Tim Greene

Author Archives: Tim Greene

Waratek upgrades Java protection

Waratek is introducing a feature to its Java-protection platform that enables upgrading to the current version of Java without having to install Java updates or touch the apps running within the Java virtual machine.The latest version of its AppSecurity for Java uses secure virtual containers around the entire Java application stack to apply the security and performance features of the current Java 8 platform’s security and performance levels without having to install Java 8, the company says.The alternative would be to replace the Java Runtime Environment (JRE) and upgrade the application code directly. That would involve taking the application offline while the upgrades are performed.To read this article in full or to leave a comment, please click here

Can you hack the vote? Yes, but not how you might think

With Donald Trump already talking about the presidential election being rigged, Symantec has set up a simulated voting station that shows how electronic systems might be hacked to alter actual vote tallies for just a few hundred dollars.+More on Network World: Was Trump bitten by Twitter time-stamp bug that stung Alec Baldwin’s wife?+They found that while it’s possible to change the number of votes cast for each candidate, it would be very difficult to do so on a large enough scale to swing the election one way or the other.To read this article in full or to leave a comment, please click here

Security blogger Krebs says IoT DDoS attack was payback for a blog

Security blogger Brian Krebs says a massive distributed denial-of-service attack that took down his Web site last week was likely the consequences for his outing of two Israelis who ran a DDoS-for-hire business.+More on Network World: The IoT is uranium+The pair, whom he identifies as Itay Huri and Yarden Bidani, both 18, were arrested in Israel at the request of the FBI six days after Krebs posted his blog and are now under house arrest.To read this article in full or to leave a comment, please click here

Security blogger Krebs says IoT DDoS attack was payback for a blog

Security blogger Brian Krebs says a massive distributed denial-of-service attack that took down his Web site last week was likely the consequences for his outing of two Israelis who ran a DDoS-for-hire business.+More on Network World: The IoT is uranium+The pair, whom he identifies as Itay Huri and Yarden Bidani, both 18, were arrested in Israel at the request of the FBI six days after Krebs posted his blog and are now under house arrest.To read this article in full or to leave a comment, please click here

A shout out to Akamai for candor in IoT botnet attack

Akamai deserves credit for the way it disclosed why it stopped protecting the Krebs on Security Web site last week after defending it for three days from the largest botnet it had ever encountered.It must have been embarrassing for the company to acknowledge that it was a business decision it was forced to make because of the expense and consumption of resources to keep the site up was too great.But the company did so and addressed a more important issue, namely that the attack was generated by a botnet of Internet of Things devices, mainly cameras, routers and DVRs, according to Krebs.To read this article in full or to leave a comment, please click here

A shout out to Akamai for candor in IoT botnet attack

Akamai deserves credit for the way it disclosed why it stopped protecting the Krebs on Security Web site last week after defending it for three days from the largest botnet it had ever encountered.It must have been embarrassing for the company to acknowledge that it was a business decision it was forced to make because of the expense and consumption of resources to keep the site up was too great.But the company did so and addressed a more important issue, namely that the attack was generated by a botnet of Internet of Things devices, mainly cameras, routers and DVRs, according to Krebs.To read this article in full or to leave a comment, please click here

Cisco, IBM may be interested in buying Imperva

Security vendor Imperva is shopping itself around and may be attractive to the likes of Cisco and IBM, according to Bloomberg.The Motley Fool reports that Imperva’s stock rose 20% today after Bloomberg’s report, which the Fool notes could actually drive buyers away because it would mean a more costly deal.Bloomberg named a number of other possible buyers including Forecpoint (owned by Raytheon and Vista Equity Partners), Akamai and Fortinet.To read this article in full or to leave a comment, please click here

Cisco, IBM may be interested in buying Imperva

Security vendor Imperva is shopping itself around and may be attractive to the likes of Cisco and IBM, according to Bloomberg.The Motley Fool reports that Imperva’s stock rose 20% today after Bloomberg’s report, which the Fool notes could actually drive buyers away because it would mean a more costly deal.Bloomberg named a number of other possible buyers including Forecpoint (owned by Raytheon and Vista Equity Partners), Akamai and Fortinet.To read this article in full or to leave a comment, please click here

Largest DDoS attack ever delivered by botnet of hijacked IoT devices

Securing the internet of things should become a major priority now that an army of compromised devices – perhaps 1 million strong - has swamped one of the industry’s top distributed denial-of-service protection services.A giant botnet made up of hijacked internet-connected things like cameras, lightbulbs, and thermostats has launched the largest DDoS attack ever against a top security blogger, an attack so big Akamai had to cancel his account because defending it ate up too many resources.It wasn’t that Akamai couldn’t mitigate the attack – it did so for three days – but doing so became too costly, so the company made a business decision to cut the affected customer loose, says Andy Ellis the company’s chief security officer.To read this article in full or to leave a comment, please click here

Largest DDoS attack ever delivered by botnet of hijacked IoT devices

Securing the internet of things should become a major priority now that an army of compromised devices – perhaps 1 million strong - has swamped one of the industry’s top distributed denial-of-service protection services.A giant botnet made up of hijacked internet-connected things like cameras, lightbulbs, and thermostats has launched the largest DDoS attack ever against a top security blogger, an attack so big Akamai had to cancel his account because defending it ate up too many resources.It wasn’t that Akamai couldn’t mitigate the attack – it did so for three days – but doing so became too costly, so the company made a business decision to cut the affected customer loose, says Andy Ellis the company’s chief security officer.To read this article in full or to leave a comment, please click here

Education needs to study up on fighting ransomware

It should surprise no one that ransomware is on the rise, but it may be news that education -- not healthcare -- is outstripping other industries for rate of infection, according to a study by security ratings firm BitSight.Organizations in education had the highest rate of infection, with at least one in 10 experiencing ransomware on their networks, according to “The Rising Face of Cyber Crime: Ransomware” report.The study looks at businesses in finance, retail, healthcare, energy/utilities, government and education, which are listed in order from best to worst for ransomware infection rate. Education’s score is far behind that of the others, more than double that for government. The rate ranges from 13% of those in education down to 1.5% for those in finance.To read this article in full or to leave a comment, please click here

Education needs to study up on fighting ransomware

It should surprise no one that ransomware is on the rise, but it may be news that education -- not healthcare -- is outstripping other industries for rate of infection, according to a study by security ratings firm BitSight.Organizations in education had the highest rate of infection, with at least one in 10 experiencing ransomware on their networks, according to “The Rising Face of Cyber Crime: Ransomware” report.The study looks at businesses in finance, retail, healthcare, energy/utilities, government and education, which are listed in order from best to worst for ransomware infection rate. Education’s score is far behind that of the others, more than double that for government. The rate ranges from 13% of those in education down to 1.5% for those in finance.To read this article in full or to leave a comment, please click here

Sophos rolls out Intercept X for endpoint protection

Sophos is coming out with Intercept X, its new name for endpoint protection that’s based on technology acquired when it bought SurfRight last year to broaden its endpoint strategy.The product uses behavior-based screening to detect malicious behavior on endpoints rather than signature-based protection that requires constant updating and can lag behind attackers’ efforts to create new versions.The software looks at the behavior of processes, specifically watching for 24 techniques that malware uses as part of attacks, says Dan Schiappa, senior vice president of the Enduser Security Group at Sophos. That boosts the chances of finding zero-day attacks that use a common set of techniques.To read this article in full or to leave a comment, please click here

Sophos rolls out Intercept X for endpoint protection

Sophos is coming out with Intercept X, its new name for endpoint protection that’s based on technology acquired when it bought SurfRight last year to broaden its endpoint strategy.The product uses behavior-based screening to detect malicious behavior on endpoints rather than signature-based protection that requires constant updating and can lag behind attackers’ efforts to create new versions.The software looks at the behavior of processes, specifically watching for 24 techniques that malware uses as part of attacks, says Dan Schiappa, senior vice president of the Enduser Security Group at Sophos. That boosts the chances of finding zero-day attacks that use a common set of techniques.To read this article in full or to leave a comment, please click here

RSA: Expect business as usual now that Dell owns it

RSA Amit Yoran Enterprises should expect business as usual from RSA in the wake of its being swept up by Dell this week in the largest tech deal ever, with company executives saying it will retain a good deal of autonomy to carry out its strategic plans.To read this article in full or to leave a comment, please click here

RSA: Expect business as usual now that Dell owns it

RSA Amit Yoran Enterprises should expect business as usual from RSA in the wake of its being swept up by Dell this week in the largest tech deal ever, with company executives saying it will retain a good deal of autonomy to carry out its strategic plans.To read this article in full or to leave a comment, please click here

Intel spinout: McAfee is back

Intel is going to spin out its subsidiary Intel Security as a joint venture with investment firm TPG, redubbing the new entity with its old name – McAfee.The deal calls for TPG to make a $1.1 billion equity investment and own 51 percent of the company, with Intel retaining 49%.In a joint statement the companies say the investment will be used to help the spinout gain its feet as a stand-alone business and to drive growth.Intel bought McAfee in 2010 for $7.68 billion with the intent of tying McAfee’s security technology with Intel’s chips.Since then Intel has incorporated technology in some chips that power features of its security software, and Intel Security’ endpoint protection technology is well thought of, consistently ranking among the leaders in Gartner’s analysis of that category. It is ranked number two in market share behind Symantec and in front of Trend Micro.To read this article in full or to leave a comment, please click here

Intel spinout: McAfee is back

Intel is going to spin out its subsidiary Intel Security as a joint venture with investment firm TPG, redubbing the new entity with its old name – McAfee.The deal calls for TPG to make a $1.1 billion equity investment and own 51 percent of the company, with Intel retaining 49%.In a joint statement the companies say the investment will be used to help the spinout gain its feet as a stand-alone business and to drive growth.Intel bought McAfee in 2010 for $7.68 billion with the intent of tying McAfee’s security technology with Intel’s chips.Since then Intel has incorporated technology in some chips that power features of its security software, and Intel Security’ endpoint protection technology is well thought of, consistently ranking among the leaders in Gartner’s analysis of that category. It is ranked number two in market share behind Symantec and in front of Trend Micro.To read this article in full or to leave a comment, please click here

Apple patches iOS against potent zero-day spyware attack

Apple is issuing patches for three iOS zero-day vulnerabilities known as Trident that have been exploited for years by an Israel-based spyware vendor against a human rights activist, an investigative journalist and others.The attack, called Pegasus, is flexible, letting attackers steal a broad range of data from iPhones and iPads, according to the firms that discovered it.“In this case, the software is highly configurable: depending on the country of use and feature sets purchased by the user, the spyware capabilities include accessing messages, calls, emails, logs, and more from apps including Gmail, Facebook, Skype, WhatsApp, Viber, FaceTime, Calendar, Line, Mail.Ru, WeChat, SS, Tango, and others,” according to a blog post by Lookout Security, which, along with Citizen Lab, unearthed the vulnerabilities and Pegasus.To read this article in full or to leave a comment, please click here

Apple patches iOS against potent zero-day spyware attack

Apple is issuing patches for three iOS zero-day vulnerabilities known as Trident that have been exploited for years by an Israel-based spyware vendor against a human rights activist, an investigative journalist and others.The attack, called Pegasus, is flexible, letting attackers steal a broad range of data from iPhones and iPads, according to the firms that discovered it.“In this case, the software is highly configurable: depending on the country of use and feature sets purchased by the user, the spyware capabilities include accessing messages, calls, emails, logs, and more from apps including Gmail, Facebook, Skype, WhatsApp, Viber, FaceTime, Calendar, Line, Mail.Ru, WeChat, SS, Tango, and others,” according to a blog post by Lookout Security, which, along with Citizen Lab, unearthed the vulnerabilities and Pegasus.To read this article in full or to leave a comment, please click here

1 10 11 12 13 14 25