Friday Security Highlights: FOCUS Europe, Duqu, Chaos Monkeys & More

We’re a week out from McAfee FOCUS 11 in Las Vegas, and the world is still abuzz with talk of infosec – here’s an overview of some of last week’s most talked-about news, blogs and articles.

On the McAfee side, we hosted two FOCUS events in Europe, FOCUS Security Conference London and FOCUS Paris, featuring keynotes from McAfee executives as well as sessions and demonstrations from security professionals from around the world:

And in the broader realm of security news this week:

Duqu: “Son of Stuxnet”

Dubbed Duqu, a new malware was discovered carrying code from one of the most complex and potentially dangerous cyberweapons to-date. The exploit code, according to McAfee Labs’ Guilherme Venere and Peter Szor, mimics Stuxnet in its encryption keys and drivers. Like Stuxnet, it is closely related to the original Stuxnet worm, but with a different goal – to be used for espionage and targeted attacks against sites such as Certificate Authorities.

U.S. CIO: America’s future depends on ability to innovate

Newly-instated U.S. chief information officer Steven VanRoekel discusses his priorities for the federal IT landscape and how technology can enable the government to do more for Americans:

“It [fears about online security] makes a false choice between security and innovation…Security and innovation should dovetail into an opportunity.”

Where is your chaos monkey?

Interesting post by Branden Williams describing a process created by Netflix called the Chaos Monkey, which automatically and randomly shuts down major parts of the company’s tech environment. It’s controlled chaos that in theory keeps employees ready to go in the case of uncontrolled events coming from the outside. He ends by asking what features you would add into the chaos monkey – thoughts?

Cybercriminals ramping up phishing efforts

The American Bankers Association issued a warning on Wednesday about a sudden increase in phishing scams across the country. Businesses in particular are especially vulnerable to spear phishing attacks, aimed at individuals with access to corporate bank accounts.

Data breaches cause lasting reputation damage

In a recent survey of 850 executives conducted by Ponemon Institute, it was found that the average time it takes to restore an organizations reputation after a data breach is one year. The average loss in value ranged from a whopping $184M to over $330M, with a minimum loss of 12%.

Thanks for reading, and as always, feel free to leave your comments or suggestions for next week’s Highlights here in the blog, or on Twitter at @IntelSec_Biz.

Leave a Comment

sixteen + 13 =