Comments
Advanced Deception: How It Works & Why Attackers Hate It
Newest First  |  Oldest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
1/12/2018 | 8:36:52 AM
Re: First problem that comes to mind is
How much risk by not knowing?  Answer:  Equifax - near total destruction of trust.

How much will it cost:  Answer: Equifax shareholder value loss and potential loss of C-Suite job.

I think executives would understand the simple answer. 
ctcrandall
50%
50%
ctcrandall,
User Rank: Author
1/11/2018 | 2:41:30 PM
Re: First problem that comes to mind is
It is extremely difficult for CISOs to understand the value behind over 3000 security offerings. Deception technology gets no special exemption from this challenge. The question to ask the C-Suite is how confident are they in knowing if threats have bypassed security controls and are mounting an attack within their network. If they are not 100% confident (who really can be sure?), then deception is an accurate and efficient solution for early threat detection. Does it work? It's pretty easy to test in a POC or stand up during a Pen Test. So, it really boils down to how much risk are they willing to take by not knowing and what will it cost if they are wrong.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
1/5/2018 | 1:22:49 PM
First problem that comes to mind is
Getting approval from the dumb C-Suite to spend actual and for real MONEY on a server structure that does NOTHING perse but emulates something else.  They would not get the benefits and risk-rewards involved and view it as a line-item expense only. 


White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Lessons from My Strange Journey into InfoSec
Lysa Myers, Security Researcher, ESET,  7/12/2018
What's Cooking With Caleb Sima
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14339
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.
CVE-2018-14340
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.
CVE-2018-14341
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.
CVE-2018-14342
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.
CVE-2018-14343
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.