Cybersecurity Alert Fatigue: Why It Happens, Why It Sucks, and What We Can Do About It | Andrew Morris, GreyNoise
Alarm fatigue or alert fatigue occurs when one is exposed to a large number of frequent alarms (alerts) and consequently becomes desensitized to them. Desensitization can lead to longer response times or missing important alarms.
Trivial Vulnerabilities, Serious Risks
Introduction The digital transformation brought about by the social distancing and isolation caused by the global COVID-19 pandemic was both extremely rapid and unexpected. From shortening the distance to our loved ones to reengineering entire business models, we’re adopting and scaling new solutions that are as fast-evolving as they are complex. The full impact of the decisions and technological shifts we’ve made in such short a time will take us years to fully comprehend. Unfortunately, there’s a darker side to this rapid innovation and growth which is often performed to…
Hiding in the Noise | Corey Thuen
Greetings! I’m Corey Thuen. I spent a number of years at Idaho National Laboratory, Digital Bond, and IOActive (where we affectionately refer to ourselves as pirates, hence the sticker). At these places, my job was to find 0-day vulnerabilities on the offensive side of things. Now, I am a founder of Gravwell, a data analytics platform for security logs, machine, and network data. It’s my background in offensive security that informs my new life on the defensive side of the house. I believe that defense involves…
Low-hanging Secrets in Docker Hub and a Tool to Catch Them All | Matías Sequeira
TL;DR: I coded a tool that scans Docker Hub images and matches a given keyword in order to find secrets. Using the tool, I found numerous AWS credentials, SSH private keys, databases, API keys, etc. It’s an interesting tool to add to the bug hunter / pentester arsenal, not only for the possibility of finding secrets, but for fingerprinting an organization. On the other hand, if you are a DevOps or Security Engineer, you might want to integrate the scan engine to your CI/CD for your Docker images. GET THE…
Cybersecurity Vigilance for a Historic Election
November 3rd is Election Day in the United States. Every election is important, but this election is particularly crucial. It is one of the most important elections in our lifetime—the 2020 election will determine the course of the United States for the next 10 years or more. With so much on the line, every vote counts—but the security and integrity of, and voter confidence in, the election itself are also at risk. The Senate Intelligence Committee determined that Russia influenced and interfered with the 2016 election, and US intelligence agencies…
Security Makes Cents: Perspectives on Security from a Finance Leader
Recently, it feels like the Internet is filled with stories of cyber-breaches and security breakdowns. As the world is more interconnected than ever, these stories are becoming all too familiar. In fact, there is a malicious web-based hacking event every 39 seconds, and 43% of them target small businesses. While a breach can occur in any area of a business, a corporate finance department is often uniquely positioned, with touch-points extending further outside the company than other groups. With touch-points up and down the supply chain,…
IOActive Labs Blog
Reclaiming Hallway Con We have several exciting things happening with our blog content. Like many, we’ve been working to replace the value lost with the loss of face-to-face gatherings at meetings, conventions, and informal get-togethers. Many veterans of the conference circuit will tell you that by far the most valuable part of a typical conference is the hallway con, which refers to the informal discussions, networking, and often serendipitous meetings that happen outside the formal conference agenda. IOActive is helping reclaim hallway con by making some of that valuable content…
Principles of the IOActive Guest Blog Series
IOActive has recently begun to post a series of guest blogs. Our first post was an excellent contribution from Urban Jonson, who leads the Heavy Vehicle Cyber Security (HVCS) working group at NMFTA, focusing on emerging threats in intermodal transportation. Our organization has embarked upon this series because we think it provides additional value to our readers. This is one more thing we’re doing to give back to the security community and help those starting out to gain a broader understanding of cybersecurity. We have…
IOActive Guest Blog | Urban Jonson, Heavy Vehicle Cyber Security Program, NMFTA
Hello, My name is Urban Jonson, and I’m the Chief Technology Officer and Program Manager, Heavy Vehicle Cyber Security Program, with the National Motor Freight Traffic Association, Inc. (NMFTA). I’m honored that IOActive has afforded me this guest blogging opportunity to connect with you. The research at IOActive is always innovative and they have done some really good work in transportation, including aviation, truck electronic logging devices, and even satellites. Being among such technical experts really raises the stakes of the conversation. Luckily, I can lean…
Warcodes: Attacking ICS through industrial barcode scanners
Several days ago I came across an interesting entry in the curious ‘ICS Future News’ blog run by Patrick Coyle.Before anyone becomes alarmed, the description of this blog is crystal clear about its contents:“News about control system security incidents that you might see in the not too distant future. Any similarity to real people, places or things is purely imaginary.”IOActive provides research-fueled security services, so when we analyze cutting-edge technologies the goal is to stay one step ahead of malicious actors in order to…