Author Archives: Fahmida Y. Rashid
Author Archives: Fahmida Y. Rashid
The waves of cyberattacks that have rocked Saudi Arabia over the past few months are linked to the earlier Shamoon attacks. However, the initial 2012 attack was the work of a single group, whereas the latest attacks have been carried out by different groups of varying skills and expertise, all following instructions provided by one malicious actor, McAfee researchers have found.Researchers at McAfee Strategic Intelligence believe the 2012 Shamoon attacks against Saudi Arabia’s state-run oil company Saudi Aramco and Qatari natural gas company RasGas, the attacks last November against Saudi organizations, and these latest attacks are all the work of hacker groups supported and coordinated by a single actor, and not the efforts of multiple gangs operating independently, said McAfee principal engineer Christiaan Beek and McAfee chief scientist Raj Samani. To read this article in full or to leave a comment, please click here
The waves of cyberattacks that have rocked Saudi Arabia over the past few months are linked to the earlier Shamoon attacks. However, the initial 2012 attack was the work of a single group, whereas the latest attacks have been carried out by different groups of varying skills and expertise, all following instructions provided by one malicious actor, McAfee researchers have found.Researchers at McAfee Strategic Intelligence believe the 2012 Shamoon attacks against Saudi Arabia’s state-run oil company Saudi Aramco and Qatari natural gas company RasGas, the attacks last November against Saudi organizations, and these latest attacks are all the work of hacker groups supported and coordinated by a single actor, and not the efforts of multiple gangs operating independently, said McAfee principal engineer Christiaan Beek and McAfee chief scientist Raj Samani. To read this article in full or to leave a comment, please click here
The internet never forgets, which means data that should have been deleted doesn't always stay deleted. Call it "zombie data," and unless your organization has a complete understanding of how your cloud providers handle file deletion requests, it can come back to haunt you.Ever since the PC revolution, the concept of data deletion has been a bit misunderstood. After all, dragging a file to the Recycle Bin simply removed the pointer to the file, freeing up disk space to write new data. Until then, the original data remained on the disk, rediscoverable using readily accessible data recovery tools. Even when new data was written to that disk space, parts of the file often lingered, and the original file could be reconstructed from the fragments.To read this article in full or to leave a comment, please click here
The internet never forgets, which means data that should have been deleted doesn't always stay deleted. Call it "zombie data," and unless your organization has a complete understanding of how your cloud providers handle file deletion requests, it can come back to haunt you.Ever since the PC revolution, the concept of data deletion has been a bit misunderstood. After all, dragging a file to the Recycle Bin simply removed the pointer to the file, freeing up disk space to write new data. Until then, the original data remained on the disk, rediscoverable using readily accessible data recovery tools. Even when new data was written to that disk space, parts of the file often lingered, and the original file could be reconstructed from the fragments.To read this article in full or to leave a comment, please click here
The internet never forgets, which means data that should have been deleted doesn't always stay deleted. Call it "zombie data," and unless your organization has a complete understanding of how your cloud providers handle file deletion requests, it can come back to haunt you.Ever since the PC revolution, the concept of data deletion has been a bit misunderstood. After all, dragging a file to the Recycle Bin simply removed the pointer to the file, freeing up disk space to write new data. Until then, the original data remained on the disk, rediscoverable using readily accessible data recovery tools. Even when new data was written to that disk space, parts of the file often lingered, and the original file could be reconstructed from the fragments.To read this article in full or to leave a comment, please click here
After the Shadow Brokers group opened up its archive of exploits allegedly stolen from the United States National Security Agency, security experts found a nasty surprise waiting for Solaris administrators.The Register reported that the dumped Shadow Broker files reference two programs, EXTREMEPARR and EBBISLAND, that would let attackers obtain root access remotely over the network on Solaris boxes running versions 6 to 10 on x86 and SPARC architectures.To read this article in full or to leave a comment, please click here
After the Shadow Brokers group opened up its archive of exploits allegedly stolen from the United States National Security Agency, security experts found a nasty surprise waiting for Solaris administrators.The Register reported that the dumped Shadow Broker files reference two programs, EXTREMEPARR and EBBISLAND, that would let attackers obtain root access remotely over the network on Solaris boxes running versions 6 to 10 on x86 and SPARC architectures.To read this article in full or to leave a comment, please click here
Certificate authorities (CAs) have given themselves a black eye lately, making it hard for users to trust them. Google stopped trusting Symantec after discovering the CA had mis-issued thousands of certificates over several years, and researchers found that phishing sites were using PayPal-labeled certificates issued by Linux Foundation’s Let’s Encrypt CA. Even with these missteps, the CAs play a critical role in establishing trust on the internet.To read this article in full or to leave a comment, please click here
Certificate authorities (CAs) have given themselves a black eye lately, making it hard for users to trust them. Google stopped trusting Symantec after discovering the CA had mis-issued thousands of certificates over several years, and researchers found that phishing sites were using PayPal-labeled certificates issued by Linux Foundation’s Let’s Encrypt CA. Even with these missteps, the CAs play a critical role in establishing trust on the internet.To read this article in full or to leave a comment, please click here
Attackers prefer to reuse code and tools for as long as they keep working. In that tradition, researchers have found evidence suggesting a cyberespionage group is still successfully using tools and infrastructure that was first deployed in attacks 20 years ago.The Moonlight Maze refers to the wave of attacks that targeted U.S. military and government networks, universities, and research institutions back in the mid-to-late 1990s. While the Moonlight Maze disappeared from the radar after the FBI and Department of Defense investigation became public in 1999, there were whispers within the security community that the cyberespionage group never entirely went away. Turla, a Russian-speaking attack group that's also known as Venomous Bear, Uroburos, and Snake, was floated as a possibility, but until recently, all links were guesswork and speculation.To read this article in full or to leave a comment, please click here
Attackers prefer to reuse code and tools for as long as they keep working. In that tradition, researchers have found evidence suggesting a cyberespionage group is still successfully using tools and infrastructure that was first deployed in attacks 20 years ago.The Moonlight Maze refers to the wave of attacks that targeted U.S. military and government networks, universities, and research institutions back in the mid-to-late 1990s. While the Moonlight Maze disappeared from the radar after the FBI and Department of Defense investigation became public in 1999, there were whispers within the security community that the cyberespionage group never entirely went away. Turla, a Russian-speaking attack group that's also known as Venomous Bear, Uroburos, and Snake, was floated as a possibility, but until recently, all links were guesswork and speculation.To read this article in full or to leave a comment, please click here
Google knows that if enterprises are going to move their critical services to its cloud, then it has to offer something that AWS doesn’t. At Google Cloud Next, the company’s leadership made the case that Google Cloud was the most secure cloud.At the conference this week, Google unveiled tools that would let IT teams provide granular access to applications, better manage encryption keys, and enforce stronger authentication mechanisms for applications running on Google Cloud. While Google is just playing catch-up to Amazon with the Key Management System for GCP, it is stepping into uncharted territory with Data Leak Prevention API by giving administrators tools that go beyond the infrastructure to protect individual applications. Google is tackling the identity access management challenge differently from Amazon, and it will be up to enterprises to decide which approach they prefer.To read this article in full or to leave a comment, please click here
Google knows that if enterprises are going to move their critical services to its cloud, then it has to offer something that AWS doesn’t. At Google Cloud Next, the company’s leadership made the case that Google Cloud was the most secure cloud.At the conference this week, Google unveiled tools that would let IT teams provide granular access to applications, better manage encryption keys, and enforce stronger authentication mechanisms for applications running on Google Cloud. While Google is just playing catch-up to Amazon with the Key Management System for GCP, it is stepping into uncharted territory with Data Leak Prevention API by giving administrators tools that go beyond the infrastructure to protect individual applications. Google is tackling the identity access management challenge differently from Amazon, and it will be up to enterprises to decide which approach they prefer.To read this article in full or to leave a comment, please click here
It doesn’t matter what you do online: The internet knows a ton about you, and that information is a mouse click away.Search any people finder site—Spokeo, PeekYou, Whitepages, to name a few—and odds are you’ll find a page listing your full name, date of birth, names of family members, current address, and phone number. Depending on the site's aggressiveness, it may offer (for a low membership fee or the price of registering an account) additional details such as past addresses, social media profiles, marital status, employment history, education, court cases such as bankruptcies, hobbies, and even a photo of where you live.[ 18 surprising tips for security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ] Forget the National Security Agency. Aggregator sites such as Intelius, Radaris, and PeopleFinder have data warehouses full of information about you, accessible to people without your permission, and used for purposes you know nothing about. While these sites ostensibly provide background checks and other public services, they also simplify identity theft, stalking, and doxxing (exposing personal information online to encourage harassment), which is both creepy and downright dangerous.To read this article in full or to leave Continue reading
It doesn’t matter what you do online: The internet knows a ton about you, and that information is a mouse click away.Search any people finder site—Spokeo, PeekYou, Whitepages, to name a few—and odds are you’ll find a page listing your full name, date of birth, names of family members, current address, and phone number. Depending on the site's aggressiveness, it may offer (for a low membership fee or the price of registering an account) additional details such as past addresses, social media profiles, marital status, employment history, education, court cases such as bankruptcies, hobbies, and even a photo of where you live.[ 18 surprising tips for security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ] Forget the National Security Agency. Aggregator sites such as Intelius, Radaris, and PeopleFinder have data warehouses full of information about you, accessible to people without your permission, and used for purposes you know nothing about. While these sites ostensibly provide background checks and other public services, they also simplify identity theft, stalking, and doxxing (exposing personal information online to encourage harassment), which is both creepy and downright dangerous.To read this article in full or to leave Continue reading
Open source is a wonderful thing. A significant chunk of today’s enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked. Fortunately, that’s changing. If you haven’t been looking to open source to help address your security needs, it’s a shame—you’re missing out on a growing number of freely available tools for protecting your networks, hosts, and data. The best part is, many of these tools come from active projects backed by well-known sources you can trust, such as leading security companies and major cloud operators. And many have been tested in the biggest and most challenging environments you can imagine. To read this article in full or to leave a comment, please click here
Open source is a wonderful thing. A significant chunk of today’s enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked. Fortunately, that’s changing. If you haven’t been looking to open source to help address your security needs, it’s a shame—you’re missing out on a growing number of freely available tools for protecting your networks, hosts, and data. The best part is, many of these tools come from active projects backed by well-known sources you can trust, such as leading security companies and major cloud operators. And many have been tested in the biggest and most challenging environments you can imagine. To read this article in full or to leave a comment, please click here
Open source is a wonderful thing. A significant chunk of today’s enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked. Fortunately, that’s changing. If you haven’t been looking to open source to help address your security needs, it’s a shame—you’re missing out on a growing number of freely available tools for protecting your networks, hosts, and data. The best part is, many of these tools come from active projects backed by well-known sources you can trust, such as leading security companies and major cloud operators. And many have been tested in the biggest and most challenging environments you can imagine. To read this article in full or to leave a comment, please click here
Sony. Anthem. The Office of Personnel Management. Target. Yahoo. The past two years have seen one mega-breach after another—and 2017 promises to be the most catastrophic year yet.Security experts have long warned that most organizations don’t even know they’ve been breached. Attackers rely on stealth to learn about the network, find valuable information and systems, and steal what they want. Only recently have organizations improved their detection efforts and started investing the time, capital, and people needed to uncover vulnerabilities. When they do, the results are often alarming.[ 18 surprising tips for security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ] “I think we are going to find more, not less, breaches in 2017,” says Ray Rothrock, CEO of RedSeal, a security analytics firm.To read this article in full or to leave a comment, please click here
Sony. Anthem. The Office of Personnel Management. Target. Yahoo. The past two years have seen one mega-breach after another—and 2017 promises to be the most catastrophic year yet.Security experts have long warned that most organizations don’t even know they’ve been breached. Attackers rely on stealth to learn about the network, find valuable information and systems, and steal what they want. Only recently have organizations improved their detection efforts and started investing the time, capital, and people needed to uncover vulnerabilities. When they do, the results are often alarming.[ 18 surprising tips for security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ] “I think we are going to find more, not less, breaches in 2017,” says Ray Rothrock, CEO of RedSeal, a security analytics firm.To read this article in full or to leave a comment, please click here