Last week, President-elect Donald Trump received a comprehensive briefing on Russian hacking related to the 2016 Presidential election. In response, Trump released a statement that included the following:"Whether it is our government, organizations, associations or business we need to aggressively combat and stop cyberattacks. I will appoint a team to give me a plan within 90 days of taking office.” These “teams” tend to be made up of a combination of Washington insiders with intelligence and/or military experience as well as an assortment of industry folks. For example, President Obama’s recent Commission on Enhancing National Cybersecurity, included former NSA director Keith Alexander, former IBM CEO Sam Palmisano, etc.To read this article in full or to leave a comment, please click here
Last week, President-elect Donald Trump received a comprehensive briefing on Russian hacking related to the 2016 Presidential election. In response, Trump released a statement that included the following:
"Whether it is our government, organizations, associations or business, we need to aggressively combat and stop cyberattacks. I will appoint a team to give me a plan within 90 days of taking office.”
These “teams” tend to be made up of a combination of Washington insiders with intelligence and/or military experience, as well as an assortment of industry folks. For example, President Obama’s recent Commission on Enhancing National Cybersecurity, included former NSA director Keith Alexander, former IBM CEO Sam Palmisano, etc.To read this article in full or to leave a comment, please click here
Russia dismissed an intel report claiming that the Kremlin meddled with the U.S. presidential election, saying the accusations were "amateurishly emotional" and driving a "witch-hunt.""There was nothing in this report that deserved to be read in detail," said Kremlin spokesman Dmitry Peskov on Monday, according to the Russian news agency TASS.The U.S. intel report, published on Friday, accused Russian President Vladimir Putin of personally ordering a secret campaign meant to influence last year's presidential election.To read this article in full or to leave a comment, please click here
Figuring out who’s behind cyberattacks is always difficult, and responsible security analysts are reluctant to point fingers without a smoking gun, which seems to be the case with recent disruptions of the power system in Turkey.News sources here and here say the Turkish Energy Ministry blames storms and sabotage of underground power lines for outages around the country. It also says coordinated cyberattacks originating in the United States have been thwarted but also been keeping security teams busy. It doesn’t like the outages directly to the cyberattacks, the sources say.To read this article in full or to leave a comment, please click here
A security researcher has developed a tool that can automatically detect sensitive access keys that have been hard-coded inside software projects.The Truffle Hog tool was created by U.S.-based researcher Dylan Ayrey and is written in Python. It searches for hard-coded access keys by scanning deep inside git code repositories for strings that are 20 or more characters and which have a high entropy. A high Shannon entropy, named after American mathematician Claude E. Shannon, would suggest a level of randomness that makes it a candidate for a cryptographic secret, like an access token.Hard-coding access tokens for various services in software projects is considered a security risk because those tokens can be extracted without much effort by hackers. Unfortunately this practice is very common.To read this article in full or to leave a comment, please click here
In the span of a day, the number of MongoDB installations that were erased and replaced with ransom notes has more than doubled, spiking to 27,000 as more cyber thugs jump on the ransom bandwagon. Niall Merrigan
It started last week when security researcher Victor Gevers discovered that about 200 MongoDB databases had been erased and held for ransom. By Tuesday, 2,000 databases were effected; the number climbed to 10,500 by Friday and kept climbing. Then the ransomed databases jumped from 12,000 to 27,000, according to security researcher Niall Merrigan.To read this article in full or to leave a comment, please click here
The cloud is now a mainstream IT platform. Through its unlimited economies of scale and its ability to deliver IT resources dynamically whenever users need them, the cloud’s popularity permeates through businesses of all sizes and industries.While they enjoy cloud benefits, many in IT still feel challenged to fully secure the new platform. There might be one or more cloud services linking to your corporate and partner network, all being accessed by both mobile and traditional users. How can you enforce internal policies and industry compliance mandates when there’s no longer an identifiable network perimeter?Ganesh Kirti, CTO and co-founder of Palerra, shows a few related issues worrying chief information security officers (CISO) when it comes to securing the cloud:To read this article in full or to leave a comment, please click here(Insider Story)
New products of the weekImage by invrisionOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Comodo Internet Security 10Image by ComodoTo read this article in full or to leave a comment, please click here
Last year, I was gifted an Amazon Echo; stunned, I stared at the gifter and thought to myself, have you ever met me…do you know me at all? The side of the Echo box listed features, starting with “fair-field voice control, with 7-microphone array and beam-forming technology to hear you from across the room.” Echo didn’t leave the box for six months.When I finally did open Echo, I was interested in comparing functions of Echo against those of ZOE; the latter smart home assistant was developed by Protonet with privacy in mind – nothing goes to the cloud so it couldn’t be turned into a surveillance device.To read this article in full or to leave a comment, please click here
A Federal Trade Commission attempt to rein in a poorly secured IoT device is raising questions over whether the U.S. regulator has the power to crack down on vendors suspected of shoddy practices.On Thursday, the FTC filed a complaint against Taiwanese manufacturer D-Link Systems that charged the company’s internet routers and web cameras can easily be hacked, putting consumers at risk.But the FTC’s complaint doesn’t cite evidence that the products have been breached, only the potential for harm to consumers.That’s among the reasons D-Link is contesting the complaint. “Notably, the complaint does not allege any breach of a D-Link Systems device,” it said in a statement. To read this article in full or to leave a comment, please click here
A highly anticipated U.S. intelligence report claims that Russian President Vladimir Putin ordered a campaign to covertly influence last year’s presidential election in favor for Donald Trump.However, the report – or at least the declassified version – offered no new evidence or sources to prove the Kremlin’s role in sponsoring the effort, which included hacks and online propaganda.The U.S. government published the 25-page document on Friday amid skepticism from incoming President-elect Trump over whether Russia was really involved.Outgoing President Barack Obama has nevertheless ordered sanctions against Russia and threatened covert action in retaliation for the cyber-meddling.To read this article in full or to leave a comment, please click here
After meeting with U.S. intelligence leaders on Friday, President-elect Donald Trump withheld any direct endorsement of their findings that Russia tried to meddle with the recent election.Rather, he focused on whether the hacking efforts -- from any country -- had an effect on the election’s outcome. In his view, there was “absolutely” none."While Russia, China, other countries, outside groups and people are consistently trying to break through the cyber infrastructure of our governmental institutions, businesses and organizations including the Democrat National Committee, there was absolutely no effect on the outcome of the election," Trump said in a statement. To read this article in full or to leave a comment, please click here
Groups of attackers have adopted a new tactic that involves deleting publicly exposed MongoDB databases and asking for money to restore them. In a matter of days, the number of affected databases has risen from hundreds to more than 10,000.The issue of misconfigured MongoDB installations, allowing anyone on the internet to access sensitive data, is not new. Researchers have been finding such open databases for years, and the latest estimate puts their number at more than 99,000.On Monday, security researcher Victor Gevers from the GDI Foundation reported that he found almost 200 instances of publicly exposed MongoDB databases that had been wiped and held to ransom by an attacker or a group of attackers named Harak1r1.To read this article in full or to leave a comment, please click here
The private sector often views government as the problem, not the solution. But, in the view of a growing number of experts, the opposite is true when it comes to addressing the rampant and increasing security risks of the Internet of Things (IoT).While it is not a unanimous view, there is general agreement that the blessings the IoT brings to modern life are being undermined by its curses – and that the market will not correct those curses.Its almost magical benefits are well documented and well advertised – self-driving cars and the ability to lock or unlock doors or adjust a home thermostat from hundreds of miles away were fantasies only a few years ago. But its billions of connected devices are so lacking in security that they are putting not only individual users at risk, but public and private infrastructure as well, including the infrastructure of the internet itself.To read this article in full or to leave a comment, please click here
All is quiet on the Microsoft front, but there are other technology issues to address, which I will be doing in the next few blogs. The first is about a battle between two anti-malware vendors: PC Pitstop and Malwarebytes. --------------------------------------------------------Most software markets tend to consolidate around a handful or even one or two vendors. How many competitors are there for Photoshop, after all? But there are two markets that thrive and have a large number of players: gaming and anti-virus/anti-malware. It started about a month ago. On Dec. 7, PC Pitstop, maker of the PC Matic repair software and those obnoxious TV commercials, posted a ransomware test performed by AV Comparatives that included its PC Matic product and its many competitors, including Malwarebytes, the latter included for the first time. To read this article in full or to leave a comment, please click here
The FBI may have been forced into a misstep when investigating whether Russia hacked the Democratic National Committee -- the agency never directly examined the DNC servers that were breached.Instead, the FBI had to rely on forensic evidence provided by third-party cybersecurity firm CrowdStrike, which the DNC hired to mitigate the breach.“The FBI repeatedly stressed to DNC officials the necessity of obtaining direct access to servers and data, only to be rebuffed,” the agency said on Thursday in a statement.The incident threatens to spark more skepticism over whether the U.S. properly arrived at its conclusion that Russian cyberspies were responsible for the breach.To read this article in full or to leave a comment, please click here
A malicious program called KillDisk that has been used in the past to wipe data from computers during cyberespionage attacks is now encrypting files and asking for an unusually large ransom.KillDisk was one of the components associated with the Black Energy malware that a group of attackers used in December 2015 to hit several Ukrainian power stations, cutting power for thousands of people. A month before that, it was used against a major news agency in Ukraine.Since then, KillDisk has been used in other attacks, most recently against several targets from the shipping sector, according to security researchers from antivirus vendor ESET.However, the latest versions have evolved and now act like ransomware. Instead of wiping the data from the disk, the malware encrypts it and displays a message asking for 222 bitcoins to restore them. That's the equivalent of $216,000, an unusually large sum of money for a ransomware attack.To read this article in full or to leave a comment, please click here
The U.S. Federal Trade Commission is cracking down on D-Link for selling wireless routers and internet cameras that can easily be hacked, the regulator said Thursday.Thousands of consumers are at risk, the FTC said in a complaint filed against the Taiwanese manufacturer charging D-Link with repeatedly failing to take reasonable measures to secure the products.The action comes as hackers have been hijacking poorly secured internet-connected products to launch massive cyberattacks that can force websites offline. Recently, a notorious malware known as Mirai has been found infecting routers, cameras, and DVRs built with weak default passwords.To read this article in full or to leave a comment, please click here