Welcome!

Security is a Holistic Proposition

Gorka Sadowski

Subscribe to Gorka Sadowski: eMailAlertsEmail Alerts
Get Gorka Sadowski via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Gorka Sadowski

Banks and Insurance companies lose billions of dollars every year to fraud. Traditional methods of fraud detection play an important role in minimizing these losses. However increasingly sophisticated fraudsters have developed a variety of ways to elude discovery, both by working together and by leveraging various other means of constructing false identities. Graph databases offer new methods of uncovering fraud rings and other sophisticated scams with a high-level of accuracy, and are capable of stopping advanced fraud scenarios in real-time. While no fraud prevention measures can ever be perfect, significant opportunity for improvement can be achieved by looking beyond the individual data points, to the connections that link them. Oftentimes these connections go unnoticed until it is too late- something that is unfortunate, as these connections oftentimes hold the... (more)

Fraud Detection, Financial Industry and E-Commerce | Part 3

(Today, Part 3: anatomy of collusion-based first party bank fraud, a.k.a. how fraudsters work together to defraud a bank. Do not try this at home!!) While the exact details behind each first-party fraud collusion vary from operation to operation, the pattern below illustrates how fraud rings commonly operate: A group of two or more people organize into a fraud ring The ring shares a subset of legitimate contact information, for example phone numbers and addresses, combining them to create a number of synthetic identities Ring members open accounts using these synthetic identities... (more)

Fraud Detection, Financial Industry and E-Commerce | Part 4

Catching fraud rings and stopping them before they cause damage is a challenge. One reason for the challenge is that traditional methods of fraud detection are either not geared to look for the right thing: in this case, the rings created by shared identifiers. Standard instruments-such as a deviation from normal purchasing patterns- use discrete data and not connections. Discrete methods are useful for catching fraudsters acting alone, but they fall short in their ability to detect rings. Further, many such methods are prone to false positives, which creates undesired side eff... (more)

Kneber: Another Bot Attack

Another hack attack hits the headlines http://tinyurl.com/yebvj8p Big deal. This stuff happens every day now right?  Wrong. Not on this scale it doesn’t. The Kneber Bot has penetrated 75,000 systems, 2,500 companies across in 196 countries.  This is not a straightforward Trojan - a simple smash and grab. This one’s a game changer. Systems compromised by this botnet provide the attackers with not only user credentials and confidential information, but remote access inside the compromised network.  Just some of the data stolen includes: 68,000 corporate log-in credentials Access to ... (more)

Why Rule-Based Log Correlation Is Almost a Good Idea... Part 4

We saw what typically happens when trying to use static rule-based log correlation to perform real-time incident management... combinatory explosion and lack of scalability. How do you automate non-deterministic attacks in a few discrete steps??? Today, we'll look at more scenarios for which static rule-based log correlation doesn't make sense. Attack Scenario Example 2: Brute Force Attack Let's look at another example scenario. Brute Force Attack. - A user tries to log in to his account - He fails many times in a row and then finally succeeds - Then "probably" a successful Brute ... (more)