SOC Monkey Week in Review - 5.4.12

Blog Post created by socmonkey on May 4, 2012

Monkey Minions!  I have returned!  For those of you who still have not done so, make sure to download my SOC Monkey App, from the Apple App Store. Still free, still


First up this week is the latest attempt of some type of legislation aimed at cybersecurity: Passage of CISPA in the U.S. House highlights need for viable cybersecurity legislation. The Cyber Intelligence Sharing and Protection Act as most of you will have heard, has passed in the House and is on its way to the Senate. Anyone who's read CISPA, or the ongoing outcry around it, knows that just like the Stop Online Piracy Act, it's causing a great deal of concern regarding privacy and civil liberties. The difference here is that many of the companies that fought against SOPA, have signed on their support for CISPA. I'm curious to see if Wikipedia and Google pull the stops out again, with their internet blackout style of building awareness, or if the White House's promise of a veto will do enough to hinder acceptance of this bill in the Senate. If you'd like to learn more about how this bill would affect you: How CISPA would affect you is an excellent FAQ that should help you wrap your head around a pretty wide reaching bill.


Second this week, Symantec's Threat Report seems to have been a popular download, but the link that everyone seems to be retweeting is the highlight page of the report.  The item that seems to be of most interest to the MonkeyTrust out there is that web based attacks increased by 36% with over 4,500 new attacks each day. Take a look at the summary (or the entire report itself), and let us know what's of the biggest concern to you and your organization.


Finally, my odd link of the week has to go to this rather intriguing tale: GCHQ's spy death riddle shines light on UK hacker war. Our tale starts with a team of spies sent to try to infiltrate various hacker organizations via Defcon and Black Hat, and ends (dramatic pause), with a murder. The entire story seems to have been pulled out of a slightly more tech savvy John Le Carre novel, and it makes one wonder, Was he killed by someone he targeted, or was it something in his personal life that caused his death? Ars Technica got in on the buzz, with their own version of the tale: MI6 codebreaker attended U.S. security conference just before his death. The creepiest detail for me?  When they searched his room, his phone had been wiped and the sim cards had been removed. I just got monkeybumps everywhere. Something tells me we'll be hearing more about this case as it continues to come to light.


The other links that jumped off the app and smacked me in the monkey chops this week:


Mac botnet generated $10,000 a day for Flashback gang | ZDNet (Flashback! Again!)

What Good is PCI-DSS?

Targeted Attacks in Syria - F-Secure Weblog


That's it for me this week, oh fabled Monkeynauts. My homework for all of you is to A) download my app, so you can see the many excellent articles that didn't make it to my list of hits, and B) Send me your feedback on it as well, so we can see how it's working for all of you out there.  You can either send me a direct message, or comment in this thread.


Til next week,