STE WILLIAMS

Boffins exfiltrate data by blinking hard drives’ LEDs

That roll of tape you use to cover the Webcam? Better use some of it on your hard-drive LED, because it can be a data exfiltration vector.

Exfiltration experts from Ben-Gurion University of the Negev’s Cyber Security Research Center have added to previous techniques like fan modulation, GSM transmissions, or listening to the RF from USB2 transmissions, have now created malware to control hard drive LEDs.

The team led by veteran exfiltrator Mordechai Guri flashes the LED at atound 5,800 on/off cycles per second as a data channel, good enough for 4 Kbps of transmission.

That performance also depends on what you use as the receiver: it might be a Digital SLR or high-end security camera (15 bps), a GoPro-level camera (up to 120 bps), a Webcam or Google Glass Explorer (also 15 bps), or a smartphone camera (up to 60 bps).

If you can lay hands on a good photodiode sensor – they’re not expensive, the Thorlabs PDA100A they used can be had on eBay for less than US$100 – you’ll get around 4 Kbps.

In the video below, the researchers fitted the detector to a drone, flew it to a window through which the infected disk was visible and started sucking data.

Youtube Video

Since PCs lack any generic API to control the hard disk LED, the malware from Guri’s team takes the direct approach: a small chunk of code to perform reads and writes to the disk, along with a protocol to tell the receiver what it’s looking for.

Here’s the prize – the algorithm that flashes the HDD lamp.

1: procedure transmitBits(bits, T0, ReadSize)
2: sync(); //drop cache
3: hddDev = open(/dev/sda)
4: offset = 0
5: offsetIncrement = BLOCK_SIZE;
6: seek(hddDev, offset);
7: for(b in bits)
8: if (b='0') then
9: sleep (T0);
10: if (b='1') then
11: seek(hddDev, offset);
12: read(hddDev, ReadSize);
13: offset += offsetIncrement
14: end for
15: return;

®

Bootnote: There’s a little bit of life imitating art here, as in Neal Stephenson’s Crytponomicon, the sysadmin protagonist decrypts data on his laptop and outputs the result as morse code flashed on his laptop’s LEDs.

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/02/23/hard_drive_light_used_to_exfiltrate_data/

  • 23/02/2017
  • adm

Microsoft catches up to Valentine’s Day Flash flaw massacre

Microsoft’s popped out a Security Update for Adobe Flash.

Adobe did likewise last week, celebrating hackers’ love for Flash by releasing it on Valentine’s Day. That dump addressed no fewer than 13 CVEs that allowed code execution due to:

  • Type confusion vulnerability
  • Integer overflow vulnerability
  • Use-after-free vulnerabilities
  • Heap buffer overflow vulnerabilities
  • Memory corruption vulnerabilities

Microsoft’s now caught up, issuing the Update to fix the mess on Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.

The attack succeeds by poisoning a malicious website. There’s a list of mitigations here, but the bottom line is that if you blacklist Flash a few websites will misbehave but your attack surface will shrink appreciably.

This update is not a delayed release for February’s Patch Tuesday, which Microsoft has delayed due to problems doing the job right. Windows admins can expect a patch deluge come mid-March.

Windows Update will retrieve the patches if you’ve set it to do so, or you can get them here. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/02/23/microsoft_flash_security_update/

  • 23/02/2017
  • adm

US judge halts mass fingerprint harvesting by cops to unlock iPhones

Analysis An Illinois judge has rejected a warrant sought by the US government to force everyone in a given location to apply his or her fingerprints to any Apple electronic device investigators happen to find there, a ruling contrary to a similar warrant request granted last year by a judge in California.

Under current law, the government already has the right, given sufficient evidence, to compel a specific individual to unlock an electronic device protected by a fingerprint reader like Apple’s Touch ID sensor.

In 2014, a judge on Virginia’s Second Judicial Circuit ruled that a defendant could be forced to provide a fingerprint but not a passcode, the distinction being that a fingerprint is not testimonial whereas a passcode is.

Defendants thus cannot use the Fifth Amendment’s protection to refuse to provide a fingerprint on the grounds that the fingerprint itself qualifies as self-incriminating testimony.

But the government’s right to compel action diminishes when it lacks sufficient cause to make such demands of people, at least in Illinois.

In his order this month, M. David Weisman, a magistrate judge for the US District Court for the Northern District of Illinois, notes the government wants a warrant that isn’t limited to a particular person or device. The warrant also lacks information about who is believed to be involved in criminal conduct and the specific Apple device involved.

Essentially, prosecutors want to go into a vaguely described location – perhaps a home or an office – and make every inside, regardless of who they are, provide their fingerprints to unlock their Apple handhelds so investigators can rifle through the devices for evidence. The warrant doesn’t say where this raid will take place nor exactly who is targeted.

The government’s cause in Illinois may be easy to support – the warrant is part of an investigation involving the sexual abuse of multiple victims by someone associated with the premises in question and the trafficking in child pornography over the associated internet connection. But its methods present legal issues that go beyond this specific case.

The judge accepts that the Fourth Amendment – which protects against unreasonable searches and seizures by the government – does not protect fingerprints.

But in this case, the judge wrote in his order, “the government is seeking the authority to seize any individual at the subject premises and force the application of their [sic] fingerprints as directed by government agents.”

Such a broad intrusion does have the Fourth Amendment implications and is not justified based on the facts presented, the judge said. Perhaps more significantly, the judge allows for Fifth Amendment considerations as well, despite his observation that “the government is generally correct that the production of physical characteristics generally do not raise Fifth Amendment concerns.”

While being forced to produce a fingerprint isn’t itself unconstitutional – authorities can take fingerprints from those they arrest – Weisman explains that Fifth Amendment comes into play when the compelled production of information itself is incriminating.

The critical distinction comes down to how much the government already knows. Where the information to be gained is largely known – a foregone conclusion – then the law favors the government. But where the information is unknown or incriminating, the Fifth Amendment weighs more heavily.

‘With a touch of a finger, a suspect is testifying’

And in this case, Weisman asserts the government is asking for too much, with too little evidence to support its demand. “By using a finger to unlock a phone’s contents, a suspect is producing the contents on the phone,” the judge wrote. “With a touch of a finger, a suspect is testifying that he or she has accessed the phone before, at a minimum, to set up the fingerprint password capabilities, and that he or she currently has some level of control over or relatively significant connection to the phone and its contents.”

This view, if accepted by other courts, would offer more protection to data on electronic devices. However, Weisman is careful to note that the Fourth and Fifth Amendment obstacles to granting the government’s warrant request may be overcome with more specific information.

EFF Staff Attorney Andrew Crocker in a phone interview with The Register said: “This is exactly what we hope courts will do, which is when faced with a situation like this to consider the implications of granting a request and to reject the ones that are too broad.”

Crocker said that the judge was rightfully concerned by a warrant application that relied on boilerplate. Investigators, he said, “didn’t know they’d find a phone and didn’t have any reason to assume an iPhone would be found.”

The warrant application’s reliance on dated boilerplate – it cites BlackBerry devices as common digital assistants – is problematic, the judge wrote, because it means recent technological developments, like wireless internet service, are not addressed. He suggests the government has not shown that it can rule out the possibility that the person involved in transmitting unlawful images might have accessed the network in question without authorization.

Pointing to the California ruling last year that granted a similar warrant, Crocker expressed concern such broad, non-specific warrants are becoming common practice.

Crocker said that while the Illinois judge’s decision is not precedent-setting, it’s likely to be scrutinized by other magistrate judges reviewing warrant demands in other jurisdictions. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/02/23/judge_rejects_bulk_fingerprint_collection_in_case_iphones_are_found/

  • 23/02/2017
  • adm

Firefox certificate cache leaks user information

Firefox’s intermediate certificate cache can be tricked into leaking to a deliberately mis-configured server, creating yet-another chance to fingerprint users (including those who think they’re protected by Private Browsing).

The data leak identified by security researcher Alexander Klink could also let a malicious attacker identify browsers operating in a sandbox (for malware analysis) or not.

When starting a TLS session (for HTTPS), a correctly-configured server, he explains, sends a visiting browser both the intermediate CA (which Firefox caches) and its server CA, while a misconfigured server will only send the server CA. In the latter case, the site will only load if the user already has the intermediate cached.

That’s the genesis of Klink’s realisation that if a user’s browser behaves differently depending on server config, there might be some way to use that behaviour to infer which intermediate certificates are in their cache – and use that knowledge to create a user fingerprint.

Filed as bug #1334485 by Klink, the bug would let a third party Website send a request, and Firefox will leak the intermediate CAs from its cache. Having run a proof-of-concept, Klink says it even catches CAs from browsers operating in Private Browsing mode, because that mode doesn’t isolate the cache.

Since certificate information is necessarily public, it needed only some time combing Root CA Extract data to build a list of certificate chains, and Project Sonar data to identify misconfigured sites.

As well as fingerprinting users, Klink says, there’s a certain amount of mostly geographical data leakage about users’ browsing habits.

The issue has raised a lively discussion at the Mozilla list about the severity of the problem and whether it’s fixable. Gervase Markham notes that a useful attack would be non-trivial, while noting however that the authors of the Tor browser might consider disabling caching in their software. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/02/23/firefox_certificate_cache_leaks_user_information/

  • 23/02/2017
  • adm

Linux kernel gets patch for 11-year-old local-root-hole security bug

Eleven years ago or thereabouts, the Linux kernel got support for the Datagram Congestion Control Protocol – and also got a privilege escalation bug that has just been fixed.

Like basically every root hole, this flaw can be potentially exploited by software on a vulnerable device, or logged-in users, to gain root-level access and fully compromise the computer. It can be chained with remote-code execution vulnerabilities to take over a box from across the network or internet.

Kernel developer Andrey Konovalov announced the fix for the bug on the Open Source Security Mailing List, explaining the programming blunder probably dates to October 2005 when Linux first got Datagram Congestion Control Protocol (DCCP) support.

The problem is how the DCCP code handles a socket buffer (skb). “An skb for a DCCP_PKT_REQUEST packet is forcibly freed via __kfree_skb in dccp_rcv_state_process if dccp_v6_conn_request successfully returns,” Konovalov writes.

The bug is that the skb’s address is saved and its reference counter incremented after it’s been freed – yes, this is a use-after-free.

With an exploit, he writes: “An attacker can control what object that would be and overwrite its content with arbitrary data by using some of the kernel heap spraying techniques. If the overwritten object has any triggerable function pointers, an attacker gets to execute arbitrary code within the kernel.”

The code for the fix is here. Users are advised to update as soon as the patch lands in their distro. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/02/23/linux_kernel_gets_patch_against_12yearold_bug/

  • 23/02/2017
  • adm

FBI Pursues Three Probes Into Russian Hacking Of US Elections

Sources say the bureau’s offices in Pittsburgh, San Francisco, and Washington are investigating the alleged hack.

The FBI is pursuing three separate investigations into cyberattacks on political and government entities during the US presidential poll campaign and trying to identify Russia’s role in them, Reuters reports, quoting five current and former government officials. Russia has been accused of orchestrating the attacks to undermine support for Hillary Clinton.

Sources say the FBI’s Pittsburgh office is probing the 2015-2016 breaches, which exposed the internal communications of the Democrats. The case has made strong progress but does not yet have enough evidence for an indictment. The San Francisco unit is investigating hacker group Guccifer 2, which allegedly leaked emails from the Clinton campaign manager’s account. Washington-based agents are examining leads from informants and foreign communications intercepts.

Reuters’ sources revealed the FBI is studying reports of frequent pre-election interactions between Russian intelligence officials and Americans close to US President Donald Trump, as well as financial transactions involving Russian investments overseas.

Read details here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: http://www.darkreading.com/fbi-pursues-three-probes-into-russian-hacking-of-us-elections/d/d-id/1328215?_mc=RSS_DR_EDT

  • 23/02/2017
  • adm

Preparing Security For Windows 7 End-Of-Life Support

Moving to Microsoft’s latest OS may give you flashbacks to when XP support ended.

Last month, Microsoft announced it will end support for Windows 7 in 2020, giving customers three years to upgrade their systems to Windows 10. In the short term, computers running Windows 7 will still work, and Microsoft will still share security updates for the operating system. The latter is good, especially as most cyber attacks today target Windows 7 simply because it’s one of the most popular operating systems.

Attacks on Windows 7 typically rely on vulnerabilities in the OS, and each time a vulnerability is found, Microsoft works to develop and release a patch. However, in January 2020, once Windows 7 reaches the end of its life, any new vulnerability found and reported will not be patched. Thus, in a few years, Windows 7 will become even more vulnerable.

More on Security Live at Interop ITX

Attackers are taking note of the latest news and will soon begin to look at Windows 7 as even-lower-hanging fruit — much as they did with Windows XP over the last couple of years. As you’ll recall, support for Windows XP ended April 8, 2014, but the vulnerabilities in the old OS remain (not to mention, XP still has millions of users globally).

For myriad enterprise users of Windows 7, three years to get everything transitioned over to Windows 10 is actually not that long. After all, it’s not just the changing of some application; rather, it requires installing a new operating system and making sure that the upgrade doesn’t cause current applications to break.

If you’re planning to make the move, note well: it will be costly. First, there’s an actual cost of an upgrade — from the cost of the license to the IT used to support the installation and testing. Second, those enterprises that don’t hit the public deadline might need to pay additional fees for customized extended support programs. These customized extended support licenses were offered by Microsoft when XP expired. In fact, enterprises (ironically, budget-tight organizations including the US government) have admitted to paying millions of dollars for XP extended support because they needed more time to transition.

The sad reality for those planning to pay for an extension is that this type of support is effective only against very simple attacks. For example, bypasses are now a common technique in the attacker’s toolbox to navigate around Enhanced Mitigation Experience Toolkit (EMET), Microsoft’s freeware security toolkit for Windows.

Here are some tips for staying secure while tackling the upgrade process:

  • Segment the network by cutting off critical devices from others in the network. Take it a step further and remove any unnecessary devices from the network.
  • Ensure that security controls on the devices are turned on (believe it or not, they’re not necessarily enabled).
  • Place third-party solutions on these devices to close the gaps on legacy systems and ensure that data is protected.

Before you get too overwhelmed by the task of upgrading, note that this won’t be nearly as complicated or expensive as upgrading from XP. Windows XP still supported old DOS applications while DOS was pretty much obliterated since Windows 7, thus expiring legacy applications that were still functioning.

Related Content:

Udi Yavo has more than 15 years of experience in cybersecurity with a proven track record in leading cutting-edge cybersecurity RD projects. Prior to enSilo, Udi spearheaded the direction of the cybersecurity unit at the National Electronic Warfare Research Simulation … View Full Bio

Article source: http://www.darkreading.com/operations/preparing-security-for-windows-7-end-of-life-support/a/d-id/1328203?_mc=RSS_DR_EDT

  • 23/02/2017
  • adm

8 Valuable Security Certifications For 2017

A security credential could be the step towards your next job title. But which one to get?PreviousNext

(Image: wk1003mike via Shutterstock)

(Image: wk1003mike via Shutterstock)

Security certifications aren’t mandatory for all industry experts, but they can make a difference in applying for new roles. (ISC)² CEO David Shearer says they’re a “must-have” when looking at candidates on paper.

“Statistically, someone who goes through the formal [certification] process tends to be a candidate with more educational experience,” he says, and certifications give professionals the “deep dive” expertise they need to drive their careers.

There are definitely people who learn from experience and fall outside the rule, however. “There are always exceptions; people who don’t have certifications who are fantastic at what they do,” Shearer notes.

But a certification gives you broader knowledge, he says. “You need to think broad and you need to think deep,” he says of building security expertise.

This depth is what separates security certificates from certifications, which “have a different bar you have to go through compared with a certificate,” he says, citing a report from the Institute for Credentialing Excellence. Certificates typically don’t evaluate experiential performance. “There’s a lot more rigor that goes into a credential as opposed to a certificate.”

While the distinction doesn’t necessarily mean certificates are bad, it’s simply something to bear in mind because they are designed to evaluate different things and therefore have a different structure.

It’s important for businesses to recognize the difference between certificates and certification programs, says Shearer. People commonly use “certificate” and “certification” as synonymous terms.

Businesses who want professionals to demonstrate established knowledge or skills should focus on certification programs, which aim to validate competency through a structured assessment system. Certificate programs provide instruction so participants acquire skills in a specific area. While certification content is typically broad in scope; certificate content is much narrower.

Here’s a look at some of the key certifications for security experts today. Do you have any of these certifications? Thinking about them? Feel free to share your thoughts and keep the conversation going in the comments.

 

Kelly is an associate editor for InformationWeek. She most recently reported on financial tech for Insurance Technology, before which she was a staff writer for InformationWeek and InformationWeek Education. When she’s not catching up on the latest in tech, Kelly enjoys … View Full BioPreviousNext

Article source: http://www.darkreading.com/careers-and-people/8-valuable-security-certifications-for-2017/d/d-id/1328204?_mc=RSS_DR_EDT

  • 23/02/2017
  • adm

Social Media Impersonators Drive Security Risk

A new pool of research digs into the fraudulent social media accounts, a growing threat to individuals and businesses.

The number of social media impersonators grew 11x between December 2014 and December 2016, a sign of a trend threatening businesses and individuals as fake accounts become easier to create.

This finding comes from new research by social media security firm ZeroFOX, which spent two years digging into impersonators using machine learning, natural language processing, image recognition, and other techniques to gauge similarities between fake and legitimate accounts.

“We were analyzing tactics and techniques, trying to understand their motives for performing different types of attacks,” says Mike Raggo, chief research scientist at ZeroFOX.

ZeroFOX gained its insight from about 40,000 brand impersonators across six platforms: Facebook, Twitter, Instagram, LinkedIn, Google+, and Youtube. Nearly 1,000 were analyzed in depth; for some, researchers talked with criminals to learn about goals and methodologies.

Attacks span all platforms but are most popular on Facebook, Twitter, and Google+. Their goals vary, but most involve money. With phishing, Raggo explains, they could be seeking credit card information or social network data so they can hijack accounts and broaden their victim pool.

Impersonators employ several techniques: phishing, adware, malware, fraud, counterfeit merchandise, and “follow farming”. Their habits are changing. In this research, Raggo explains, he was surprised to see an increase in impostors claiming to verify accounts.

“We saw a number of impersonators, across a number of different networks, exploiting the verification process,” he says. Many claim to verify social media accounts for a price, and collect victims’ credentials and credit card information in the process. The verification process varies across social platforms; some require fees and some don’t.

Fake promoted ads are another trend to watch, he continues. Impostors create ads prompting users to click through to a malicious site. This was surprising, he continues, because social platforms typically require a vetting process for promoted ads. Impersonators can bypass the vetting process by using real brand logos and similar-looking merchandise.

The creation of successful fake accounts takes time and expertise. Many impersonators set up their accounts long before they attack, garner followers, then change their information before they weaponize the account. They continue adopting new names over time to avoid getting caught.

“We saw a lot of impersonator accounts were set up weeks or months in advance,” says Raggo. “A lot of accounts had been set up for some time to build a following. Then they change multiple times, transcending multiple accounts or companies over time.”

There are several ways impostors try to trick unsuspecting users. They employ link shortening so unsuspecting victims have no idea they’re getting phished. They use cropped, flipped, or altered images from legitimate brands to make their false advertising seem real.

This research highlights an interesting challenge for businesses as they figure out how to stay secure in the age of social media. Most organizations are equipped to handle phishing, malicious links, and malware in email — but how are they positioned to handle social media?

“This is more than a perimeter and endpoint issue,” he says. “This is a problem within the cloud, outside the business networks.” Perimeter and endpoint security can help squash some of these threats, but they can’t tackle all attacks from social media impostors.

Businesses should be monitoring for impersonators, watching for instances of brand hijacking or ads selling counterfeit goods. Finding these accounts isn’t easy; anyone can go out and use relevant social apps to create fake profiles.

Related Content:

Kelly is an associate editor for InformationWeek. She most recently reported on financial tech for Insurance Technology, before which she was a staff writer for InformationWeek and InformationWeek Education. When she’s not catching up on the latest in tech, Kelly enjoys … View Full Bio

Article source: http://www.darkreading.com/attacks-breaches/social-media-impersonators-drive-security-risk/d/d-id/1328208?_mc=RSS_DR_EDT

  • 23/02/2017
  • adm

Law Enforcement At RSAC: Collaboration Is Key To Online Crime Fighting

Agencies and investigators are reaching out across jurisdictions and international borders to vanquish spammers, botnet operators, and worse.

RSA CONFERENCE – San Francisco – An IP address that appeared to be German. A proxy, in front of a proxy, in front of another proxy. Then, after six months of investigation, plenty of back and forth with other international agencies and officials, and lots of dead-ends, the German federal police finally got their hands on the server and database powering the illegal sale of online access credentials, “a black Amazon,” according to Mirko Manske, team lead, cyber intelligence ops for Bundeskriminalamt (BKA).

Except that wasn’t the end of it. The server drive was encrypted, Manske says.

Relying on a network of collaboration that included a university to decrypt the drive, plus coordination with US and EU law enforcement officials, and data from the National Cyber-Forensics and Training Alliance. Collectively, they were able to pull the plug on the nefarious marketplace, which had 10,000 members buying and selling stolen credentials using Bitcoin and altcoin.

“We joined up with FBI and Europol, dividing up 180 suspects” from multiple countries, Manske told RSA attendees last week. He spoke as part of a larger session addressing law enforcement’s increasing collaboration with other agencies, reaching out across jurisdictions and even international borders to vanquish spammers, botnet operators, and worse. The unambiguous message: Collaboration works, and in fact, may be the only way for law enforcement to shut down bad actors who can change identities, servers, and locations at will.

“Cops can’t do it alone,” Manske says. “If it had been just us, I wouldn’t have known how to handle the workload. And without collaboration, I never would have been able to solve this case,” he adds. “Stop hiding what you’re doing and start sharing what you’re working on,” he urges other enforcement officials.

Taking down the infamous Avalanche network would have been impossible without broad-based collaboration, according to Keith Mularski, a supervisory special agent with the Federal Bureau of Investigation, another RSA panelist.

Avalanche, “a bullet-proof, criminal services hosting service” for malware propagation and money laundering operating since 2010, was responsible for infecting as many as 500,000 computers daily, the FBI estimates.

On the day of the takedown in late November 2016, the FBI coordinated with counterparts and private-sector participants in 40 countries including Sweden, the Netherlands, France, Canada, Ukraine, Germany, Finland, and Australia, among others.

The FBI and its partners worked with top-level domain registrars around the world to sinkhole approximately all the compromised domains in Avalanche, Mularksi estimates. “We had to make sure we got all of them, otherwise if we left one, the bad guys could take it back,” and start reconstituting the whole operation, he adds.

The partners in the Avalanche takedown also performed victim identification and remediation; the Shadowserver Foundation helped identify the IP addresses so that ISPs could clean the machines. The net result from the internal cooperation: 50 servers seized worldwide and 830,000 malicious domains sinkholed, Mularski reports.

It took almost 12 years to find and capture Sergey “Fly” Vovnenko, according to James Meehan, deputy special agent in charge, US Secret Service. Among Vovnenko’s many crimes were selling compromised payment card data, offering hackers for hire on elite forums, and running a botnet used to attack multiple companies. In real life, Vovnenko tried to frame security columnist Brian Krebs by sending heroin to Krebs’ home.

Investigators identified Vovnenko’s residence in Naples, Italy, in 2014; the Secret Service, the US Justice Department, and Italian authorities then spent several weeks coordinating the arrest operations.

“Collaboration is the key, having people on the ground who can help us,” Meehan tells the RSA audience. “If I need help, I know who to pick up the phone and talk to.” He also credits the Electronic Crimes Task Force — started in the US in the 1980s and now with offices in Rome, London, and Paris – with making international collaboration easier.

Meehan said that online criminals were communicating more efficiently than law enforcement was, frequently on encrypted Jabber channels. Behind the scenes, an international search warrant could take 6-8 months to secure, allowing for translation and submission of legal documents. “Now we’re working with prosecutors in other countries where we can just make a phone call,” he says. “There’s the trust factor now, where before they wouldn’t do anything til they got the paperwork.”

Related Content:

Save

Save

Save

Save

Save

Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain’s New York Business, Red Herring, … View Full Bio

Article source: http://www.darkreading.com/threat-intelligence/law-enforcement-at-rsac-collaboration-is-key-to-online-crime-fighting/d/d-id/1328213?_mc=RSS_DR_EDT

  • 23/02/2017
  • adm