10:25 Launched website veris | |
| The company introduced the Verizon website VERIS (Verizon Enterprise Risk and Incident Sharing). Goal of creating a service - enable anonymous publication of information about corrupt databases, attacks on social networks, where various hacking sites and services. Such incidents occur frequently, but rarely become public, because the company did not rush to report it, fearing the loss of customer confidence and damage to reputation. Such behavior of companies is understandable, but it leads to the silence of security problems and harms everyone. The new service will allow to anonymously report a detailed description of security issues. According to Alexander Hutton, head of research and exploration for Verizon Business: «This will benefit the entire community. Reliable data will help us all learn from our mistakes. " VERIS is an application and framework designed to streamline the information it receives in the form of a structured language. Presented and documentation on the use of the framework, with some examples. I will cite only the first. Example 1: SQL-injection, leading to infection by malwareattacker with Russian IP-address of the attack carried out by using multiple SQL-injection against the published Web applications. Actions allowed to enter keyloggers and network sniffers on internal systems. Keyloggers intercepted several domain credentials, the attacker used for further penetration into the corporate network. Packet sniffer collected data for several months, and periodically returned to the attacker to collect information stored by them. The attack is divided into three distinct events using a model a4 (I think, further translation is not needed, the language after all): Event 1 Agent: External (Type: Organized crime; Role: Participated directly and deliberately; Origin: Europe-East) Action: Hacking (Type: SQLinjection; Path: Web Application) Asset: Servers & Applications (Type: Web app / server, Database) Attribute: Integrity Event 2 Agent: External (Type: Organized crime; Role: Participated directly and deliberately; Origin: Europe-East) Action: Malware (Type: Keylogger, Packet sniffer; Path: Installed / injected by remote attacker) Asset: Servers & Applications (Type: Web app / server) Attribute: Confidentiality Event 3 Agent: External (Type: Organized crime; Role: Participated directly and deliberately; Origin: Europe-East) Action: Hacking (Type: Use of stolen credentials; Path: Remote access and control services / software) Asset: Servers & Applications, Networks & NW Devices (Type: multiple) Attribute: Confidentiality, Integrity filled with pride for the harsh Russian hackers, you can go to the service, and to register. This is anonymous, and after presenting a report, you will receive information, met a similar case, how to solve this problem in security or prevent it in the future. | |
|
| |
| Total comments: 0 | |