Archive

Category Archives for "Network World Security"

Russia hacks, plunders the U.S. No bullets fired

It seems so simple, and I hope it’s not: Russia has invaded the U.S. and assaulted the U.S. presidential election, and they haven’t fired a single shot.It would seem all roads lead to the Russian government having their fingers in the U.S. Democratic National Committee and the Democratic Congressional Committee. And WikiLeaks now becomes the New New Gun poised at the collective heads of U.S. politicians—by their revelations and their intent.+ Also on Network World: U.S. cyber incident directive follows DNC hack +To read this article in full or to leave a comment, please click here

They’re back! Car hackers take control of Jeep’s steering and braking

It’s a good thing cars can’t experience emotions or one specific 2014 Jeep Cherokee would be terrified every time security pros Charlie Miller and Chris Valasek come near it. That’s the vehicle they remotely hacked in 2015; now they used the Jeep to show how an attacker can control the steering, accelerator and brakes while the Jeep is driving at high speeds.Granted, this time they were in the vehicle with a laptop physically connected to the CAN network via the diagnostic port. They reverse-engineered the electronic control unit (ECU) firmware, basically knocking it offline, so they could send fake CAN messages to tell the car what to do, such as slam on the brakes, jerk the steering wheel or hit the gas.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Adding human experts to IT security with Red Canary

News this morning from cybersecurity company Red Canary, which has just raised $6.1 million by way of a Series A funding round.Red Canary is part of a growing trend in the security world: that of adding real live humans into a security product. The particular space that Red Canary is involved in—managed detection and response—has a few players (SecureWorks and eSentire, to name a couple), all of whom try to subvert the orthodox thinking around cybersecurity with the addition of a human touch.+ Also on Network World: Black Hat: 9 free security tools for defense & attacking +To read this article in full or to leave a comment, please click here

Why you need a strong authentication platform

Common challengesImage by PexelsAs the security landscape is changing, so are the business challenges that organizations are facing. With data breaches and information theft on the rise, it’s becoming even more crucial to protect your data from unwanted third parties. According to Symantec’s annual Internet Security Threat Report, up to 80 percent of breaches could be eliminated with strong authentication.To read this article in full or to leave a comment, please click here

Privacy Shield certifications begin trickling in

The U.S. Department of Commerce is not just rubber-stamping applications to join the new Privacy Shield data protection program: 24 hours after companies began certifying their compliance, the administration's website still listed no approvals.Microsoft was among the first businesses to certify that it complied with the new rules for transferring European Union citizens' personal information to the U.S. when the Commerce Department's International Trade Administration began accepting applications on Monday."We expect it to be approved in the coming days," Microsoft Vice President for EU Government Affairs John Frank wrote on a company blog.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Distil Networks raises $21M to fend off the bots

We've been hearing all year about the calamitous state of venture funding. The decline in technology stocks, the revaluation of the "unicorns" and the general sense of unease about the economy (Trump, anyone?) has led to a tightening of the pure strings in venture capital land.But while the purse-strings have certainly tightened, the fact remains that venture capital companies still have cash they need to invest. The funds who give money to the VCs to invest for them certainly don't want to hear that those funds are simply sitting in a bank account awaiting deployment.And so deals are still happening—arguably a little more modestly, but happening nonetheless. A case in point is Distil Networks, which today is announcing Series C funding.To read this article in full or to leave a comment, please click here

200M Yahoo accounts go up for sale on digital black market

Yahoo users might want to reset their passwords. A hacker claims to have stolen the login information for 200 million Yahoo accounts and is selling them on the black market. The stolen records are up for sale on TheRealDeal, a darknet marketplace that offers illegal goods. For 3 bitcoins, or US$1,824, anyone can buy them. The hacker, known as peace_of_mind, has claimed to have previously sold login credentials for LinkedIn and Tumblr users.To read this article in full or to leave a comment, please click here

200 million Yahoo accounts may be up for sale on the black market

Yahoo users might want to reset their passwords. A hacker claims to have stolen the login information for 200 million Yahoo accounts and is selling them on the black market.The stolen records are up for sale on TheRealDeal, a darknet marketplace that offers illegal goods. For 3 bitcoins, or US$1,824, anyone can buy them.The hacker, known as peace_of_mind, has claimed to have previously sold login credentials for LinkedIn and Tumblr users.To read this article in full or to leave a comment, please click here

Cybercrime infrastructure being ramped up in Brazil ahead of Olympics

Over the past few months, cybercriminals have set up thousands of malicious domains and servers in Brazil in anticipation of the 2016 Olympics in Rio.Threat data collected by Fortinet from over 2 million sensors worldwide shows that between April and June, the number of malicious URLs detected in Brazil grew by 83 percent. That's an unusually large spike compared to the 16 percent growth in malicious URLs for the rest of the world.According to a Fortinet report due to be released Tuesday, the number of spoofed domains that are typically used in phishing attacks has also increased, particularly those that try to mimic payment systems and government institutions.To read this article in full or to leave a comment, please click here

Top VCE exec: We’re staying tight with Cisco

There was an interesting exchange between IDG Chief Content Officer John Gallant and VCE President Chad Sakac in an interview Network World published today. In it, Gallant asked Sakac about the company’s converged infrastructure partnership with Cisco in light of VCE presumably soon becoming part of the merged Dell/EMC. After all, Cisco (the “C” in VCE) sold off its stake in the venture some time ago and will likely find itself competing more directly with EMC once it combines with Dell.+More on Network World: Cisco: Potent ransomware is targeting the enterprise at a scary rate+To read this article in full or to leave a comment, please click here

Interpol arrests Nigerian email scammer who swindled $60 million

Interpol has arrested a top Nigerian email scammer who stole more than US$60 million by tricking businesses into handing over funds by posing as trusted suppliers.The 40-year-old Nigerian, known as “Mike,” is allegedly the leader of a criminal ring that targeted hundreds of victims across the world, Interpol said on Monday.He and at least 40 other individuals pulled off their scheme by allegedly pretending to be CEOs or suppliers using hacked email accounts of legitimate companies.The criminals then sent fake emails, asking the victims to wire funds or send payment to bank accounts under the scammers’ control.To read this article in full or to leave a comment, please click here

Spies planted malware on critical infrastructure, Russian security service says

Russian military networks and other critical infrastructure have been hit by tailor-made malware, according to government officials. Networks at some 20 organizations in Russia -- including scientific and military institutions, defense contractors, and public authorities -- were found to be infected with the malware, the Russian Federal Security Service (FSB) said Saturday. The range of infected sites suggests that the targets were deliberately selected as part of a cyber-espionage operation, the FSB said. Analysis of the attack showed that filenames, parameters and infection methods used in the malware are similar to those involved in other high-profile cyber-espionage operations around the world.To read this article in full or to leave a comment, please click here

New products of the week 8.1.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.kiteworksKey features –  These new features to kiteworks provide added protection to an enterprise’s various content management systems by scanning all sent and received files to identify any viruses or malware that could lead to a data breach. Whether the files reside in on-premises or cloud-based enterprise content systems, the data within the files can now be scanned with data loss prevention (DLP) and antivirus (AV) capabilities to further safeguard enterprise content. More info.To read this article in full or to leave a comment, please click here

Black Hat security conference trims insecure features from its mobile app

Black Hat has disabled features of its mobile application because attackers could have logged in as legitimate attendees, posted messages in their names and spied on the messages they sent.The problem was discovered by mobile security vendor Lookout who detail the problem in a blog that says the method of registration and password resets were flawed.“[W]e've removed user-to-user messaging functionality and activity feed updates out of an abundance of caution,” a spokesperson for the conference organizer UBM said in an email.The problems stemmed from the fact that new accounts were created without email verification, and that even when users reset their passwords, authentication tokens weren’t revoked. So attackers logged in already could stay logged in.To read this article in full or to leave a comment, please click here

SwiftKey’s typing predictions may have leaked users’ emails

SwiftKey, a popular keyboard app, has suspended a syncing feature that may have leaked users’ emails to strangers.The problem has been popping up through the app’s prediction bar. A few users on Reddit have noticed that it’s been offering strange suggestions -- including emails they’ve never seen and foreign language terms they’ve never used.“And now, I'm getting someone else's German predictions,” wrote one user, who recently rooted a Samsung Galaxy S6 phone. “I have never typed German in my entire life.”The problem might be related to how SwiftKey collects data on the words and phrases users type. That data is then analyzed and used to predict the customer’s typing habits, including what emails they tend to enter -- only in this case those predictions are possibly being shared to others.  To read this article in full or to leave a comment, please click here

RNC attendees expose identity in free Wi-Fi trap

So you go to a political convention. Do a little politicking and listen to some speeches. While taking a break from the handshaking and schmoozing you decide to do a little work on your laptop. Then you get hacked.During the Republican National Convention, IT security company Avast security set up fake Wi-Fi hotspots to see who would fall for their trick. As it turns out, a lot of people fell for it. Avast estimated more than 1,200 people logged into the fake hotspots, some with politically leaning names like "I VOTE TRUMP! FREE INTERNET," and "I VOTE HILLARY! FREE INTERNET," and some with an official ring to them like "Google Starbucks" and ATTWifi at GOP."To read this article in full or to leave a comment, please click here

New Android Trojan SpyNote leaks on underground forums

A new and potent Android Trojan has been leaked on several underground forums, making it available for free to less resourceful cybercriminals who are now likely to use it in attacks.The Trojan app is called SpyNote and allows hackers to steal users' messages and contacts, listen in on their calls, record audio using the device's built-in microphone, control the device camera, make rogue calls and more.According to researchers from Palo Alto Networks, SpyNote does not require root access to a device, but does prompt users for a long list of permissions on installation. The Trojan can also update itself and install other rogue applications on the device.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Attack attribution does little to improve enterprise security

After every major data breach, the security community engages in a game of whodunit and attempts to figure out what entity or nation state carried out the attack. The North Koreans were behind the Sony breach, while China carried out the attack on the Office of Personnel Management (OPM). Meanwhile, hackers linked to the Iranian government hacked a small dam in New York as well as the networks of AT&T, Bank of America and the New York Stock Exchange, among other major U.S. businesses. And now Russia is being singled out for supporting hackers who infiltrated the Democratic National Committee’s computers and disclosed sensitive files and emails.To read this article in full or to leave a comment, please click here

There are mobile and IoT companion documents for the CIS (Top 20) Critical Security Controls

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  Most people who have anything to do with cybersecurity are familiar with the Center for Internet Security (CIS) Critical Security Controls, also commonly known as the SANS Top 20, or more simply the Controls. This list consists of a recommended set of actions for cyber defense that provide specific and actionable ways to stop today's most pervasive and dangerous attacks.Implementing the Controls is no guarantee an organization will have a bullet-proof defensive posture, but it significantly reduces both the risk that a breach will happen and the impact to the organization if such an event were to occur. What's more, theControls constitute a minimum level of security that any organization that collects or maintains personal or sensitive information should meet.To read this article in full or to leave a comment, please click here

WikiLeaks’ methods questioned by whistleblower Edward Snowden

Former U.S. National Security Agency contractor, Edward Snowden, has censured WikiLeaks’ release of information without proper curation.On Thursday, Snowden, who has embarrassed the U.S. government with revelations of widespread NSA surveillance, said that WikiLeaks was mistaken in not at least modestly curating the information it releases. “Democratizing information has never been more vital, and @Wikileaks has helped. But their hostility to even modest curation is a mistake,” Snowden said in a tweet. WikiLeaks shot back at Snowden that “opportunism won't earn you a pardon from Clinton & curation is not censorship of ruling party cash flows.”To read this article in full or to leave a comment, please click here