Archive

Category Archives for "Network World Security"

Antivirus merger: Avast offers $1.3 billion for AVG

Antivirus vendor Avast Software has agreed to buy rival AVG Technologies for US$1.3 billion in cash.The deal will give Avast access to over 400 million "endpoints," or devices running its and AVG's software, 160 million of them phones or tablets, the company said Tuesday.Avast hopes the deal will make the combined company more efficient, as well as allowing it to take advantage of new growth opportunities such as securing the internet of things."This combination is great for our users. We will have over 250 million PC/Mac users enabling us to gather even more threat data to improve the protection to our users," Avast CEO Vincent Stickler wrote on the company blog.To read this article in full or to leave a comment, please click here

Investigation into Hillary Clinton’s personal email system closed without charges

An investigation into the use of a personal email system for official communications by Hillary Clinton, while she was U.S. secretary of state, has been closed with no charges filed, U.S. Attorney General Loretta E. Lynch said Wednesday.The move comes after FBI Director James Comey on Tuesday said he did not recommend bringing charges against her although he described as “extremely careless” the use by her and her aides of unsecured email networks for distribution of  very sensitive, highly classified information.To read this article in full or to leave a comment, please click here

Google fixes over 100 flaws in Android, many in chipset drivers

Google released a new batch of Android patches on Wednesday, fixing over 100 flaws in Android's own components and in chipset-specific drivers from different manufacturers.Android's mediaserver component, which handles the processing of video and audio streams and has been a source of many vulnerabilities in the past, is at the forefront of this security update. It accounts for 16 Android vulnerabilities, including 7 critical flaws that can allow an attacker to execute code with higher privileges. The bugs can be exploited by sending specifically crafted audio or video files to users' devices via the browser, email or messaging apps. Because of the repeated mediaserver flaws, Google Hangouts and the default Android Messenger applications no longer pass media to this component automatically.To read this article in full or to leave a comment, please click here

Study: More than 50% of SMBs were breached in the past year

A new study conducted by the Ponemon Institute and sponsored by password management provider Keeper Security analyzed the state of cybersecurity in small and medium-sized businesses (SMBs) and found that confidence in SMB security is shockingly low (just 14% of the companies surveyed rated their ability to mitigate cyber attacks as highly effective)."We've conducted many surveys on enterprise cybersecurity in the past but this unique report on SMBs sheds light on the specific challenges this group faces," said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute. "Considering the size of the SMB market in the United States alone, this information can be useful to diminish the risk of breach to millions of businesses."To read this article in full or to leave a comment, please click here(Insider Story)

CFAA anti-hacking law applies to using shared password, appeals court said

Millions of Americans willingly share passwords with family or friends to access devices or accounts, but the Ninth Circuit Court of Appeals considered using a willingly shared password to be covered under the anti-hacking Computer Fraud and Abuse Act (CFAA) law.After previously being found guilty, David Nosal appealed since he believed he should not have been found guilty of CFAA as he didn’t actually hack his former employer, Korn/Ferry. Instead, he gained access through passwords that had been voluntarily shared with him by other employees after he left the company and his credentials were revoked.But in a 2-1 decision, the federal appeals court may have set a dangerous precedent which could ultimately affect millions of Americans who use a willingly shared password. Password-sharing was not allowed by Korn/Ferry, so Circuit Judge Margaret McKeowin wrote (pdf) that Nosal had acted “without authorization” and therefore falls under the CFAA.To read this article in full or to leave a comment, please click here

21% off SentrySafe Fire-Safe Waterproof File Storage Box – Deal Alert

Where do you store your most important CD's, DVD's, USB drives and documents? Are they protected from fire and water damage, if that "worst-case scenario" actually happens? SentrySafe's HD4100CG storage box is UL classified with 1/2-hour fire protection and ETL verified 1/2 hour fire protection for CD's, DVD's, USB drivers and memory sticks up to 1550F. It’s also ETL verified waterproof. It measures roughly 11x8 with a 9-inch depth. It currently averages 4.5 out of 5 stars on Amazon from over 300 customers (read reviews) and its list price of $85 has been reduced by 21% to $68. See the discounted SentrySafe HD4100CG Fire-Safe Waterproof File now on Amazon.To read this article in full or to leave a comment, please click here

New Tor-powered backdoor program targets Macs

Security researchers have found a new backdoor program that allows attackers to hijack Mac systems and control them over the Tor network.The new malware has been dubbed Backdoor.MAC.Eleanor by researchers from antivirus vendor Bitdefender and is distributed as a file converter application through reputable websites that offer Mac software.The rogue application is called EasyDoc Converter. Once installed it displays a fake interface where users can supposedly drag and drop files for conversion, but which in reality doesn't do anything.In the background, the application executes a shell script that installs multiple malicious components in a folder called “/Users/$USER/Library/.dropbox." The Dropbox name is used to make the malware harder to spot and has nothing to do with the legitimate Dropbox file synchronization software.To read this article in full or to leave a comment, please click here

Rio Olympics pose security risks to travelers

Police officers held up a sign saying "Welcome to Hell" at the Rio airport last week, according to local and international news reports, and the region's acting governor warned of a total collapse in public security. More funding is on its way, but it might not be enough to make a difference in time for the Olympic games. Meanwhile, physical safety isn't the only thing that travelers need to worry about -- security experts warn that travelers need to be extremely careful when they access computer networks, as well.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers "The Rio situation is a mess," said Shaun Murphy, CEO at communication security firm PrivateGiant. "I would suspect that from a cyber security front, it's going to be just as messy."To read this article in full or to leave a comment, please click here

IDG Contributor Network: Veriflow raises cash to develop network security toolkit

If software is indeed "eating the world," as famed venture capitalist and prognosticator on pretty much everything Marc Andreessen once opined, then it goes without saying that the pipes that have the unenviable task of carrying that software become ever more critical. The more important the internet, the more the underlying network of undifferentiated "dumb pipes" becomes important. This has led to the rise of myriad vendors that all help to ensure those "dumb pipes" keep working. A case in point is Veriflow, a company that is bringing a new approach to network breach and outage detection via mathematical network verification.To read this article in full or to leave a comment, please click here

Court decision raises issues about sharing passwords

An appeals court has ruled that a former employee of a company, whose computer access credentials were revoked, had acted “without authorization” in violation of the Computer Fraud and Abuse Act, when he and other former employees used the login credentials of a current employee to gain access to data on the employer’s computers.The opinion of the court is likely to be controversial as it is expected to have implications on commonplace sharing of passwords by husbands, co-workers and friends even for innocuous purposes.One of the three judges, Stephen Reinhardt, for example, dissented from the majority opinion, stating that “people frequently share their passwords, notwithstanding the fact that websites and employers have policies prohibiting it.”To read this article in full or to leave a comment, please click here

Adultery website Ashley Madison is being investigated by the FTC

Ashley Madison encouraged its users to cheat on their partners. But did it also cheat its own customers? The U.S. Federal Trade Commission is reportedly investigating the service, which suffered a devastating hack last year that exposed details of millions of customers who signed up in the hope of engaging in extramarital affairs. Avid Life Media, which owns Ashley Madison, told the New York Times Tuesday it doesn't know the focus of the inquiry. But the company said it's been sharing information with the the FTC since last August when the breach took place.To read this article in full or to leave a comment, please click here

Operationalizing Threat Intelligence

In 2015, I conducted some in-depth research around enterprise organizations’ consumption, use, and sharing of threat intelligence.  Time and time again, I heard cybersecurity professionals proclaim that their organizations had to do a better job “operationalizing” threat intelligence. Hmm, sounds like a worthwhile security management goal if I’ve ever heard one but what exactly does this mean?  Some ESG research may be helpful here (note: I am an ESG analyst).  ESG surveyed 304 IT and cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) and asked them to identify their organization’s top threat intelligence challenges.  The data reveals that:To read this article in full or to leave a comment, please click here

FBI faults Clinton’s personal email system, but doesn’t recommend prosecution

Hillary Clinton was "extremely careless" in her use of a private email server while she was U.S. secretary of state, but the FBI isn't recommending any charges be brought against her for mishandling classified information.Speaking to reporters on Tuesday morning, days after the U.S. Federal Bureau of Investigation interviewed the presidential candidate, FBI Director James Comey said his investigation had uncovered numerous instances of the system being improperly used for classified information. He also said it was impossible to rule out the possibility that the system could have been hacked.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers The controversy was thought to revolve around a single server, but Comey disclosed that over the years Clinton was secretary of state, she relied on a string of email servers. When new ones were installed, the older ones were removed but data was not always deleted.To read this article in full or to leave a comment, please click here

The new internet domains are a wasteland

The many new DNS top-level domains (TLDs) were heralded as a way to take pressure off the older DNS TLDs. It seems, however, the new TLDs are almost uniformly the source of spammers and malware launchers.There might be valid web resources in the new TLDs. They seem rarely referenced beyond a handful of sites, though, as .com, .org, .net and even .co have common usage aside from country-specific addresses such as .us, .uk, .de, .jp, etc.But .xyz? Spam. I get about four dozen spam emails from that domain most days. The .click TLD? I’ve gotten about 400 embedded malware emails from there so far this year. Then there’s .xxx, .website and dozens of other new TLDs that are nothing more than difficult-to-block and nearly-impossible-to-kill spam/malware sources. It’s frustrating, and admins don’t have much chance to stanch the spam.To read this article in full or to leave a comment, please click here

Ex-Secret Service agent who investigated Silk Road may have stolen another $700,000

Plead guilty, then steal more seems to have been the motto of a former corrupt federal agent involved in the Silk Road investigation.Ex-U.S. Secret Service Special Agent Shawn Bridges, who was part of Baltimore’s Silk Road Task Force and stole $820,000 in bitcoins during the investigation that led to Ross Ulbricht’s conviction, eventually pled guilty to money laundering and obstruction of justice. Bridges, who had served as the forensics and technical expert on the task force, was sentenced to nearly five years, 71 months, in prison. Yet newly unsealed court documents show that Bridges is suspected of stealing another $700,000 in bitcoins after he pled guilty but about two months before he was sentenced.To read this article in full or to leave a comment, please click here

Lenovo ThinkPwn UEFI exploit also affects products from other vendors

A critical vulnerability that was recently found in the low-level firmware of Lenovo ThinkPad systems also reportedly exists in products from other vendors, including HP and Gigabyte Technology.An exploit for the vulnerability was published last week and can be used to execute rogue code in the CPU's privileged SMM (System Management Mode).This level of access can then be used to install a stealthy rootkit inside the computer's Unified Extensible Firmware Interface (UEFI) -- the modern BIOS -- or to disable Windows security features such as Secure Boot, Virtual Secure Mode and Credential Guard that depend on the firmware being locked down.To read this article in full or to leave a comment, please click here

8 ingredients of an effective disaster recovery plan

Earlier this month, a monkey caused a nationwide power outage in Kenya. Millions of homes and businesses were without electricity. Which just goes to show that “not all disasters come in the form of major storms with names and categories,” says Bob Davis, CMO, Atlantis Computing.“Electrical fires, broken water pipes, failed air conditioning units [and rogue monkeys] can cause just as much damage,” he says. And while “business executives might think they’re safe based on their geographic location,” it’s important to remember that “day-to-day threats can destroy data [and] ruin a business,” too, he says. That’s why it is critical for all businesses to have a disaster recovery (DR) plan.To read this article in full or to leave a comment, please click here

11 signs your kid is hacking — and what to do about it

I've shared a lot of security knowledge in my tenure as InfoWorld's Security Advisor. But what I've never shared before is that much of my initial computer security defense knowledge, which I turned into my first book, came from trying to stop my teenage stepson from being a malicious hacker.I was newly dating his mother and he was a precocious 15-year-old who liked messing around with electronics and computers. He and his closest friends also flirted with malicious hacking, including harassing "ignorant" users, DoS-ing popular computer networks, making malware, and all sorts of unquestionably illegal and unethical hacking behavior.To read this article in full or to leave a comment, please click here

EU plans $2B investment in cybersecurity research

The European Union is stumping up €450 million ($500 million) to fund research into cybersecurity -- and wants industry to contribute three times that.The EU's executive body, the European Commission, is concerned about the vulnerability of the EU economy to cyberattacks, warning in a report Tuesday that they "could undermine the digital single market and economic and social life as a whole."The $2 billion cybersecurity public-private partnership (cPPP) is intended boost cross-border research into cybersecurity, and to aid development of security products and services for the energy, health, transport and finance industries, the European Commission said Tuesday.To read this article in full or to leave a comment, please click here