Archive

Category Archives for "Network World Security"

Who gets to telecommute once Zika’s bite comes closer?

Florida’s announcement Tuesday that a locally transmitted Zika case turned up Pinellas County, which includes St. Petersburg, moves reported cases of the virus a little closer to Georgia. That’s where Maria Stephens, who is pregnant, works as a senior data research analyst.Stephens was initially skeptical about Zika and paid little attention to the headlines about it.“I don't really respond to dramatization and felt that things were possibly being blown out of proportion,” said Stephens. “I'm a statistician at heart and only listen to numbers, so when my quant-minded OB-GYN shared the figures with me, this threat became a lot more real."To read this article in full or to leave a comment, please click here

A deeper look at business impact of a cyberattack

Few would dispute that cyberattacks are increasing in frequency and in intensity, and most organizations confirm they have now suffered at least one cyber incident. But do those organizations have a true sense of the full impact on the organization? After all, the direct costs commonly associated with a data breach are far less significant than the “hidden costs” incurred.Indeed, the “hidden” costs can amount to 90 percent of the total business impact on an organization, and will most likely be experienced two years or more after the event. These are among the findings of a recent study by Deloitte Advisory entitled, “Beneath the Surface of a Cyberattack: A Deeper Look at the Business Impacts.”To read this article in full or to leave a comment, please click here

NYT says Moscow bureau was targeted by cyberattack

The Moscow bureau of The New York Times was the target of a cyberattack, though there are no indications yet that the hackers were successful, according to the newspaper.The hackers are believed to be Russian, the newspaper said Tuesday evening. It quoted a spokeswoman for the newspaper as saying that it had not hired outside firms to investigate the attempted breach.Earlier in the day, CNN reported that the FBI and other U.S. security agencies were investigating attacks by hackers, thought to be working for Russian intelligence, that targeted reporters at the New York Times and other U.S. news organizations. CNN quoted unnamed U.S. officials briefed on the matter.To read this article in full or to leave a comment, please click here

Ashley Madison misled users with a fake security award

It’s never a good sign when a website markets itself with a phony security award. But that’s what Ashley Madison did prior to last year’s massive data breach.On Monday, privacy officials in Canada and Australia found that the Canadian adultery website used deceptive and confusing practices to make customers think the service was secure.Privacy authorities from both countries have been investigating Ashley Madison following last year’s hack, which exposed personal data on 36 million users, including names, credit card numbers, and in some cases, their sexual fantasies. To read this article in full or to leave a comment, please click here

Where the monsters live

The monsters read your full network traffic flow if they have your keys or you used weak ones.The monsters are in the hidden partitions of USB flash drives left in parking lots and technical conferences.The monsters are in the weakened smartphone OS that most of your users own.The monsters are in the containers you used from that interesting GitHub pull.The monsters are in the Cisco router where the Zero Day lives waiting for the NSA.The monsters are in the fake certificates your user swallowed in their browsers.The monsters are 10,000 CVEs that you never, ever checked.The monsters live inside your kernel, watching for the network traffic that brings them alive from their zombie state.To read this article in full or to leave a comment, please click here

Epic Games forum hack underscores the need to install security patches

A recent data breach at Epic Games may have been avoided if the company had simply installed a security patch.On Monday, Epic Games reported that its internet forums had been compromised. The leaked data includes email addresses and hashed passwords taken from legacy forums at Infinity Blade, previous Unreal Tournament games, and an archived Gears of War forum.Epic Games declined to explain how the leak occurred, but a website that stores information on data breaches said hackers were responsible and that 808,000 users are affected.The anonymous attackers targeted the vBulletin forum software on Aug. 11, according to the website Leaked Source, which has been in contact with the hackers.  To read this article in full or to leave a comment, please click here

OIG finds security flaws in wireless networks at federal health service data centers

Security holes which could lead to “unauthorized access” to personally identifiable information is not something you want to hear in regards to the wireless networks of a federal agency tasked with collecting and storing financial and health care information. Yet a recent Office of Inspector General report did say it found vulnerabilities in the wireless networks of Centers for Medicare & Medicaid Services (CMS); if exploited, it could lead to unauthorized access and even “disruption of critical operations.”The OIG at the Department of Health and Human Services (HHS) conducted a wireless penetration test on 13 CMS data centers and facilities; CMS, an agency within HHS, administers federal healthcare programs such as Medicare, Medicaid and the Children’s Health Insurance Program. The agency “collects, generates and stores financial and health care information.”To read this article in full or to leave a comment, please click here

Many hospitals transmit your health records unencrypted

About 32% of hospitals and 52% of non-acute providers -- such as outpatient clinics, rehabilitation facilities and physicians' offices -- are not encrypting data in transit, according to a new survey.Additionally, only 61% of acute providers and 48% of non-acute providers are encrypting data at rest.This "leaves the door wide open to potential tampering and corruption of the data, in addition to a large potential for a breach," the report stated. "If a computer, laptop, thumb drive, or backup were to be stolen, any person would be able to access such information." HIMSS The survey, conducted by the Healthcare Information and Management Systems Society (HIMSS), a Chicago-based trade group for the health information technology sector, also revealed that many of the facilities' networks don't even have firewalls.To read this article in full or to leave a comment, please click here

Imperva: Application layer DDoS attacks are on the rise.

Application layer DDoS attacks are becoming more common, perhaps because they cost less for malicious actors to execute and can more effectively evade defenses than network layer attacks, Imperva says.One such attack generated 8.7Gbps at its peak, “unheard of in relation to application layer assaults,” in an effort to thread its way through the DDoS mitigations that had been set up to defend against such attacks, according to Imperva’s “DDoS Threat Landscape Report 2015-2016” released today.Application layer attacks can be measured in responses per second required from the application targeted, and they generally require less volume than network layer attacks to succeed, the report says. That means they require fewer botnet resources, if botnets are the platform from which the attack is launched.To read this article in full or to leave a comment, please click here

Groups oppose US plan to collect social media info from visitors

Civil liberties and tech advocacy groups have opposed a move by the Department of Homeland Security to collect social media information from certain categories of visitors to the U.S.“This program would invade individual privacy and imperil freedom of expression while being ineffective and prohibitively expensive to implement and maintain,” wrote organizations like the American Civil Liberties Union, Center for Democracy & Technology and Electronic Frontier Foundation in comments to the Department of Homeland Security on Monday.The provision allows for collection of information on their online presence from certain categories of visitors in their visa-waiver arrival/departure records (Form I-94W) and their online application for an Electronic System for Travel Authorization (ESTA).To read this article in full or to leave a comment, please click here

Alleged NSA hackers probably gave away a small fortune by leaking exploits

Anonymous hackers probably gave away hundreds of thousands of dollars in potential sales in the black market when they leaked valuable cyberweapons allegedly stolen from the U.S. National Security Agency.The hackers, known as the Shadow Brokers, posted a sample file of the cyberweapons earlier this month and at least some of them appear to be zero-day exploits, or attacks that rely on software defects that practically no one knew about.Before they were publicly leaked, each of these zero-day exploits could have sold for a great deal of money, according to security researchers. They’re designed to affect firewall and router products from Cisco, Juniper Networks and Fortinet, in addition to those from Chinese vendors.To read this article in full or to leave a comment, please click here

Republicans subpoena three tech companies over Clinton emails

Republicans in Congress have subpoenaed three technology companies that declined to hand over documents about former U.S. Secretary of State Hillary Clinton’s private email server.On Monday, Datto, SECNAP Network Security and Platte River Networks received subpoenas from U.S. Rep. Lamar Smith, a Texas Republican.Smith is demanding documents from the companies as two congressional committees from the House and Senate investigate the Democratic presidential nominee’s use of a private email server while she was secretary of state.All three companies either sold products used in Clinton’s email server or were hired to maintain it, Smith said in the subpoenas. For example, Datto provided an online backup system that eventually began storing Clinton’s emails off site.To read this article in full or to leave a comment, please click here

Despite billions spent on cybersecurity, companies aren’t truly safe from hacks

Last year, private sector companies globally spent more than $75 billion on security software to safeguard their systems and data.That number is expected to grow about 7% annually, according to Gartner and other analyst firms. It doesn’t include all the massive amounts spent on fraud prevention by banks, a number that is widely underreported and expected to reach into the billions annually.Has all that spending made private sector data and systems any safer? Is customer personal data any safer?MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords The general answer is no, according to many analysts, but that’s not necessarily because the latest software is considered ineffective.To read this article in full or to leave a comment, please click here

Cisco well positioned to dominate cybersecurity market

The IT security market is certainly an interesting one, as it’s so big and so fragmented. Forbes posted a story at the end of last year stating the market is at $75 billion, with it expected to reach $170 billion by 2020. Every business and technology leader I talk to tells me how important security is, so I have no reason to doubt that $170 billion number.In addition to the overall massive size of the security market, another interesting fact is the huge number of vendors that play in it. I believe the 2016 RSA conference had something like over 600 sponsors, with at least 100 being first-time sponsors. No other IT market has that many vendors with start-ups consistently popping up.To read this article in full or to leave a comment, please click here

New products of the week 8.22.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Fortscale 2.7Key features: Detecting insider credentials compromised on the Dark Web and remote lateral movement. Plus, new user experience that makes it easier for security professionals to identify and stop insider threats automatically. More info.To read this article in full or to leave a comment, please click here

Windows 10 Anniversary Update broke millions of webcams

If your webcam is freezing after about a minute when using Skype or another app, then you can thank Microsoft.The Redmond giant meant to allow multiple apps to access the camera at the same time, but it didn’t want users to suffer poor performance as those apps concurrently accessed the webcam and the MJPEG or H264 encoding processes. So, Microsoft decided the best plan was to stop USB webcams from using MJPEG or H264 and instead to only support webcams that use YUY2 encoding.To read this article in full or to leave a comment, please click here

Researchers create 3D faces from online photos to defeat face authentication systems

Security researchers continue to find ways around biometric-based security features, including a new attack which can defeat face authentication systems.You might be careful about posting photos of yourself online, either refraining from it or setting the images to private, but your “friends” might post pictures of you online. It wouldn’t matter if those pictures of you are low quality or there were as few as three publicly available photos of you, researchers from the University of North Carolina have developed a virtual reality-based attack that can reproduce your face well enough to trick face authentication systems.In “Virtual U: Defeating Face Liveness Detection by Building Virtual Models from Your Public Photos” (pdf), the researchers called “the ability of an adversary to recover an individual’s facial characteristics through online photos” an “immediate and very serious threat.” The team devised an attack which can bypass “existing defenses of liveness detection and motion consistency.”To read this article in full or to leave a comment, please click here

FBI: Bank robbery? There’s an app for that

The FBI today said it released a new application easier for the public—as well as financial institutions, law enforcement agencies, and others—to view photos and information about bank robberies in different geographic areas of the country.+More on Network World: The weirdest, wackiest and coolest sci/tech stories of 2016 (so far!)+The Bank Robbers application runs on iPhones and iPads (Apple iTunes) as well as Android smartphones (Google Play) and lets users sort bank robberies by the date they occurred, the category they fall under (i.e., armed serial bank robber), the FBI field office working the case, or the state where the robbery occurred.To read this article in full or to leave a comment, please click here

One smart plug isn’t so bright when it comes to security

Smart sockets that let you control an electrical plug over the internet may sound cutting edge, but they can also be rife with security flaws.One such plug was found vulnerable to hacks. Security firm Bitdefender said that it could steal user email logins from the device, control it over the Internet, and potentially use the socket to launch other malware attacks. “This is a serious vulnerability, we could see botnets made up of these power outlets,” Alexandru Balan, chief security researcher at Bitdefender, said in a Thursday blog post.To read this article in full or to leave a comment, please click here

Shared code in Snowden leaks and NSA breach support hackers’ claims

Documents leaked by former National Security Agency contractor Edward Snowden share a malware tracking code with several files released this week by hacking group Shadow Brokers, according to a news report.Shadow Brokers claimed they had hacked a cyberespionage team linked to the U.S. spy agency when they released a group of sample files earlier this week. Similarities between the Shadow Broker files and information in documents leaked by Snowden give credence to the claims by the anonymous hacking group.Fourteen files in the Shadow Brokers leak contain a 16-character string, "ace02468bdf13579," that NSA operatives used to track their use of one malware program, The Intercept reported Friday. That tracking string was described in an NSA manual for implanting malware originally leaked by Snowden, The Intercept reported.To read this article in full or to leave a comment, please click here