visiting salesperson gets guest access allowing them to reach
only the Internet—this after meeting sponsor acknowledgement and device compliance. While
guest access is a familiar scenario, context-based policies get more interesting when applied to
the two employees.
Enforcement can now be based on user role, device ownership, MDM/EMM status, and even
location. The network administrator has full privileges from his laptop while he is in any
company-owned building. At home, his privileges drop somewhat and they are different for his
laptop and his smartphone.
The HR director has full access to all systems when onsite, and when working from home on
her laptop. When traveling she is limited to emails and approvals from her mobile device. For
vacation, review, or budget approvals, the HR director also has the necessary multi-factor
authentication credentials to move the approval into the workflow cycle.
This added layer of security ensures that automated processes are only initiated by approved
personnel. If the mobile device is stolen, a thief has no access to the company’s systems or
private employee data.
User role, device type, ownership, status and location are some of the relevant contextual
information that allows IT to create policies that allow or deny access on a case-by-case basis
without leaving the enterprise completely exposed to new threats.

A Secure Network is a Healthy Network
Enterprises that have moved to an adaptive trust approach are responding confidently to the
demands of BYOD, cloud, and IoT. Consulate Health Care is among the security thought
leaders that have moved to an adaptive trust approach that protects against insider threats. The
health care center had hundreds of company-issued mobile devices and thousands of guest
devices that connected to the network daily, but security wasn’t air tight.
Consulate wanted to assign policies to the connecting devices based on user role and device
that would serve both visitors and employees and protect patient information and other private
healthcare data. The new defense approach provides the center with much better security
around its intensely dynamic mobile environment.
Prior to establishing a valid connection, corporate-owned and personal devices must meet
compliance policies. Devices failing to meet requirements are automatically quarantined and the
users are asked to resolve the issues.
Once recognized as compliant, patients, residents and family members can complete the self-
enrollment process for Internet access that won’t affect the security of the internal network.
However, when the center’s health care employees connect to the network, they are granted
access to internal resources.
Based on user role and device ownership IT can easily define which resources they should
have access to – thus reducing the chance of compromising patient information. Consulate is
now much more confident that its data and systems are safe from any insider threats.
When enterprises take an adaptive trust approach, IT can make smarter decisions about how
users and devices connect and how their access privileges are enforced. This is required for
today’s mobile workforce – which will continue to push the boundaries of network security for
years to come. In this fast-paced, upwardly mobile world, the best defense is being able to
adapt.
About the Author
Michael Netterberg, Solution Architect, Networking at Aruba, a Hewlett

Packard Enterprise company

Protecting Vulnerable Data in a Paperless Workplace
By Mari Frank, attorney, privacy expert and member of the 3M-sponsored Visual Privacy
Advisory Council
Going paperless can do more than save trees. It can help organizations be more productive,
reduce document storage and handling costs, and improve access to information.
In the financial services industry, the shift from paper to electronic statements is helping reduce
the industry’s printing and distribution costs, which until recently totaled almost $20 billion
annually. A study also found that using electronic forms in place of paper can help improve
banking productivity by nearly 40 percent.
For law firms, going paperless can help reduce the time and costs associated with managing
vast amounts of documentation, and help make attorneys more available to clients.
Consequently, two-thirds of attorneys at some of the country’s largest firms predict that law
firms will be paperless by 2020.
Meanwhile, the Obama administration has ordered federal agencies to eliminate paper and use
electronic recordkeeping “to the fullest extent possible” by 2019. Some of the reasons for this
move include helping agencies minimize costs, improve performance, and promote openness
and accountability.
For all the benefits of going paperless, however, organizations should be mindful of the privacy
and security risks that can come with it.
More Vulnerable Data
By its very nature, a paperless workplace involves more content being accessed, managed and
displayed in digital form. This content can often include sensitive or confidential information,
such as customers’ personal or financial data, company financials, and payroll information.
Clearly, organizations will need to re-examine their cybersecurity efforts to help protect this
information from hackers. But technical controls can only go so far. Organizations should also
consider the physical and human elements of protecting data as part of a move to paperless
processes.
For example, moving to a paperless workplace typically involves a wider range of workers
gaining access to a greater amount of digital content. It also involves using a more diverse mix
of devices that access the content, especially as workforces continue to become more mobile.

The result: data is more accessible, and more exposed than ever before. This can create
opportunities for insider threats or for other ill-willed individuals known as visual hackers, who
can capture exposed data with something as simple and ubiquitous as a smartphone camera.
Updating Privacy and Security Efforts
Security and privacy policies must be revised to address the visual privacy and security risks
that come with going paperless. This should begin with privacy and security audits. From there,
the appropriate mitigation methods can be implemented based on the identified risks or threats.
One of the easiest measures to implement in a paperless workplace is privacy filters. They
apply directly to the screen of a laptop, desktop monitor, smartphone or other mobile device to
blacken out the side angled views of onlookers. Additionally, device screens themselves should
be directed away from public areas to reduce the risk of exposing data to unauthorized
individuals.
Organizations should also train workers to be aware of their surroundings. Visual hackers are
like any other hacker in that they want to exploit security gaps – and those gaps can come in the
form of workers who let their guards down for mere seconds.
It’s also important that security and privacy efforts don’t become lax when it comes to physical
documents, as most organizations likely won’t ever be 100 percent paperless. Documents
should be destroyed after they are electronically scanned. Printers and fax machines should be
kept in secure locations. And clean-desk policies should be enforced.
By implementing these basic but important measures, organizations can realize the benefits of
going paperless and help protect the privacy and security of their most valuable data in the
process.
About the Author
Mari Frank, an attorney and certified privacy expert, is the author of the "Identity Theft Survival
Kit," "Safe Guard Your Identity," "From Victim to Victor," and "The Guide to Recovering from
Identify Theft." Since 2005, she's been the radio host of "Privacy Piracy," a weekly show on
KUCI 88.9 FM in Irvine, CA and Kuci.org, dealing with privacy issues in the information age.
She consults with companies on privacy issues and mediates privacy disagreements so
disputants can resolve their privacy/technology issues privately and confidentially without a
court battle.

Tis the Season for Fraud; Online Travel Scams Heat Up
By Scott Waddell, Chief Technology Officer at iovation
It’s well documented that during the summer, travelers take to the road and sky in droves
embarking on new adventures and arriving at exciting destinations. So it’s no surprise that also
during the summer, they turn online to book flights, hotels and rental cars.
Correspondingly, a growing number of cybercriminals also go online during the summer to

perpetuate fraud against travel sites. After analyzing the billions of transactions we screen
annually for fraud here at iovation, we found that fraudulent activity perpetuated against online
travel sites increased significantly during summer months of June, July and August. Our
research also suggests consumers utilize mobile devices on the road to book their travel for
greater convenience, and that fraudsters seek the same advantage.
All this gloom and doom is fine and dandy, but without insights into what to look for when it
comes to both fraud and legitimate transactions, companies are fighting fraud and trying to
serve their most valued customers with one hand tied behind their back. Therefore, along with
the top-level analysis, we are breaking down what to look for when it comes to good vs.
fraudulent transactions, device types and geography on online travel sites during the summer.
Rises in Summer Transactions and Fraud
Total Transactions—The volume of online travel transactions during an average summer month
was higher than a typical month the rest of the year. This uptick is consistent year-over-year:
 Eight percent in 2015

 Thirty-nine percent in 2014
 Three percent in 2013
Mobile Usage—Travel transactions conducted from a mobile device during an average summer
month were higher than a typical month the rest of the year by:
 Fourteen percent in 2015

 Forty percent in 2014
 Thirty-six percent in 2013
Travel Fraud—The amount of fraudulent online travel transactions during an average summer
month was higher than a typical month the rest of the year by:
 Nine percent in 2015

 Nine percent in 2014
 Twenty-three percent in 2013

Mobile Fraud—Much like legitimate mobile purchases, online travel fraud originating from a
mobile device increased during the summer months by:
• Eighteen percent in 2015

• Eleven percent in 2014
• Twenty-three percent in 2013
Device Type—Over the years, the following devices saw the largest increase in online travel
transactions conducted from them during an average summer month:
• 2015:
o Android devices at 16 percent
o iPhones at 13 percent
• 2014:
o Windows desktops and laptops at 39 percent
o Macs at 36 percent
• 2013:
o iPhones at 59 percent
o Android phones at 57 percent
Denied Transactions by Country—Typically, African countries have the highest percentage of

fraudulent transactions, but Europe leads the way during the summer. In 2015, we found the
highest percentage of fraudulent transactions based on denied transactions by country were:
• Tunisia at 7 percent
• Morocco at 3 percent
• Spain at 2 percent
• Italy and France rounding out the top five
As the days heat up, it’s our hope that online travel companies use this trend data to better ice
fraudsters. Happy travels!
About the Author
Scott Waddell, Chief Technology Officer at iovation

Ransomware: The Great White Shark of Malware, and What You
Need to do About it
‘STOP! Are you really sure you want to load this attachment? Are you certain that this link is
safe?’
A prompt from your computer may be the difference between a disastrous Ransomware
infection and a regular day at the office.
Right now, Ransomware is the Great White Shark of cyber-attacks, the most feared malware of
all, and both corporate and home users are running scared.
And rightly so - Anyone who has had experience with Ransomware, will attest to the agony and
disruption.
But instead of worrying about an attack, what action can be taken to safely venture back into the
water and not necessarily “with a bigger Boat”?
Who should be aware of the Ransomware threat?
Home User: The home-user community for ransomware has been highly active for a few years
now but has escalated in recent months. Being given just hours to either pay the ransom or lose
permanent access to everything on your personal computer is a stark choice (often enough to
precipitate agreement to the extortion).
What value would you put on all your personal documents, photos, music, etc?
Corporate User: The stakes are even higher for a corporation, where the absolute dependency
on IT systems means ransomware could threaten the very life of the business itself.
In the case of the LA Presbyterian Hospital, this threat to life was more literal, in that patient
systems were under threat from Ransomware – the hospital paid the equivalent of $17,000
dollars in BitCoin as the “quickest and most efficient way to restore our systems and
administrative functions”; and just like that a dangerous precedent was set! More details later.
How does Ransomware typically attack systems?
Email – phishing, be it the mass, spear or now whale variety for corporate targets – is still the
most common means of invoking a Ransomware attack. The home-user ‘market’ for the
extortionists lends itself to mass-emailing, but this means that the malware can just as easily
end up on Corporate Workstations.

Significantly, now that there has been a very public precedent of a hospital paying a ransom,
expect to see greater targeting of corporate targets.
The first thing we need to establish is the fact that Ransomware is no different than any other
form of malware in terms of its delivery means – usually, but not exclusively, via email with
either malware attachments or links to infected websites.
The difference - and the scary part - is how it is used to extort money from victims.
Once the malware has been invited onto a user’s computer it can then get to work, encrypting
files before announcing its presence and declaring its ransom demand. The nature of its
immediate demands and very tangible threat is precisely what makes it more feared than other
malware.
However, your line of defense and your approach to preventing Ransomware should be the
same as it would be for any other Malware. Don’t be thrown by the sensationalism surrounding
Ransomware – Pragmatism should always prevail.
Corporate Ransomware Case Study
LA Presbyterian Med Center Case Study: The fact that this was a relatively quick and easy
‘Hack for Cash’ is driving this predicted trend. The LA Presbyterian Medical Center attack
speaks to both the targeting of Healthcare as well as the increase in Ransomware.
The assault on Hollywood Presbyterian occurred Feb. 5, when hackers using malware infected
the institution’s computers, preventing hospital staff from being able to communicate from those
devices, said Chief Executive Allen Stefanek.
The hacker demanded 40 bitcoin, the equivalent of about $17,000, he said.
“The malware locks systems by encrypting files and demanding ransom to obtain the decryption
key. The quickest and most efficient way to restore our systems and administrative functions
was to pay the ransom and obtain the decryption key,” Stefanek said. “In the best interest of
restoring normal operations, we did this.”
The hospital said it alerted authorities and was able to regain control of all its computer systems
by Monday, with the assistance of technology experts. Phil Lieberman, a cybersecurity expert,
said that, while ransomware attacks are common, targeting a medical institution is not.
“I have never heard of this kind of attack trying to shut down a hospital. This puts lives at risk,
and it is sickening to see such an act,” he said. “Health management systems are beginning to
tighten their security.” http://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-
bitcoin-20160217-story.html

CryptoLocker - Best avoided!
You don’t want to see this Classic Ransomware operation - after the malware is in place, a
unique encryption key is generated for each computer infected and is used to encrypt data on
the machine. If the ransom is not paid within the allotted time the files are lost forever.
Make sure backups are up to date and isolated from the computer, otherwise they may be
encrypted too.
So- What should you be doing right now to prevent Ransomware?
Over and above standard firewalling and anti-virus protection, there are additional defenses that
should be in place to defend against phishing, given that this is the primary delivery mechanism
used. Unfortunately, phishing is, by design, notoriously tough to prevent, due to its cunning and
devious methods.
The malware is invited in by the recipient, typically either by opening an attachment or by

activating/ downloading a link, thereby largely subverting Corporate IT Security.
The best approach is to therefore harden the user workstation environment, to prevent malware
activity where possible and to at least place more obstacles in the way when not.
As with any hardening program, a balance must be found between strong security and
operational ease of use.
The majority of exploitable vulnerabilities can be mitigated within the Workstation Operating
System, and further protection can be provided using manufacturer extensions such as
Microsoft’s EMET (Enhanced Mitigation Experience Toolkit) and Windows Defender or 3rd Party
AV.
Secure the Desktop and the User
But when it comes to users’ emails and their content, accurately protecting against the bad
while allowing the good is beyond any technological solution.
While blocking all email attachments and links would improve security, there aren’t many users
that would sign up for this. A more graded approach to protecting the user is needed.
And in fact this solution already exists for most browsers and the Microsoft Office Applications.
Controlled by Group Policy, the desktop applications otherwise used to welcome in
Ransomware can be fine-tuned to mitigate exploitable vulnerabilities while requiring elevated
approval for other functions – this may slow the user down for certain tasks, but that additional
pause for thought while the system prompts for approval elevation will ensure security hygiene
is observed.

For example, MS Outlook security policy options are available to control:
 How administrator settings and user settings interact in Outlook 2013

 Outlook COM add-ins
 ActiveX and custom forms security
 Programmatic Access settings
 Settings for Attachments, Cryptography, Digital signatures, Junk email, Information
Rights Management and Protected view
Similarly, fine grain security settings are available for Excel, Word, PowerPoint and Office, all
serving to mitigate vulnerabilities within the application that could be exploited by an attacker,
overall bolstering Ransomware defenses.
Likewise for contemporary browsers like Chrome, Firefox and Internet Explorer, antiphishing
controls should be enabled alongside other built-in security measures that are often disabled by
default.
Key Questions Regarding Desktop Application Hardening
 Which settings need to be set and which are optional?

 What are the implications in terms of user experience and application function if security
settings are enabled?
 How do you actually apply the necessary secure configuration, and how do you do it in
bulk for your entire IT estate?
Help is at Hand: 5 Steps to Mitigate the Ransomware Threat
1. Hardening Homework: While organizations like The Center for Internet Security (CIS),
NIST and the National Vulnerability Database provide system hardening guidance, you’ll
still need to work out what is right for your users
2. Leverage Automation: Most scanners and FIM solutions will provide fast, automated
reports to establish where vulnerabilities exist, while the best options will also provide
remediation advice, or better still, Group Policy or Puppet templates to automatically
apply a hardened configuration to Workstations and their Applications.
3. Change Control: You’ll also need to make sure that patching is up to date as a further
means of closing of exploitable vulnerabilities, but think about getting more structured.
Change control is a key security best practice when done right, makes a cyber attack
much easier to detect and head-off before lasting damage is done

4. Ransomware: If you can’t stop, make sure you can spot it. There still is no such thing as
100% security, so while your emphasis will be on prevention, accept that detection of a
breach is going to be a necessary contingency.
This is where FIM and SIEM systems also enhance security, by analyzing system
activity for signs of suspicious behavior.
5. Rip it up and start again: And if you do fall victim to Ransomware, think how grateful you
will be when you can simply scrap a Desktop, re-image it and recover all data, all in its
useable, non-encrypted state.
Goes without saying that backups are critical, but make sure the restore process works
by testing regularly.
About the Author
Mark Kedgley is Chief Technical Officer at New Net Technologies (NNT)

where he is responsible for driving ongoing product development; his
primary objective being to continually push NNT’s data security and
compliance solutions to protect their customers’ sensitive data against
security threats and network breaches in the most efficient and cost
effective manner, whilst being easier to use than anything else out there
in the market.
Mark has been CTO at NNT since 2009, and has over 20 years’ experience in IT business
development and sales. Mark combines a visionary yet pragmatic approach to IT: combining not
just the ability to analyse business issues and scope technological solutions to address needs,
but to also deliver product that is both fit-for-purpose and future-proof.

How to report a corruption within your environment?
The corruption is a financial crime that may occur everywhere including the both – private and public
sector. The people who would raise awareness about these incidents are called whistleblowers and if
they continue giving their effort to the case – they may become the reliable sources of information.
Through this effort, we intend to discuss how the corruption may work in a practice and how the case
involving a source of reliable and highly accurate information may get proceeded through the investigative
process.
What is a corruption and why it matters?

The corruption is so common financial crime and may appear everywhere where people
adopted the bad habits. Some societies got a quite high level of corruption, while the others
practically deal with no corruption at all. How it works in a practice? It’s a quite good question
and we would try to illustrate through some examples how people deal with this sort of
criminality. First, it’s well-known that people appreciate something valuable and to get so – they
would get ready to make many favors and advantages misusing their position, reputation or
influence. For instance, if you offer to a corrupted police officer some money, he would not issue
you a charge. Similarly, if you gift your doctor, he would provide you the better treatment in the
hospital. Also, if your parents pay to your teacher, you would get the better marks even if you do
not deserve them at all.
There are heaps of examples that may illustrate you how it works in the societies with the high
level of corruption and the fact is this is something that you would face on nearly every single
day if you live in such a country. Some people would not get ready to stay silent and blind to
these occurrences and they would get a bravery to talk about these issues. They may try to
alarm the authorities about these situations for the reason they cannot take the injustice within
their society. They would simply believe it’s unfair that someone would get privileged if he got
money to pay for a favor – even if we all are equal in front of the law. Those guys simply called
the whistleblowers would report through e-mail, phone, post or in person about the cases
including the corruption. If the authorities decide to open the investigation – they would try to
involve these guys offering them the status of source who may regularly or ad hoc send the
information about this sort of crime.
We are aware of that many people from a developed world cannot imagine how it works in the
developing countries and why the corruption may get such a serious social concern. For
instance, myself as someone who comes from the developing country such as Serbia could talk
about many of these cases. So commonly, even the media would support the people who would
talk openly about the corruption and even sacrifice their employments and peaceful lives to
prove that this bad social phenomenon exists in this part of the world. Those people deserve the
protection from the entire country and, unfortunately, the experience would suggest that the
entire society may get so cruel about their effort to make a change and prove something
inappropriate would be happening in their community. We would strongly recommend to
everyone being interested into this topic to think about the possible models, procedures and
scenarios of handling and supporting this fighters to the better world.
The ways of starting the case
The best way to start the case is to get some information from the person being complaining
about some irregular occurrence. Sometimes these guys would just offer the first-hand
information and not appear as willing to participate in the investigation. The Police Force should
find the way to discretely encourage the source of information to update the investigation with
some findings from time to time. Some people being so talented to the policing tasks would
willingly handle their part of the job. In a practice, the witness of crime may get friendly,
unfriendly and neutral. It’s obvious why someone may show some sort of revolt about the
authorities – probably for the reason of the complete dissatisfaction with the situation in the
society. Also, those guys being so skillful in policing roles would willingly share the information
with the Police and they would so commonly feel so proud to themselves because they may
support the authorities. The biggest challenge is working with the neutral witness for the reason
– it’s quite trickery to involve him into the case. Even if the witness got unfriendly – it’s much
easier to obtain the information from him because you can always challenge him to talk and
even if he gets a negative opinion about the Police Force – he would say many of those despite
to the authorities. The neutral informant usually requires the special effort and lots of hard work
making him attracted to tell anything.
How to manage your source of findings?

Here, we would discuss how your sources of findings may deal in a practice and so common
way to manage your source is through cyber technologies. Today, it’s so usual that a defense
community would use computers, internet and mobile devices to collect the information from
their informants. So common way of dealing with the sources is through the Deep Web and in
many cases, the Police or the intelligence community would use the Tor to talk to their
informants. This is quite secure way of the information gathering offering to all the high level of
anonymity as well as a great amount of safety to the source of findings.
The concluding remarks

Finally, we would conclude this effort with the advice that a security should follow the
technological development of the human kind and try to take advantage of our progress to
obtain things being important to its tasks. Some security principles would never change and it’s
only about the new stuffs that would require new skills from the Defense Forces.
About The Author
Since Milica Djekic graduated at the Department of Control Engineering at

University of Belgrade, Serbia, she’s been an engineer with a passion for
cryptography, cyber security, and wireless systems. Milica is a researcher
from Subotica, Serbia. She also serves as a Reviewer at the Journal of
Computer Sciences and Applications and. She writes for American and Asia-
Pacific security magazines. She is a volunteer with the American corner of
Subotica as well as a lecturer with the local engineering society.

Getting the Most out of Data Centre Firewalls to Ensure Cyber
Security in Middle East Enterprises
Firewalls are an integral part of multi-layered defences for businesses. Today’s Next-Gen
firewalls secure the enterprise network and allow organizations to combat emerging cyber
threats.
Some of the latest data centre firewall products have capabilities including blocking volumetric
and application-layer DDoS attacks, advanced server load balancing, data acceleration and
SSL offload, multi-tenancy, flexible data filtering and so on.
However to get the most out of firewalls, enterprises need to pay attention to the areas outlined
below:
Performance-test your firewalls

Don’t judge your firewall just by how it performs in its default state. A lot of the applications and
services that used to be hosted in the data centre are SaaS and cloud-based these days. The
packets of traffic generated by mobile devices such as smartphones and tablets that need
network access have added to the volume of traffic that must be vetted at the network edge.
Security devices that are ill-equipped to handle the volume and the somewhat unpredictable
nature of the traffic can end up seriously increasing latency and degrading the performance of
critical applications and services.
Firewalls these days have a much bigger load to handle than before. Consider how your policies
impact performance. Make sure policies are written in such a way they don’t slow down
performance. Test the performance capabilities of your firewall when all rules are configured,
not when it's in its default state.
Inspect the encrypted stuff

Make sure you can inspect all traffic including the encrypted stuff. A lot of the traffic entering and
exiting a network use Secure Sockets Layer (SSL) and Secure Shell (SSH) encryption to protect
data in transit. While that’s generally a good thing, the problem is that threat actors also use
encryption to hide malicious activity and to conceal communications with compromised systems.
By some estimates, more than one third of all traffic that hits a corporate network is encrypted.
Without a way to decrypt the traffic, your firewalls are going to be blind to any attacks that a
threat actor might slip in via encrypted traffic or to any data extraction that might be going on the
same way as well, she says.
While some newer firewalls are able to decrypt and inspect encrypted traffic, many do not. If
your firewalls fall into the latter category, it’s a good idea to have a way to intercept the SSL

traffic before it hits your firewall so it can be inspected before being re-encrypted and sent to its
destination. Several vendors sell proxy servers that do the interception at a high enough speed
there is no degradation in performance.
If you don’t want to, or cannot inspect all encrypted traffic that is entering or exiting your
network, you instead can specify traffic the traffic you do want to look at by source or by
destination.
Review your rules

Make sure to audit and review your firewall rules periodically. You might have started with a
relatively clean set of rules and strict policies for blocking things at the network edge. But over
time rules have a way of becoming obsolete, redundant and conflicting.
They also have a way of becoming a lot more permissive than the original rules set. It is not
unusual at all for firewall administrators to start adding rules to accommodate requests from
internal users about rules that might be preventing access to resources they legitimately need.
Over time, such requests can make your rules base a lot less clean than it was when you
started out and before you know it you are allowing in traffic that you previously would have
restricted.
Conflicting rules and misconfigurations are bad enough when you have just a handful of
firewalls to manage. But they become a lot harder to catch in organizations that have numerous
firewalls and administrators.
Generally, it is a good idea to review your rule sets every six months. Remove the obsolete, the
unused, and expired rules. When adding new rules, make sure to look at existing rules first so
they don’t duplicate or conflict with something that might already be in place.
In order to ensure security of your organization, it is important to put the above processes into
practise.
About the Author

Kasey Cross, Security Evangelist and Sr. Product Marketing Manager at A10
Networks

Robust Security Platform = Policy Management + Authentication
+ Authorization + Accounting
Navigating the landscape of enterprise security can be daunting – the threats typically fly under
the radar, and the broad array of malware, hacks and data theft shows real innovation. Worse,
the level of malicious sophistication is also on the upswing. In tandem, corporate users enjoy
communicating, computing and transacting business on a variety of wired and wireless
networks – using multiple devices. And the threat vectors continue to grow, exponentially.
Consequently, IT departments are turning to policy management platforms that give them
visibility into who and what is connecting to their networks, with ways to measure and predict.
They seek security management that is both adaptive to how people now work and is easily
customized. And they want a management interface that accommodates wireless and remote
users, as well as emerging technologies and services like cloud computing and the Internet of
Things (IoT).
This is much more than ticking off boxes on a spec sheet – CISOs, CSOs and security
professionals are demanding a fully integrated, multi-vendor approach for security management.
Consequently, today's management platforms have to deliver a number of critical features
including authentication, authorization, and accounting (AAA) services, which control access to
networks and servers, automated workflows for BYOD and guest access, as well as providing
audit and bill-back information, which are essential.
The platform must also be agile and sophisticated enough to embrace new levels of
enforcement mechanisms for security in a mobile world. Today's security platforms must
embrace authentication and enforcement models for wired networking; public wireless
connectivity; and users who tunnel in via IP-based virtual private networks (VPNs) to be
effective.
Security-conscious enterprises now require enforcement policies that utilize real-time contextual
data to grant network privileges. In parallel, policy management platforms must support end-
device profiling that identifies device types and respective attributes that connect to networks.
And real-time troubleshooting tools are valuable as they solve connectivity and other end-user
issues quickly. Enterprises have tried to achieve many of those objectives with siloed security
products, but they are finding it more useful to reduce complexity – the number of management
consoles – and the ability to use multiple solutions if they can automatically leverage contextual
information between.
What this means is that there there is room for third-party products like mobile device
management (MDM) and enterprise mobility management (EMM), firewalls and security
information and event management tools. But the primary management platform must be used
to coordinate defenses where everything works as a coordinated solution.

Migrating to Policy Management from Basic AAA
Since Active Directory or LDAP are still used to administer security policies for most internal
users and devices, IT departments aren't able to perform enforcement using real-time
contextual data. Context like user roles, device types, ownership, location, and app usage – are
all essential to enforcing policies as users move through their day and work with multiple
devices. With this model, laptops can be given more rights than smartphones based on device
type, for example. Policy management takes all those factors into account and dynamically
enforces which resources can be accessed.
In addition, today’s policy management systems let users configure their own devices for secure
Wi-Fi or wired connectivity. Workflows that include MDM/EMM data makes it easy to detect if a
device is company issued or BYOD.
This sort of security management transition can't be done in a firehose fashion; security
professionals agree that a phased approach is the smartest way to move from legacy AAA to
centralized policy management. IT departments can then ensure that highly mobile workers get
seamless access to the apps, printers and network services they’re authorized to use, no matter
where they are or what device they're using.
Managing in the BYOD Era
IT professionals have been sorely tested by the BYOD trend with both internal users and
network guests. Managing the onboarding process of everyone's personal devices can strain IT
and helpdesk resources, and if not properly handled, can also create security problems. Robust
management platforms allow for any Windows, Mac OS X, iOS, Android, Chromebook and
Ubuntu devices to be automatically onboarded via a user-driven, self-guided portal. Required
SSIDs, 802.1X settings and necessary device certificates are then automatically configured on
authorized devices.
By working with unique device certificates, users then don't need to enter login credentials
repeatedly throughout the day – or worry as much about password theft when connected to
guest networks. Menu-driven capabilities ensure the rapid revocation and deletion of certificates
for specific mobile devices if a user leaves an organization or if the device is lost or stolen.
How to Treat Guests
The BYOD challenges don't apply just to internal users. Any visitor – guest, customer, partner or
other external third-party – will arrive with at least one device that requires network access –
wired or wireless. Good security management requires a simple model that automates and
simplifies the provisioning of network access for guests, but also provides expansive security
features that keep data, computing resources and other users safe.

Self-registration lets guests create their own log-in credentials, which are delivered via printed
badges, SMS text or email. Credentials can be stored for specific periods of time and set to
expire automatically. Guest traffic on the network should also be configured to run separately
from enterprise traffic. Today's most robust security management platforms allow guest portals
to be customized with options like advertising and local language support. Guest policy
management must also include the ability to set bandwidth limitations on guest sessions to
maintain service-level agreements and robust throughput for all users.
Network access management systems that integrate with next-generation, application-aware

firewalls for additional protection against non-http traffic and content filtering that prevents
access to inappropriate or offensive websites is also recommended.
Regular Checkups of Device Health
Prevention is especially good medicine for the security of enterprises and their datacenters. IT
must have the means to perform endpoint health checks to ensure that laptops are fully
compliant with internal requirements which check for the latest patches and updates before
they're allowed to connect.
In addition to system-wide, per-session NAC protection, enterprises should be able to specify

whether to allow or deny capabilities like peer-to-peer applications or USB storage devices.
Administrator dashboards make it easy to identify non-compliant devices, users, and the
reasons for non-compliance. Access can be denied if storage is not encrypted; this also gives IT
leverage with users to ensure that offending laptops get updated as needed. Endpoints that
aren't in compliance can be automatically remediated or quarantined with today's security
management platforms. These sorts of security functions are no longer just nice to have –
they're essential to today's most competitive businesses. And with the advent of cloud
computing and an explosion of IoT devices, robust security management is essential for
enterprises. End-users – accustomed to high levels of performance, easy access and self-
service – expect the same of business networks.
Security platforms that integrate policy management with authentication, authorization and
accounting will lay the groundwork for more robust computing and IT-fueled productivity. And
they’ll keep networks, devices, data and users safe in the process.
About the Author
Ahmed Rezk, Channel Systems Engineering Manager, Middle-East and Turkey

at Aruba, a Hewlett Packard Enterprise Company.

Enterprises and Individuals – Stay Ahead of Social Engineers on
Social Media
Greg Mancusi-Ungaro, BrandProtect
Whether you are running for president, running a business, or just a runner, your online
presence and personality – as expressed by your social media and social networking activity –
is a powerful tool that you can leverage for success.
But that same online presence creates personal and business risk and vulnerability that cyber
criminals are only too happy to exploit.
Recent analysis by security firm, BrandProtect, found that more than 15% of Fortune 100 CEOs
with LinkedIn accounts are represented by multiple LinkedIn profiles. Almost 40% of Fortune
100 CEOs on Twitter are plagued by at least one duplicate or copycat account.
Presidential candidate Donald Trump is spoofed, admired, supported and derided by over 90
copycat twitter accounts.
Even though it seems easy to dismiss these duplicate accounts as harmless (or in the case of
Trump, as entertaining) the existence of these accounts creates risk for their namesakes.
Duplicative accounts, on LinkedIn, Facebook, and Twitter are often the creation of cyber
criminals seeking to socially engineer their way into an organization or a position of trust.
These accounts, and other kinds of fake accounts act to capture information that they may
unleash in a devastating email-based attack.
Here is how they do it…
Every day, cyber criminals are active on sites from LinkedIn to, using various techniques to
mine the treasure trove of profile information for social engineering and exploit planning.
Basically, the perpetrators steal an identity or biography, and leverage it to gain more and more
information about a targeted enterprise.
1. It’s easy for a social engineer to assume practically any identity they want, and then
work to make that identity look plausible and trustworthy. They mine social sites for the
life details, work histories and key words that they use to create fictitious profiles.
2. Hives of imposter accounts will generate bogus endorsements, recommendations and

contacts for one another, giving them increased credibility. Sometimes affinity pages and
user groups get created. The criminals then use these fake accounts and groups to

gather contacts.
3. As the cyber criminals gain connections to legitimate profiles, they gain access to a
wealth of social engineering information, including workgroup information, names and
nicknames of colleagues and peers.
4. With this info, the bad guys deduce reporting structures, learn about projects that are in
process, and sometimes even gain visibility to "inside information" such as work and
vacation schedules.
5. After a long reconnaissance, the criminals will spring their trap by constructing a
completely believable email they can use in a spear phishing/BEC attack, ransomware,
or whaling scheme.
6. The email will be sent to a logical target and it will “come from” a trusted or
organizationally powerful source. The email will talk knowledgeably and casually about
company issues.
Only then it will ask or demand an action of the reader – money or information transfer,
network access, or opening a malware or ransomware-laden file – and it will seem to be
backed by the necessary authority to request that action.
Enterprise security teams should take action. By following these simple steps, they will minimize
the operational, financial and reputational risks caused by masquerading accounts and
impersonation accounts:
 Identify duplicate domains that represent real company employees. If it appears that an
employee has multiple accounts, make sure you understand what is going on.
 Look for, review, and validate other LinkedIn profiles that claim an association you’re
your company. When a rogue account of any kind is discovered, it should be reported.
 Audit and evaluate LinkedIn groups, including alumni groups and affinity groups that are
connected to the company. When an unauthorized social domain is identified, it should
be shut down.
As an individuals, you have a responsibility, too. You are often the best “first responder”. Here
are three simple ways to help protect yourself on professional or social media network sites:
1. When a stranger asks you to connect online, be careful. Ask yourself, how do I know
them? Do we have any common connections? Do we have many common

connections? Only connect to people you are confident of.
2. Beware of link or friend requests from people you have already linked to. When a friend
or colleague as you to re-link or re-friend be careful. It is probably the work of a spoofer
or a social engineer. Search for your friend’s actual profile.
Regardless, If you are suspicious, report the profile to the site.
3. Finally, be vigilant about potential attacks: whenever you receive an email from someone
asking you to review an attachment, follow a link, or take an action (including wiring
money somewhere!), ask yourself: “Is this an email that I expect, from a source that I
trust”.
The more urgency you detect in the email, or the stranger the story, the more wary you
should be.
Before you click, take steps to independently verify the legitimacy of the request.
As long as the ROI on socially engineered attacks is favorable, the criminals will continue to
create them.
And with multi-million-dollar losses from recent attacks making global headlines, it seems like
these attacks will be around for a while.
About the Author
Greg Mancusi-Ungaro is the chief marketing officer for BrandProtect, a leader in cyber threat
monitoring, intelligence and mitigation services.
He is a frequent author and speaker, and a constant evangelist on cyber security issues, the
changing nature of the modern threat landscape, and the emerging technologies that look
beyond the perimeter to drive enterprise defenses against cyberattack.
He blogs regularly on cyber threat and cyber security at info.brandprotect.com.

The Balancing Act of BYOD - Keeping Employees Happy and
Secure on Any Device
Corporate cybersecurity leaders are forced to interact with the biggest threat to their mission
every day: their fellow employees. It’s not that these individuals are trying to undermine the
best-laid plans of the CIO or CISO, but that they often represent the easiest path for a hacker to
infiltrate the network. Yet, in dealing with the human element from a security perspective, IT
leaders also have to manage the employee’s desire to work, how they want to work, and on the
devices they want to use.
The Bring Your Own Device (BYOD) trend has taken strong roots in enterprises and small to
medium businesses with recent surveys by Tech Pro Research showing that 72% of
organizations either permitted BYOD or were planning to do so. BYOD can make a lot of sense
from the perspectives of cost and culture, but it only takes one wrong click, one “found” USB
drive plugged in, or one enabled macro to start a very bad day in the IT department. For
companies that are permitting, requiring or evaluating BYOD, here are three thoughts on
balancing security, productivity, and convenience.
Build It Right
BYOD brings with it the end of total endpoint control. While IT departments may be able to
mandate the use of certain applications and tools in order to access the network or certain files,
the computer or mobile device is no longer theirs alone to administer and maintain.
Therefore security leaders need to maintain focus on what is still in their control: the network
architecture. By layering different technologies and segmenting information in different zones,
companies not only prevent threats from entering the network, but also keep breeches isolated
and away from the most sensitive zones. By keeping the applications and users entering the
network on a BYOD device in as few zones as possible, it creates a safer overall network. Many
of the usual security solutions should be in place, such as firewalls, anti-spam, anti-virus, but
with the constantly evolving matrix of threats, it is vital to maintain a dynamic, policy-driven
architecture to stay one step ahead.
Address the Human Side of Security
Since the IT department is no longer the sole administrator of devices, it becomes critical to get
new team members up to speed. For example, the fundamental tasks of keeping applications
and OSs updated are mostly in the hands of the user, so they need to be educated on why, how
and when to update their devices so that vulnerabilities are removed and new features are
added. Creating better behaviors with the primary devices can also carry over to secondary
devices that may exist outside of the company’s knowledge.

In addition to the proper maintenance of the devices, employees can be conscripted into the
fight against hackers and malware. The real threats for most employees aren’t from the obvious
spam, but the well-crafted spear phishing emails that are made to look like they are from an
executive asking for login details or personal data, or the important file that needs an immediate
review. Everyone likes to play detective, so rather than making employees fearful of doing the
wrong thing, show them how to identify and catch the imposters before they can unleash
ransomware, botnets or data exfiltration.
Don’t Take a Step Back
BYOD is supposed to allow people to work as they please and do away with having to use a
different OS than they prefer, or outdated, company-issued hardware. Cybersecurity measures
are meant to keep everyone and everything protected in the enterprise. In between lies
individual employees and their productivity. If BYOD improves productivity and mood, security
efforts ought to work to preserve those gains instead of adding layers that increase
inconvenience.
Every quarantined file, blocked email or slow connection frustrates employees who are simply
trying to get their job done as efficiently as possible. Employees are like water: they will find a
way around anything, especially if you block their way of working. When a business enables
existing work processes to be performed securely, employees won’t waste time looking for
workarounds, and, in return, employees will improve their productivity and refrain from creating
system vulnerabilities. When BYOD translates into stricter policies and byzantine procedures,
the benefit goes away and employees are left feeling like they’ve brought a MacBook Pro into a
Windows XP world.
BYOD is on its way to becoming the norm for many companies in the years ahead. The
challenges it introduces into the corporate IT department makes segmentation the most critical
cybersecurity area in the enterprise instead of the perimeter focus that has been prevalent for
decades. But for those who have implemented BYOD – or are thinking about making the leap –
finding the balance between security, cost and convenience is the best way to keep everyone
satisfied and secure.
About the Author
Dotan Bar Noy Lt. Commander Israel Navy. (RET) is the CEO & Co-Founder of
ReSec Technologies. He has more than 10 years of management experience in
technology and software companies. Prior to founding ReSec, he served as
Director at Issta (listed ISTA.P), CEO of G.F.A. Systems, CEO of "STUDENTS"
as well as owning a strategic management and consulting company. Dotan
holds a BA in Economics & Management from the Israel Institute of Technology
(Technion) and an MA in Law from Bar-Ilan University.

Attention CISOs: Top Questions to Ask Your Threat Analyst
By Mark Seward, VP Security Solutions, Anomali
Threat intelligence data is a critical tool that can help understand attacker behavior and their
activities. Once organized in a threat intelligence platform, data reveals to threat analysts the
techniques and methodologies used by attackers as evidenced in malware, infected websites,
suspicious domain name registrations and mass credential exposures.
Threat intelligence platforms play a pivotal role in vetting and normalizing the data across
numerous open source and proprietary streams of data, providing a secure communication
channel for threat information sharing, and providing data integrations with your SIEM and
existing security architecture.
As such, evidence of attacker activities or indicators of compromise (IOCs) can provide

information about the strategic risks to businesses or agencies and can detect possible data
breaches.
The following questions will help the CISO kick off a risk-based conversation that can be a
source of metrics surrounding the use of threat intelligence data. Threat analysts should also be
prepared to answer these questions on a regular basis as these answers can also be a regular
part of board level discussions.
1.What are the top risks to our brand or organization as a whole?
Attackers often create domains similar to a company’s existing brand to attract your customers
with the purpose of stealing their usernames and passwords, credit card information or other
personal information.
These activities can cause your customers distress, damage your brand reputation and cost you
money. Domain registrations can be an important source of information about attackers that
may be targeting your brand.
Actively monitoring “Whois” data can help identify this type of fraud before it is perpetrated. This
means monitoring a portion of the Reconnaissance phase of the attack chain. This can give you
time to alert and remind customers to be alert to specific fraudulent domains.
2. Are our employees’ credentials part of any mass exposure?
Employees need to know that being a part of a mass credential exposure can put the business
at risk. It is possible for valid email address/clear text password pairs to be used by an attacker
to impersonate a user if they are able to get inside your network.

Accessing data from the Dark Web or other parking lot sites for stolen credentials or those that
have been exposed via a database attack allows you to know if your security program is
working.
Monitoring the Dark Web for your employees’ credentials should be supported and automated
through a threat intelligence platform.
3. How can we be better aligned with security operations?
Threat analysis needs to be an extension of a security operations team’s function to truly have
an intelligence-driven SOC. The challenge as defined by SANS is, “…to organically integrate
threat hunting into existing workflows so that it complements current security efforts.”
Threat analysts and security operations teams are often viewed as two separate entities each
with its own charter. This can lead to slower response times and non-aligned priorities.
The intelligence-driven SOC, prioritizes security events based on correlation with threat
intelligence IOCs first and true-positive correlations between different types of security relevant
log data second.
When security operations personnel that see a security event in log data, they should also know
in real-time if there is any threat intelligence data that might link the event to a previously seen
attack. This provides added context in the form of the attacker’s methods or techniques.
4. How do we know if we are monitoring for the right cyber security threats?
Threat hunting without context is an inefficient chase-anything-that-moves strategy. Using an

ad-hoc or first-in first-out strategy to look at threat intelligence data or perform incident response
is very inefficient. According to SANS, “Hunters need to consider ‘crown jewels’ analysis: They
identify the assets and information that are most vital to the organization’s mission so that they
can prioritize their efforts.”
In the context of known key assets, their value to the organization, their individual owners, and
real-time correlations between potential IOCs in log data to IOCs in threat intelligence data
creates threat hunting that is focused and meaningful.
With these three data sets, threat hunting is a proactive pursuit that is scalable, repeatable and
teachable.
Knowing you are hunting threats that are current, relevant to your business and low on false-
positives facilitates an active defense.

5. What can we share with and learn from other companies in our industry?
Attackers learn from each other. But many organizations do not share threat data IOCs with one
another. The reasons for not participating in an evaluated, trusted circle are many, but most
have to do with fear. Not wanting to let others know that you may have experienced a breach
and they liability around sharing are the two we hear the most often.
Not sharing information doesn’t lead anyone to think you’ve never had an incident or been
breached. A good threat intelligence platform provides a trusted link to a wealth of knowledge
from other companies in your industry vertical or across a supply chain. Sharing should be
encouraged.
Summary
Making threat intelligence data useful requires a robust threat intelligence platform that can off-
load correlation IOCs with log data from the SIEM. A proactive approach to cyber security
means finding threats before they become a problem.
This is a necessary step for making tens of millions of active IOCs useful for threat hunting. This
tactic is effective and aligned across threat analysts, SOC personnel and incident responders.
Make everyone a threat hunter by unleashing your entire security team’s creativity but keep it
efficient through active prioritization and inside the bounds of what matters to the organization.
About the Author
Mark Seward, a Certified Information Systems Auditor (CISA), has more than 15 years of
experience as a security practitioner and has held a number of leadership positions in product
management.
Prior to joining Anomali, Seward served as the senior director, security and compliance, at
Splunk, where he was responsible for security use-case messaging for the company's real-time
operational intelligence product. His tenure has also included positions at Symantec, Qualys
and LogLogic.
Mark has a Master of Science degree in information technology from the University of Maryland
and holds a federal chief information officer certification.

The security of water supply systems
By Milica Djekic
The water supply systems are the part of critical infrastructure of every country. In case of the
system’s collapse or some terrorist operations – this sort of infrastructure may face on a serious
harm. Through this article, we intend to discuss how these systems may get secured and how
water supply facilities could get protected from the possible physical access bringing with
themselves biological, chemical or any other threats.
Also, it’s important to mention that any sort of cyber attacks could affect the water supply control
system causing the piping system pressure oscillations and breakdown of the water supply.
The danger of biological or chemical terrorism to water supply systems
The water supply systems would usually use the natural water resources being collected into
capacitors. Those capacitors would physically represent the water pools being created for water
cleaning and filtering. The final product is clean water that could get used for everyday needs
guaranteeing the certain level of quality.
Some people may use their own filters to produce the

better quality of water. It’s so risky if any threat would
physically access the water supply facilities and attempt
any sort of bio-terroristic attack or chemical diversion.
For such a scenario, we would recommend the better

physical security as well as some procedures that would
assure no access to unwanted visitors.
Those better procedures would include the best access

control that would allow only people being responsible for
maintaining the capacitors with the clean water to enter
such a room.
You always can hire some security professionals that

would do a check in of the people or rely on highly
sophisticated systems that would cover the RFID cards
and readers or any advanced technology such as a
fingerprint’s sensors or anything similar.
This sort of security could invoke the several levels of access control. The only drawback to this
solution is it’s digital, so it could easily get the target of hacker’s attacks.

So, it’s up to you – either you would get a guy at the entrance that would confirm who can get
an access and possibly he would get the victim of social engineering or you would rely on
advanced technology and employ more cyber staffs to protect your asset.
Remember that the weapon to a bio-terrorism could get packed into small envelopes and put
into someone’s pocket. Similarly, in case of chemical attack the substance could get in solid or
liquid form also being packed into your pocket. It’s clear what the consequences of those
diversions to the end-users could be. The entire area could get poisoned or sick from those
biological or chemical weapons.
How transfer of water could get threatened
The water would usually get transferred from the water supply facilities to the end-users using
the piping system. As it’s known, the reliability of this system would depend on some piping
parameters such as piping material, tube size, ring size and the other piping properties. It’s so
feasible that the entire piping system may collapse if the pressure in the tubes gets so high.
The common reason to such a scenario could be that the entire control system would operate
with some malfunction and consequently – it would not assure the appropriate pressure to those
piping elements.
So often, the piping route would use the tubes being the mix of two materials such as plastic
and metal making such a plant being of composite nature. The composite materials got highly
good characteristics and they may assure the certain level of security to a water delivery
system.
For instance, if – for some reason – the control system begins working with the flaw – the
pressure within the pipes may start oscillating causing the additional load to the water tubes.
If the pressure gets too high – the pipes could explode making the collapse of water supply
system and leaving people without the clean water. It’s getting clear how it could get risky to a
human health when people live without the healthy water. More people stay without the running
water, worse the consequences to their health would be.
Also, it’s so significant that the water piping would get the internal layer of waterproof material
that would guarantee that the tubes would not corrode from inside and cause some sort of toxic
implications.
This is so important to take into account when you do a project for water delivery systems,
because the end-users should get confident that they would consume something non-
dangerous.

The reason to threatened water transfer could be the poor cyber security of the water supply
control systems. That may include exposing the command board of a water delivery system to
the internet or not following some of the security procedures.
How to protect your water supply cyber assets
The best way to protect your water supply control board is to follow some of the procedures
being discussed further.
For instance, never expose your command board computer to the web connection for the
reason it may get the source of malware that could cause the malfunctioned operation of your
control applications.
Also, it’s so significant to mention that if you got some workstations being connected to the
internet which is logical, because the water supply facility would never get isolated and without
any communication to an external world – get careful that you would not even use removable
devices to do a data transfer from your computer being with the web connection to your
workstations being with the command application – simply because you always can catch a
malware from the global network.
The concluding talk
The aim of this article got to indicate to some challenges of water supply systems and raise
awareness about those sorts of critical infrastructure. We hope this kind of effort would give an
encouragement to more people being the part of researcher’s community to dig deeper and
explore this topic better.
About The Author
Since Milica Djekic graduated at the Department of Control Engineering at

University of Belgrade, Serbia, she’s been an engineer with a passion for
cryptography, cyber security, and wireless systems. Milica is a researcher
from Subotica, Serbia. She also serves as a Reviewer at the Journal of
Computer Sciences and Applications and. She writes for American and Asia-
Pacific security magazines. She is a volunteer with the American corner of
Subotica as well as a lecturer with the local engineering society.

4 ways in which profile scraping can affect social media
businesses
By Srilekha Veena Sankaran, Content Marketer, ShieldSquare
Social media is both a boon and bane for online businesses. On the brighter end, capitalizing on
social media will help online businesses extend their outreach and accrue customers swiftly.
On the flip side, breach of user privacy is one of the biggest threats faced by social media sites
as the technology to scrape user data has been evolving at an exponential rate.
Half of the internet traffic is driven by non-human traffic, including crawlers and malicious bots.
Profile scraping is a data-scraping technique in which bots are employed to scrape public
profiles from famous social media sites.
Scrapers use these profiles to enhance their competitive advantage in the market.
Renowned social media sites, despite having stringent ToS, are unable to put an end to profile
scrapers.
That being said, here are four good reasons why social media should shield themselves from
profile scraping:
1) A social media website’s content is the face of its thought leadership and brand
reputation. Scraping its user profiles will diminish the brand value
2) Social media websites run the risk of facing expensive lawsuits if their customers realize
that their data privacy has been breached
3) Scraping is illegal, and legal action can be taken by the site owner if their ToS is found to
be breached. However, automated bots use multiple IPs/ Proxies to scrape the profiles
and it is difficult to find the source of the bots.
This makes it all the more difficult to track the profile scraper, let alone sue the fraudster.
4) Profile scraping will result customer attrition. All the customer that invest in a social
media site to promote their businesses will shift their focus to another social media
bandwagon that ensures user and content privacy

How can you prevent profile scraping?
It is about time online businesses, especially social media, realized the fact that suing is not the
only solution to end online threats; they must get proactive in stopping them in the first place.
Profile Scraping can be prevented by a few common strategies. But in order for these strategies
to be effective all the time, they require periodic maintenance and upgradation, which results in
operational fatigue.
On the other hand, there are reliable anti-scraping solutions that can detect and prevent bots
with malicious intent and provide you with in depth insights on bot traffic.
Social media businesses should opt for such reliable, long term approaches to uphold their
brand value and ensure 100% user and content privacy.
About The Author
Srilekha Sankaran is a software developer turned content marketer who

currently works for ShieldSquare. She is a startup enthusiast, and enjoys
writing about people and technology at large.
Srilekha can be reached online at Twitter, LinkedIn, Medium and Email.

NSA Spying Concerns? Learn Counterveillance
Free Online Course Replay at www.snoopwall.com/free
"NSA Spying Concerns? Learn Counterveillance" is a 60-minute recorded online instructor-led

course for beginners who will learn how easily we are all being spied upon - not just by the NSA
but by cyber criminals, malicious insiders and even online predators who watch our children;
then you will learn the basics in the art of Counterveillance and how you can use new tools and
techniques to defend against this next generation threat of data theft and data leakage.
The course has been developed for IT and IT security professionals including Network
Administrators, Data Security Analysts, System and Network Security Administrators, Network
Security Engineers and Security Professionals.
After you take the class, you'll have newfound knowledge and understanding of:
1. How you are being Spied upon.

2. Why Counterveillance is so important.
3. What You can do to protect private information.
Course Overview:
How long has the NSA been spying on you?

What tools and techniques have they been using?
Who else has been spying on you?
What tools and techniques they have been using?
What is Counterveillance?
Why is Counterveillance the most important missing piece of your security posture?
How hard is Counterveillance?
What are the best tools and techniques for Counterveillance?
Your Enrollment includes :
1. A certificate for one free personal usage copy of the Preview Release of SnoopWall for
Android
2. A worksheet listing the best open and commercial tools for Counterveillance
3. Email access to the industry leading Counterveillance expert, Gary S. Miliefsky, our educator.
4. A certificate of achievement for passing the Concise-Courses Counterveillance 101 course.
Visit this course online, sponsored by Concise-Courses.com and SnoopWall.com at

http://www.snoopwall.com/free

Top Twenty INFOSEC Open Sources
Our Editor Picks His Favorite Open Sources You Can Put to Work Today
There are so many projects at sourceforge it’s hard to keep up with them. However, that’s not
where we are going to find our growing list of the top twenty infosec open sources. Some of
them have been around for a long time and continue to evolve, others are fairly new. These are
the Editor favorites that you can use at work and some at home to increase your security
posture, reduce your risk and harden your systems. While there are many great free tools out
there, these are open sources which means they comply with a GPL license of some sort that
you should read and feel comfortable with before deploying. For example, typically, if you
improve the code in any of these open sources, you are required to share your tweaks with the
entire community – nothing proprietary here.
Here they are:
1. TrueCrypt.org – The Best Open Encryption Suite Available (Version 6 & earlier)
2. OpenSSL.org – The Industry Standard for Web Encryption
3. OpenVAS.org – The Most Advance Open Source Vulnerability Scanner
4. NMAP.org – The World’s Most Powerful Network Fingerprint Engine
5. WireShark.org – The World’s Foremost Network Protocol Analyser
6. Metasploit.org – The Best Suite for Penetration Testing and Exploitation
7. OpenCA.org – The Leading Open Source Certificate and PKI Management -
8. Stunnel.org – The First Open Source SSL VPN Tunneling Project
9. NetFilter.org – The First Open Source Firewall Based Upon IPTables
10. ClamAV – The Industry Standard Open Source Antivirus Scanner
11. PFSense.org – The Very Powerful Open Source Firewall and Router
12. OSSIM – Open Source Security Information Event Management (SIEM)
13. OpenSwan.org – The Open Source IPSEC VPN for Linux
14. DansGuardian.org – The Award Winning Open Source Content Filter
15. OSSTMM.org – Open Source Security Test Methodology
16. CVE.MITRE.org – The World’s Most Open Vulnerability Definitions
17. OVAL.MITRE.org – The World’s Standard for Host-based Vulnerabilities
18. WiKiD Community Edition – The Best Open Two Factor Authentication
19. Suricata – Next Generation Open Source IDS/IPS Technology
20. CryptoCat – The Open Source Encrypted Instant Messaging Platform
Please do enjoy and share your comments with us – if you know of others you think should
make our list of the Top Twenty Open Sources for Information Security, do let us know at
marketing@cyberdefensemagazine.com.
(Source: CDM)

National Information Security Group Offers FREE Techtips
Have a tough INFOSEC Question – Ask for an answer and ‘YE Shall Receive
Here’s a wonderful non-profit

organization. You can join for free,
start your own local chapter and so
much more.
The best service of NAISG are

their free Techtips. It works like
this, you join the Techtips mailing
list.
Then of course you’ll start to see a stream of emails with

questions and ideas about any area of INFOSEC. Let’s say
you just bought an application layer firewall and can’t figure
out a best-practices model for ‘firewall log storage’, you
could ask thousands of INFOSEC experts in a single email
by posting your question to the Techtips newsgroup.
Next thing you know, a discussion ensues and you’ll have

more than one great answer. It’s the NAISG.org’s best kept
secret.
So use it by going here:
http://www.naisg.org/techtips.asp
SOURCES: CDM and NAISG.ORG
SIDENOTE: Don’t forget to tell your friends to

register for Cyber Defense Magazine at:
http://register.cyberdefensemagazine.com
where they (like you) will be entered into a monthly drawing

for the Award winning Lavasoft Ad-Aware Pro, Emsisoft Anti-malware and
our new favorite system ‘cleaner’ from East-Tec called Eraser 2013.

Job Opportunities
Send us your list and we’ll post it in the magazine for free, subject to editorial approval
and layout. Email us at marketing@cyberdefensemagazine.com
Free Monthly Cyber Warnings Via Email

Enjoy our monthly electronic editions of our Magazines for FREE.
This magazine is by and for ethical information security professionals with a twist on innovative
consumer products and privacy issues on top of best practices for IT security and Regulatory
Compliance. Our mission is to share cutting edge knowledge, real world stories and
independent lab reviews on the best ideas, products and services in the information technology
industry. Our monthly Cyber Warnings e-Magazines will also keep you up to speed on what’s
happening in the cyber crime and cyber
warfare arena plus we’ll inform you as next
generation and innovative technology
vendors have news worthy of sharing with
you – so enjoy.
You get all of this for FREE, always, for our

electronic editions.
Click here to signup today and within

moments, you’ll receive your first email from
us with an archive of our newsletters along
with this month’s newsletter.
By signing up, you’ll always be in the loop

with CDM.

Cyber Warnings E-Magazine July 2016
Sample Sponsors:
To learn more about us, visit us online at http://www.cyberdefensemagazine.com/

Don’t Miss Out on a Great Advertising Opportunity.
Join the INFOSEC INNOVATORS MARKETPLACE:
First-come-first-serve pre-paid placement
One Year Commitment starting at only $199
Five Year Commitment starting at only $499
http://www.cyberdefensemagazine.com/infosec-innovators-marketplace
Now Includes:
Your Graphic or Logo
Page-over Popup with More Information
Hyperlink to your website
BEST HIGH TRAFFIC OPPORTUNITY FOR INFOSEC INNOVATORS
Email: marketing@cyberdefensemagazine.com for more information.

Cyber Warnings Newsflash for July
2016
Highlights of CYBER CRIME and CYBER
WARFARE Global News Clippings
Here is a summary of this month’s cyber security news.

Get ready to read on and click the links below the titles to
read the full stories. So find those of interest to you and
read on through your favorite web browser…
DIGITAL CITIZENS SLAM CLOUDFLARE FOR ENABLING PIRACY & MALWARE
https://torrentfreak.com/digital-citizens-slam-cloudflare-for-enabling-piracy-malware-160722/
Criminals plant banking malware where victims least expect it
http://arstechnica.com/security/2016/07/criminals-plant-banking-malware-where-victims-least-
expect-it/
MS-ISAC official: Ransomware is top malware of concern for states, counties
http://statescoop.com/ms-isac-official-ransomware-is-top-malware-of-concern-for-states-
counties
Scary Android malware blocks calls to your bank so it can keep stealing money from you
http://bgr.com/2016/07/18/android-malware-banking-apps/

The Brazilian Malware Landscape: A Dime a Dozen and Going Strong
https://securityintelligence.com/the-brazilian-malware-landscape-a-dime-a-dozen-and-going-
strong/
This webcam malware could blackmail you into leaking company secrets
http://www.zdnet.com/article/this-webcam-malware-could-blackmail-you-into-leaking-company-
secrets/
Study: One-in-three websites hosting pirated content infested with malware
http://fedscoop.com/study-one-in-three-pirate-websites-infested-with-malware
Malware Attacks Experience Drastic Upswing In 2016
http://www.pymnts.com/news/security-and-risk/2016/2016-increased-malware-attacks/
GOOGLE CHROME MALWARE LEADS TO SKETCHY FACEBOOK LIKES
https://threatpost.com/google-chrome-malware-leads-to-sketchy-facebook-likes/119361/
Beware Malware Disguised as Pokemon Go App, Warns Security Firm
http://www.ifsecglobal.com/beware-of-malware-disguised-as-pokemon-go-app-warns/
Nation-backed malware that infected energy firm is 1 of 2016’s sneakiest
http://arstechnica.com/security/2016/07/nation-backed-malware-that-infected-energy-firm-is-1-
of-2016s-sneakiest/
Malware Infects Large Slice of Cicis Pizza and Mac OS
http://www.cutimes.com/2016/07/21/malware-infects-large-slice-of-cicis-pizza-and-mac
Big Bunch Of Legitimate Business Websites Hijacked To Deliver You Bad Malware
https://consumerist.com/2016/07/20/big-bunch-of-legitimate-business-websites-hijacked-to-
deliver-you-bad-malware/
How to Tell If You’re Infected with Malware
http://smallbiztrends.com/2016/07/signs-of-malware-infection.html
10 million Android devices reportedly infected with Chinese malware
http://www.cnet.com/news/malware-from-china-infects-over-10-million-android-users-report-
says/
Trojanized Remote-Access Tool Spreads Malware
http://www.bankinfosecurity.com/ammyy-admin-a-9274
Do Not Download This Scam Mac App! It's Nasty Malware
http://fortune.com/2016/07/06/mac-malware-backdoor-app/
Ransomware hackers using spam emails to distribute CryptXXX malware
http://www.theinquirer.net/inquirer/news/2465267/ransomware-hackers-using-spam-emails-to-
distribute-cryptxxx-malware
Research finds Dallas one of most malware-infected cities of 2016
http://www.bizjournals.com/dallas/news/2016/07/19/research-finds-dallas-one-of-most-malware-
infected.html

Firefox Malware Poses as Browser Update
https://securityintelligence.com/news/firefox-malware-poses-as-browser-update/
20-year-old Windows bug lets printers install malware—patch now
http://arstechnica.com/security/2016/07/20-year-old-windows-bug-lets-printers-install-malware-
patch-now/
FBI says its malware isn't malware because 'we're the good guys'
http://www.zdnet.com/article/fbi-says-its-hacks-are-not-malware-because-they-are-used-to-
catch-criminals/

Copyright (C) 2016, Cyber Defense Magazine, a division of STEVEN G. SAMUELS
LLC. 848 N. Rainbow Blvd. #4496, Las Vegas, NV 89107. EIN: 454-18-8465, DUNS#
078358935. All rights reserved worldwide. marketing@cyberdefensemagazine.com
Cyber Warnings Published by Cyber Defense Magazine, a division of STEVEN G.
SAMUELS LLC.Cyber Defense Magazine, CDM, Cyber Warnings, Cyber Defense Test
Labs and CDTL are Registered Trademarks of STEVEN G. SAMUELS LLC. All rights
reserved worldwide. Copyright © 2016, Cyber Defense Magazine. All rights reserved.
No part of this newsletter may be used or reproduced by any means, graphic,
electronic, or mechanical, including photocopying, recording, taping or by any
information storage retrieval system without the written permission of the publisher
except in the case of brief quotations embodied in critical articles and reviews. Because
of the dynamic nature of the Internet, any Web addresses or links contained in this
newsletter may have changed since publication and may no longer be valid. The views
expressed in this work are solely those of the author and do not necessarily reflect the
views of the publisher, and the publisher hereby disclaims any responsibility for them.
Cyber Defense Magazine

848 N. Rainbow Blvd. #4496, Las Vegas, NV 89107.
EIN: 454-18-8465, DUNS# 078358935.
All rights reserved worldwide.
marketing@cyberdefensemagazine.com
www.cyberdefensemagazine.com
Cyber Defense Magazine - Cyber Warnings rev. date: 07/27/2016


Cyber Warnings E-Magazine - July 2016 Edition

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Cyber Warnings E-Magazine - July 2016 Edition

Încărcat de

Drepturi de autor:

Formate disponibile

1 Cyber Warnings E-Magazine – July 2016 Edition

Copyright © Cyber Defense Magazine, All rights reserved worldwide

Protecting Vulnerable Data in a Paperless Workplace .... 8 EDITOR

Attention CISOs: Top Questions to Ask Your Threat

Cyber Defense Magazine

Copyright (C) 2016, Cyber Defense Magazine, a division of

National Information Security Group Offers FREE Executive Producer:

Job Opportunities .......................................................... 53

Free Monthly Cyber Warnings Via Email ...................... 53

Cyber Warnings Newsflash for July 2016 ..................... 56

2 Cyber Warnings E-Magazine – July 2016 Edition

There have been so many breaches as of late (remember nearly 300M

According to numerous sources, the malware used in the Democratic

To our faithful readers, Enjoy

4 Cyber Warnings E-Magazine – July 2016 Edition

When Context Controls Connectivity

5 Cyber Warnings E-Magazine – July 2016 Edition

About the Author

Michael Netterberg, Solution Architect, Networking at Aruba, a Hewlett

6 Cyber Warnings E-Magazine – July 2016 Edition

More Vulnerable Data

8 Cyber Warnings E-Magazine – July 2016 Edition

Updating Privacy and Security Efforts

About the Author

9 Cyber Warnings E-Magazine – July 2016 Edition

Correspondingly, a growing number of cybercriminals also go online during the summer to

Rises in Summer Transactions and Fraud

 Eight percent in 2015

 Fourteen percent in 2015

 Nine percent in 2015

11 Cyber Warnings E-Magazine – July 2016 Edition

• Eighteen percent in 2015

Denied Transactions by Country—Typically, African countries have the highest percentage of

About the Author

Scott Waddell, Chief Technology Officer at iovation

12 Cyber Warnings E-Magazine – July 2016 Edition

Who should be aware of the Ransomware threat?

How does Ransomware typically attack systems?

14 Cyber Warnings E-Magazine – July 2016 Edition

Corporate Ransomware Case Study

The hacker demanded 40 bitcoin, the equivalent of about $17,000, he said.

15 Cyber Warnings E-Magazine – July 2016 Edition

So- What should you be doing right now to prevent Ransomware?

The malware is invited in by the recipient, typically either by opening an attachment or by

Secure the Desktop and the User

16 Cyber Warnings E-Magazine – July 2016 Edition

 How administrator settings and user settings interact in Outlook 2013

Key Questions Regarding Desktop Application Hardening

 Which settings need to be set and which are optional?

Help is at Hand: 5 Steps to Mitigate the Ransomware Threat

17 Cyber Warnings E-Magazine – July 2016 Edition

About the Author

Mark Kedgley is Chief Technical Officer at New Net Technologies (NNT)

18 Cyber Warnings E-Magazine – July 2016 Edition

What is a corruption and why it matters?

How to manage your source of findings?

The concluding remarks

About The Author

Since Milica Djekic graduated at the Department of Control Engineering at

21 Cyber Warnings E-Magazine – July 2016 Edition

Performance-test your firewalls

Inspect the encrypted stuff

23 Cyber Warnings E-Magazine – July 2016 Edition