Archive

Category Archives for "Network World Security"

Apple hires mobile encryption pioneer amid encryption debate

Apple has rehired a mobile encryption pioneer as it continues to face pressure from governments wanting access to user data stored on iPhones. Jon Callas most recently worked as a co-founder of Silent Circle, which produced the security-minded Blackphone and has joined the iPhone and iPad maker in an undisclosed capacity, Apple revealed to Reuters. Callas is a veteran of the security industry who also co-founded PGP Corporation.He first worked at Apple from 1995-1997, then again from 2009-2011. He has two patents to his name from that second stint that are both focused on full-disk encryption, something that Apple uses in its smartphones, tablets and computers. To read this article in full or to leave a comment, please click here

Windows 7 updates have been broken for several days

If something goes wrong with a patch, it's usually a problem that emerges after people download and install the patch. But in this case, fixes issued for May's Patch Tuesday batch just plain won't install at all for some people.The most recent batch of bug fixes was issued on May 10, and within days people were complaining of problems with the installation. It's always the same problem: Windows Update runs for a long time stuck at 0% progress before finally failing to install.To read this article in full or to leave a comment, please click here

By the numbers: Cyber attack costs compared

Data breaches caused by malicious insiders and malicious code can take as long 50 days or more to fix, according to Ponemon Institute's 2015 Cost of Cyber Crime Study. While malware, viruses, worms, trojans, and botnets take only an estimated 2-5 days to fix.Unsurprisingly, attacks by malicious insiders are also the costliest to fix ($145,000 according to the Ponemon study), followed by denial of service ($127,000) and Web-based attacks ($96,000).The consequences and cost of cyber attacks are also unevenly distributed, with business disruption and information loss taking the biggest share, followed by revenue loss and equipment damages, according to Ponemon. But the cost of remediation in person-days can also be substantial. Involvement of a programmer, a QA person, project manger, product manager and corporate lawyer will cost you more than $300 per employee per day, according to data from payscale.com — and that's before you consider the cost of the CEO, CISO and CFO's time.To read this article in full or to leave a comment, please click here(Insider Story)

Disaster recovery in a DevOps world

According to a 2015 survey by IT Revolution Press in conjunction with Puppet Labs, organizations using DevOps deploy code 30 times faster than others, doing deployments multiple times per day. Moreover, change failure gets cut in half with DevOps and services are restored up to 168 times faster than they are at non-DevOps organizations.DevOps: Failing more quickly, and recovering faster Let’s focus on those last two points for a moment. One thing is for certain: Embracing DevOps also pays off from a disaster recovery standpoint, because the tools and procedures that you use to move applications from development to testing to production and back to development again can also be applied to failing over and recovering from disasters and service interruptions. The same tools that automate the entire DevOps life cycle can also help you make the most use of the resources you already have for recovery purposes.To read this article in full or to leave a comment, please click here

To fix long security checkpoint lines, kick the TSA out of airports

You go through TSA security checkpoints and leave without the carry-on items you sent through the conveyor belt to be scanned.That happens a lot; things go missing in ways other than TSA confiscating items. Just ask Eric Cheng, a photographer, technologist, drone expert and author, who said the TSA handed his $2,800 MacBook Pro to some random stranger.“After following TSA security protocols, TSA gave my $2,800 computer away to another passenger whom they were unable or unwilling to identify and track down,” he wrote.To read this article in full or to leave a comment, please click here

US state officials worry about their ability to respond to cyberattacks

Many states aren't confident of their ability to respond to cyberattacks on physical infrastructure such as water and electric systems, U.S. emergency response officials say.The U.S. government could do several things to help states improve their response to cyberattacks, including increased funding for technology training programs, cybersecurity experts told a House of Representatives committee Tuesday.States have difficulty hiring top cybersecurity employees, said Steven Spano, president and COO of the Center for Internet Security. Cybersecurity workers are a "high-demand, low-density asset," the former Air Force general told two subcommittees of the House Homeland Security Committee.To read this article in full or to leave a comment, please click here

DARPA moves “aircraft-like” spacecraft technology to next phase

DARPA this week detailed the next development phase of its reusable Mach 10 satellite taxi capable of carrying and deploying a 3,000- 5,000 lb. satellite into low earth orbit (LEO) at a target cost of less than $5M per launch. +More on Network World: NASA wants to get supersonic with new passenger jet+ The reusable Experimental Spaceplane (XS-1) XS-1 will demonstrate the potential for low cost and “aircraft-like” high operations payload delivery to orbit. DARPA said Phase 2 and 3 development will likely see a single contract worth $140M (Phase II - $123M, Phase III - $17M). The research agency in 2014 awarded Boeing (working with Blue Origin) Masten Space Systems (working with XCOR Aerospace) and Northrop Grumman Corporation (working with Virgin Galactic) contracts to begin phase 1 XS-1 work.To read this article in full or to leave a comment, please click here

New DMA Locker ransomware is ramping up for widespread attacks

The TeslaCrypt creators called it quits recently, but unfortunately for users, there's a new ransomware program that's ready to take its place.Called DMA Locker, this threat first appeared in January, but its encryption implementation was so flawed that it was hard to take it seriously. Researchers had no problem developing a file recovery tool for the first two versions.However, its authors have recently fixed all issues and malware researchers believe that with the newly released version 4, DMA Locker has reached maturity and might be the next thing to hit users in widespread attacks.To read this article in full or to leave a comment, please click here

Security training programs don’t do enough to mitigate insider risk

Employee-related security risks top the list of concerns for security professionals, but organizations aren't doing enough to prevent negligent employee behavior, according to a new study.Last month, security research firm Ponemon Institute, sponsored by Experian Data Breach Resolution, surveyed 601 individuals at companies with a data protection and privacy training program on the issue of negligent and malicious employee behaviors for the Managing Insider Risk through Training & Culture report.To read this article in full or to leave a comment, please click here

How to avoid phishing attacks

Keep the network out of reach of criminalsImage by Susana FernandezAccording to the Verizon data breach investigation report published last month, phishing remains a major data breach weapon of choice. Trend Micro added that ransomware is expected to be one of the biggest threats in 2016 and that a single ransom demand will go much higher, reaching seven figures.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Government failing to fully address EMP threats to the grid, officials say

Government agencies have done some work to mitigate the danger of electromagnetic threats to the electrical grid, but it’s not enough, says the U.S. Government Accountability Office (GAO).Despite some action by the Department of Homeland Security (DHS)—such as developing a prototype transformer that would significantly speed recovery from a power outage caused by a failed transformer and studying the impacts of severe space weather, such as solar storms—more must be done to protect the grid, Homeland Security News Wire reports on the April-published GAO study (PDF).To read this article in full or to leave a comment, please click here

IDG Contributor Network: Most online tracking is from Google-owned properties

All of the top five tracking tools found on websites are from Google-owned properties.And new, cookie-replacing methods of identifying computers, called fingerprinting, is being used by advertisers, a new study found. Fingerprinting can work by sending audio files to individual web browsers. The method identifies the PC, Princeton University explains in its research (PDF).Princeton says its study, completed in January, is the biggest assessment of online tracking ever. The university trawled a million of the “top” websites.To read this article in full or to leave a comment, please click here

What are hackers up to these days?

The long answer is more complex, but security vendor Trustwave offered some insights in its 2016 Trustwave Global Security Report, which was released last month."Criminals are getting a lot savvier," says Karl Sigler, Trustwave's threat intelligence manager. "We're seeing their tactics changing a little bit."New bad news In the study, Trustwave found that compromises affecting corporate and internal networks hit 40 percent in 2015, up from 18 percent from the year before."Criminals are discovering that if they can get themselves embedded into a corporate network, there's a wealth of monetizable data in those networks," says Sigler. This could also be a result of what he calls a "drastic decline" in the rate of point-of-sale breaches, which dropped by 18 percentage points from 2014 to 2015, according to the study. "Criminals don't go away. They just shift targets," he says.To read this article in full or to leave a comment, please click here

How data virtualization delivers on the DevOps promise

Using live data in development means you can test real workloads and get realistic results in transactions and reports. It’s also a significant security risk, as U.K. baby retailer Kiddicare recently found out: The company used real customer names, delivery addresses, email addresses and telephone numbers on a test site, only to have the data extracted and used to send phishing text messages to customers.In 2015, Patreon CEO Jack Conte admitted the names, shipping addresses and email addresses for 2.3 million users of the crowdfunding site had been breached, also “via a debug version of our website that was visible to the public” that had a “development server that included a snapshot of our production database.” And earlier this year a developer at Sydney University in Australia lost a laptop containing an unencrypted copy of a database with the personal and medical details of 6,700 disabled students.To read this article in full or to leave a comment, please click here(Insider Story)

A recently patched Flash Player exploit is being used in widespread attacks

It took hackers less than two weeks to integrate a recently patched Flash Player exploit into widely used Web-based attack tools that are being used to infect computers with malware.The vulnerability, known as CVE-2016-4117, was discovered earlier this month by security researchers FireEye. It was exploited in targeted attacks through malicious Flash content embedded in Microsoft Office documents.When the targeted exploit was discovered, the vulnerability was unpatched, which prompted a security alert from Adobe Systems and a patch two days later.To read this article in full or to leave a comment, please click here

Identity and Access Management infrastructure is misaligned with security

Several CISOs I’ve spoken to over the past few years agree that identity is a new security perimeter. The thought here is that a combination of mobile device and cloud use renders existing network perimeters obsolete, so security policy enforcement decisions must be driven by identity attributes (i.e., user identity, role, device identity, location, etc.) rather than IP packet attributes. We see this transition coming to fruition with the concept of a software-defined perimeter (SDP) and technologies such as Google BeyondCorp and Vidder PrecisionAccess.Yup, this makes sense. Armed with identity attributes, organizations can make intelligent network access decisions on who gets access to which IT assets regardless of their location. Unfortunately, there is a big problem here. The identity and access management (IAM) infrastructure was built organically over the last 10-15 years, so it depends upon a morass of disconnected and fragile elements. This situation greatly impacts security. To read this article in full or to leave a comment, please click here

New products of the week 5.23.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Zuznow “Red Fox” versionKey features: A frontend-as-a-Service (FaaS) platform, the new Zuznow “Red Fox” version automatically creates and maintains web and native apps for smartphones, tablets, desktops and laptops. Enterprises can build and deploy premium mobile apps in minutes – without coding – through a simple, three-step configuration wizard. More info.To read this article in full or to leave a comment, please click here

Kansas Heart Hospital hit with ransomware, paid, but attackers demanded 2nd ransom

Kansas Heart Hospital in Witchita was hit with ransomware last week. The ransomware attack occurred on Wednesday and the KWCH 12 news video from Friday night said some files were still inaccessible by the hospital.Hospital president Dr. Greg Duick refused to disclose the ransom amount and the ransomware variant; he said, “I'm not at liberty because it's an ongoing investigation, to say the actual exact amount. A small amount was made.”Yes, the hospital paid the ransom. No, the hackers didn’t decrypt the files – at least it was described as not returning “full access to the files.” Instead, the attackers asked for another ransom. This time the hospital refused to pay because it was no longer “a wise maneuver or strategy.”To read this article in full or to leave a comment, please click here

Kansas Heart Hospital hit with ransomware; attackers demand two ransoms

Kansas Heart Hospital in Witchita was hit with ransomware last week. The ransomware attack occurred on Wednesday, and the KWCH 12 news video from Friday night said some files were still inaccessible by the hospital.Hospital President Dr. Greg Duick refused to disclose the ransom amount and the ransomware variant. He said, “I'm not at liberty because it's an ongoing investigation, to say the actual exact amount. A small amount was made.”Yes, the hospital paid the ransom. No, the hackers didn’t decrypt the files—at least it was described as not returning “full access to the files.” Instead, the attackers asked for another ransom. This time the hospital refused to pay because it was no longer “a wise maneuver or strategy.”To read this article in full or to leave a comment, please click here

Boston BSides needs more space to grow

 The Boston BSides conference is bursting at its seams and may have to find a new place to carry out its mission of providing inexpensive IT security training, educational sessions and informal networking where peers can share experiences and help guide aspiring security pros.The conference this weekend at Microsoft’s New England Research and Development (NERD) Center in Cambridge, Mass., was full to capacity with about 400 people attending – the NERD limit, says Daniel Reich, one of the show’s organizers.He says the organizers had to turn away about 100 others who wanted to attend, and after reading surveys by attendees and comments on Twitter, they may be looking for a larger venue for next year.To read this article in full or to leave a comment, please click here