Intel is going to spin out its subsidiary Intel Security as a joint venture with investment firm TPG, redubbing the new entity with its old name – McAfee.The deal calls for TPG to make a $1.1 billion equity investment and own 51 percent of the company, with Intel retaining 49%.In a joint statement the companies say the investment will be used to help the spinout gain its feet as a stand-alone business and to drive growth.Intel bought McAfee in 2010 for $7.68 billion with the intent of tying McAfee’s security technology with Intel’s chips.Since then Intel has incorporated technology in some chips that power features of its security software, and Intel Security’ endpoint protection technology is well thought of, consistently ranking among the leaders in Gartner’s analysis of that category. It is ranked number two in market share behind Symantec and in front of Trend Micro.To read this article in full or to leave a comment, please click here
As quantum computers inch closer to reality, experts are sweating over their potential to render many of today's cybersecurity technologies useless. Earlier this year the U.S. National Institute of Standards and Technology issued a call for help on the matter, and this week the Global Risk Institute added its voice to the mix.Because of quantum computing, there's a one-in-seven chance that fundamental public-key cryptography tools used today will be broken by 2026, warned Michele Mosca, co-founder of the University of Waterloo's Institute for Quantum Computing and special advisor on cybersecurity to the Global Risk Institute. By 2031, that chance jumps to 50 percent, Mosca wrote in a report published Monday.To read this article in full or to leave a comment, please click here
Intel is selling off a majority stake in its McAfee unit and turning it back into an independent security company.Intel made the deal with investment firm TPG, which will own a 51 percent stake in the new McAfee company. Intel will own the remainder.As part of the deal, Intel is receiving $3.1 billion in cash. It originally bought McAfee back in 2011 for $7.7 billion -- a deal that caused some industry watchers to scratch their heads.Intel is best known as a chipmaker, but at the time it was also hoping to improve security around its products. PC security was a major concern back then, said Nathan Brookwood, principal analyst at Insight 64. But now cyberthreats are moving to target the cloud and servers.To read this article in full or to leave a comment, please click here
In late August, an FBI alert warning state election officials about an attack on voter registration databases from Illinois and Arizona was leaked and posted in a report on Yahoo News.'According to the FBI’s alert, 'an unknown actor' attacked a state election database by using widely available penetrating testing tools, including Acunetix, SQLMap, and DirBuster,' wrote Michael Kan. 'The hackers then found an SQL injection vulnerability -- a common attack point in websites -- and exploited it to steal the data. The FBI has traced the attacks to eight IP addresses, which appear to be hosted from companies based in Bulgaria, the Netherlands, and Russia.'To read this article in full or to leave a comment, please click here(Insider Story)
The U.S. Department of Defense must pump up its cyber capabilities, including its offense, as part of a huge planned expansion of the military, Republican presidential candidate Donald Trump said Wednesday.Trump, repeatedly criticized in the IT community for a lack of a tech policy agenda, called for new investments in cybersecurity during a speech focused on military programs. The businessman didn't put a dollar figure on the new cybersecurity investments but mentioned them as part of a proposed multibillion-dollar expansion of the U.S. military.To read this article in full or to leave a comment, please click here
The consequences of failure range from failed security audits and interruptions of service or product deliveries to more significant degradation of ongoing operations, monetary losses and lasting reputational damage. In extreme scenarios, there is even the potential for bodily injury and loss of life.In response, many corporate and government leaders have invested heavily over the past few years in controls designed to mitigate the likelihood and consequences of a damaging insider event. Policy and procedural controls naturally have played a big part in these nascent insider threat programs, but so have a number of emerging technologies grouped under the umbrella of Security Analytics.To read this article in full or to leave a comment, please click here
One security firm’s controversial approach to pointing out flaws in products is facing legal action. On Wednesday, the firm MedSec was hit with a lawsuit after trying to tank a company’s stock.
The company, St. Jude Medical, has filed the legal action against MedSec for making false accusations about its products and for conspiring to manipulate its stock.
Two weeks ago, MedSec ignited an ethical firestorm when it publicized allegations that pacemakers and other devices from St. Jude Medical were insecure and open to hacks.
Pointing out flaws is nothing new in the security industry. But MedSec took the unusual step of trying to profit from the research by betting against St. Jude Medical. To do so, it partnered with investment firm Muddy Waters Capital to short the stock.To read this article in full or to leave a comment, please click here
Cross-site scripting and SQL injection attacks are well-known threats for public-facing Web applications, but internal systems can be attacked as well. For example, about half of network management systems studied had these vulnerabilities, according to a report released today.It all comes down to input validation, or lack of it, said Deral Heiland, research lead at Boston-based Rapid7, Inc. and one of the authors of the report.Network management systems are in regular communication with the devices on a company's network. But, because the communications are machine-to-machine people sometimes forget that the inputs still need to be checked to make sure there's nothing weird or malicious in there.To read this article in full or to leave a comment, please click here
Seemingly every company under the sun is now a DevOps leader—even ones that, while purporting to be about a new way of doing things, continue to market legacy, monolithic products and services.
So, it’s nice to see some genuine players achieve success and recognition in this space. A good example of this is HashiCorp—an important, but little-known DevOps vendor. The company manages a host of open-source tools, all of which tick of different parts of the application and infrastructure lifecycle.
+ Also on Network World: The shift to DevOps requires a new approach to security +To read this article in full or to leave a comment, please click here
Hats off to security researcher Rob Fuller, aka mubix, for spending part of his Labor Day weekend figuring out how to use a spoofed USB Ethernet adapter to steal credentials from logged in but locked Windows and Mac computers.
It works!!! Muhahahahah I can steal credentials from a locked computer. Muahahahhahahahah pic.twitter.com/9l3d0tvs8i— Rob Fuller (@mubix) September 4, 2016
Fuller did not use a zero-day; although the attack is “stupid simple” and “should not work,” it does work because most computers automatically install Play-and-Play USB devices. “Even if a system is locked out, the device still gets installed.” There may be restrictions on what devices can be installed when the box is a locked state, but he said, “Ethernet/LAN is definitely on the white list.”To read this article in full or to leave a comment, please click here
Google is now providing more information to website owners whose online properties are temporarily blocked as unsafe by its Safe Browsing technology as a way to help them fix the identified problems faster.Google Safe Browsing is a technology used by Google's search engine, the Google Chrome browser, Mozilla Firefox, Apple Safari, and Android to steer users away from websites that host malicious or deceptive content.On the back-end, Google uses robots to scan the web and build a list of websites that host malware, harmful downloads, or deceptive ads and pages. Software developers can then plug into an API to integrate this list into their own applications.To read this article in full or to leave a comment, please click here
A CEO said that his controller had just received an email, ostensibly from him, asking her to process an urgent outgoing payment.Everything about the letter looked legit."It has my display name, spelled correctly," said Kevin O'Brien, co-founder and CEO at Belmont, Mass.-based GreatHorn. "There are no attachments. There's nothing in the email that's misspelled. My signature line was copied from my real emails."The text of the email was totally something that a CEO might say."Hi Caitlin," the message said, addressing the company's controller, Caitlin McLaughlin. "Are you available to process an outgoing payment today? Let me know and I will send the payment details as soon as I receive it from the consultant shortly; I am traveling and this is urgent."To read this article in full or to leave a comment, please click here
The compromise last year of the personal information of millions of current and former federal employees was entirely preventable, if the U.S. Office of Personnel Management that was attacked had taken the right measures on knowing it was targeted, according to a report set to be released Wednesday by the House Committee on Oversight and Government Reform.“In our report, we are going to show that once we knew that this was happening, we didn’t make the right moves,” said Jason Chaffetz, chairman of the committee in an interview to CNN.Saying that he thinks that the attack came from overseas, Chaffetz, a Republican representative from Utah, did not name any country, saying it was classified information. After the hack there was speculation that it had been done by the Chinese.To read this article in full or to leave a comment, please click here
I traveled from VMworld to the lab last Wednesday, and during that time, something infected two websites I control.I suspect the servers were used as part of a Syn Flood attack. The servers, both using WordPress, would come up and serve their web pages, but then they would quickly run out of cache by processes that were difficult to track.+ Also on Network World: Analyzing real WordPress hacking attempts +They initially made contact with some IPs located conveniently in Russia, then lots of syn traffic, and interesting session waits and listens. It took about two minutes before the sites cratered from resource drainage, and the errantly injected processes dominated then effectively cratered the servers from their intended use.To read this article in full or to leave a comment, please click here
The Federal Bureau of Investigation’s disclosure earlier this month that foreign hackers had infiltrated voter registration systems in Illinois and Arizona came as no surprise to some cybersecurity experts.“Given where cybercrime has gone, it’s not too surprising to think about how information risks might manifest themselves during the election season to cause some level of either potential disruption, change in voting, or even just political fodder to add the hype cycle,” says Malcolm Harkins, chief security and trust officer at network security firm Cylance.To read this article in full or to leave a comment, please click here
Google has released another large monthly batch of security patches for Android, this time fixing 55 vulnerabilities, eight of which are rated critical.The novelty of this release is that the fixes are split into three different "security patch levels" -- date strings that indicate to users how up-to-date their devices are. While this could make it easier for device manufacturers to integrate patches applicable to their devices, it could lead to confusion among regular users.Since August 2015 Google has released security updates for Android according to a monthly schedule. This was intended to add some predictability to Android patches and indeed, some device makers committed to monthly security updates as well.To read this article in full or to leave a comment, please click here
The old “IT glitch” was reportedly the cause of British Airways’ multi-continent check-in delays on Monday. Angry travelers waited in check-in queues for hours while the airline fell back on the old school method of handwriting records, boarding passes and baggage labels.British Airways has been rolling out a new check-in system since last year; a BA spokesperson described the check-in delays as “teething problems.”At first, BA claimed the glitch causing check-in delays was not a worldwide problem, but a “patchy” problem. While the glitch in the check-in system affected more than people in the U.K., travelers took to Twitter to complain about long delays in at least San Diego, Chicago, Atlanta, San Francisco, Rome, Las Vegas, Phoenix, Vancouver, the Bahamas, D.C., Seattle, Zurich, and Mexico City.To read this article in full or to leave a comment, please click here
Intelligence and law enforcement agencies are reportedly investigating whether Russia has launched a broad, covert operation to disrupt the U.S. elections in November.Officials believe that Russia appears to be attempting to spread disinformation and hack into U.S. political systems in an effort to undermine confidence in the upcoming election, according to a report in the Washington Post. Investigators do not have "definitive" proof of a Russian operation, but there is "significant concern," the Post quoted an anonymous senior intelligence official as saying.To read this article in full or to leave a comment, please click here
Security researchers have identified a new family of Linux rootkits that, despite running from user mode, can be hard to detect and remove.Called Umbreon, after a Pokémon character that hides in the darkness, the rootkit has been in development since early 2015 and is now being sold on the underground markets. It targets Linux-based systems on the x86, x86-64 and ARM architectures, including many embedded devices such as routers.According to malware researchers from antivirus firm Trend Micro, Umbreon is a so-called ring 3 rootkit, meaning that it runs from user mode and doesn't need kernel privileges. Despite this apparent limitation, it is quite capable of hiding itself and persisting on the system.To read this article in full or to leave a comment, please click here
If you’re pursuing a career in IT security, certifications can only help you. Certification-critics often say a certification means nothing, and acumen and experience are the true differentiators, but as a holder of dozens of IT security certifications, I beg to differ. So do employers.A particular certification is often the minimum hurdle to getting an one-on-one in-person job interview. If you don’t have the cert, you don’t get invited. Other times, having a particular certification can give you a leg up on competing job candidates who have similar skill sets and experience.[ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld's Security newsletter. ]
Every certification I’ve gained took focused, goal-oriented study -- which employers view favorably, as they do with college degrees. More important, I picked up many new skills and insights in IT security while studying for each certification test. I also gained new perspectives on even familiar information I thought I had already mastered. I became a better employee and thinker because of all the certifications I have studied for and obtained. You will too.To read this article in full or to Continue reading