Hackers are writing apps, setting up phony Wi-Fi networks and unleashing malware in attempts to turn legitimate Black Friday 2016 and Cyber Monday retailing into profits for themselves, according to security experts.Bad actors are stealing personal information like passwords and credit card numbers, compromising computers and phones, and blackmailing retailers with hopes of lining their pockets, researchers say.For example, researchers at RiskIQ found frequent cases of criminals linking the names of legitimate brands to sketchy applications and Web sites in order to lure unsuspecting shoppers.They looked at five popular e-commerce brands to see how often their names appeared along with the term Black Friday in the titles or descriptions of black-listed applications. The research didn’t reveal the names of the retailers, but found that they lined up with bogus apps from 8.4% to 16% of the time.To read this article in full or to leave a comment, please click here
Attackers who were trying to turn the Ask.com Toolbar into a malware dispensary got caught early on when their scheme was picked up by security services that were looking for anomalies.The malicious actors are unknown but they managed to get the legitimate Ask.com toolbar update feature to place a dropper/uploader into the browsers of several customers of security firm Red Canary.Once installed, the dropper would bring in secondary malware including banking Trojans and other online-fraud code, says Keith McCammon, CSO of Red Canary. The secondary payloads varied, and some of the dozen or so compromised machines his team found had downloaded more than one kind, he says.To read this article in full or to leave a comment, please click here
IBM Security has launched a network-emulation environment where corporate teams can play out attack scenarios so they are better prepared for incidents they might face in the real world.The facility, called a cyber range (as in shooting range), provides a place for enterprises to practice incident-response, not only for their IT and IS staffs but also for company directors, C-level executives, corporate counsel, human resources pros, public relations staff – anyone who might be drawn into an actual cyber emergency.+More on Network World: IBM: Many companies still ill-prepared for cyber attacks+To read this article in full or to leave a comment, please click here
IBM Security has launched a network-emulation environment where corporate teams can play out attack scenarios so they are better prepared for incidents they might face in the real world.The facility, called a cyber range (as in shooting range), provides a place for enterprises to practice incident-response, not only for their IT and IS staffs but also for company directors, C-level executives, corporate counsel, human resources pros, public relations staff – anyone who might be drawn into an actual cyber emergency.+More on Network World: IBM: Many companies still ill-prepared for cyber attacks+To read this article in full or to leave a comment, please click here
The annual holiday uptick in denial of service attacks will likely continue this year only this time with a new devastating weapon: Internet of Things (IoT) devices, according to Akamai.In its quarterly State of the Internet/Security Report, the company says certain types of DDoS attacks are on the rise compared to the third quarter last year, both in size and number. That doesn’t bode well for users of the internet starting next week.“Thanksgiving, Christmas, and the holiday season in general have long been characterized by a rise in the threat of DDoS attacks,” the report says. “Malicious actors have new tools — IoT botnets — that will almost certainly be used in the coming quarter.”To read this article in full or to leave a comment, please click here
The annual holiday uptick in denial of service attacks will likely continue this year only this time with a new devastating weapon: Internet of Things (IoT) devices, according to Akamai.In its quarterly State of the Internet/Security Report, the company says certain types of DDoS attacks are on the rise compared to the third quarter last year, both in size and number. That doesn’t bode well for users of the internet starting next week.“Thanksgiving, Christmas, and the holiday season in general have long been characterized by a rise in the threat of DDoS attacks,” the report says. “Malicious actors have new tools — IoT botnets — that will almost certainly be used in the coming quarter.”To read this article in full or to leave a comment, please click here
Filling cybersecurity jobs is getting so hard managers need to think outside the box if they hope to fill critical positions, experts say.That means redefining jobs, training human resources departments to screen resumes differently, seeking latent talent already inside the organization, and hiring bright, motivated people who can grow into critical roles, according to an expert panel speaking at the recent Advanced Cyber Security Center conference in Boston.+More on Network World: Phishing scheme crimps El Paso for $3.2 million+To read this article in full or to leave a comment, please click here
Filling cybersecurity jobs is getting so hard managers need to think outside the box if they hope to fill critical positions, experts say.That means redefining jobs, training human resources departments to screen resumes differently, seeking latent talent already inside the organization, and hiring bright, motivated people who can grow into critical roles, according to an expert panel speaking at the recent Advanced Cyber Security Center conference in Boston.+More on Network World: Phishing scheme crimps El Paso for $3.2 million+To read this article in full or to leave a comment, please click here
The Internet of things (IoT) has already been used to launch the biggest DDoS attacks ever, but now it represents a potential path for attackers to compromise cell phones.Flaws in Belkin WeMo devices - electrical switches, cameras, light bulbs, coffee makers, air purifiers, etc. – enabled Invincea Labs researchers to not only hack into the devices, but to use that access to attack an Android phone running the app that controls the WeMo devices.“This is the first instance we’ve seen of IoT hacking something else,” says researcher Scott Tenaglia, who pledges to look for other vulnerable devices that might be abused to carry out similar attacks.To read this article in full or to leave a comment, please click here
The Internet of things (IoT) has already been used to launch the biggest DDoS attacks ever, but now it represents a potential path for attackers to compromise cell phones.Flaws in Belkin WeMo devices - electrical switches, cameras, light bulbs, coffee makers, air purifiers, etc. – enabled Invincea Labs researchers to not only hack into the devices, but to use that access to attack an Android phone running the app that controls the WeMo devices.“This is the first instance we’ve seen of IoT hacking something else,” says researcher Scott Tenaglia, who pledges to look for other vulnerable devices that might be abused to carry out similar attacks.To read this article in full or to leave a comment, please click here
The best defense against ransomware has been comprehensive backup, but ExtraHop is introducing a way to capture files just before ransomware encrypts them, making it possible to restore them but without relying on the backups.+More on Network World: Cisco: Potent ransomware is targeting the enterprise at a scary rate+A software upgrade to ExtraHop’s Ransomware Detection bundle picks up on precursors to ransomware encrypting files and captures them before the malware has the chance to encrypt.To read this article in full or to leave a comment, please click here
The best defense against ransomware has been comprehensive backup, but ExtraHop is introducing a way to capture files just before ransomware encrypts them, making it possible to restore them but without relying on the backups.+More on Network World: Cisco: Potent ransomware is targeting the enterprise at a scary rate+A software upgrade to ExtraHop’s Ransomware Detection bundle picks up on precursors to ransomware encrypting files and captures them before the malware has the chance to encrypt.To read this article in full or to leave a comment, please click here
Cisco has announced security upgrades to cut the time compromises go unnoticed on endpoints, giving attackers less time to do damage if they get past preventive security measures.Unveiled at the Cisco Partner Summit this week, the new AMP for Endpoints comes with a lightweight agent to gather data that is analyzed in the Cisco AMP cloud. This lifts the processing burden from customers’ infrastructure.And the platform now includes an agentless feature for devices that can’t take an agent, such as visitors’ laptops.In addition to the cloud version, the analytics part of the platform can also be purchased for deployment on customer premises in their own private clouds. Detection, analysis and recommended response are handled in the cloud and pushed to the endpoints.To read this article in full or to leave a comment, please click here
Cisco has announced security upgrades to cut the time compromises go unnoticed on endpoints, giving attackers less time to do damage if they get past preventive security measures.Unveiled at the Cisco Partner Summit this week, the new AMP for Endpoints comes with a lightweight agent to gather data that is analyzed in the Cisco AMP cloud. This lifts the processing burden from customers’ infrastructure.And the platform now includes an agentless feature for devices that can’t take an agent, such as visitors’ laptops.In addition to the cloud version, the analytics part of the platform can also be purchased for deployment on customer premises in their own private clouds. Detection, analysis and recommended response are handled in the cloud and pushed to the endpoints.To read this article in full or to leave a comment, please click here
The DDoS attacks that flooded Dyn last month and knocked some high-profile Web sites offline don’t mean businesses should abandon it or other DNS service providers, Gartner says.In fact, the best way to go is to make sure critical Web sites are backed by more than one DNS provider, says Gartner analyst Bob Gill.+More on Network World: Gartner Top 10 technology trends you should know for 2017+To read this article in full or to leave a comment, please click here
The DDoS attacks that flooded Dyn last month and knocked some high-profile Web sites offline don’t mean businesses should abandon it or other DNS service providers, Gartner says.In fact, the best way to go is to make sure critical Web sites are backed by more than one DNS provider, says Gartner analyst Bob Gill.+More on Network World: Gartner Top 10 technology trends you should know for 2017+To read this article in full or to leave a comment, please click here
Behavioral biometrics that uses machine learning is behind new features being added to IBM’s Trusteer Pinpoint Detect platform, which financial institutions use to head off crooks who may have stolen the username and password of legitimate account holders.The new feature looks for anomalies between legitimate users’ normal mouse gestures and those of the current user, and over time refines the accuracy of its analysis, says Brooke Satti Charles, Financial Crime Prevention Strategist for IBM Security.That analysis creates a risk score that banks can use to decide whether an ongoing transaction is fraudulent and trigger an alert. The institutions have to decide what to do about the alerts, but they could cut off the transaction or require further ID before the customer is allowed to continue, she says.To read this article in full or to leave a comment, please click here
Behavioral biometrics that uses machine learning is behind new features being added to IBM’s Trusteer Pinpoint Detect platform, which financial institutions use to head off crooks who may have stolen the username and password of legitimate account holders.The new feature looks for anomalies between legitimate users’ normal mouse gestures and those of the current user, and over time refines the accuracy of its analysis, says Brooke Satti Charles, Financial Crime Prevention Strategist for IBM Security.That analysis creates a risk score that banks can use to decide whether an ongoing transaction is fraudulent and trigger an alert. The institutions have to decide what to do about the alerts, but they could cut off the transaction or require further ID before the customer is allowed to continue, she says.To read this article in full or to leave a comment, please click here
There’s no magic behind the success of Mirai DDoS botnets that are made up of IoT devices: the software enabling them is publicly available, which makes it easy for relatively inexperienced actors to create them and turn them loose on anyone.Flashpoint speculates that the attacker in the case of the Dyn DDoS, which had an enormous impact on major Web sites, was the work of low-skilled script kiddies – a frightening prospect that contributes to Trend Micro’s assessment that “the Internet of Things ecosystem is completely, and utterly, broken.”+More on Network World: US Senator wants to know why IoT security is so anemic+To read this article in full or to leave a comment, please click here
There’s no magic behind the success of Mirai DDoS botnets that are made up of IoT devices: the software enabling them is publicly available, which makes it easy for relatively inexperienced actors to create them and turn them loose on anyone.Flashpoint speculates that the attacker in the case of the Dyn DDoS, which had an enormous impact on major Web sites, was the work of low-skilled script kiddies – a frightening prospect that contributes to Trend Micro’s assessment that “the Internet of Things ecosystem is completely, and utterly, broken.”+More on Network World: US Senator wants to know why IoT security is so anemic+To read this article in full or to leave a comment, please click here
Tim Greene