Archive

Category Archives for "Network World Security"

Microsoft wins appeal over US government access to emails held overseas

A U.S. appeals court has quashed a search warrant that would have required Microsoft to disclose contents of emails stored on a server in Ireland, in a case that has broad ramifications for privacy, diplomatic relations and the ability of American companies to sell web services abroad."We think Microsoft has the better of the argument," said Circuit Court Judge Sarah Carney, in an opinion written for a three-judge panel of the U.S. Court of Appeals for the Second Circuit in New York.The panel based its judgment on the 30-year-old U.S. Stored Communications Act. The act, Carney wrote, "does not authorize courts to issue and enforce against U.S.‐based service providers warrants for the seizure of customer e‐mail content that is stored exclusively on foreign servers." The opinion was posted Thursday.To read this article in full or to leave a comment, please click here

Juniper patches high-risk flaws in Junos OS

Juniper Networks has fixed several vulnerabilities in the Junos operating system used on its networking and security appliances, including a flaw that could allow hackers to gain administrative access to affected devices.The most serious vulnerability, rated 9.8 out of 10 in the Common Vulnerability Scoring System, is located in the J-Web interface, which allows administrators to monitor, configure, troubleshoot and manage routers running Junos OS. The issue is an information leak that could allow unauthenticated users to gain admin privileges to the device.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Cybersecurity is only as strong as your weakest link—your employees

You can have the most secure system in the world, but hackers will always seek out the path of least resistance. When your defenses are good, the weak link is often your employees. Data breaches are most likely to be the result of employee error or an inside job, according to the ACC Foundation: State of Cybersecurity Report.It’s good to focus on firewalls, malware defenses and data protection, but too often employees are an afterthought.To read this article in full or to leave a comment, please click here

The threat hunter’s guide to securing the enterprise

It’s time to face facts: Attackers are stealthy enough to evade your monitoring systems. If you’re sitting back waiting for alarms to go off, there’s a good chance you’re already hosed.Despite spending more than $75 billion on security products and services, enterprises are frequently compromised, highly sensitive data is stolen, and the fallout can be devastating. Worse, enterprises don’t discover they’ve been breached for weeks to months after initial compromise, taking between 120 to 200 days on average to even detect an attack. That’s a six-month head start on reconnaissance and exploitation -- more time on your network than most of your recent hires.To read this article in full or to leave a comment, please click here

How to go on the offensive vs security foes

Focus to detectionImage by Christer van der MeerenThe industry is now moving from a focus on prevention, in which organizations try to make the perimeter impenetrable and avoid being hacked, to a focus on rapid detection, where companies can quickly identify and mitigate threats that are within the perimeter already.To read this article in full or to leave a comment, please click here

How to train new grads on corporate security

Millennials bring a lot to the workplace, whether they're pushing the boundaries of company culture or forcing companies to modernize. But there are a few risks associated with hiring recent grads -- especially if it's their first job in the industry -- and one of those risks is data security.In a recent study from the Ponemon Institute in partnership with Experian, which surveyed over 16,000 people at companies with data protection and privacy training programs, 66 percent of respondents cited employees as the biggest security threat to their company. And 55 percent said that their organization had, at some point, experienced a "security incident or data breach due to a malicious or negligent employee," according to the report.To read this article in full or to leave a comment, please click here(Insider Story)

IBM beta-tests secure cloud blockchain service

IBM is cranking up the security on its cloud-based blockchain service. On Thursday it began beta-testing a new high-security service plan for IBM Blockchain, with dedicated infrastructure for each customer. Until now, it has offered only a starter cloud service for developers who wish to experiment with blockchain technology. That service runs in a multitenant cloud, with infrastructure shared among hundreds of blockchains. The new service plan is still cloud-based, but "you get your own resources dedicated to you," said IBM Vice President for Blockchain Technologies Jerry Cuomo.To read this article in full or to leave a comment, please click here

A surge of Pokemon Go-related apps is out to steal your data

Privacy fears about the Pokemon Go app have been largely addressed, but dozens of other apps that piggy back on the popular game have raised further concerns.Since the game launched last week, a swarm of unofficial apps has emerged and is trying to capitalize on the title’s success. And many are hungry for your personal data.These unofficial apps have been offering cheats, tips and even songs from the hit game. But in exchange, they demand permission to access sensitive data on your phone, said Chad Salisbury, a security engineer with RiskIQ, which monitors mobile malware.To read this article in full or to leave a comment, please click here

Three popular Drupal modules get patches for site takeover flaws

The security team of the popular Drupal content management system worked with the maintainers of three third-party modules to fix critical vulnerabilities that could allow attackers to take over websites.The flaws allow attackers to execute rogue PHP code web servers that host Drupal websites with the RESTWS, Coder or Webform Multiple File Upload modules installed. These modules are not part of Drupal's core, but are used by thousands of websites.The RESTWS module is a popular tool for creating Rest application programming interfaces (APIs) and is currently installed on over 5,800 websites. Unauthenticated attackers can exploit the remote code execution vulnerability in its page callback functionality by sending specially crafted requests to the website.To read this article in full or to leave a comment, please click here

Chinese hackers blamed for multiple breaches at US banking agency

Chinese government hackers were the likely attackers in three breaches in recent years at the Federal Deposit Insurance Corporation, the U.S. agency that insures bank accounts, according to a congressional audit.Breaches at the FDIC in 2010, 2011, and 2013 were caused by an "advanced persistent threat ... believed to have been the Chinese government," according to an interim report on the agency's cybersecurity from the House of Representatives Science, Space, and Technology Committee.In the 2013 breach, hackers gained access to the computers of 12 staff computers, including the former chairman, chief of staff and general counsel of the agency, the House report said.To read this article in full or to leave a comment, please click here

Startups boldly challenge Internet, mass transit & password status quo

One startup pledged to “make passwords impossible to steal.” Another promised technology to "absolutely change the face of the Internet itself!” And an asphalt-hating CEO said his outfit’s zippy overhead pods will be a green replacement for gas guzzling vehicles in big cities within a couple of years.The 88th edition of Mass Innovation Nights on Tuesday gave the stage – at host LogMeIn’s airy Boston Seaport digs – to an idealistic handful of startups unfettered so far by venture capital and repetitive marketing lingo (I only heard the dreaded word “journey” once!). The founders eagerly answered questions posed by attendees – including precocious teens on summer break -- and collected certificates earned for winning a popular vote among audience members. To read this article in full or to leave a comment, please click here

Senator prods Niantic about Pokemon Go privacy and security issues

Personally, I’m just watching the Pokemon Go craze unfold. If I had considered checking it out by playing, seeing the unbelievably long list of access permissions the app required would have put a stop to it immediately before installing.Although you may or may not agree that Pokemon Go is a “government surveillance psyop conspiracy” that has a “direct(-ish)” connection to the CIA, if you play the game then you better grab the latest update. Niantic claimed it pushed out “emergency fixes” since a “coding error” allowed the app to get full access to your Google account.To read this article in full or to leave a comment, please click here

Vicious new ransomware takes your money and still deletes your files

There’s a new form of ransomware—apparently built by amateurs—that takes your money but deletes your personal files anyway. Security research firm Talos recently published a blog post about a new form of malware dubbed Ranscam.This ransomware follows the basic premise of previous variants. It claims your files have been encrypted, and thus inaccessible to you, then threatens to delete all your files if you don’t pay up. Ransomware's scary premise prompts many people to fork over the dough in order to save their photos and other content.To read this article in full or to leave a comment, please click here

Shlomo Kramer: a security investor looking for smart entrepreneurs to disrupt markets

Shlomo Kramer Recently, endpoint-protection startup LightCyber announced a second round of funding - $20 million – including an investment from an individual investor with an impressive track record backing successful security startups: Shlomo Kramer.Kramer, who is Israeli, has a long-term relationship with the company’s CEO Gonen Fink, who worked with him for years at Check Point Software where Kramer was one of the founders.To read this article in full or to leave a comment, please click here

Microsoft fixes critical vulnerabilities in IE, Edge, Office, and Windows print services

Microsoft's new batch of security patches fixes 47 vulnerabilities across its products, including in Internet Explorer, Edge, Office, Windows and the .NET Framework.The patches, released Tuesday, are arranged in 11 security bulletins, 10 of which are for Microsoft products. The remaining patch covers Adobe Flash Player, which is bundled with Internet Explorer in Windows 8.1, Windows Server 2012, Windows RT 8.1, Windows Server 2012 R2 and Windows 10.Six security bulletins, including the Flash Player one, are rated critical and primarily cover remote code execution vulnerabilities that could lead to a complete system compromise.To read this article in full or to leave a comment, please click here

Bay Dynamics lands another $23 million to speed expansion

Security-analytics firm Bay Dynamics has pulled down $23 million more in venture funding to help the company speed up its international expansion and execution of its action plan to reach customers and differentiate itself from competitors.The Series B financing is led by Carrick Capital Partners and includes Series A investor Comcast Ventures.The company claims hundreds of customers including some of the Fortune 50.Bay Dynamics’ Risk Fabric ranks the riskiest users, devices, applications and other network entities, according to a report by Gartner on User and Entity Behavior Analytics, the category in which it places Bay Dynamics. The platform can discover insider threats as well as data theft, and can analyze likely attack surfaces in customer networks, Gartner says.To read this article in full or to leave a comment, please click here

Review: Promisec goes the extra step to secure PCs

In the past year we've seen an influx of endpoint detection and response (EDR) tools that promise to bring order, through greater visibility, to the wild west of endpoints within a large organization. The scenario is all too common: IT security usually doesn't know all of the hardware and software assets that need to be protected, yet has to protect them. Even as we struggle to put security controls in place for prevention, we know that many of these endpoints are already compromised by active threats that need to be detected, assessed, quarantined, and remediated.EDR tools are built for detection and response (hence the category name), and most leave it at that. Promisec adds sophisticated remediation to Promisec Endpoint Manager (PEM), which is precisely why I was interested in getting a close look at the product. Like other EDR products, PEM can scan endpoints on a schedule to detect anomalies or abnormalities and verify that security controls -- such as required applications, patches, settings, and so on -- are in place. Unlike other products in the category, PEM can also launch scripts on the endpoints to take corrective action.To read this article in full or to leave a Continue reading

Feds to hire 3,500 cybersecurity pros by year’s end

Last October, the U.S. government began hiring 6,500 new cybersecurity IT professionals. It has hired 3,000 so far, and plans to hire another 3,500 by January 2017, the White House said Tuesday.The government is now trying to improve its recruiting and retention of cybersecurity professionals. This includes finding ways to improve government pay, which can be well below the private sector.ALSO ON NETWORK WORLD: 8 ways to jumpstart your career This strategy was detailed Tuesday in a White House memo. In it, officials called for expanded job recruiting campaigns "in order to raise awareness of employment opportunities and compete for top cybersecurity talent," Shaun Donovan, the director of the White House Office of Management and Budget, Beth Cobert, the acting director of the Office of Personnel Management and federal CIO Tony Scott wrote in the memo.To read this article in full or to leave a comment, please click here

Fake Olympic tickets and Zika news apps scam users

These days not a headline goes by without some cybercriminal jumping all over it. Now, with the Olympics coming up and travelers wary of the Zika virus, scammers are creating fake websites and apps to steal money or to infect users with malware."There are actually sites that say they sell tickets, but never actually give you tickets," said James Pledger, research director at RiskIQ.Sometimes, it's easy to spot the fakes.INSIDER: Traditional anti-virus is dead: Long live the new and improved AV "One of the most common things is very poor English," he said. "Or they'll only accept payment in online currencies or wire transfers. Other indicators are that there are a lot of complaints, or they've been up for a very short time frame."To read this article in full or to leave a comment, please click here