Meet MailSniper, a new pen tester tool that may be of interest to you if you need to find sensitive data such as passwords, credit card numbers and healthcare data, or need to access databases, or even to discover insider and network architecture information.MailSniper is a penetration testing tool, written in PowerShell, to allow for mass searching through email across every mailbox of an organization’s Microsoft Exchange environment.Beau Bullock, from the penetration testing firm Black Hills Information Security, cited a 2016 Mandiant M-Trends Report (pdf) which claimed organizations are compromised an average of 146 days before detecting a breach. That long of a window gives attackers plenty of time to locate, compromise and exfiltrate sensitive data; pen testers, however, may only have a window of five days or less to do the same thing in order to prove risk to an organization.To read this article in full or to leave a comment, please click here
One of the biggest security risks for computer users is their web browser. According to Microsoft, 90 percent of phishing emails use the browser to initiate attacks, which can then be used to help attackers establish a beachhead inside a company.
Microsoft is aiming to better protect users and organizations from the threats that they face with a new feature called Windows Defender Application Guard. It's designed to isolate Microsoft Edge from the rest of the files and processes running on a user's computer and prevent computer exploits from taking hold.
This is a move that could drive greater adoption of Microsoft's browser in the enterprise, at a time when the company is fiercely competing with Google in that space. Security of company assets is a big problem for enterprises, and Microsoft is offering them another way to help protect their users without requiring those users to be security experts.To read this article in full or to leave a comment, please click here
New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Adaptiva OneSite 6.0Key features – OneSite 6.0 is the IT industry’s first serverless option for distributing software from the cloud at on-premise speeds, using Microsoft System Center Configuration (ConfigMgr). More info.To read this article in full or to leave a comment, please click here
Trump Hotel Collection has arrived at a settlement with New York Attorney General Eric T. Schneiderman over hacks that are said to have led to the exposure of over 70,000 credit card numbers and other personal data.The hotel chain, one of the businesses of Republican presidential candidate Donald Trump, has agreed to pay US$50,000 in penalties and promised to take measures to beef up its data security practices, according to the attorney general’s office.The chain is one of many hotels and retailers that have been hit recently by malware that skimmed payment card information.The key charges apparently against Trump Hotel Collection (THC) are that it didn’t have adequate protection and even after the attacks became known, did not quickly inform the people affected, in breach of New York law.To read this article in full or to leave a comment, please click here
While some of the scariest IoT hacks envisioned – those involving hijacked medical devices such as pacemakers and insulin pumps – have yet to surface in the real world, those in the medical and IT security fields are not letting down their guard. They’ve seen enough ransomware and other attacks on healthcare outfits of late to know they are major cyberattack targets.The reality is that more medical devices are becoming connected ones, and that’s increasing the security threat surface, said panelists this past week at the Security of Things Forum in Cambridge, Mass.To read this article in full or to leave a comment, please click here
Unless you are a bad guy intent upon nefarious schemes to exploit technology in order to make money, then you probably have a great amount of respect for security reporter Brian Krebs. The crimes, breaches and attacks he has exposed have been so stunning that it boggles the mind. If cyber thugs have a “most wanted” list, then Krebs is likely at, or very near, the top. Yet what kind of messed up world do we live in if criminals can exploit horribly insecure internet-of-things devices with such success that it can silence the voice of a journalist like Krebs?He most recently ticked off allies of vDOS; Krebs wrote about the DDoS-for-hire company and the two teenagers allegedly behind it were arrested. Although it’s nothing new for his site, KrebsOnSecurity, to come under attack, like it did after his vDOS exposé, nearly two weeks later, Krebs’ site was hit “with the largest DDoS the internet has ever seen. 665 Gbps” (gigabits per second). Some of the POST request attacks included the string “freeapplej4ck,” referring to one of the alleged teenage owners of vDOS.To read this article in full or to leave a comment, please click here
Security vendor Imperva is shopping itself around and may be attractive to the likes of Cisco and IBM, according to Bloomberg.The Motley Fool reports that Imperva’s stock rose 20% today after Bloomberg’s report, which the Fool notes could actually drive buyers away because it would mean a more costly deal.Bloomberg named a number of other possible buyers including Forecpoint (owned by Raytheon and Vista Equity Partners), Akamai and Fortinet.To read this article in full or to leave a comment, please click here
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.Enterprise chat applications have surged in popularity, driven in large part by Slack, which now claims to serve more than three million users daily. What’s more, the popularity of these apps has given rise to a new phenomenon known as ChatOps, which is what happens when these new messaging systems are used to automate operational tasks. The ChatOps term was coined by GitHub to describe a collaboration model that connects people, tools, processes and automation into a transparent workflow. According to Sean Regan, Atlassian’s Head of Product Marketing for HipChat, this flow connects the work needed, the work happening and the work done in a consistent location staffed by people, bots and related tools. Its transparent nature hastens the feedback loop, facilitates information sharing, and enhances team collaboration, but also ushers in a new set of challenges for securityand risk professionals.To read this article in full or to leave a comment, please click here
Next week, New York State will begin a 45-day public comment period on its new financial industry cybersecurity regulation -- and, so far, security experts have a favorable view of the proposal.Under the new regulations, banks and insurance companies doing business in New York State will need to establish a cybersecurity program, appoint a Chief Information Security Officer and monitor the cybersecurity policies of their business partners.According to New York Gov. Andrew Cuomo, this is the first such regulation in the country. "This regulation helps guarantee the financial services industry upholds its obligation to protect consumers and ensure that its systems are sufficiently constructed to prevent cyber-attacks to the fullest extent possible," he said in a statement.To read this article in full or to leave a comment, please click here
Securing the internet of things should become a major priority now that an army of compromised devices – perhaps 1 million strong - has swamped one of the industry’s top distributed denial-of-service protection services.A giant botnet made up of hijacked internet-connected things like cameras, lightbulbs, and thermostats has launched the largest DDoS attack ever against a top security blogger, an attack so big Akamai had to cancel his account because defending it ate up too many resources.It wasn’t that Akamai couldn’t mitigate the attack – it did so for three days – but doing so became too costly, so the company made a business decision to cut the affected customer loose, says Andy Ellis the company’s chief security officer.To read this article in full or to leave a comment, please click here
Yahoo's announcement that state-sponsored hackers have stolen the details of at least 500 million accounts shocks both through scale -- it's the largest data breach ever -- and the potential security implications for users.That's because Yahoo, unlike MySpace, LinkedIn and other online services that suffered large breaches in recent years, is an email provider; and email accounts are central to users' online lives. Not only are email addresses used for private communications, but they serve as recovery points and log-in credentials for accounts on many other websites.To read this article in full or to leave a comment, please click here
The U.S. Federal Trade Commission should stop mobile messaging service WhatsApp from sharing user data with parent company Facebook in violation of earlier privacy promises, several privacy groups said.The FTC should step in to stop WhatsApp from violating "commitments the company previously made to subscribers," the 17 groups said in a letter sent to the agency Thursday. WhatsApp has long billed itself as a secure and private messaging service. WhatsApp's recently released plan to share user data with Facebook as a way to target advertising could amount to an "unfair and deceptive" trade practice, said the groups, including the Center for Digital Democracy, Consumer Action, Consumer Watchdog, and Demand Progress.To read this article in full or to leave a comment, please click here
Microsoft's decision to force Windows 10's patch and maintenance model on customers running the older-but-more-popular Windows 7 has patch experts nervous."Bottom line, everyone is holding their breath, hoping for the best, expecting the worst," said Susan Bradley in an email. Bradley is well known in Windows circles for her expertise on Microsoft's patching processes: She writes on the topic for the Windows Secrets newsletter and moderates the PatchMangement.org mailing list, where business IT administrators discuss update tradecraft.Bradley's anxiety stems from Microsoft's announcement last month that beginning in October it will offer only cumulative security updates for Windows 7 and 8.1, ending the decades-old practice of letting customers choose which patches they apply.To read this article in full or to leave a comment, please click here
Third-party accessImage by Harris & Ewing Collection (Library of Congress)Earlier this year, the Soha Third-Party Advisory Group conducted a study that surveyed more than 200 enterprise IT and security C-Level executives, directors and managers about the daily challenges they face providing fast and secure third-party application access to their contractors and suppliers. The survey revealed that 98 percent of respondents do not consider third-party access a top priority in terms of IT initiatives and budget allocation. This is a huge concern, considering that third parties cause or are implicated in 63 percent of all data breaches.To read this article in full or to leave a comment, please click here
Vint Cerf is considered a father of the internet, but that doesn't mean there aren't things he would do differently if given a fresh chance to create it all over again."If I could have justified it, putting in a 128-bit address space would have been nice so we wouldn't have to go through this painful, 20-year process of going from IPv4 to IPv6," Cerf told an audience of journalists Thursday during a press conference at the Heidelberg Laureate Forum in Germany.IPv4, the first publicly used version of the Internet Protocol, included an addressing system that used 32-bit numerical identifiers. It soon became apparent that it would lead to an exhaustion of addresses, however, spurring the creation of IPv6 as a replacement. Roughly a year ago, North America officially ran out of new addresses based on IPv4. To read this article in full or to leave a comment, please click here
A hacker's attempt to sell user data he claimed was stolen from Yahoo actually led the company to uncover a far more severe breach.Yahoo confirmed Thursday a data breach, which affects at least 500 million users, but it could be unrelated to the black market sale of alleged Yahoo accounts, according to a source familiar with the matter.The information comes even as security experts have been questioning why Yahoo took so long to warn the public when it was known that a hacker was claiming to be selling the data online around early August.To read this article in full or to leave a comment, please click here
The massive breach at Yahoo means that a treasure trove of stolen data is in the hands of hackers -- putting millions of internet users at risk.At least half a billion Yahoo accounts have been affected in one of the biggest data breaches in history. Information including names, email addresses, telephone numbers and hashed passwords may have been stolen.Yahoo has blamed the attack on a "state-sponsored actor," but it's far from clear who hacked the internet company and how the culprits pulled off the attack.Blaming it on a state-sponsored actor, however, indicates that Yahoo may have found evidence that the hackers were targeting the company over a long period of time, said Vitali Kremez, a cybercrime analyst at security firm Flashpoint.To read this article in full or to leave a comment, please click here
When Yahoo said on Thursday that data from at least 500 million user accounts had been hacked, it wasn't just admitting to a huge failing in data security -- it was admitting to the biggest hack the world has ever seen.Until Thursday, the previous largest known hack was the 2008 breach that hit almost 360 million MySpace accounts, according to a ranking by the "Have I been pwned" website. Like the Yahoo breach, the hack was only publicly disclosed this year after data was offered on a hacker forum.And only three breaches had ranked above the 100 million level:LinkedIn reported a loss of 167 million email addresses and passwords. They were originally stolen in 2012 but not publicly disclosed until 2016, again after the data was offered on an underground "dark market" site.To read this article in full or to leave a comment, please click here
A massive breach at Yahoo compromised account details from at least 500 million users, and the company is blaming the attack on state-sponsored hackers.
Names, email addresses, telephone numbers, and hashed passwords may have been stolen as part of the hack, which occurred in late 2014, Yahoo said.
The company reported the breach on Thursday, after a stolen database from the company went on sale on the black market last month.
However, the hacker behind the sale claimed that the stolen database involved only 200 million users and was likely obtained in 2012.To read this article in full or to leave a comment, please click here
U.S. Department of Homeland Security’s Robert Silvers says his purpose in speaking at the Security of Things Forum in Cambridge on Thursday wasn’t to scare anyone, but then he went ahead and called on everyone in the room to “accelerate everything you’re doing” to secure the internet of things. As the Assistant Secretary for Cyber Policy at DHS says, IoT security is a public safety issue that involves protecting both the nation’s physical and cyber infrastructures.Acknowledging a growing national dependency on the internet of things, be it in the medical, utility or transportation fields, Silvers says IoT has his department’s full attention. And a straightforward undertaking it is not, he says.To read this article in full or to leave a comment, please click here