Swift is introducing a new reporting system to help banks identify fraudulent payments made over its financial transfer network -- but the reports will arrive up to a day too late to stop them.Over the last year, cybercriminals have hacked systems at a number of banks, using their credentials to issue fraudulent payment instructions over the Swift network. Swift's network wasn't comprimised, but because genuine credentials were used on authorized bank terminals, no alarms were raised until some time after the transfers were made, leaving victims struggling to recover their funds from the destination accounts.To read this article in full or to leave a comment, please click here
Ransomware has reached epidemic proportions, especially among small and midsize businesses (SMBs). A 2015 Securities and Exchange Commission statement noted that SMBs are at "greater risk" of cybercrime, including ransomware, compared to larger enterprises, and they "are far more vulnerable once they are victimized."Security service provider Arctic Wolf Networks reports that it has seen a "433 percent increase in ransomware attacks this year among our SMB customers."To read this article in full or to leave a comment, please click here(Insider Story)
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.There’s been a lot of talk about security automation, but it’s increasingly unclear what is what. For example, a Network World article on security automation last year focused mostly on threat detection, a Gartner report on Intelligent and Automated Security Controls focused on the threat intelligence component, and another recent piece referenced security automation simply as “the automation of cybersecurity controls.”To read this article in full or to leave a comment, please click here
Cisco has warned of a high priority security hole in its IOS software that could have let attackers snatch memory contents from a variety of products that could lead to the disclosure of confidential information.
+More on Network World: Cisco buys into containers with Container X acquisition+
Specifically Cisco said the vulnerability is due to “insufficient condition checks in the part of the code that handles [Internet Key Exchange] IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests.”To read this article in full or to leave a comment, please click here
A security researcher going by Minxomat scanned IPv4 addresses and then released a list of nearly 800,000 open FTP servers, meaning no authentication is required to access them. His scan revealed that 4.32% of all FTP servers in the IPv4 address space allowed “anonymous” users to login with no password.“This is a list of all (796,578) FTP servers directly connected to port 21 in the IPv4 address space that allow anonymous logins,” Minxomat wrote on GitHub. “The login must be completed in less than five seconds to qualify for this list.”If an FTP server was meant to be public, he did not include it in the list. In his post describing “mass-analyzing a chunk of the internet,” Minxomat said he set up filters to exclude other results such as “POS system firmware update servers and printers (firmware|printer).”To read this article in full or to leave a comment, please click here
A security researcher going by Minxomat scanned IPv4 addresses and then released a list of nearly 800,000 open FTP servers, meaning no authentication is required to access them. His scan revealed that 4.32 percent of all FTP servers in the IPv4 address space allowed “anonymous” users to log in with no password.“This is a list of all (796,578) FTP servers directly connected to port 21 in the IPv4 address space that allow anonymous logins,” Minxomat wrote on GitHub. “The login must be completed in less than five seconds to qualify for this list.”If an FTP server was meant to be public, he did not include it in the list. In his post describing “mass-analyzing a chunk of the internet,” Minxomat said he set up filters to exclude other results such as “POS system firmware update servers and printers (firmware|printer).”To read this article in full or to leave a comment, please click here
Cisco Systems has patched a vulnerability similar to one exploited by a cyberespionage group believed to be linked to the U.S. National Security Agency.The vulnerability affects networking devices running Cisco's IOS, IOS XE and IOS XR operating systems that process IKEv1 (Internet Key Exchange version 1) packets. When exploited, it allows remote unauthenticated attackers to extract contents from a device's memory, potentially leading to the exposure of sensitive and confidential information.IKE is a key exchange protocol used by several popular features including LAN-to-LAN VPN (Virtual Private Network), remote access VPN, Dynamic Multipoint VPN (DMVPN) and Group Domain of Interpretation (GDOI). It is likely to be enabled on many Cisco devices in enterprise environments.To read this article in full or to leave a comment, please click here
1. Let two become one—safelyImage by PexelsStephen Boyer, CTO and co-founder of BitSight, knows one of the biggest threats to your company's tech security: the possibility that it might buy another company. He points to a survey from West Monroe Partners that found that 40% of acquiring companies discovered a cybersecurity problem in an acquired company—after a deal went through. It probably shouldn't be surprising that, in a 2014 survey from Freshfields Bruckhaus Deringer, a staggering 78% of respondents said cybersecurity is not analyzed in-depth as part of due diligence in an acquisition.To read this article in full or to leave a comment, please click here
Well, it's 2016, and a few years ago Gartner reported that "By 2016, poor return on equity will drive more than 60 percent of banks worldwide to process the majority of their transactions in the cloud."Enterprises across all sectors are either in the cloud, transitioning to the cloud, or thinking about making the idea of cloud a reality. For those who are preparing to make the move, there are a variety of concerns to consider and plan for in order to make for a smooth transition. In addition to deciding on the right cloud provider and whether to go with a private or a public cloud, CISOs also need to think about implementing solutions for controls on access, encryption, legal and compliance issues.To read this article in full or to leave a comment, please click here
New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.ContempoKey features: Contempo is a real-time political news app: swipe left for “the left” and right for “the right.” Integration with Rock the Vote provides an opportunity to register to vote, check registration status. More info.To read this article in full or to leave a comment, please click here
Oracle has agreed to acquire Palerra, a vendor of software for securing cloud services, as part of its strategy to provide customers comprehensive identity and security cloud servicesPalerra offers a Cloud Access Security Broker product called Loric that offers a combination of visibility into cloud usage, data security, user behavior analytics, and security configuration, with automated incident responses."We think this is an important addition to our overall cloud security portfolio," Larry Ellison, Oracle's executive chairman and chief technology officer said in his keynote Sunday at the Oracle OpenWorld conference. "It [Security] is job one at Oracle. We'll keep building, and when we find a supplier out there who is doing good work, we'll buy them."To read this article in full or to leave a comment, please click here
If you write a negative review for a game, is that harassment? It is according to game developer Digital Homicide which is suing 100 Steam users for $18 million.After Digital Homicide developer James Romine filed a lawsuit, an Arizona judge granted a subpoena to obtain the personal “identification and associated data” of 100 anonymous Steam users. Romine alleges that the Steam group of Jane and John Does created a “hate and harassment group, Digital Homicides Poop Games.”To read this article in full or to leave a comment, please click here
A U.K. judge has ruled in favor of extraditing a British man to the U.S. on charges of hacking government computers, despite fears he may commit suicide.Lauri Love, 31, has been fighting his extradition for allegedly stealing data from U.S. government agencies, including the Department of Defense and NASA.On Friday, a Westminster Magistrates court ruled that Love can be safely extradited to the U.S. to face trial, even though he has Asperger Syndrome and a history of depression.“I send this case to the secretary of state for her decision as to whether or not Mr. Love should be extradited,” Judge Nina Tempia said in the ruling.To read this article in full or to leave a comment, please click here
The FBI’s refusal to reveal how it accessed an iPhone 5c from a San Bernardino mass shooter will face scrutiny in court. USA Today’s parent company and two other news groups have filed a lawsuit against the agency, demanding it turn over the details.In March, the FBI unlocked the passcode-protected iPhone through an unknown third party, for a reportedly large sum that the agency hasn’t officially disclosed.The lack of details prompted USA Today to submit a Freedom of Information Act request to the FBI, regarding the costs paid to the third-party contractor. But in June, the FBI denied the request, claiming that the disclosure could interfere with law enforcement.To read this article in full or to leave a comment, please click here
The biggest raises in 2017 will go to data scientists, who can expect a 6.4% boost in pay next year. That’s well above the average 3.8% increase that’s predicted for tech workers, according to new data from Robert Half Technology.
The recruiting and staffing specialist recently released its annual guide to U.S. tech salaries, which finds IT workers will be getting slightly bigger pay bumps than many other professionals. Across all fields, U.S. starting salaries for professional occupations are projected to increase 3.6% in 2017. The largest gains will occur in tech – where starting salaries for newly hired IT workers are forecast to climb 3.8%.To read this article in full or to leave a comment, please click here
Microsoft tries to protect user account credentials from theft in Windows 10 Enterprise, and security products detect attempts to pilfer user passwords. But all those efforts can be undone by Safe Mode, according to security researchers.The Safe Mode is an OS diagnostic mode of operation that has existed since Windows 95. It can be activated at boot time and only loads the minimal set of services and drivers that Windows requires to run.This means that most third-party software, including security products, don't start in Safe Mode, negating the protection they otherwise offer. In addition, there are also Windows optional features like the Virtual Secure Module (VSM), which don't run in this mode.To read this article in full or to leave a comment, please click here
The FBI has issued a plea for those who have been hit by ransomware to report this to federal law enforcement so that the country can get a better sense of just how bad this problem really is.Ransomware refers to malware that encrypts files on computers or locks users out of their computers, and requests ransom be paid to set files free or allow users to regain access. Such malware, often going by spooky names like Cryptolocker or TeslaCrypt, can be activated by clicking on a web link or even visiting a compromised website, or opening an file in email. One nasty variant even takes your money and still deletes your files.To read this article in full or to leave a comment, please click here
U.S. lawmakers are trying to stifle any hope that National Security Agency leaker Edward Snowden will receive a pardon. On Thursday, the House intelligence committee sent a letter to President Obama urging him to treat Snowden as a criminal.“Mr. Snowden is not a patriot. He is not a whistleblower,” the letter said.The letter was sent amid calls from tech leaders and liberal activists for Obama to pardon Snowden. The campaign, supported by Apple co-founder Steve Wozniak and celebrities including actor Daniel Radcliffe, argues that Snowden sparked an important debate about government mass surveillance.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Your company's senior executives are discussing cyber security and the possibility of suffering a data breach. The CEO read that if a company has valuable data, then a breach is statistically inevitable. Thankfully your company hasn't discovered a breach, but that means very little. FireEye says that a breach can go undetected for as long as 200 days. The worried CEO picks up the phone, calls you and asks, "Has our enterprise network been hacked?" He wants a definitive yes or no answer, right then and there. What do you tell him?To read this article in full or to leave a comment, please click here
The FBI may have paid a small fortune to unlock an iPhone 5c used by the San Bernardino shooter. But a security researcher has demonstrated a way to do it for less than US $100.
Sergei Skorobogatov at the University of Cambridge used a technique known as NAND mirroring to bypass the passcode retry limit on an iPhone 5c. Using store-bought equipment, he created copies of the phone’s flash memory to generate more tries to guess the passcode.
Skorobogatov detailed the whole process in a new paper that disputes the FBI’s assertion that the San Bernardino shooter’s iPhone couldn’t be accessed with the NAND mirroring technique. To read this article in full or to leave a comment, please click here