Archive

Category Archives for "Network World Security"

Can you hack the vote? Yes, but not how you might think

With Donald Trump already talking about the presidential election being rigged, Symantec has set up a simulated voting station that shows how electronic systems might be hacked to alter actual vote tallies for just a few hundred dollars.+More on Network World: Was Trump bitten by Twitter time-stamp bug that stung Alec Baldwin’s wife?+They found that while it’s possible to change the number of votes cast for each candidate, it would be very difficult to do so on a large enough scale to swing the election one way or the other.To read this article in full or to leave a comment, please click here

Shadow Brokers rant about people wanting stolen NSA-linked hacking tools for free

The hacking group trying to auction off NSA-linked Equation Group hacking tools is unhappy because no one has coughed up the big bucks yet to buy the exploits.On Saturday, the Shadow Brokers took to Medium to release the group’s third message. The hackers sound hurt that people don’t trust them and – if cursing is any indication – the hackers are angry that the Equation Group cyber weapons auction has flopped so far.The Shadow Brokers want $1 million dollars and sound irritated that interested parties want the stolen hacking tools for free. “Peoples is having interest in free files. But people is no interest in #EQGRP_Auction.”To read this article in full or to leave a comment, please click here

We don’t need more InfoSec analysts: We need analysts to train AI infrastructures to detect attacks

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.Everyone says there is an information security talent gap. In fact, some sources say the demand for security professionals exceeds the supply by a million jobs. Their argument is basically this: attacks are not being detected quickly or often enough, and the tools are generating more alerts than can be investigated, so we need more people to investigate those alarms.Makes sense, right?Wrong.We believe that, even if companies aroaund the world miraculously hired a million qualified InfoSec professionals tomorrow there would be no change in detection effectiveness and we would still have a “talent gap.” The problem isn’t a people issue so much as it is an InfoSec infrastructure issue.To read this article in full or to leave a comment, please click here

By 2020, your Wi-Fi-connected car will pay for parking, gas

Wi-Fi communications in vehicles, whether from the factory or in aftermarket devices, will increase from 6.9 million per year in 2015 to 61 million per year in 2020 -- and this will usher in a new era of consumer services and applications, according to a new report from Gartner.Over the next four years, the total number of connected cars and trucks will reach 220 million, a number that will drive a huge uptick in the delivery of digital content, such as streaming music and video, navigation and location-based services.Connected vehicles increasingly will be able to direct drivers to, and pay for, parking spaces, fuel and other services, and the technology will eventually enable increased levels of automated driving, Gartner's report stated.To read this article in full or to leave a comment, please click here

Android malware that can infiltrate corporate networks is spreading

An Android malware is spreading across app stores, including Google Play, and has the capability of stealing sensitive files from corporate networks.DressCode, a family of Android malware, has been found circulating in at least 3,000 Trojanized apps, security firm Trend Micro said on Friday.DressCode hides itself inside games, user interface themes, and phone optimization boosters. It can also be difficult to detect because the malicious coding only makes up a small portion of the overall app.To read this article in full or to leave a comment, please click here

Splunk intent on extending cybersecurity leadership

I attended the Splunk user conference earlier this week (.Conf2016) and came away pretty impressed. Since I started watching Splunk years ago, the company climbed from a freemium log management and query tool for IT and security nerds to one of the leading security analytics and operations platform. Not surprisingly then, security now represents around 40 percent of Splunk’s revenue. Given the state of the cybersecurity market, Splunk wants to work with existing customers and get new ones to join in to build on this financial and market success.To that end, Splunk really highlighted three enhancements for its enterprise security product:1. An ecosystem and architecture for incident response. Splunk often acts as a security nexus for its customers, integrating disparate data into a common platform. It now wants to extend this position from analytics to incident response by building IR capabilities into its own software and extending this architecture to partners through APIs, workflows and automation. Splunk calls this adaptive response. For now, Splunk doesn’t see itself as an IR automation and orchestration platform for complex enterprise environments (in fact Phantom and ServiceNow were both exhibiting at the event), but it does want to use its Continue reading

Firefox blocks websites with vulnerable encryption keys

To protect users from cryptographic attacks that can compromise secure web connections, the popular Firefox browser will block access to HTTPS servers that use weak Diffie-Hellman keys.Diffie-Hellman is a key exchange protocol that is slowly replacing the widely used RSA key agreement for the TLS  (Transport Layer Security) protocol. Unlike RSA, Diffie-Hellman can be used with TLS's ephemeral modes, which provide forward secrecy -- a property that prevents the decryption of previously captured traffic if the key is cracked at a later time.However, in May 2015 a team of researchers devised a downgrade attack that could compromise the encryption connection between browsers and servers if those servers supported DHE_EXPORT, a version of Diffie-Hellman key exchange imposed on exported cryptographic systems by the U.S. National Security Agency in the 1990s and which limited the key size to 512 bits. In May 2015 around 7 percent of websites on the internet were vulnerable to the attack, which was dubbed LogJam.To read this article in full or to leave a comment, please click here

Ransomware spreads through weak remote desktop credentials

Stolen or weak remote desktop credentials are routinely used to infect point-of-sale systems with malware, but recently they've also become a common distribution method for file-encrypting ransomware.In March, researchers discovered a ransomware program dubbed Surprise that was being installed through stolen credentials for TeamViewer, a popular remote administration tool. But the trend had started long before that, with some ransomware variants being distributed through brute-force password guessing attacks against Remote Desktop Protocol (RDP) servers since 2015.While this method of infection was initially used by relatively obscure ransomware programs, recently it has been adopted by an increasing number of cybercriminals, including those behind widespread ransomware programs such as Crysis.To read this article in full or to leave a comment, please click here

Bounty for iOS jailbreak exploit jumps to $1.5 million

The value for zero-day exploits targeting Apple's iOS software is jumping. On Thursday, a company called Zerodium began offering as much as US $1.5 million for them.Zerodium is the same company that offered $1 million last year for an exclusive iOS zero-day exploit that can remotely jailbreak a device. However, that bounty was only temporary, and it was eventually awarded last November.Zerodium's new $1.5 million bounty is asking for a remote jailbreak exploit targeting iOS 10. The bounty will be offered all year long, Chaouki Bekrar, the company's CEO, said in an email. The company's original offer was a maximum of $500,000.To read this article in full or to leave a comment, please click here

Microsoft opens up its ‘million dollar’ bug-finder

Microsoft is previewing a cloud-based bug detector, dubbed Project Springfield, that it calls one of its most sophisticated tools for finding potential security vulnerabilities.Project Springfield uses "whitebox fuzzing," which uncovered one-third of the "million dollar" security bugs during the development of Windows 7. Microsoft has been using a component of the project called SAGE since the mid-2000s to test products prior to release, including fuzzing both Windows and Office applications. [ From Docker containers and Nano Server to software-defined storage and networking improvements, Windows Server 2016 is packed with great additions: Get the scoop on Windows Server 2016 from InfoWorld. | Stay up on key Microsoft technologies with the Windows Report newsletter. ] For this project, SAGE is bundled with other tools for fuzz testing, featuring a dashboard and other interfaces that enable use by people without an extensive security background. The tests are run using Microsoft's Azure cloud.To read this article in full or to leave a comment, please click here

IDG Contributor Network: The future of security: A combination of cyber and physical defense

Our increasingly connected world gives hackers even more ways to exploit technology for malicious purposes. We’re now entering a period when cyber attacks could cause major physical damage. To protect people from these combined cyber and physical threats, information security experts and law enforcement, which traditionally handles physical security, will have to share strategies.+ Also on Network World: The IoT is uranium +After all, the boundaries between cyber and physical attacks are already blurring. In March, the U.S. Department of Justice claimed seven Iranians hacked the control systems of a small dam in New York state in 2013. The dam was offline for repair, preventing the hackers from controlling the flow of water. However, the incident demonstrated that hackers could take over infrastructure that was controlled by computers.To read this article in full or to leave a comment, please click here

Doctors: E-health records raise costs, don’t help patient outcomes

Three out of four U.S. physicians believe that electronic healthcare records (EHRs) increase practice costs -- outweighing any efficiency savings -- and seven out of 10 think they reduce productivity, according to a new survey.Deloitte's "2016 Survey of US Physicians" released this week found little had changed since its last report two years ago, when doctors surveyed at the time generally held negative opinions of EHRs.The latest survey found nearly all physicians would like to see improvements in EHRs, with 62% calling for them to be more interoperable and 57% looking for improved workflow and increased productivity.To read this article in full or to leave a comment, please click here

Security myths that can make you laugh… or cry

Not so true anymoreImage by ThinkstockIt is sort of like those commercials that stated it must be true because I read it on the internet. There are long held beliefs that have gone unchallenged and accepted. Then there are those who put their head in the sand with such statements as “I don’t need to protect my network, there is nothing worth stealing.”To read this article in full or to leave a comment, please click here

FBI reports more attempts to hack voter registration system

The U.S. Federal Bureau of Investigation has found more attempts to hack the voter registration systems of states, ahead of national elections.The agency had reportedly found evidence in August that foreign hackers had breached state election databases in Illinois and Arizona, but it appears that there have been other attempts as well, besides frequent scanning activities, which the FBI describes as preludes for possible hacking attempts."There have been a variety of scanning activities, which is a preamble for potential intrusion activities, as well as some attempted intrusions at voter registration databases beyond those we knew about in July and August," FBI Director James Comey told the House Judiciary Committee on Wednesday.To read this article in full or to leave a comment, please click here

FBI reports more attempts to hack voter registration system

The U.S. Federal Bureau of Investigation has found more attempts to hack the voter registration systems of states, ahead of national elections.The agency had reportedly found evidence in August that foreign hackers had breached state election databases in Illinois and Arizona, but it appears that there have been other attempts as well, besides frequent scanning activities, which the FBI describes as preludes for possible hacking attempts."There have been a variety of scanning activities, which is a preamble for potential intrusion activities, as well as some attempted intrusions at voter registration databases beyond those we knew about in July and August," FBI Director James Comey told the House Judiciary Committee on Wednesday.To read this article in full or to leave a comment, please click here

The Yahoo hackers weren’t state-sponsored, a security firm says

Common criminals, not state-sponsored hackers, carried out the massive 2014 data breach that exposed information about millions of Yahoo user accounts, a security firm said Wednesday. Yahoo has blamed state actors for the attack, but it was actually elite hackers-for-hire who did it, according to InfoArmor, which claims to have some of the stolen information.    The independent security firm found the alleged data as part of its investigation into "Group E," a team of five professional hackers believed to be from Eastern Europe.To read this article in full or to leave a comment, please click here

The Yahoo hackers weren’t state-sponsored, a security firm says

Common criminals, not state-sponsored hackers, carried out the massive 2014 data breach that exposed information about millions of Yahoo user accounts, a security firm said Wednesday.Yahoo has blamed state actors for the attack, but it was actually elite hackers-for-hire who did it, according to InfoArmor, which claims to have some of the stolen information.   The independent security firm found the alleged data as part of its investigation into "Group E," a team of five professional hackers believed to be from Eastern Europe.To read this article in full or to leave a comment, please click here

Most dangerous cyber celebrities of 2016

Dangerous celebritiesIntel has reeled off the 10th annual McAfee Most Dangerous Celebrities list based on likelihood of getting hit with a virus or malware when searching on the celebs’ names. “Consumers today remain fascinated with celebrity culture and go online to find the latest pop culture news,” said Gary Davis, chief consumer security evangelist at Intel Security. “With this craving for real-time information, many search and click without considering potential security risks.” Last year, DJ Armin van Buuren was #1.To read this article in full or to leave a comment, please click here