2014 Data Breach Investigations Report (Verizon)


Excerpt from the 2014 Data Breach Investigations Report.

“We have more incidents, more sources, and more variation than ever before—and trying to approach tens of thousands of incidents using the same techniques simply won’t cut it. Not only would the dominant incident characteristics drown out the subtleties of the less frequent varieties, but we cannot continue to study those characteristics as though they occur in isolation. In order to expose latent patterns in the data, we applied a statistical clustering technique. We identified nine patterns that together describe 92% of the confirmed data breaches we collected in 2013. We find it simply astounding that nine out of ten of all breaches observed by 50 global organizations over a full year can be described by nine distinct patterns.”

Download full report here.



Steganography (pronounced STEHG-uh-NAH-gruhf-ee, from Greek steganos, or “covered,” and graphie, or “writing”) is the hiding of a secret message within an ordinary message and the extraction of it at its destination. Steganography takes cryptography a step farther by hiding an encrypted message so that no one suspects it exists. Ideally, anyone scanning your data will fail to know it contains encrypted data.

In modern digital steganography, data is first encrypted by the usual means and then inserted, using a special algorithm, into redundant (that is, provided but unneeded) data that is part of a particular file format such as a JPEG image. Think of all the bits that represent the same color pixels repeated in a row. By applying the encrypted data to this redundant data in some random or nonconspicuous way, the result will be data that appears to have the “noise” patterns of regular, nonencrypted data. A trademark or other identifying symbol hidden in software code is sometimes known as a watermark.


How to hide a file using steganography

Link: QuickStego Download


Rouse, Margaret. “What is steganography?” TechTarget. Retrieved from http://searchsecurity.techtarget.com/definition/steganography

Dissecting Stuxnet

The Stuxnet computer worm is perhaps the most complicated piece of malicious software ever built; roughly 50 times the size of the typical computer virus. It leveraged an array of new techniques to spread and conceal itself while attacking Iranian nuclear enrichment centrifuges. Symantec Chief Architect Carey Nachenberg explains how the Stuxnet worm spread, evaded detection and ultimately accomplished its mission.