National Harbor, Md. -- Corporate employees who help carry out cyberattacks are increasingly being sought and are seeking criminals to hire them, a Gartner analyst told a group at the consulting firm’s Security and Risk Management Summit.A group of 60 CIOs and CISOs she worked with say this recruitment is more active and becoming a larger concern because of their use of the Dark Web to sell their services, says Gartner analyst Avivah Litan.+More on Network World: National Intelligence office wants to perfect the art of security deception+To read this article in full or to leave a comment, please click here
National Harbor, Md. -- Corporate employees who help carry out cyberattacks are increasingly being sought and are seeking criminals to hire them, a Gartner analyst told a group at the consulting firm’s Security and Risk Management Summit.A group of 60 CIOs and CISOs she worked with say this recruitment is more active and becoming a larger concern because of their use of the Dark Web to sell their services, says Gartner analyst Avivah Litan.+More on Network World: National Intelligence office wants to perfect the art of security deception+To read this article in full or to leave a comment, please click here
It’s not enough for security pros to figure out how to protect digital enterprises from risks that can ruin the business, they must effectively sell it to corporate boards whose blessing is needed to authorize the plan, Gartner analysts told attendees at their Security and Risk Management Summit.With that in mind, three Gartner security specialists walked the roughly 3,400-person audience through how to create a plan to manage risk and minimize damage when – not if – an attack succeeds, and the strategy for buy-in from the board of directors.“One hundred percent protection should not be the goal,” Gartner analyst Peter Firstbrook told the gathering. “The goal should be resilience.”To read this article in full or to leave a comment, please click here
It’s not enough for security pros to figure out how to protect digital enterprises from risks that can ruin the business, they must effectively sell it to corporate boards whose blessing is needed to authorize the plan, Gartner analysts told attendees at their Security and Risk Management Summit.With that in mind, three Gartner security specialists walked the roughly 3,400-person audience through how to create a plan to manage risk and minimize damage when – not if – an attack succeeds, and the strategy for buy-in from the board of directors.“One hundred percent protection should not be the goal,” Gartner analyst Peter Firstbrook told the gathering. “The goal should be resilience.”To read this article in full or to leave a comment, please click here
Recorded Future is teaming up with other security vendors to blend the threat intelligence they all gather so it’s easier for corporate security pros to connect the dots that reveal actual incidents that need attention.With the Omni Intelligence Partner Network, businesses that are customers of both Recorded Future and participating partners can import threat intelligence gathered by the partners and display it within Intelligence Cards that are one interface within Recorded Future’s platform.So the Intelligence Card for a particular suspicious IP address would include information gathered by Recorded Future but also information about that IP address gathered by any of the other Omni Intelligence partners.To read this article in full or to leave a comment, please click here
Recorded Future is teaming up with other security vendors to blend the threat intelligence they all gather so it’s easier for corporate security pros to connect the dots that reveal actual incidents that need attention.With the Omni Intelligence Partner Network, businesses that are customers of both Recorded Future and participating partners can import threat intelligence gathered by the partners and display it within Intelligence Cards that are one interface within Recorded Future’s platform.So the Intelligence Card for a particular suspicious IP address would include information gathered by Recorded Future but also information about that IP address gathered by any of the other Omni Intelligence partners.To read this article in full or to leave a comment, please click here
D-Link is working to fix a weakness that allows attackers to take over remote control of one of its cameras so they can eavesdrop, and the company is checking whether others of its products have similar vulnerabilities.The vulnerability allows for the injection of malicious code and forces a password reset, which means attackers can gain remote access to the camera’s feed, thereby enabling eavesdropping, according to Senrio, a startup that monitors devices, scores how vulnerable they are and alerts when it detects suspicious behavior.It also means that regardless of how strong a password users set up, it can be overridden.The camera – D-Link DCS-930L Network Cloud Camera – might not be the only device affected by the vulnerability, a spokesperson for Senrio says. “Senrio has also agreed to evaluate a number of additional D-link products to assess if the vulnerability can be found in the firmware in those items,” the spokesperson said in an email.To read this article in full or to leave a comment, please click here
D-Link is working to fix a weakness that allows attackers to take over remote control of one of its cameras so they can eavesdrop, and the company is checking whether others of its products have similar vulnerabilities.The vulnerability allows for the injection of malicious code and forces a password reset, which means attackers can gain remote access to the camera’s feed, thereby enabling eavesdropping, according to Senrio, a startup that monitors devices, scores how vulnerable they are and alerts when it detects suspicious behavior.It also means that regardless of how strong a password users set up, it can be overridden.The camera – D-Link DCS-930L Network Cloud Camera – might not be the only device affected by the vulnerability, a spokesperson for Senrio says. “Senrio has also agreed to evaluate a number of additional D-link products to assess if the vulnerability can be found in the firmware in those items,” the spokesperson said in an email.To read this article in full or to leave a comment, please click here
While there’s talk that investment dollars for security startups are getting harder to find, entrepreneurs still manage to deliver a range of hardware, software and services that protect data, networks and corporate reputations.This roundup of 13 such companies that we’re keeping an eye on runs the gamut from cloud security services to fraud prevention to protecting supervisory control and data acquisition (SCADA) and Internet of Things devices.+ SEE LAST YEAR'S LIST of Security startups to watch +To read this article in full or to leave a comment, please click here
While there’s talk that investment dollars for security startups are getting harder to find, entrepreneurs still manage to deliver a range of hardware, software and services that protect data, networks and corporate reputations.This roundup of 13 such companies that we’re keeping an eye on runs the gamut from cloud security services to fraud prevention to protecting supervisory control and data acquisition (SCADA) and Internet of Things devices.+ SEE LAST YEAR'S LIST of Security startups to watch +To read this article in full or to leave a comment, please click here
SS8 built its network traffic-inspection and analysis platform as a tool for intelligence agencies to discover communications among criminals and terrorists but now has scaled it back for enterprises to stop data breaches.Called BreachDetect, the business-sized software gathers highly detailed network traffic data that discovers application flows and the activity of individual machines and analyzes them to find anomalies that indicate foul play.The platform also stores the information it collects so it can be analyzed over and over as new threat indicators are identified. That way corporate security pros can discover threats that may have been lurking undetected for months and figure out when and how they got there, SS8 says.To read this article in full or to leave a comment, please click here
SS8 built its network traffic-inspection and analysis platform as a tool for intelligence agencies to discover communications among criminals and terrorists but now has scaled it back for enterprises to stop data breaches.Called BreachDetect, the business-sized software gathers highly detailed network traffic data that discovers application flows and the activity of individual machines and analyzes them to find anomalies that indicate foul play.The platform also stores the information it collects so it can be analyzed over and over as new threat indicators are identified. That way corporate security pros can discover threats that may have been lurking undetected for months and figure out when and how they got there, SS8 says.To read this article in full or to leave a comment, please click here
The two major international security agencies in Europe agree that building backdoors into encryption platforms is not the best way to secure systems because of the collateral damage it would do to privacy and the security of communications.“While this would give investigators lawful access in the event of serious crimes or terrorist threats, it would also increase the attack surface for malicious abuse, which, consequently, would have much wider implications for society,” says a joint statement by European Police Office (Europol) and European Network and Information Security Agency (ENISA), which focuses on cyber security.To read this article in full or to leave a comment, please click here
The two major international security agencies in Europe agree that building backdoors into encryption platforms is not the best way to secure systems because of the collateral damage it would do to privacy and the security of communications.“While this would give investigators lawful access in the event of serious crimes or terrorist threats, it would also increase the attack surface for malicious abuse, which, consequently, would have much wider implications for society,” says a joint statement by European Police Office (Europol) and European Network and Information Security Agency (ENISA), which focuses on cyber security.To read this article in full or to leave a comment, please click here
A team from Google’s fraud-detection group has started its own software as a service venture for spotting transaction fraud quickly based on rule sets and that also learns as it goes to improve its hit rate.Simility examines online transactions to identify indicators of foul play and assigns them risk scores from 0 to 1. Customers can use the information to shut down transactions it deems suspect.The Simility Fraud Prevention Platform service is available starting next week after a six-month private beta.
Rahul PangamTo read this article in full or to leave a comment, please click here
A team from Google’s fraud-detection group has started its own software as a service venture for spotting transaction fraud quickly based on rule sets and that also learns as it goes to improve its hit rate.Simility examines online transactions to identify indicators of foul play and assigns them risk scores from 0 to 1. Customers can use the information to shut down transactions it deems suspect.The Simility Fraud Prevention Platform service is available starting next week after a six-month private beta.
Rahul PangamTo read this article in full or to leave a comment, please click here
The Boston BSides conference is bursting at its seams and may have to find a new place to carry out its mission of providing inexpensive IT security training, educational sessions and informal networking where peers can share experiences and help guide aspiring security pros.The conference this weekend at Microsoft’s New England Research and Development (NERD) Center in Cambridge, Mass., was full to capacity with about 400 people attending – the NERD limit, says Daniel Reich, one of the show’s organizers.He says the organizers had to turn away about 100 others who wanted to attend, and after reading surveys by attendees and comments on Twitter, they may be looking for a larger venue for next year.To read this article in full or to leave a comment, please click here
The Boston BSides conference is bursting at its seams and may have to find a new place to carry out its mission of providing inexpensive IT security training, educational sessions and informal networking where peers can share experiences and help guide aspiring security pros.The conference this weekend at Microsoft’s New England Research and Development (NERD) Center in Cambridge, Mass., was full to capacity with about 400 people attending – the NERD limit, says Daniel Reich, one of the show’s organizers.He says the organizers had to turn away about 100 others who wanted to attend, and after reading surveys by attendees and comments on Twitter, they may be looking for a larger venue for next year.To read this article in full or to leave a comment, please click here
Now when ransomware tries to take over your computer, there’s something you can be sides pay up: stop it, buy more time to deal with it or mitigate the damage it might do.These options include both hardware and software approaches IT pros can take to defeat the malware, a group at this weekend’s Security BSides Boston conference was told.By looking at how several variants of ransomware work - CryptoLocker, CryptoWall, Locky, SamSam - researcher Weston Hecker found characteristics of their behavior that could be turned against them.One method goes after the droppers that first infect target machines in preparation for downloading the main malware payloads. Their purpose is to examine the machines for indications that it might be an inhospitable host and to eliminate the roadblocks if possible.To read this article in full or to leave a comment, please click here
Now when ransomware tries to take over your computer, there’s something you can be sides pay up: stop it, buy more time to deal with it or mitigate the damage it might do.These options include both hardware and software approaches IT pros can take to defeat the malware, a group at this weekend’s Security BSides Boston conference was told.By looking at how several variants of ransomware work - CryptoLocker, CryptoWall, Locky, SamSam - researcher Weston Hecker found characteristics of their behavior that could be turned against them.One method goes after the droppers that first infect target machines in preparation for downloading the main malware payloads. Their purpose is to examine the machines for indications that it might be an inhospitable host and to eliminate the roadblocks if possible.To read this article in full or to leave a comment, please click here
Tim Greene