Archive

Category Archives for "Network World Security"

Czech police arrest Russian hacker suspected of targeting the US

Police in the Czech Republic have arrested a Russian hacker suspected of targeting the U.S. for cyber crime.Czech police, working in collaboration with the FBI, arrested the Russian man at a hotel in central Prague. He is currently in custody and now faces possible extradition to the U.S., depending on what the local courts decide, according to a statement from the Czech police.The arrest comes as the U.S. has blamed Russian government for hacking U.S. officials and political groups in an effort to influence this year's upcoming election. However, a U.S. law enforcement official said the Russian hacker wasn't involved with the breach of the Democratic National Committee reported earlier this year.To read this article in full or to leave a comment, please click here

Half of American adults are in face recognition databases

Half of all American adults are in a face recognition database, and not one law enforcement agency requires a warrant before tapping into that tech to identify someone.While you might be binge-watching Netflix, cooking, working or sleeping—in other words, minding your own business and doing nothing illegal—law enforcement may be running your photo through a face recognition network, using your face in a virtual line-up to find a person suspected of committing a crime.How did you end up in this digital manhunt? It could be because you have a driver’s license or state-issued ID, since 26 states “enroll their residents in a virtual-line up.” That covers more than 117 million American adults, an investigation found, but since not all drivers are adults, then the total number of drivers in face recognition networks is more than 131 million.To read this article in full or to leave a comment, please click here

Oracle fixes 100s of vulnerabilities that put enterprise data at risk

Oracle has released another large batch of patches, fixing many critical vulnerabilities in enterprise products that are used to store and work with critical business data.About 40 percent of the patched flaws are located in Oracle E-Business Suite, Oracle Fusion Middleware, Oracle PeopleSoft, Oracle Retail Applications, Oracle JD Edwards, Oracle Supply Chain Products and Oracle Database Server. Many of these flaws can be exploited remotely without authentication to compromise the affected components.In total, Oracle's October Critical Patch Update (CPU) contains 253 security fixes across hundreds of products including database servers, networking components, operating systems, application servers and ERP systems.To read this article in full or to leave a comment, please click here

Tim Cook or Bill Gates as Clinton’s VP? It was considered

Apple CEO Tim Cook and Microsoft founder Bill Gates were both on a list of potential vice presidential candidates for Democrat Hillary Clinton, according to a leaked email published on Tuesday by Wikileaks.The email, apparently sent by campaign chairman John Podesta on March 17, named the two tech titans alongside 37 other people as "a first cut of people to consider for VP."Also on the list, published by WikiLeaks, was Gates' wife Melinda. She co-founded the charitable foundation that bears both their names.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords Other business leaders that made the cut were General Motors CEO Mary Barra, Bloomberg News founder and former New York Mayor Michael Bloomberg, Xerox CEO Ursula Burns, Coca-Cola CEO Muhtar Kent, Rockefeller Foundation president Judith Rodin, and Starbucks CEO Howard Schultz.To read this article in full or to leave a comment, please click here

IoT botnets powered by Mirai continue to grow

Level 3 Threat Research has noted an uptick in activity by new IoT botnets that are backed by the Mirai malware, with some attacks enlisting 100,000 individual hijacked devices.A significant number of these zombie devices are enslaved by more than one botnet, according to the research described in the Level 3 Beyond Bandwidth blog, and some of these botnets use overlapping infrastructure.Source code for Mirai was released Sept. 30, “which has inspired a significant number of new bad actors, all working to exploit similar pools of vulnerable devices,” the Level 3 researchers write.To read this article in full or to leave a comment, please click here

Ecuador says it cut WikiLeaks founder’s internet access to prevent U.S. election interference

Ecuador's embassy in the U.K. says it alone was responsible for cutting WikiLeak's founder Julian Assange's internet connection, stating that the country doesn't want to interfere with the U.S. elections."The government of Ecuador respects the principle of non-intervention in the affairs of other countries," it said in a Tuesday statement. "It does not interfere in external electoral processes or support a particular candidate."As result, the government has temporarily cut access to some private communications at the embassy, where Assange has resided for four years.To read this article in full or to leave a comment, please click here

Gartner Top 10 technology trends you should know for 2017

Considering how much significance Gartner is placing the future influence of artificial intelligence and algorithms, it comes as little surprise that the group is saying that technology will be one of the most strategic and potentially disruptive for 2017. At its Gartner Symposium/ITxpo, David Cearley, vice president and Gartner Fellow detailed the key technology trends for 2017 as the group sees them including how data science technologies are evolving to include advanced machine learning and artificial intelligence is helping create intelligent physical and software-based systems that are programmed to learn and adapt. Other key trends include the impact of melding of the physical and digital environments and how digital technology platforms are influencing the enterprise.To read this article in full or to leave a comment, please click here

Hackers create more IoT botnets with Mirai source code

Malware that can build botnets out of IoT products has gone on to infect twice as many devices after its source code was publicly released.The total number of IoT devices infected with the Mirai malware has reached 493,000, up from 213,000 bots before the source code was disclosed around Oct. 1, according to internet backbone provider Level 3 Communications."The true number of actual bots may be higher," Level 3 said in a Tuesday blog post.Hackers have been taking advantage of the Mirai malware's source code, following its role in launching a massive DDOS (distributed denial-of-service) attack that took down the website of cybersecurity reporter Brian Krebs.To read this article in full or to leave a comment, please click here

Microsoft’s Nadella takes on privacy fears about LinkedIn, Cortana

ORLANDO, Fla. -- Microsoft CEO Satya Nadella faced sharp questions from Gartner analysts Tuesday about the privacy-invading implications of its $26.2 billion acquisition of LinkedIn, and its all-knowing virtual assistant, Cortana.Helen Huntley, one of the Gartner analysts questioning Nadella at a conference here, was particularly pointed about the fears.Cortana, said Huntley, "knows everything about me when I'm working. She knows what files I'm looking at, she knows what I'm downloading, she knows when I'm working, when I'm not working," she said.To read this article in full or to leave a comment, please click here

Hackers hide stolen payment card data inside website product images

Attacks that compromise online shops to skim payment card details are increasing and growing in sophistication. The latest technique involves hiding malicious code and stolen data inside legitimate files.A Dutch researcher reported last week that almost 6,000 online shops, most of them built with the Magento content management system, have malicious code that intercepts and steals payment card data during online transactions. The online storefront of the U.S. National Republican Senatorial Committee (NRSC) was among those websites until earlier this month.To read this article in full or to leave a comment, please click here

WikiLeaks blames US for cutting Assange’s internet connection

WikiLeaks is accusing U.S. Secretary of State John Kerry of trying to stop the site from publishing stolen emails from Hillary Clinton's presidential campaign. Citing "multiple U.S. sources,"  the site tweeted on Tuesday that Kerry had asked the Ecuadorian government to prevent WikiLeaks' founder Julian Assange from releasing more documents.   Assange is currently residing in the Ecuadorian embassy in London, where he has been helping to run the WikiLeaks site. But on Saturday, the Ecuadorian government shut down his internet connection. WikiLeaks claimed that Kerry had private negotiations with Ecuador last month. However, the U.S. Department of State is denying any involvement with cutting Assange's internet connection.To read this article in full or to leave a comment, please click here

Half of US adults are profiled in police facial recognition databases

Photographs of nearly half of all U.S. adults -- 117 million people -- are collected in police facial recognition databases across the country with little regulation over how the networks are searched and used, according to a new study.Along with a lack of regulation, critics question the accuracy of facial recognition algorithms. Meanwhile, state, city, and federal facial recognition databases include 48 percent of U.S. adults, said the report from the Center on Privacy & Technology at Georgetown Law. The search of facial recognition databases is largely unregulated, the report said. "A few agencies have instituted meaningful protections to prevent the misuse of the technology," its authors wrote. "In many more cases, it is out of control."To read this article in full or to leave a comment, please click here

FDA to healthcare execs on DMCA exemption: Researchers will find new medical device flaws

The FDA wants the medical device industry to quickly fix cybersecurity issues, reminding healthcare executives that they may soon be hearing about vulnerabilities more frequently from security researchers thanks to a DMCA exemption which will soon go into effect.Although the Librarian of Congress issued the new exemptions (pdf) last year, there was a one year hold supposedly so various agencies could update their policies. It’s silly, since the exemptions are not permanent; they must be argued and renewed every three years, which basically means security researchers can take advantage of it for two years. They can hope that if their research will take longer than two years, that the exemption is renewed.To read this article in full or to leave a comment, please click here

Critical flaws found in open-source encryption software VeraCrypt

A new security audit has found critical vulnerabilities in VeraCrypt, an open-source, full-disk encryption program that's the direct successor of the widely popular, but now defunct, TrueCrypt.Users are encouraged to upgrade to VeraCrypt 1.19, which was released Monday and includes patches for most of the flaws. Some issues remain unpatched because fixing them requires complex changes to the code and in some cases would break backward compatibility with TrueCrypt.However, the impact of most of those issues can be avoided by following the safe practices mentioned in the VeraCrypt user documentation when setting up encrypted containers and using the software.To read this article in full or to leave a comment, please click here

Roqos Core router combines cybersecurity with parental controls

The home Wi-Fi router space continues to gain momentum, with additional startups aiming to provide devices that do more than just sit there and route traffic. The latest device that has arrived at the Cool Tools testing zone is the Roqos Core.Roqos has three goals with its device: First, to provide an easy setup for its Wi-Fi router, making it so that “even grandma can set it up”; second, to provide parents with a control system that lets them pause the Internet at the press of a button, and also give filtering and blocking controls; and third, provide a cloud-based cyber-securitiy system that monitors all network traffic through Deep Packet Inspection.To read this article in full or to leave a comment, please click here

Asylum of WikiLeaks’ Assange not in question

The asylum granted to WikiLeaks’ founder Julian Assange by the government of Ecuador is not in question, despite possible differences of opinion between the two on the release of controversial documents by the whistleblowing site.Late Monday, the Ecuadorian government said that in the wake of speculation, it reaffirmed the continuation of asylum that it had extended to Assange for the last four years. It said that the protection would continue as long  as the circumstances that had led to that decision continues.Assange was given asylum by Ecuador in 2012 after he slipped into the country’s embassy in London, where he continues to be holed for fear of arrest by U.K. police, who have said that they have to arrest Assange if he steps out of the embassy to meet an extradition request from Sweden.To read this article in full or to leave a comment, please click here

Breaches, IT skills & innovation keeping CIOs up at night

To say that CIOs have full plates – from guarding against breaches to cloud migration to embracing innovation – is an understatement. But given the growing recognition of IT’s importance to organizations of all kinds, it’s also a tremendous time to be a CIO despite the complications and demands of the job.These are among the findings of the Society for Information Management’s (SIM) 37th Anniversary IT Trends Study, which is being released to SIM members this week as a lead-in to next week’s annual SIMposium conference that’s taking place in Connecticut. Non-members can get a peek at the study next week.To read this article in full or to leave a comment, please click here

9% off Nest Cam Indoor Security Camera – Deal Alert

Look after your home 24/7 in crisp 1080p HD. With Nest Cam Indoor, you can check in, even when you’re out, and even at night with its built-in high-quality night vision. Nest Cam features a versatile magnetic stand that lets you put it anywhere. See who’s there, listen in and speak up to get their attention. With Nest Aware, you can get a special alert if Nest Cam sees a person, and save 10 or 30 days of continuous video history in the cloud. Then speed through it in seconds and quickly find the moment you’re looking for in Sightline. Nest's indoor camera is a best-seller on Amazon with 4 out of 5 stars from over 4,000 people (read reviews). Its typical list price of $199 has been reduced 9% to $182.00 on Amazon. Amazon also features a bundle of three cameras that will deepen the discount even further. Right now it's just $454.97 for the pack of three.To read this article in full or to leave a comment, please click here

Air Force gets space telescope that can see space objects like no ground-based system before it

The DARPA-developed Space Surveillance Telescope (SST) will this week get a new permanent home in Australia with the Air Force Space Command where it promises to rapidly bolster the nation’s ability to more quickly spot and track faint objects in space. The Air Force, says the SST features unique image-capturing technology known as a curved charge coupled device (CCD) system,  as well as very wide field-of-view, large-aperture optics, and doesn't require the long optics train of a more traditional telescopes. The design makes the SST less cumbersome on its moveable mount, letting it survey the sky rapidly, the Air Force says. The telescope's mount uses advanced servo-control technology, making the SST one of the most agile telescopes of its size ever built.To read this article in full or to leave a comment, please click here

To unlock phones, feds demand all occupants surrender fingerprints

U.S. investigators are exercising a broad legal authority to force suspects to unlock their smartphones. In a recent case, they demanded that anyone found inside a California residence comply by surrendering their fingerprints.In May, the federal prosecutors made the request as part of a search warrant, according to a court filing uncovered by Forbes. Those fingerprints were crucial to unlocking the smartphones, the Department of Justice argued.However, the federal investigators went beyond asking for the fingerprints of one suspect. Instead, they the sought authority to "depress the fingerprints" of everyone located at the California property.To read this article in full or to leave a comment, please click here