While every country in Europe has an agency dedicated to the mission of securing its electronic borders, cooperation between countries is rare, making efforts to protect citizens and prosecute perpetrators increasingly difficult. ECSG seeks to address this through a combination of partnership and advocacy, using the combined strength of its more than 600 cyber security experts to respond in a rapid and efficient manner. By tackling Computer Emergency Response Team (CERT) engagements as partners, they each bring their firms’ uniqueness to bear to deliver faster and more complete services in agile ways that a single, large organization simply cannot.

In addition, ECSG can utilize its front-line experience to advise governments, corporations and regulators on more effective and practical cyber defence policy issues, risk prevention and mitigation practices, and cross-border information sharing, thus reducing the effects of cybercrime across Europe.

Key Facts

• Through their partnership, ECSG is now effectively the largest European provider of CERT services. By tackling CERT engagements collaboratively, ECSG offers the most comprehensive and rapid services for corporate and government clients. Members work independently, and can draw from additional and specialized resources from their ECSG partners where and when needed. Relying on this added “bench strength” ensures successful CERT engagements of any scale.
• Acting within the law, ECSG partners will confidentially exchange up-to-the-minute threat intelligence and information trends, bypassing the red tape that would normally occur due to jurisdictional issues across borders. Such information would also be shared with government agencies in order to further the efforts of local law enforcement to combat cyber crime.
• The ECSG will additionally collaborate with the governments of individual countries, as well as the European Union, to advise on best practices and assist on cyber security engagements where necessary to ensure speedy mitigation of security issues.
• Finally, ECSG will also lobby local and EU lawmakers to enact legislation to ease the cross-border information sharing and cooperation that will ultimately lead to a more secure Europe.
• Membership to the ECSG is open, but subject to a full application review. For more information, visit http://www.cybersecuritygroup.eu

Quotes

Dr Paul Timmers, Director of the Directorate Sustainable and Secure Society in the European Commission, Directorate-General Communications Networks, Content & Technology: “It is an unfortunate fact of the world we live in today that insufficient preparedness and limited cross-border cooperation can hamper our response to cyber incidents and cybercrime. This should not, however, prevent us from mitigating the effects of attacks on the victims. The mission of the ECSG is to be applauded; by leveraging the expertise and personnel from its member companies, the group will enhance cooperation and lawful sharing of information for quick and effective response to cyber-attacks. It will hopefully strengthen public-private cooperation, which is one of the key priorities of the EU Cybersecurity Strategy.”

Menno van der Marel, Chairman ECSG and Director and Co-Founder of the Dutch firm Fox IT: “Organisations are increasingly faced with cyber security incidents both major and minor, from data leaks to DDOS attacks, to Advanced Persistent Threats that can bring them to their knees. Effectively dealing with those incidents is a specialist job, and oftentimes, specialist firms may be faced with a temporary lack of resources to address client needs. ECSG partners are committed to delivering resources for each other to ensure that best in class expertise can be deployed to clients across the globe.”

About Fox-IT

Netherlands-based Fox-IT prevents, solves and mitigates the most serious threats as a result of cyber attacks, fraud and data breaches with innovative solutions for government, defence, law enforcement, critical infrastructure, banking, and commercial enterprise clients worldwide. Our approach combines human intelligence and technology into innovative solutions that ensure a more secure society. We develop custom and packaged solutions that maintain the security of sensitive government systems, protect industrial control networks, defend online banking systems, and secure highly confidential data and networks. For more information, visit www.fox-it.com.

About CSIS

In 2003, CSIS Security Group was founded with a mission to meet the growing threat of IT criminals. Today, CSIS has become the leading Nordic supplier of anti-eCrime services, and cooperates with all the Danish banks, and a series of major European financial institutions. The experts of CSIS are among the best in the world, which is proven by them winning the DefCon 2011, the world’s unofficial hacker championship. Thus, CSIS is the preferred IT security adviser by many companies, the state, and the media in Scandinavia.
The knowledge gained by continually following the IT-criminals’ whereabouts is redeployed in the development of solutions that provide optimum protection to organizations as well as private individuals. For further information please visit www.csis.dk

About LEXSI

LEXSI is an independent French company delivering dedicated and qualitative information security and risk management services.

LEXSI combines a strong focus on innovation and a distinctive alliance of technologies, methods and talents, in order to protect its clients’ interests. Its 150 experts are at the forefront of the IT and Cyber security fields. They enable LEXSI to respond to the various information security challenges faced by its more than 600 private and public clients in the world from strategic business sectors such as banking, defense, industry. For further information please visit www.lexsi.com

About S21sec

Based in Spain, S21sec is a multinational firm providing cybersecurity services and technology to help our customers achieve their business goals. Our aim is to protect our customers’ most critical digital assets:  data and corporate image. Our primary focus is what we consider the cornerstone of security – prevention. Our approach to cybersecurity is to manage customer security and build confidence by leveraging reliable new technologies. Our day-to-day interactions with clients and our collaborative partnerships with public and private sector organizations enable us to successfully thwart online fraud and cyber security threats. S21sec offers an extensive range of products, services and technology worldwide to ensure secure information systems within organizations: Compliance, Assessment, Ecrime, Intelligence, CERT, Training, Research, Digital Surveillance and SIEM solutions. For further information please visit www.s21sec.com

The post European Cyber Security Group Founded to Combat Cybercrime appeared first on Fox-IT (EN).

Fox InTELL tracks and analyses client-specific cyber threats and potential attacks in real-time as they are planned within the cybercrime underworld. Its unique approach to gathering, processing and delivering actionable cyber intelligence is already leveraged by leading banks and enterprises in Europe, and has been used by law enforcement agencies in Europe and Asia to bring down botnet herders in high-profile cybercrime cases.

“The Fox InTELL service monitors and captures the chatter, contains the fallout and minimises the damage of cyber attacks every day by gathering and delivering the most relevant and actionable information across the cyber intelligence community directly into the hands of InfoSec teams,” said Ronald Prins, CEO of Fox-IT.

Founded in 1999 as Europe’s first digital investigation agency, Fox-IT specialises in cyber defence tools, proactive monitoring services and rapid incident response for financial services, governments and highly secure/highly sensitive enterprises.

Real-time threat evolution monitoring

Fox InTELL clients are alerted immediately of possible threats and have portal access to real-time threat evolution monitoring, which has a considerable benefit over the standard industry practice of developing a written report. Fox-IT advises clients on mitigation tactics, using expert skills such as reverse-engineering.

”Fox InTELL enables us to be more in control of banking malware related to online fraud,” said Ton Wieman, head of investigations of a large European bank. “Through InTELL, we can reach out to our peers in other participating organisations quickly and stay abreast of the very latest developments in great detail.”

Cyber threats to organisation brands

Cyber attacks impact brands. A lot of attacks look like they come from the very organisation they target. Fox InTELL monitors for appearances of customers’ brand names in malware configurations, cybercrime command and control infrastructures, and underworld forums, where new threats and targeted attacks are planned.

Portal-based collaboration increases protective agility

The Collaboration area on the Fox InTELL portal has proven to be an important feature for client interactions with each other as well as with Fox InTELL experts. Community discussions on new threats and countermeasures raise questions and provide answers on issues faster than intelligence reports can be generated.

“If an InfoSec team doesn’t know about a new cyber threat, they can’t defend against it,” said Fox InTELL product manager Eward Driehuis. “Fox InTELL improves an enterprise’s cyber intelligence position, which enables better situational awareness, security controls, and risk decisions to protect their customers and their brands online.”

History of use in high-profile cybercrime cases

Fox-IT has been gathering intelligence on cybercrime for over a decade, and its services have been utilised by law enforcement agencies many times. Notable examples include the apprehension of botnet herders in Russia, the post-mortem investigation of the DigiNotar data breach, and the analysis of the recent hack of the main website of US entertainment giant NBC that attempted to inject malware onto users’ computers that would expose their banking details to cyber criminals.

About Fox-IT

Fox-IT prevents, solves and mitigates the most serious threats as a result of cyber attacks, fraud and data breaches with innovative solutions for government, defence, law enforcement, critical infrastructure, banking, and commercial enterprise clients worldwide. Our approach combines human intelligence and technology into innovative solutions that ensure a more secure society. We develop custom and packaged solutions that maintain the security of sensitive government systems, protect industrial control networks, defend online banking systems, and secure highly confidential data and networks.

Launch event

On April 24 Fox-IT will be hosting a launch event in London. This Learn & Lunch is titled “Using intelligence to keep ahead of online banking threats” and will be held in The Rag Army & Navy Club. For more information please visit the event page.

The post Fox-IT Introduces InTELL it’s Real-Time Cyber Intelligence Portal for InfoSec Teams in the United Kingdom appeared first on Fox-IT (EN).

We urge all users of this application to install this update as soon as they can, because user information that the app is meant to protect, including the user’s master password, was found to be stored unencrypted.

The full advisory (that includes all technical details) can be found at the Fox-IT blog.

The post Security Alert: Vulnerabilities Discovered in Keeper® Password & Data Vault v5.3 for iOS appeared first on Fox-IT (EN).

The latest edition of the Fox-IT magazine FoxFiles is now available.

Topics

• Column; Ronald Prins, CEO Fox-IT, on the hypocrisy of ethical hacking.
• India: Rigorous research for state cybersecurity; The Fox DataDiode has met India’s highest security standards. Governmental authorities can now deploy the product to protect their high-security networks and critical infrastructures.
• Digital forensic investigation at the crime scene; Investigators in the Netherlands have equipped a police van with Tracks Inspector. This way, the police saves precious time by conducting digital tracks investigation directly at the crime scene.
• Living in the underworld of cybercrime; If an enterprise’s Information Security team is unaware of a new cyber threat, they cannot defend against it. Fox InTELL helps companies to protect their customers and brand.
• Vacant: the position of CCO; Ad Scheepbouwer, the former CEO of TNT and KPN, has joined Fox-IT. He suggests introducing a new specialist to the boardroom of major organizations: the Chief Cybersecurity Officer.
• Portfolio; A selection of products and services Fox-IT offers internationally.
• Bits; Short news about Fox-IT’s detection of the NBC.com hack, Red October on mobiles, the Fox-IT Digital Forensics Academy and upcoming trainings and events.

Download

Download the FoxFiles magazine in PDF format here

If you prefer to receive a hardcopy you can leave your address here:

The post FoxFiles March 2013 appeared first on Fox-IT (EN).

The website of US TV network ‪NBC‬ was hacked to deliver Java and PDF exploits. The attack against NBC.com – which hosts entertainment and TV content – used a cybercrime toolkit called Redkit that was ultimately aimed at delivering Citadel, a banking Trojan. NBC acted promptly to cleaned up its promotional site, admitting the problem on NBCNews.com, part of its NBC News Digital group, which it said was not affected by the hack. It’s unclear how many people were affected. An analysis of the attack by security consultancy Fox-IT can be found here. A blog post by anti-virus firm Eset can be found here.

Click here to read the entire article.http://www.theregister.co.uk/2013/02/22/nbc_hack/

The post The Register: NBC.com HACKED to spread bank account-raiding Trojan appeared first on Fox-IT (EN).

NBC, the National Broadcasting Company of US is the latest of the higher-profile organization that has fallen victim to cybercrime. The cyber attack aimed at NBC utilized Redkit, a toolkit for cyber crimes. The toolkit delivered a banking malware called Citadel. The organization was quick enough to act towards the incident and has cleaned its promotional site. NBC news had admitted the problem on NBC.com.

Click here to read the entire article.

The post GizBot.com: NBC Website Spreading Malware After Hacked, Say Experts appeared first on Fox-IT (EN).

A few hours ago Ronald Prins of Fox-IT (@cryptoron) was tweeting about NBC.com infecting its visitors with malicious software (malware). We were investigating this as well and found the following interesting facts.

Click here to read the entire article.

The post HitmanPro.Blog: NBC.com hacked, serving up Citadel malware appeared first on Fox-IT (EN).

NBC has become the latest high-profile target for a cyber-attack, with its website, NBC.com, becoming compromised by the Citadel financial malware kit long enough to start serving malware to visitors before being corrected.
Security firm Fox-IT’s cyber-security operations center identified a variant of the sophisticated malware on NBC.com. It was discovered coincidentally in the course of its ongoing monitoring service, it explained in a blog. One of Fox-IT’s customers was infected as a result of visiting the site.

Click here to read the entire article.

The post Infosecurity-magazine.com: NBC hack serves Citadel malware to visitors appeared first on Fox-IT (EN).

RedKit exploit kit launched drive-by malware attacks from NBC websites, targeted vulnerabilities in Java and Adobe Reader. Multiple NBC websites were compromised by online attackers and used to launch drive-by attacks at visitors Thursday. “At 16:43 CET [12:43 EST] this afternoon we noticed that the NBC.com website links to the redkit exploit kit that is spreading Citadel malware, targeting U.S. financials (sic) institutions,” warned security analyst Barry Weymes at Dutch security firm Fox-IT in a Thursday blog post. “This version of Citadel is only recognizable by 3 out of the 46 antivirus programs on virustotal.com.”

Click here to read the entire article.

The post Informationweek.com: NBC Websites Hacked To Serve Citadel Financial Malware appeared first on Fox-IT (EN).

San Francisco, California and Delft, The Netherlands—February 26, 2013— Fox-IT was the first to detect the NBC.com Citadel malware hack within minutes of its launch last week in the normal course of monitoring its customers, officials at the Dutch security firm today announced. The analysis performed on the malware itself was part of InTELL, a portal-based service that defends high profile and high security  businesses against the dark world of cybercrime. Representatives of the company are in San Francisco this week to showcase the product to North American enterprises and potential partners.

“The detection of this hack is only one example of the type of attacks Fox InTELL protects our clients against every day. The service monitors and captures the chatter, contains the fallout and minimizes the damage of cyber-attacks every day by gathering and delivering the most relevant and actionable information across the cyber intelligence community directly into the hands of InfoSec teams,” said Ronald Prins, CEO of Fox-IT.

Founded in 1999 as Europe’s first digital investigation agency, Fox-IT specializes in cyber defense tools, proactive monitoring services and rapid incident response for financial services, governments and highly secure/highly sensitive enterprises.

Real-time threat evolution monitoring makes threats immediately known

Fox InTELL clients are alerted immediately of possible threats and have portal access to real-time threat evolution monitoring, which is different than the standard industry practice of developing a written report, by which time the threat has already evolved further. Should a threat become actionable, Fox-IT works with the client to prevent or mitigate the exploit, which can include reverse-engineering malware never before seen.

”Fox InTELL enables us to be more in control of banking malware related to online fraud,” said Ton Wieman, head of investigations of a large European bank. “Through InTELL we can reach out to our peers in other participating organizations quickly and stay abreast of the very latest developments in great detail.”

It was a similar case in the NBC.com attack, when Fox-IT staff immediately notified their client, who was able to take corrective action, mitigating the damage to the enterprise. They then reached out to NBC.com’s security team (who is not a Fox-IT customer) to alert them to the incident. Meanwhile, Fox-IT CEO Ronald Prins (@CryptoRon), Tweeted an alert to warn other potential site visitors.

Client-specific monitoring catches vulnerabilities of enterprise “brands” to cybercrime

Cybercriminals often design, offer and trade malware by “brand,” a situation unknown and inaccessible to most internal security teams.  Fox InTELL monitors for appearances of clients’ brand names in malware configurations, cybercrime command and control infrastructures, and underworld forums, where new threats and targeted attacks are planned.

In the case of the NBC.com Citadel hack, Fox-IT staffers discovered that the malware distributed was configured to manipulate traffic to and from the banking sites of the leading US-based banks, including Wells Fargo, Bank of America, Citibank, USAA, TD Ameritrade, Suntrust, PNC, Chase, American Express and Schwab among others.

Portal-based collaboration increases protective agility

The Collaboration area on the Fox InTELL portal has proven to be an important feature for client interactions with each other as well as with Fox InTELL experts. Community discussions on new threats and countermeasures raise questions and provide answers on issues faster than intelligence reports can be generated.

“If an InfoSec team doesn’t know about a new cyber threat, they can’t defend against it,” says Fox InTELL product manager Eward Driehuis. “Fox InTELL improves an enterprise’s cyber intelligence position, which enables better situational awareness, security controls, and risk decisions to protect their customers and their brand online.”

History of use in high-profile cybercrime cases

Fox-IT has been gathering intelligence on cybercrime for almost a decade, and its services have been utilized by law enforcement agencies many times. Notable examples include helping to bring down the Bredolab botnet in the Netherlands, apprehension of botnet herders in Russia, and the post-mortem investigation of the DigiNotar data breach.

To arrange a meeting with Fox-IT, contact Joost Bijl, marketing manager, at bijl@fox-it.com  or via Twitter @foxit.

About Fox-IT

Fox-IT prevents, solves and mitigates the most serious threats as a result of cyber attacks, fraud and data breaches with innovative solutions for government, defence, law enforcement, critical infrastructure, banking, and commercial enterprise clients worldwide. Our approach combines human intelligence and technology into innovative solutions that ensure a more secure society. We develop custom and packaged solutions that maintain the security of sensitive government systems, protect industrial control networks, defend online banking systems, and secure highly confidential data and networks. For more information, visit www.fox-it.com.

The post Fox-IT Introduces Fox InTELL Real-Time Cyber Intelligence Portal to InfoSec Teams in North America appeared first on Fox-IT (EN).