With so many elements in information security -- application, network infrastructure, the endpoint, perimeter defenses, and data-centric approaches -- it's easy to fall in the trap of touting one as more important than the other. But it's a mistake to consider information security as a series of silos when it's actually an intersection of different areas. That overlap is most evident with application and endpoint security.For Jeremiah Grossman, the new chief security strategist at security vendor Sentinel One, application security and endpoint security are just different steps in the kill chain. As the founder and former CTO of the consultancy WhiteHat Security, Grossman has been the go-to-expert for web application security for years, and his new focus on endpoint security at Sentinel One does not mean that he has given up on securing web applications.To read this article in full or to leave a comment, please click here
In a sea of vulnerabilities clamoring for attention, it’s almost impossible to know which IT security issues to address first. Vendor advisories provide a tried-and-true means for keeping on top of known attack vectors. But there’s a more expedient option: Eavesdrop on attackers themselves.To read this article in full or to leave a comment, please click here(Insider Story)
In a sea of vulnerabilities clamoring for attention, it’s almost impossible to know which IT security issues to address first. Vendor advisories provide a tried-and-true means for keeping on top of known attack vectors. But there’s a more expedient option: Eavesdrop on attackers themselves.
Given their increasingly large attack surfaces, most organizations tie their vulnerability management cycle to vendor announcements. But initial disclosure of security vulnerabilities doesn’t always come from vendors, and waiting for official announcements can put you days, or even weeks, behind attackers, who discuss and share tutorials within hours of a vulnerability becoming known.To read this article in full or to leave a comment, please click here(Insider Story)
In a sea of vulnerabilities clamoring for attention, it’s almost impossible to know which IT security issues to address first. Vendor advisories provide a tried-and-true means for keeping on top of known attack vectors. But there’s a more expedient option: Eavesdrop on attackers themselves.To read this article in full or to leave a comment, please click here(Insider Story)
As deadlines go, Jan. 1, 2017, isn’t far away, yet many organizations still haven’t switched their digital certificates and signing infrastructure to use SHA-2, the set of cryptographic hash functions succeeding the weaker SHA-1 algorithm. SHA-1 deprecation must happen; otherwise, organizations will find their sites blocked by browsers and their devices unable to access HTTPS sites or run applications.All digital certificates -- to guarantee the website accepting payment card information is secure, software is authentic, and the message was sent by a person and not an impersonator -- are signed by a hashing algorithm. The most common is currently SHA-1, despite significant cryptographic weaknesses that render the certificates vulnerable to collision attacks.To read this article in full or to leave a comment, please click here(Insider Story)
As deadlines go, Jan. 1, 2017, isn’t far away, yet many organizations still haven’t switched their digital certificates and signing infrastructure to use SHA-2, the set of cryptographic hash functions succeeding the weaker SHA-1 algorithm. SHA-1 deprecation must happen; otherwise, organizations will find their sites blocked by browsers and their devices unable to access HTTPS sites or run applications.7. Get the new certificateTo read this article in full or to leave a comment, please click here(Insider Story)
As deadlines go, Jan. 1, 2017, isn’t far away, yet many organizations still haven’t switched their digital certificates and signing infrastructure to use SHA-2, the set of cryptographic hash functions succeeding the weaker SHA-1 algorithm. SHA-1 deprecation must happen; otherwise, organizations will find their sites blocked by browsers and their devices unable to access HTTPS sites or run applications.7. Get the new certificateTo read this article in full or to leave a comment, please click here(Insider Story)
The health care industry provides an alluring target for malicious hackers. Personal health information has a much longer shelf life than financial information, making it a major draw for identity thieves. But a new and more troubling threat has arisen: the potential disruption of critical hospital systems by cybercriminals.With a diverse array of digital systems, hospitals have evolved into complex technology operations. Yet they remain singularly ill-prepared to defend against attacks, in part because the multiplicity of systems forms a wider surface area to attack.To read this article in full or to leave a comment, please click here
The health care industry provides an alluring target for malicious hackers. Personal health information has a much longer shelf life than financial information, making it a major draw for identity thieves. But a new and more troubling threat has arisen: the potential disruption of critical hospital systems by cybercriminals.With a diverse array of digital systems, hospitals have evolved into complex technology operations. Yet they remain singularly ill-prepared to defend against attacks, in part because the multiplicity of systems forms a wider surface area to attack.To read this article in full or to leave a comment, please click here
The health care industry provides an alluring target for malicious hackers. Personal health information has a much longer shelf life than financial information, making it a major draw for identity thieves. But a new and more troubling threat has arisen: the potential disruption of critical hospital systems by cybercriminals.With a diverse array of digital systems, hospitals have evolved into complex technology operations. Yet they remain singularly ill-prepared to defend against attacks, in part because the multiplicity of systems forms a wider surface area to attack.To read this article in full or to leave a comment, please click here
Mark your calendars: Google will disable support for the RC4 stream cipher and the SSLv3 protocol on its SMTP servers and Gmail servers on June 16.After the deadline, Google's SMTP servers will no longer exchange mail with servers sending messages via SSLv3 and RC4. Users still using older and insecure mail clients won't be able to send mail using Google's SMTP servers after that date.[ Safeguard your data! The tools you need to encrypt your communications and Web data. • The tools you need to encrypt your communications and Web data. • InfoWorld's encryption Deep Dive how-to report. | Discover how to secure your systems with InfoWorld's Security newsletter. ]
Most Google Apps organizations have already stopped using RC4 or SSLv3, but those on older systems have a month to update to modern Transport Layer Security configurations. However, there are plenty of systems still using SSLv3, including inbound/outbound gateways, third-party emailers, and systems using SMTP relay. Administrators should consider fully transitioning to newer standards as soon as possible.To read this article in full or to leave a comment, please click here
The Internet is all-encompassing. Between mobile devices and work computers, we live our lives on it -- but our online existence has been tragically compromised by inadequate security. Any determined hacker can eavesdrop on what we say, impersonate us, and perform all manner of malicious activities.Clearly, Internet security needs to be rethought. Retrofitting security and privacy controls onto a global communications platform is not easy, but few would argue that it's less than absolutely necessary.[ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld's Security newsletter. ]
Why should that be? Was the Internet built badly? No, but it was designed for a utopian world where you can trust people. When the fledgling Internet was populated by academics and researchers communicating with trusted parties, it didn’t matter that trust relationships weren’t well-implemented or communications weren’t secure by default. Today it matters very much, to the point where data breaches, identity theft, and other compromises have reached crisis levels.To read this article in full or to leave a comment, please click here
The Internet is all-encompassing. Between mobile devices and work computers, we live our lives on it -- but our online existence has been tragically compromised by inadequate security. Any determined hacker can eavesdrop on what we say, impersonate us, and perform all manner of malicious activities.Clearly, Internet security needs to be rethought. Retrofitting security and privacy controls onto a global communications platform is not easy, but few would argue that it's less than absolutely necessary.[ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld's Security newsletter. ]
Why should that be? Was the Internet built badly? No, but it was designed for a utopian world where you can trust people. When the fledgling Internet was populated by academics and researchers communicating with trusted parties, it didn’t matter that trust relationships weren’t well-implemented or communications weren’t secure by default. Today it matters very much, to the point where data breaches, identity theft, and other compromises have reached crisis levels.To read this article in full or to leave a comment, please click here
The Internet is all-encompassing. Between mobile devices and work computers, we live our lives on it -- but our online existence has been tragically compromised by inadequate security. Any determined hacker can eavesdrop on what we say, impersonate us, and perform all manner of malicious activities.Clearly, Internet security needs to be rethought. Retrofitting security and privacy controls onto a global communications platform is not easy, but few would argue that it's less than absolutely necessary.[ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld's Security newsletter. ]
Why should that be? Was the Internet built badly? No, but it was designed for a utopian world where you can trust people. When the fledgling Internet was populated by academics and researchers communicating with trusted parties, it didn’t matter that trust relationships weren’t well-implemented or communications weren’t secure by default. Today it matters very much, to the point where data breaches, identity theft, and other compromises have reached crisis levels.To read this article in full or to leave a comment, please click here
Your computer has been infected by ransomware. All those files -- personal documents, images, videos, and audio files -- are locked up and out of your reach.To read this article in full or to leave a comment, please click here(Insider Story)
Your computer has been infected by ransomware. All those files -- personal documents, images, videos, and audio files -- are locked up and out of your reach.
There may be a way to get those files back without paying a ransom. But first a couple of basic questions:
Do you you have complete backups? If so, recovery is simply a matter of wiping the machine -- bye bye, ransomware! -- reinstalling your applications, and restoring the data files. It's a little stressful, but doable.
Are they good backups? Even if you did the right thing, backups aren’t foolproof, as legions of traumatized users have discovered. Unfortunately, this may be hard to determine without a full restore, so be aware that the wipe-and-restore method carries some risk.
[ Wait, is that fake ransomware or the real thing? Here's how to tell and what to do about it. | Make threat intelligence meaningful: A 4-point plan. | Discover how to secure your systems with InfoWorld's Security newsletter. ]
If you answered no to either question, don’t throw in the towel and pay the ransom yet. Maybe -- maybe -- there's a decryption tool that can get you out of this Continue reading
Unlike most malware, ransomware is not stealthy. It's loud and obnoxious, and if you've been infected, the attackers will tell you so in no uncertain terms. After all, they want to be paid.“Your personal files are encrypted,” the message on the computer blares. “Your documents photos, databases, and other important files have been encrypted with strongest encryption and unique key, generated for this computer.” While the language may vary, the gist is the same: If you don’t pay the ransom -- typically within 48 to 72 hours -- your files are hosed.[ Oh no! Got real ransomware? Then one of these tools might help. | 4 reasons not to pay up in a ransomware attack. | Safeguard your data! The tools you need to encrypt your communications and Web data. ]
Or are they? There is a slim possibility the perpetrators may be trying to fake you out and the files haven’t been encrypted. While not a common scenario, it does happen, according to industry experts. Rather than paying up, you can bypass the scary fake message and move on with your day.To read this article in full or to leave a comment, please click here
Unlike most malware, ransomware is not stealthy. It's loud and obnoxious, and if you've been infected, the attackers will tell you so in no uncertain terms. After all, they want to be paid.“Your personal files are encrypted,” the message on the computer blares. “Your documents photos, databases, and other important files have been encrypted with strongest encryption and unique key, generated for this computer.” While the language may vary, the gist is the same: If you don’t pay the ransom -- typically within 48 to 72 hours -- your files are hosed.[ Oh no! Got real ransomware? Then one of these tools might help. | 4 reasons not to pay up in a ransomware attack. | Safeguard your data! The tools you need to encrypt your communications and Web data. ]
Or are they? There is a slim possibility the perpetrators may be trying to fake you out and the files haven’t been encrypted. While not a common scenario, it does happen, according to industry experts. Rather than paying up, you can bypass the scary fake message and move on with your day.To read this article in full or to leave a comment, please click here
When it comes to performing ongoing maintenance, stomping out crises, or scoping new projects, most administrators either execute tasks manually or write a script to automate the process. But the really smart ones look for a capable tool to do the job.To read this article in full or to leave a comment, please click here(Insider Story)
When it comes to performing ongoing maintenance, stomping out crises, or scoping new projects, most administrators either execute tasks manually or write a script to automate the process. But the really smart ones look for a capable tool to do the job.To read this article in full or to leave a comment, please click here(Insider Story)