#RSAC: The Most Dangerous New Attack Techniques & How to Counter Them
March 12, 2019
CCME (4607 articles)
Share

#RSAC: The Most Dangerous New Attack Techniques & How to Counter Them

An RSA Conference 2019 a panel representing the SANS Institute – featuring Heather Mahalik, director of forensics engineering at ManTech and mobile forensics course director, and Ed Skoudis, instructor, and Johannes Ullrich, dean of research – addressed the most dangerous attack techniques facing organizations and individuals today.

According to Skoudis, there are two specific attack vectors that he’s seeing increasingly. First is the manipulation of the DNS infrastructure associated with specific enterprises. “Hackers are using credentials that they have compromised in the normal course of business,” he explained. “Bad guys are logging into DNS and name registrars and manipulating the DNS records there. Emails destined for your organizations are actually being redirected to them.”

The second attack vector is domain fronting, a technique that obscures where the attacker is located. However, that’s just the start, he said, as many of these attackers are disappearing into the cloud and acting as a trusted cloud provider.

Mahalik revealed how easily anyone can be targeted in individualized attacks. If someone wants to get your information, it can be easily tracked in the cloud. “The lazier we get as humans, the better the glimpse into our lives for everyone else.” Information that is in one cloud is being shared in other clouds, making it available to bad guys who want it.

Ulrich returned to the DNS problem; it is an issue of privacy versus security. If a bad guy intercepts your traffic, they know a lot about you, so you want to go to something more private. HTTPS seems like the optimum solution, but HTTPS makes it more difficult for security staff to monitor logs that would otherwise find anomalies in the traffic.

Finally, Ulrich said there has been a rise in CPU flaws. Hackers are taking advantage of the flaws in these features to attack your system.

The solution? All three experts said there needs to be an increase in the use of MFA to make it more difficult for outsiders to gain access to your networks, your clouds, your servers or your private information.

This post #RSAC: The Most Dangerous New Attack Techniques & How to Counter Them originally appeared on InfoSecurity Magazine.

Read More

Related articles

Acronis to Secure Flying Cars

Acronis to Secure Flying Cars

Google Advanced Protection Program for High-Risk Users Now Includes Malware Protection

Google Advanced Protection Program for High-Risk Users Now Includes Malware Protection

Ransomware Attack on the Cleveland Hopkins International Airport in U.S – Lessons learned

Ransomware Attack on the Cleveland Hopkins International Airport in U.S – Lessons learned