Archive

Category Archives for "Network World Security"

Buyer’s Guide to 9 multi-factor authentication products

Multi factorsSince we last reviewed two-factor authentication products, the market has moved beyond two-factor authentication toward what is now being called multi-factor authentication. One of the key features being new types of hardware-based tokens. Here are individual reviews of nine MFA products. See the full review.To read this article in full or to leave a comment, please click here

Enterprises Are Investing in Network Security Analytics

If I’ve heard it once, I’ve heard it one thousand times.  Traditional security controls are no longer effective at blocking cyber-threats so enterprise organizations are deploying new types of security defenses and investing in new tools to improve incident detection and response.Unfortunately, this can be more difficult than it seems.  Why?  Effective Incident detection and response depends upon security analytics technology and this is where the confusion lies.  It turns out that there are lots of security analytics tools out there that approach this problem from different angles.  Given this reality, where the heck do you start?Based upon lots of qualitative and quantitative research, I’m finding that many large organizations with experienced security teams tend to jump into security analytics by focusing their effort on the network for several reasons:To read this article in full or to leave a comment, please click here

EU and US officials sign ‘umbrella’ data protection agreement, but it’s no Privacy Shield

The European Commission has signed a landmark agreement with the U.S. in its quest to legitimize the transatlantic flow of European Union citizens' personal information.No, it's not the embattled Privacy Shield, which the Commission hopes to conclude later this month, but the rather flimsier-sounding umbrella agreement or, more formally, the U.S.-EU agreement "on the protection of personal information relating to the prevention, investigation, detection, and prosecution of criminal offenses."It covers the exchange between EU and U.S. law enforcers, during the course of their investigations of personal data including names, addresses and criminal records. U.S. Attorney General Loretta Lynch, European Commissioner for Justice Vĕra Jourová and Dutch Minister for Security and Justice Ard van der Steur signed the agreement in Amsterdam on Thursday.To read this article in full or to leave a comment, please click here

A new WordPress plug-in exploit endangers thousands of websites

Over the past few days, attackers have been exploiting an unpatched vulnerability in WP Mobile Detector, a WordPress plug-in installed on over 10,000 websites.The plug-in's developer fixed the flaw Tuesday in version 3.6, but in addition to updating immediately, users should also check if their websites haven't already been hacked.The vulnerability is located in a script called resize.php script and allows remote attackers to upload arbitrary files to the Web server. These files can be backdoor scripts known as Web shells that provide attackers with backdoor access to the server and the ability to inject code into legitimate pages.The flaw was discovered by WordPress security outfit PluginVulnerabilities.com after it observed requests for the wp-content/plugins/wp-mobile-detector/resize.php even though it didn't exist on its server. This indicated that someone was running an automated scan for that specific file, likely because it had a flaw.To read this article in full or to leave a comment, please click here

8 reasons why your security awareness program sucks

As a person who primarily focuses on the human aspects of security and implementing security awareness programs, people are surprised when I am neither upset nor surprised when there is an inevitable human failing. The reason is that I have come to the conclusion that most awareness programs are just very bad, and that like all security countermeasures, there will be an inevitable failing. I have to admit that it is frustrating to have to argue with people who claim that awareness is always bad. They argue that since there will always be a single failing, then it is not worth the effort to have an awareness program in the first place. Of course, I vehemently disagree. However to debate people, and address their points, at least in the eyes of decision makers, you need to understand the foundation of their arguments and accept the premises that are true.To read this article in full or to leave a comment, please click here(Insider Story)

Human error biggest risk to health IT

In the race to digitize the healthcare industry, providers, insurers and others in the multi-layered ecosystem have failed to take some of the most basic steps to protect consumers' sensitive health information, a senior government official is warning.Servio Medina, acting COO at the Defense Health Agency's policy branch, cautioned during a recent presentation that too many healthcare breaches are the product of basic mistakes, ignorance or employee negligence.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords "These are things that could be prevented," Medina said. "Today's training and awareness efforts that we provide currently are simply not effective. They are not enough. We have to do something radically more and different."To read this article in full or to leave a comment, please click here

How to embrace the benefits of shadow IT

The terms shadow IT conjures up negative images in the minds of most IT organizations. Yet non-IT enterprise functions and lines of business are buying more of their own IT systems than ever before, particularly product, operations and external customer-facing groups and highly dynamic services areas. “As business functions seek to realize the benefits from these non-traditional channels of IT enablement, the shadow IT organizations are growing aggressively in order to help orchestrate and aggregate services into business consumable offerings,” says Craig Wright, managing director of outsourcing and technology consultancy Pace Harmon.[ Related: 4 ways to apply SLAs to shadow IT ]To read this article in full or to leave a comment, please click here

How millennial tech grads should tailor their resumes

You’ve recently graduated and now it’s time to start applying to jobs -- but what skills and experience should you highlight on your resume? To help you decide, CompTIA released the results of its 2016 IT Industry Outlook report, which surveyed 673 IT industry companies in the U.S., Canada and the U.K., and found that millennials have certain skills businesses are clamoring for in the coming year.“Recent grads have grown up in an age of evolving technologies, particularly the Internet Age. They’ve not only developed a unique way of problem solving and critical thinking, but they are also acutely aware of new technologies that may increase operational efficiency in a business,” says Gene Richardson, COO of Experts Exchanges.To read this article in full or to leave a comment, please click here

SS8 makes enterprise version of traffic-analysis platform designed for intelligence agencies

SS8 built its network traffic-inspection and analysis platform as a tool for intelligence agencies to discover communications among criminals and terrorists but now has scaled it back for enterprises to stop data breaches.Called BreachDetect, the business-sized software gathers highly detailed network traffic data that discovers application flows and the activity of individual machines and analyzes them to find anomalies that indicate foul play.The platform also stores the information it collects so it can be analyzed over and over as new threat indicators are identified. That way corporate security pros can discover threats that may have been lurking undetected for months and figure out when and how they got there, SS8 says.To read this article in full or to leave a comment, please click here

Mysterious malware targets industrial control systems, borrows Stuxnet techniques

Researchers have found a malware program that was designed to manipulate supervisory control and data acquisition (SCADA) systems in order to hide the real readings from industrial processes.The same technique was used by the Stuxnet sabotage malware allegedly created by the U.S. and Israel to disrupt Iran's nuclear program and credited with destroying a large number of the country's uranium enrichment centrifuges.The new malware was discovered in the second half of last year by researchers from security firm FireEye, not in an active attack, but in the VirusTotal database. VirusTotal is a Google-owned website where users can submit suspicious files to be scanned by antivirus engines.To read this article in full or to leave a comment, please click here

OpenSwitch finds critical home at Linux Foundation

The OpenSwitch Project took a significant development step this week when it became the first full feature network operating system project of the Linux Foundation.+More on Network World: Feeling jammed? Not like this I bet+The move gives OpenSwitch a neutral home where it can receive all the necessary support for long-term growth and sustainability – including back-office, technical infrastructure and ecosystem development services, said Michael Dolan, VP of Strategic Programs at The Linux Foundation.While the Linux Foundation hosts other projects in the networking space, the addition of OpenSwitch makes available a complete NOS solution, from the ASIC drivers to the APIs,’ that will run on reference hardware and in hypervisors, he stated.To read this article in full or to leave a comment, please click here

FBI: Extortion e-mail, tech support scam-bags turning up the heat

Not that summer time has anything to do with it but the FBI’s Internet Crime Complaint Center (IC3) warned that e-mail extortion campaigns and the tedious tech support scams have heated up in recent weeks.+More on Network World: FBI warning puts car hacking on bigger radar screen+The IC3 said the recent uptick in email extortion comes from the data breaches at organizations like Ashley Madison, the IRS, Anthem and many others where tons personal information was stolen.To read this article in full or to leave a comment, please click here

Extortion schemes expand, threatening consumers and businesses with data leaks

Ransomware authors are not the only cybercriminals who use extortion tactics to make money from users and companies. Data thieves are also increasingly resorting to intimidation.The FBI's Internet Crime Complaint Center (IC3) has received many reports from users whose data was stolen in various high-profile breaches and then received emails threatening to publicly disclose their personal information, including phone numbers, home addresses and credit card information.The ransom amount asked by the extortionists ranged from 2 to 5 bitcoins or approximately $250 to $1,200, IC3 said in an advisory Wednesday.To read this article in full or to leave a comment, please click here

Code red: Health IT must fix its security crisis

The health care industry provides an alluring target for malicious hackers. Personal health information has a much longer shelf life than financial information, making it a major draw for identity thieves. But a new and more troubling threat has arisen: the potential disruption of critical hospital systems by cybercriminals.With a diverse array of digital systems, hospitals have evolved into complex technology operations. Yet they remain singularly ill-prepared to defend against attacks, in part because the multiplicity of systems forms a wider surface area to attack.To read this article in full or to leave a comment, please click here

Tricks that ransomware uses to fool you

Pulling ransomware out of …Image by ThinkstockRansomware quite often targets businesses (for example hospitals) rather than individuals. Corporations have more valuable data and more money for ransom (ransom increases from roughly $500 per computer to $15,000 for the entire enterprise). Cyphort has examined different variants of ransomware to help users get an idea of what might be coming down the Internet pipeline. So keep an eye out for these characteristics before your network is taken hostage.To read this article in full or to leave a comment, please click here

IDG Contributor Network: People are more likely to share their passwords when offered chocolate

"Beware those bearing gifts" is the ancient phrase that dates back a few thousand years. It referred to the wooden horse that was used to dupe the folks of Troy into allowing the Greeks into their city.Well, don’t trust the horse today, either.Freebies are just as likely to be accompanied by trickery now as they’ve ever been, according to scientists who’ve been studying the willingness to communicate confidential information.Presents “greatly increased the likelihood of participants giving away their password,” psychologists from the University of Luxembourg say their research has revealed.To read this article in full or to leave a comment, please click here

New peripherals are bringing Windows Hello to any Windows 10 PC

Japan's Mouse Computer has developed add-on biometric sensors that will bring Windows Hello to any PC running Windows 10. Windows Hello is Microsoft's biometric security system. It allows users to dump passwords for facial or fingerprint recognition, but only on PCs that have the correct hardware. Many new PCs do, but generations of older machines that can run Windows 10 don't have the infrared camera or fingerprint sensors that are required. That's where the new add-on peripherals come in. There's a USB camera unit and a tiny USB fingerprint reader. Both will bring Windows Hello to Windows 10 PCs, said Microsoft this week at the Computex trade show in Taipei.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Triggered NetFlow — A Trick of the Trade

Triggered NetFlow: A Woland-Santuka Pro-Tip Vivek Santuka, CCIE #17621, is a consulting systems engineer at Cisco Systems who focuses on ISE for Cisco’s largest customers around the world. He and I devised, tested and deployed the methodology discussed in this blog entry, which we like to call “Triggered NetFlow.”NetFlow is an incredibly useful and under-valued security tool. Essentially, it is similar to a phone bill. A phone bill does not include recordings of all the conversations you have had in their entirety; it is a summary record of all calls sent and received.Cisco routers and switches support NetFlow, sending a “record” of each packet that has been routed, including the ports and other very usable information.To read this article in full or to leave a comment, please click here

Lenovo advises users to remove a vulnerable support tool preinstalled on their systems

PC maker Lenovo is recommending that users remove an application preloaded on their computers because it contains a high-severity flaw that could allow attackers to take over their systems. The vulnerable tool is called Lenovo Accelerator Application and is designed to speed up the launch of other Lenovo applications. It was preinstalled on more than 100 laptop and desktop models shipped with Windows 10, but not those from the ThinkPad and ThinkStation lines. The flaw was discovered by researchers from security firm Duo Security as part of an analysis of OEM software update tools from five PC manufacturers. The company found that a process called LiveAgent, apparently the update component of the Lenovo Accelerator Application, does not use encrypted connections when checking and downloading updates. LiveAgent also does not validate the digital signatures of the downloaded files before running them, the researchers said.To read this article in full or to leave a comment, please click here