Security News
"In olden days, being a SOC analyst was a respected gig. Entry-level SOC analyst was how you broke into the industry, learned about alarms, alerts, and notifications, and earned your chops in incident response, root cause analysis, report writing/documentation, and potentially, if you were awesome, in presenting it to the boss(es). Then you were either put on the incident response team, or moved over to digital forensics, or you could maybe switch a bit to DevOps/SecDevOps if that caught your interest. Even pentesting, if you got really good at blue teaming, which is a pretty good pathway into breaking and red teaming," Marpet explained what he meant to Help Net Security. "Now, in many companies, SOC analyst is a dead-end job. With the extreme specialization and commoditization of SOC analyst jobs, anything interesting is taken away almost immediately: 'Oh! This looks bad, send it to Incident Response!' or 'I'm not sure what this is, send it to Security!' SOC analysts became security dispatchers a while ago."
"In an era where workplace stress, mental illness, mindfulness and work-life balance are matters of importance and interest, we sought to understand if the security profession was at risk of burning itself out," the report, Security Profession 2019/2020 [PDF], stated. Some 18 per cent said they had personally walked out of a role permanently because of burnout; 36 per cent professed to knowing someone that had left due to it; and another 25 per cent claimed they had considered it.
Former UK prime minister Tony Blair has declared that governments can't "Take 10 years to catch up" with cyber crims - while speaking at an infosec conference organised by Vladimir Putin's favourite Russian bank. Blair scoffed at people with concerns about the role of the state in everyday online life, saying: "When people worry about the data they shared with governments - most people share enormous amounts of data with technology companies!".
British infosec businesses are celebrating the 30th birthday of the Computer Misuse Act 1990 by writing to Prime Minister Boris Johnson urging reform of the elderly cybercrime law. The Computer Misuse Act received Royal Assent on 29 June 1990, before "The concept of cyber security and threat intelligence research," the CyberUp campaign group said in its letter [PDF].
Since many employees have moved outside of the network perimeter, whether by using mobile devices or working from a home or remote environment organizations have lost visibility into a large percentage of their business network traffic. With a fully remote workforce, many organizations have been forced to make choices between usability and security.
Puny humans still think they're superior to AI when it comes to infosec - and a significant number still don't venture into meatspace or get enough sunlight. So reckons a survey carried out on behalf of Bugcrowd, which also made the edifying finding that 64 per cent of independent infosec researchers are on median incomes below $25,000/year - with half being aged 24 or younger.
Qualys Remote Endpoint Protection gets malware detection, free for 60 days. Powered by the Qualys Platform and Cloud Agent, malware detection in Remote Endpoint Protection uses file reputation and threat classification to detect known malicious files on endpoints, servers, and cloud workloads.
UK-based infosec outfit Keepnet Labs left an 867GB database of previously compromised website login details accessible to world+dog earlier this year - then sent lawyers' letters to bloggers in a bid to erase their reports of its blunder. As reported by news website Verdict, Keepnet was stung by Diachenko's initial post about the gaffe, which Keepnet interpreted as the blogger blaming the business for leaking its own customers' data - none of its own clients' data was exposed, but rather info from previous publicly known database exposures.
Canada's Citizen Lab laboratory has uncovered a hacks-for-hire phishing operation targeting anyone from political activists and oligarchs to lawyers and CEOs that hit more than 10,000 email inboxes over seven years. The North American outfit claims to have traced the so-called Dark Basin campaign to an Indian firm called BellTroX InfoTech Services - which denies all wrongdoing.
The British Army has raised a new regiment that will take charge of its in-house security operations centre, a move calculated to make cyber defence a more mainstream part of all things armed and camouflaged. The Ministry of Defence stated that 13 Sigs will "Provide the basis of the new Army Cyber Information Security Operations Centre, focusing on the protection of Defence's cyber domain."