CIA, First Things First, Verizon discussed on Security on The Bayou
And. Welcome to security on the by you. I'm your host Chris Adkins, and they're a recap of today's Security News. And why it matters to you? Welcome friends. It is Wednesday may eighth twenty nineteen. Here's tease Security News. First things first, let's start with this from security affairs dot CO, by Peru, Pierre Pierre Luigi pa- Ghani, which I think he wrote an article yesterday if I remember correctly, this one entitled little sec in anonymous IT, a hackers published sensitive data from thirty thousand Roman lawyers so IT here standing for Italian. So they were able to collected data of thirty thousand different lawyers over there all with personal information evidence of accesses to P E C accounts, which is the certified Email account. So it sounds like all of the the lawyers in Italy are given a certified Email account, which sort of makes sense audit purposes and regulatory stuff. So keep that going in. Appears that maybe the actual target of. This was the mayor of Rome Virginia Raggi, so which is a member of this group. So I I really when I first saw this headline. I assumed they were you know, they were on the warpath for maybe for the Catholic church. But it appears not I'm not to do so bit more research on this. But the reason that they did this is we want to remember our friends arrested a few years ago and make them understand that we ended on Humous are legion. So I don't know who our friends are from a few years ago around. But it's an interesting interesting hackers from Losec who you know, we hear from stuff from occasionally Losec slash anonymous. How you know pretty much the same thing at this point. But this is probably one of their larger. Hacks in quite some time. So peers back maybe they've reorganized a little bit or just maybe some new motivation. That's probably the correct answer next. So this one's fun from ZD net Bart by Charlie Osborne. And this is one of those articles that dish just happens to be the link. I found it's going to be everywhere. It's all over the place title at article is CIA camps out in anonymous toward network. So the CIA has spun up their own on the inversion of the CIA's website at really long address dot onion. So it's a mirror image of the standard website. But the CIA CIA says that creating this version meet the agency's intelligence collection mission by being secure on anonymous in untraceable, if you believe any of those last three words, I got I got some some beach-front land in desert to sell you, secure anonymous and. Untraceable in CIA an onion all in one sentence. I just have a hard time believing this. I don't even believe that their intentions are pure here. I think this is a there's something going on here. There has to be. It's the CIA. That's what they do. They try to make you believe that everything's hunky Dory on in the background. They're actually doing something. Nefarious. Let's call it nefarious. So you best believe I'm gonna go check. This thing out scariest. Right. I wanna go see it. And then I might just burn my laptop. I don't know. I might I'll probably do this in a virtual machine. What I'll end up doing even though it's probably not gonna matter. So an interesting article from ZD net about the CIA, new tore. Website next from the state of security on trip wire. By Tim Irwin highlights from the horizon DVR twenty nineteen. So I'm not gonna read this whole article. But for those that don't know Verizon of every year releases a report called the data breach investigations report. It's it's sort of an industry standard at this point. I look I I look forward to pretty much every year. Do I I don't know. It's usually a pain in the ass. But I like reading it every year because there's usually some good findings in their essentially, what it is they send these surveys out to people cross the the industry that work in security all the time, and they start, you know, they let them know sort of what happened in their world that year. So for instance, looks let's see me pick one of the things out of here. The grid. There were. Six hundred eighty four information incidents related to denial of service. So I'm gonna forget what this thing is this this graph at that. They this matrix. I guess would be that they built there's a specific name for it. But it's interesting because it breaks down incidents and breaches by pattern action pattern action and asset. So like that same one the information incident had six hundred eighty four denial of service seven hundred ninety six classified as hacking. Eight hundred seventy four were servers. So there's different categories in here like under asset, you have user user development server person network media kiosk slash terminal. So in that report, they define all his stuff. There's always usually some interesting things that come out. Apparently. Here we go. This is right off the top. So I will give you a little bit of it healthcare has the most problems with miscellaneous errors departure for most other sectors. That's interesting healthcare has a huge MA aspect to it. So anytime you start putting that much into it things get Harry, but sue banks also do a lot of MA. So why don't they have the same problem? So just there's always some interesting things in here, but always take into account. Right. Humans wrote this down in no matter how many times they read a definition of something. They may get it wrong. Like the difference between Mauer hacking, misuse social error and physical. One can lead to the other right? All the time. And we're fishing fall in there. Right. Is it hacking or malware could also fall into social, obviously? So there's a lot of things that can change in here. But it's good report. Go find it once again, it's the Verizon DB, I are delta. Bravo, India Romo Romeo Romo heat Tony Romo anyways. Okay. I think that'll do it. It is Wednesday may eighth twenty nineteen. Everybody have a wonderful day. We'll talk again tomorrow.