RUAG Breach – A lesson in cyber espionage tradecraft tools & techniques

Following a successful data breach of Swiss defense contractor RUAG – specialising in aerospace technology – the Swiss Governmental Computer Emergency Response Team (GovCERT) took the unusual step of publishing a comprehensive data breach report. The reasons given for publishing the report: …to give organizations the chance to check their networks for similar infections, and to show the modus operandi of the attacker group. You can download the summary technical report here (PDF) – 2 pages And the full espionage report here (PDF) – 34 Pages If the full report is a little TL;DR for your time or taste – or even Read More

Will customers ever really care about their Data Security?

Last week Neira Jones tweeted: 3/4 Of Customers Would Reconsider Using A Company In The Event Of A Data Breach #databreach #infosec — Neira Jones (@neirajones) November 24, 2015 To which I responded: @neirajones I believe customers will grow weary of companies security failures and robust security will become a major selling point. — Stuart Winter-Tear (@StegoPax) November 24, 2015 Quentyn Taylor made this observation in response: @StegoPax @neirajones however whilst consumers *say* they will move they rarely do. Look at Target, Sony, the banks. — Quentyn Taylor (@quentynblog) November 24, 2015 I countered with: @quentynblog Also I think Read More