More organizations are moving their data out of their data centers and into the cloud, which complicates IT’s efforts to keep track of applications in use. With the new Microsoft Cloud App Security within Microsoft Azure, IT and security teams can step up application discovery and apply controls in line with existing security, privacy, and compliance policies.Most enterprises rely on cloud applications, whether or not they are officially sanctioned. Shadow IT is pervasive, with employees signing up for SaaS applications on their own without first going through IT. According to Microsoft’s statistics, an employee uses 17 cloud applications on average, and an organization shares 13 percent of its files externally, of which a quarter are shared publicly. Business units do what they must to get the job done, but IT is left in the dark about what applications employees use and where corporate data is stored.To read this article in full or to leave a comment, please click here
More organizations are moving their data out of their data centers and into the cloud, which complicates IT’s efforts to keep track of applications in use. With the new Microsoft Cloud App Security within Microsoft Azure, IT and security teams can step up application discovery and apply controls in line with existing security, privacy, and compliance policies.Most enterprises rely on cloud applications, whether or not they are officially sanctioned. Shadow IT is pervasive, with employees signing up for SaaS applications on their own without first going through IT. According to Microsoft’s statistics, an employee uses 17 cloud applications on average, and an organization shares 13 percent of its files externally, of which a quarter are shared publicly. Business units do what they must to get the job done, but IT is left in the dark about what applications employees use and where corporate data is stored.To read this article in full or to leave a comment, please click here
VMware patched two cross-site scripting issues in several editions of its vRealize cloud software. These flaws could be exploited in stored XSS attacks and could result in the user's workstation being compromised.The input validation error exists in Linux versions of VMware vRealize Automation 6.x prior to 6.2.4 and vRealize Business Advanced and Enterprise 8.x prior to 8.2.5, VMware said in the advisory (VMSA-2016-0003). Linux users running affected versions should update to vRealize Automation 6.2.4 and vRealize Business Advanced and Enterprise 8.2.5 to address the problems. The issues do not affect vRealize Automation 7.x on Linux and 5.x on Windows, and vRealize Business 7.x and 6.x on Linux (vRealize Business Standard).To read this article in full or to leave a comment, please click here
When a demand for your money or your data pops up on a critical system, you have only a short period of time to decide whether to respond to a ransomware attack.Online extortion is on the increase, as criminals use a variety of attack vectors, including exploit kits, malicious files, and links in spam messages, to infect systems with ransomware. Once all the files have been encrypted, victims can either try to recover the files on their own or pay the ransom. While there have been some exceptions, victims are seldom able to break the encryption and restore access. More often, successful circumvention of a ransomware attack involves wiping the affected systems and promptly restoring everything from clean backups.To read this article in full or to leave a comment, please click here
Enterprises are no longer sitting on their hands, wondering if they should risk migrating applications and data to the cloud. They're doing it -- but security remains a serious concern.The first step in minimizing risk in the cloud is to identify the top security threats.[ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld's Security newsletter. ]
As the RSA Conference last week, the CSA (Cloud Security Alliance) listed the “Treacherous 12,” the top 12 cloud computing threats organizations face in 2016. The CSA released the report to help both cloud customers and providers focus their defensive efforts.To read this article in full or to leave a comment, please click here
With data breaches grabbing headlines nearly every week, threat intelligence is shaping up as the next big thing in information security. That, of course, means there’s more hype and confusion to sift through.To read this article in full or to leave a comment, please click here(Insider Story)
Walk into a security operations center (SOC) and the first impression you get is of an immense war room, with large screens across the entire front wall displaying a world map and endless rows of tabular data.Analysts sit in rows facing the screens as they scrutinize streams of data on their own monitors. Most of the light comes from the wall screens, creating a cavelike atmosphere. The overall feel is one of quiet efficiency.[ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld's Security newsletter. ]
Welcome to Alert Logic’s 24/7 security operations center in Houston, Texas. This is where Alert Logic’s analysts monitor customer applications and networks, hunting for signs of an attack or a breach. For organizations with limited budgets and a small (or not) dedicated security team, working with a managed security services provider like Alert Logic helps close the security gap.To read this article in full or to leave a comment, please click here(Insider Story)
Walk into a security operations center (SOC) and the first impression you get is of an immense war room, with large screens across the entire front wall displaying a world map and endless rows of tabular data.To read this article in full or to leave a comment, please click here(Insider Story)
As cloud IT has proliferated, security concerns have diminished as a barrier to adoption. But that doesn't mean you can ignore security in the cloud, since a major attack can have expensive -- and potentially business-ending -- consequences.More and more sensitive data is heading to the cloud. Genomic informatics company GenomeNext, for example, feeds raw genome sequencing data into high-speed computational algorithms running entirely on AWS. Pharmaceutical giant Bristol-Myers Squibb reduced the duration of its clinical trials by using AWS. Electronic exchange Nasdaq OMX developed FinQloud on AWS to provide clients with tools for storing and managing financial data.To read this article in full or to leave a comment, please click here
Not a week went by in 2015 without a major data breach, significant attack campaign, or serious vulnerability report. Many of the incidents were the result of disabled security controls, implementation errors, or other basic security mistakes, highlighting how far organizations have to go in nailing down IT security basics.But looking beyond the garden-variety attacks and vulnerabilities lends great insight into the future of malicious activity and how to defend against it. And 2015 had its share of intriguing invasions, each of which highlighted the modified techniques that lead to new forms of breaches or pinpoint areas in need of new defenses. The past year saw cyber criminals adopting innovative approaches and state-sponsored actors becoming bolder. Motivations shifted, with financial gain no longer the sole reason for launching an attack. Inflicting physical damage, stealing trade secrets, hacking as a form of protest -- 2015 was a year in which malicious activity served many ends.To read this article in full or to leave a comment, please click here
Blockchain technology makes cryptocurrency like bitcoin possible, but it has a lot of potential beyond tracking currency transactions. The Linux Foundation wants to tap into that potential and is spearheading a collaborative effort to develop an enterprise-grade open source distributed ledger called Hyperledger.At its core, blockchain is a record-keeping system running across a global network of independent computers. The distributed ledger, which records and verifies transactions, is write-only -- that is, transactions cannot be tampered with or modified after the fact, so virtually anything of value can be tracked and traded using this system.To read this article in full or to leave a comment, please click here
In light of Android's mediaserver issues, Google’s latest Android security update focused on flaws related to the operating system's treatment of media files. Android’s current flaws are similar to problems that cropped up with Windows more than a decade ago.Google addressed seven vulnerabilities as part of this month’s Android security update, released this week. Of the critical vulnerabilities, one was in the libutils component (CVE-2015-6609) near where Stagefright flaws were found over the summer, and the other was in the Android mediaserver component (CVE-2015-6609). They were rated as critical, as they could allow remote code execution when handling malformed media files.To read this article in full or to leave a comment, please click here
Google is expanding its identity service to provide single sign-on for more desktop and mobile applications.With enhanced OpenID Connect Identity Provider support, Google Apps administrators will be able to add single sign-on capabilities to mobile apps and to SaaS (software-as-a-service) apps available through the Google Apps Marketplace, said Shashank Gupta, product manager for Google Apps for Work. Google also added support for SAML (Security Assertion Markup Language) 2.0 for popular SaaS providers and made it easier for administrators to add custom SAML app integrations.[ Simplify your security with six password managers for PCs, Macs, and mobile devices. Find out which one prevails in InfoWorld's review. | Discover how to secure your systems with InfoWorld's Security newsletter. ]
Organizations are increasingly adopting single sign-on because it improves corporate application security. Employees don't have to remember complex passwords for each application as they just use their Google Apps credentials to sign in.To read this article in full or to leave a comment, please click here
No doubt you've received a LinkedIn invition from someone you don't know -- or you're not sure you know. Next time, you might want to think a little harder before accepting.
Researchers from Dell SecureWorks Counter Threat Unit have identified a network of at least 25 well-developed LinkedIn profiles as part of a targeted social engineering campaign against individuals in the Middle East, North Africa, and South Asia. The fake profiles were linked to 204 legitimate profiles belonging to individuals working in defense, telecommunications, government, and utility sectors. A quarter of the victims worked in the telecommunications sector in the Middle East and North Africa. Fortunately, the fake profiles have already been removed from LinkedIn.To read this article in full or to leave a comment, please click here
A targeted attack against Outlook Web Application (OWA) illustrates how far adversaries will go to establish persistent control over the organization's entire network.As seen in recent breaches, attackers typically use stolen credentials or malware to get a foothold on the network, and then target the domain controller. Once attackers successfully compromise the domain controller, they can impersonate any user and move freely throughout the enterprise network. Since the OWA server, which provides companies with a Web interface for accessing Outlook and Microsoft Exchange, depends on the domain controller for authentication, whoever gains access to the OWA server automatically wins the domain credentials prize.To read this article in full or to leave a comment, please click here
Yesterday was the deadline. Finally, the United States is switching from the old-fashioned swiping method for credit card transactions to the more secure chip-based system scheme dubbed EMV (for Europay, MasterCard, and Visa, which together originated the technology).The chip is harder to counterfeit, and unlike magnetic stripes, it can't be easily read and duplicated, which is what credit-card counterfeiters have long done. In other countries, the chip is coupled with a PIN, so if someone steals the card, they can't use it unless they also know your PIN -- a form of second-factor authentication U.S. debit cards have long used, but not U.S. credit cards. However, U.S. banks are not requiring the use of PINs with chip cards; the old-fashioned, security-irrelevant signature will still be used here.To read this article in full or to leave a comment, please click here
Privacy advocates are stepping up their lobbying efforts against the controversial cyber threat information sharing bill currently in Congress after several tech giants indicated their support.Activist group Fight for the Future criticized Salesforce for supporting legislation which would "grant blanket immunity for American companies to participate in government mass surveillance programs like PRISM, without meaningfully addressing any of the fundamental cyber security problems we face in the U.S." Accordingly, Fight for the Future said it will abandon the Heroku cloud application platform within the next 90 days and encourages others to follow suit. The letter to Salesforce CEO Marc Benioff was posted on the site YouBetrayedUs.org.To read this article in full or to leave a comment, please click here
Microsoft added two game-changing security features for enterprise users in Windows 10, but until recently, the company has been relatively quiet about them.So far the buzz has mainly been about Windows Hello, which supports face and fingerprint recognition. But Device Guard and Credential Guard are the two standout security features of Windows 10 -- they protect the core kernel from malware and prevent attackers from remotely taking control of the machine. Device Guard and Credential Guard are intended for business systems and are available only in Windows 10 Enterprise and Windows 10 Education.To read this article in full or to leave a comment, please click here
Secunia, the company specializing in software vulnerability management, has been acquired by software asset management company Flexera Software.The pairing of Flexera's asset discovery and management tools with Secunia's software vulnerability platform will give organizations the ability to thoroughly assess the security of applications discovered on the network, said Mark Bishof, Flexera Software's CEO.[ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld's Security newsletter. ]
Flexera's tools, which includes FlexNet Manager Suite and AdminStudio Suite, currently help discover all the hardware and software assets within the organization, how the licenses are used, and how to optimize software use. With the Secunia addition, organizations will be able to scrutinize the discovered applications to uncover unpatched vulnerabilities. This will give IT teams the information they need to update to the latest patch or to create a workaround to temporarily mitigate the issue until a patch is available.To read this article in full or to leave a comment, please click here
Attackers successfully infiltrated computer systems at the Department of Energy more than 150 times between 2010 and 2014, according to a review of federal documents by USA Today that were obtained as a result of a Freedom of Information Act request. In all, DoE networks were targeted 1,131 times over the four-year span.While this sounds worrying -- the DoE oversees the country's power grid and nuclear weapons stockpile, after all -- there are a few things missing from the report. The attacks appear to be against the DoE's office systems and not the real-time systems that control the power grid. Those systems are typically operated by utilities and aren't directly connected to DoE's networks. The attacks in the USA Today report are equivalent to the kind universities, corporations, and other organizations regularly face.To read this article in full or to leave a comment, please click here