Archive

Category Archives for "Network World Security"

FTC takes D-Link to court citing lax product security, privacy perils

The Federal Trade Commission has filed a complaint against network equipment vendor D-Link saying inadequate security in the company’s wireless routers and Internet cameras left consumers open to o hackers and privacy violations. +More on Network World: Top 10 Google searches of 2016 in pictures+ The FTC, in a complaint filed in the Northern District of California charged that “D-Link failed to take reasonable steps to secure its routers and Internet Protocol (IP) cameras, potentially compromising sensitive consumer information, including live video and audio feeds from D-Link IP cameras.”To read this article in full or to leave a comment, please click here

7 tips for better security awareness training sessions

Boring training sessions?Image by ThinkstockAt their worst, security awareness training sessions are boring wastes of time, both for employees and the IT people responsible for them. At their best, however, they are interactive, discussion-driven, and genuinely helpful opportunities to raise security issues and lay the groundwork for better habits.To read this article in full or to leave a comment, please click here

Plone dismisses claim that flaw in its CMS was used to hack FBI

The security team behind Plone, a content management system that powers many enterprise websites, has dismissed claims that hackers have access to information about an unpatched critical vulnerability.The dismissal comes after a hacker who uses the online alias CyberZeist published a list of log-in credentials and hashed passwords that he claimed were obtained by hacking into the FBI.gov website by using a Plone zero-day exploit.CyberZeist, who claims to act in the name of the Anonymous hacktivist movement, said in a post on Pastebin Monday that he didn't find the Plone vulnerability himself, but he was asked to test it out by the person who did.To read this article in full or to leave a comment, please click here

Mozilla: ‘IoT will be the first big battle of 2017,’ calls for responsible IoT

You need look no further than some of the stupid IoT devices being shown off at CES 2017 to be reminded that practically anything can be connected to the internet.Nokia’s Withings, L’Oreal’s innovation lab and Kerastase believe you would be better off by using Hair Coach, the world’s first smart hairbrush and companion app. It is just one of the many products that leaves me asking WHY? L’Orea Screenshot from L’Oreal videoTo read this article in full or to leave a comment, please click here

2017: The Year of Cybersecurity Scale

It’s no surprise that lots of pundits and cybersecurity industry insiders claim that 2017 will be a challenging year full of nation state attacks, ransomware, and a continuing wave of data breaches.  I concur with this common wisdom, but I also believe that 2017 will be remembered as the year where cybersecurity analytics and operations encountered a wave of unprecedented scale. Now I know that the need for security scalability is nothing new.  Leading SIEM vendors can all talk about how they’ve had to rearchitect their products over the past few years to scale from thousands to millions of events per second (EPS) and somehow make sense of all this activity. To read this article in full or to leave a comment, please click here

2017: The year of cybersecurity scale

It’s no surprise that lots of pundits and cybersecurity industry insiders claim that 2017 will be a challenging year full of nation state attacks, ransomware, and a continuing wave of data breaches. I concur with this common wisdom, but I also believe 2017 will be remembered as the year where cybersecurity analytics and operations encountered a wave of unprecedented scale. Now, I know that the need for security scalability is nothing new. Leading SIEM vendors can all talk about how they’ve had to rearchitect their products over the past few years to scale from thousands to millions of events per second (EPS) and somehow make sense of all this activity. To read this article in full or to leave a comment, please click here

Spy chief: US should use all tools to counter Russian hacking

The U.S. government should consider a broad range of retaliations against Russia for its attempts to interfere with November's presidential election, the outgoing director of national intelligence recommended. The default response to cyberattacks shouldn't necessarily be a cyber one, intelligence director James Clapper said Thursday. "We should consider all instruments of national power," he told a Senate committee. "We currently cannot put a lot of stock ... in cyber deterrence. Unlike nuclear weapons, cyber capabilities are difficult to see and evaluate and are ephemeral."To read this article in full or to leave a comment, please click here

Why companies offer a hacking bounty

Want to make a cool $20,000?All you have to do is hack the Nintendo 3DS, a handheld console that’s been out for a few years already. A listing on HackerOne spells everything out: Hackers will receive a cash payment for discovering a vulnerability in the system, which does let gamers make purchases and stores private information like your age and gender. There’s a range for this, of course -- some discoveries will pay $100. Also, anyone who files a report must follow the exact template.It makes you wonder -- why would a major Japanese corporation offer a reward like this? Why is it even worth the expense, especially when you know they have internal security researchers?To read this article in full or to leave a comment, please click here

Ransomware took in $1 billion in 2016–improved defenses may not be enough to stem the tide

Increased user awareness of phishing threats, better antivirus technology, more industry-wide information sharing and cross-border efforts by law enforcement authorities will combine to turn the tide against ransomware this year, according to some security experts, but others expect the attacks to continue to increase.According to a security expert who requested anonymity, ransomware cybercriminals took in about $1 billion last year, based on money coming into ransomware-related Bitcoin wallets.That includes more than $50 million each for three wallets associated with the Locky ransomware, and a fourth one that processed close to $70 million. Cryptowall brought in close to $100 million before it was shut down this year. CryptXXX gathered in $73 million during the second half of 2016, and Cerber took in $54 million, the expert said.To read this article in full or to leave a comment, please click here

DDoS-for-hire services thrive despite closure of major marketplace

The closure of a major online marketplace for paid distributed denial-of-service attacks appears to have done little to slow down the illegal activity.In late October, HackForums.net shut down its "Server Stress Testing" section, amid concerns that hackers were peddling DDoS-for-hire services through the site for as little as US$10 a month.According to security experts, the section was the largest open marketplace for paid DDoS attacks -- a notorious hacking technique that can disrupt access to internet services or websites. But since the section's closure, the attacks remain rampant.To read this article in full or to leave a comment, please click here

HTTPS scanning in Kaspersky antivirus exposed users to MITM attacks

Security vendor Kaspersky Lab has updated its antivirus products to fix an issue that exposed users to traffic interception attacks.The problem was found by Google vulnerability researcher Tavis Ormandy in the SSL/TLS traffic inspection feature that Kaspersky Anti-Virus uses to detect potential threats hidden inside encrypted connections.Like other endpoint security products, Kaspersky Anti-Virus installs a self-signed root CA certificate on computers and uses it to issue "leaf," or interception, certificates for all HTTPS-enabled websites accessed by users. This allows the product to decrypt and then re-encrypt connections between local browsers and remote servers.To read this article in full or to leave a comment, please click here

TCL targets Apple, Samsung with new BlackBerry handset

TCL Communication has big plans for BlackBerry, even though it's a brand that's been written off by many.The China-based electronics company recently acquired rights to design, manufacture and sell smartphones under the BlackBerry name with BlackBerry's security and service software installed. The deal puts TCL in the driver's seat on hardware and the first phone under the new deal was previewed on Wednesday.While still in the final stages of development, the new handset sports the physical keyboard that propelled BlackBerry to the top of the smartphone market in the 2000s and is the first to combine that keyboard with the Android operating system.To read this article in full or to leave a comment, please click here

‘I will eliminate passwords’ in 2017

Sticking with your promisesImage by ThinkstockLike anyone else, security experts set up resolutions they hope to conquer in the new year. Now the question will remain, will they be able to follow through on them or -- like that diet people promised to hold to – will they go back to the same old habits.To read this article in full or to leave a comment, please click here

Hacker wiping unprotected MongoDB installs and holding data for ransom

How many years have we been hearing about the dangers of leaving MongoDB instances unprotected? In December 2015, Shodan creator John Matherly warned that there were 684.8 TB of data exposed due to publicly accessible MongoDB instances. Yet there are still people don’t who bother to learn how to lock it down and so now a hacker is targeting and erasing those MongoDB installations, replacing the data with a ransom demand.Security researcher Victor Gevers, aka @0xDUDE and co-founder of the GDI Foundation, has personally been notifying owners of exposed MongoDB for years. But near the end of 2016, he came across an open MongoDB server that had the database contents replaced with a ransom note.To read this article in full or to leave a comment, please click here

FTC sets $25,000 prize for automatic IoT patching

The U.S. Federal Trade Commission is scheduled to announce Wednesday a "prize competition" for a tool that can be used against security vulnerabilities in internet of things systems.The prize pot is up to $25,000, with $3,000 available for each honorable mention. The winners will be announced in July. The announcement is scheduled to be published Wednesday in the Federal Register.The tool, at a minimum, will "help protect consumers from security vulnerabilities caused by out-of-date software," said the FTC.The government's call for help cites the use of internet-enabled cameras as a platform for a distributed denial of service (DDoS) attack last October. Weak default passwords were blamed.To read this article in full or to leave a comment, please click here

Uncertainty clouds debate on Russia’s suspected role in election hacks

How do you prove Russia meddled with the presidential election?That's a question the U.S. government is facing, but may never fully answer, at least not publicly. Last week, the U.S. punished Russia, claiming the country's cyberspies hacked Democratic groups and figures during the election season.However, missing from last week’s announcement was any new evidence -- or a smoking gun -- proving the Kremlin’s involvement. This isn’t sitting well with everyone in the security industry, especially since identifying the culprit of any cyberattack is no easy matter.“Maybe Russia did do it, but until we have sufficient evidence, it’s a mistake to move forward,” said Jeffrey Carr, a cybersecurity consultant.   To read this article in full or to leave a comment, please click here

Top 10 Ethical Dilemmas & Policy Issues in Science & Tech

You think you have problems? Sure you do, but pity those in science and technology tasked with advancing artificial intelligence, drones and healthcare methods that are fraught with peril despite potentially huge benefits.The University of Notre Dame's John J. Reilly Center for Science, Technology and Values has issued its fourth annual list of emerging ethical dilemmas and policy issues in science and technology, and it contains some doozies. It might have seemed tough to top some of 2016's issues, from lethal cyberweapons to bone conduction for marketing, but no sweat. Of course the Notre Dame center's researchers hope to be able help address some of these new concerns.To read this article in full or to leave a comment, please click here

IDG Contributor Network: How mainframes prevent data breaches

2016 was a strange year marked by everything from election surprises to a seemingly endless spate of celebrity deaths. But when historians look back at this mirum anno—weird year—it may end up being known as the year of the data breach. Of course, this sort of thing isn’t restricted to 2016, but its impact on the world was hard to ignore. Among government organizations, the IRS and FBI suffered data breaches, and corporate victims included LinkedIn, Target, Verizon and Yahoo. Literally millions of people had their private information exposed to black hats, thieves and other ne’er-do-wells of the digital world. This epidemic of data theft calls upon security experts to get serious about creating new solutions.To read this article in full or to leave a comment, please click here

Review: Microsoft Windows Defender comes up short

Microsoft’s latest version of its anti-malware tool, Windows Defender, is a frustrating product to evaluate. Yes, it is perhaps the best antivirus tool to come from Microsoft, with a series of noteworthy improvements. Yes, it provides good enough protection for your family’s PCs. And yes, it could be your PC’s sole antivirus utility, if you are willing to accept its limitations.However, once you examine the product in more detail, you will see why we cannot recommend it for enterprise use. And that is the frustration of this product: Microsoft is trying to do the right thing and offers a tempting feast, but ultimately offers an incomplete meal that is tough to digest.To read this article in full or to leave a comment, please click here(Insider Story)

Security Data Growth Drives SOAPA (Security Operations and Analytics Platform Architecture)

Happy new year cybersecurity community!  Hope you are well rested, it’s bound to be an eventful year ahead.Way back when at the end of November 2016, I posted a blog about an evolutionary trend I see happening around cybersecurity analytics and operations technology.  Historically, large enterprises have relied on SIEM products to anchor their SOCs.  This will continue but I see SIEM becoming part of a more global cybersecurity software architecture called SOAPA (i.e. security operations and analytics platform architecture). SOAPA uses middleware (i.e. message queueing, transaction processing, etc.), APIs, and industry standards like CybOX, STIX, and TAXII to connect disparate cybersecurity analytics and operations tools and data sources like EDR, network security analytics, UBA/machine learning analytics systems, vulnerability scanners, security asset management, anti-malware sandboxes/cloud services, incident response platforms, and threat intelligence into a cohesive software architecture.  In this way, disparate analytics tools can be used collectively to gain more context out of the data while accelerating processes and cybersecurity operations.To read this article in full or to leave a comment, please click here