Archive

Category Archives for "Network World Security"

Terrorists opt for consumer tools

Although cybercriminals have been turning out specialized hacking and attack tools at a rapid pace, terrorists are often using legitimate, consumer-focused technologies, according to a new Trend Micro report."They're abusing legitimate technology for their own gain," said Ed Cabrera, vice president of cybersecurity strategy at Trend Micro.Sometimes, the vendors involved shut down accounts that are being used by terrorists, he said."As accounts become not usable, they pivot to other applications," he said.To read this article in full or to leave a comment, please click here

Next-generation Endpoint Security Market Bifurcation

My colleagues Doug Cahill, Kyle Prigmore, and I just completed a research project on next-generation endpoint security.  Just what the heck is next-generation endpoint security?  Cybersecurity professionals remain pretty confused around the answer to this question.  For the purposes of its research project, ESG defined next-generation endpoint security as (note: I am an ESG employee):Endpoint security software controls designed to prevent, detect, and respond to previously unseen exploits and malware.As part of this project, ESG interviewed dozens of organizations that were either supplementing or replacing traditional antivirus software on PCs of all kinds.  I’ve written a few blogs about why these organizations were moving beyond AV alone, how they selected new endpoint security products, and some details about their testing and deployment methodologies.  Aside from this technology overview however, I did come away with some strong theories about the next-generation endpoint security market in general. To read this article in full or to leave a comment, please click here

Flash Player update fixes zero-day vulnerability and 24 other critical flaws

Adobe Systems has released a security update for Flash Player in order to fix a publicly known vulnerability, as well as 24 privately reported security flaws.The company issued a warning about the zero-day -- previously unknown and unpatched -- vulnerability on Tuesday, saying that it is aware of an exploit available in the wild. The flaw, tracked as CVE-2016-4117, was reported by security researchers from FireEye.To read this article in full or to leave a comment, please click here

How to fix Internet security

The Internet is all-encompassing. Between mobile devices and work computers, we live our lives on it -- but our online existence has been tragically compromised by inadequate security. Any determined hacker can eavesdrop on what we say, impersonate us, and perform all manner of malicious activities.Clearly, Internet security needs to be rethought. Retrofitting security and privacy controls onto a global communications platform is not easy, but few would argue that it's less than absolutely necessary.[ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld's Security newsletter. ] Why should that be? Was the Internet built badly? No, but it was designed for a utopian world where you can trust people. When the fledgling Internet was populated by academics and researchers communicating with trusted parties, it didn’t matter that trust relationships weren’t well-implemented or communications weren’t secure by default. Today it matters very much, to the point where data breaches, identity theft, and other compromises have reached crisis levels.To read this article in full or to leave a comment, please click here

House GOP seeks $120M for visa fraud-catching software

House Republican lawmakers have introduced legislation intended to bolster the scrutiny of people entering this country. Its impetus is last year's terrorist attack by a married couple who killed 14 people in San Bernardino, Calif. and wounded 22. But the bill's provisions will affect all visas, including the H-1B.The legislation, submitted Thursday and led by Rep. Bob Goodlatte  (R-Va.), the chair of the House Judiciary Committee, specifically requires analytics software "to ensure proactive detection of fraud" in the immigration process.The software analysis requires the government "to utilize social media and other publicly available information" to determine whether an applicant is a security threat. One of the San Bernardino attackers, Tashfeen Malik, had allegedly posted allegiance to ISIL on Facebook, something which wasn't revealed until after the attack. She and her husband, Syed Rizwan Farook, were killed by police in a shootout.To read this article in full or to leave a comment, please click here

SWIFT warns of malware attack on another of its customers

Financial transaction network SWIFT has renewed its warning to customers to be on their guard following the discovery of malware at another bank using its services.The bank first asked customers to take steps to secure their systems in the wake of an attempt to steal US$951 million from Bangladesh Bank in February. Attackers there appear to have used custom malware installed on computers at the bank to send fraudulent messages over the SWIFT network seeking to transfer money from the bank's account with the U.S. Federal Reserve Bank of New York.To read this article in full or to leave a comment, please click here

DHS Inspector General lambasts TSA’s IT security flaws

The Transportation Security Administration’s IT department has persistent security problems including unpatched software, inadequate contractor oversight, physical security and inadequate vulnerability reporting.+More on Network World: 26 of the craziest and scariest things the TSA has found on travelers+Those were the main conclusions outlined in a report this week from the Department of Homeland Security’s Office of Inspector General which specifically took a look at the TSA’s Security Technology Integrated Program (STIP) which it defines as a “mission-essential data management system that connects airport transportation security equipment to servers. Connection to a centralized server allows remote management of passenger and baggage screening equipment and facilitates equipment maintenance, including software changes in response to emerging threats.”To read this article in full or to leave a comment, please click here

Dangerous 7-Zip flaws put many other software products at risk

Two vulnerabilities recently patched in 7-Zip could put at risk of compromise many software products and devices that bundle the open-source file archiving library.The flaws, an out-of-bounds read vulnerability and a heap overflow, were discovered by researchers from Cisco's Talos security team. They were fixed in 7-Zip 16.00, released Tuesday.The 7-Zip software can pack and unpack files using a large number of archive formats, including its own 7z format, which is more efficient than ZIP. Its versatility and open-source nature make it an attractive library to include in other software projects that need to process and deal with archived files.To read this article in full or to leave a comment, please click here

Lawmakers probe large data breaches at US bank insurance agency

The personal banking information of about 160,000 U.S. residents walked out the door of the federal government's bank insurance agency on removable media of employees departing in recent months.During the last seven months, seven departing employees at the Federal Deposit Insurance Corporation (FDIC) have left with personal banking information on thumb drives and other removable media, agency officials told a congressional subcommittee Thursday.The FDIC, which provides deposit insurance to U.S. bank accounts, considered the data breaches as "inadvertent" copying of personal banking information that happened when departing employees were copying personal information to removable media, Lawrence Gross Jr., the FDIC's CIO, told the House of Representatives Science, Space, and Technology Committee's oversight subcommittee.To read this article in full or to leave a comment, please click here

Researchers reveal flaws in 7-Zip, users and security vendors affected

Cisco’s Talos researchers discovered two vulnerabilities in 7-Zip, the popular open-source file archiver known for having a high compression ratio and option to password protect compressed files.Even if users hurry to download the newest 16.0 version of 7-Zip, in which the vulnerabilities are reportedly fixed, that doesn’t take care of many products that have used the old 7-Zip libraries and are still vulnerable. Unless vendors do some work, they are vulnerable and users of their products are as well.To read this article in full or to leave a comment, please click here

US House of Representatives bans Yahoo Mail and Google App Engine over malware concerns

The IT department of the U.S. House of Representatives has blocked access to Yahoo Mail and the Google App Engine platform due to malware threats.On April 30, the House’s Technology Service Desk informed users about an increase in ransomware related emails on third-party email services like Yahoo Mail and Gmail."The House Information Security Office is taking a number of steps to address this specific attack," the Technology Service Desk said in an email obtained and published by Gizmodo. "As part of that effort, we will be blocking access to Yahoo Mail on the House Network until further notice."To read this article in full or to leave a comment, please click here

Popular messaging apps present real enterprise threat

Today's mobile device owners commonly use messaging apps to send selfies, command bots to order takeout and collaborate with their coworkers — sometimes simultaneously, and oftentimes via the same app. Nothing in particular precludes messaging apps such as WhatsApp, Facebook's Messenger, Skype or Telegram from being used for work, play and everything in between. However, these consumer-focused apps are becoming the de facto software for corporate communication, and IT professionals have good reason for concern.As the distinction between enterprise and consumer messaging apps blurs, IT's needs and responsibilities are increasingly at odds with those of the workers it supports. Such a disparity can hinder workplace productivity and effective IT management.To read this article in full or to leave a comment, please click here

The sport of threat hunting, and who should be in the game

“Hunting is not a sport. In a sport, both sides should know they're in the game.”According to Field and Stream magazine, this is an oft quoted hunting expression. There is irony in applying this quote to the cyber security industry where hunting is indeed a sport. The good guys and the bad guys both know that they are in the game.Joseph Loomis, CEO of CyberSponse, works closely with the cyber units at the FBI, DHS and Secret Service described this trendy new cyber sport in which the good guys try to entrench themselves into the world of the dark web.To read this article in full or to leave a comment, please click here

After smashing two Atoms, Intel sees mobile future in atomic research

Weeks after cancelling two generations of Atom mobile chips, Intel is paving the way for future low-power mobile technologies with a new research collaboration with a French atomic energy lab.Fundamental research leading towards faster wireless networks, secure low-power technologies for the Internet of Things, and even 3D displays will be the focus of Intel's collaboration with the French Alternative Energies and Atomic Energy Commission (CEA).Intel and the CEA already work together in the field of high-performance computing, and a new agreement signed Thursday will see Intel fund work at the CEA's Laboratory for Electronics and Information Technology (LETI) over the next five years, according to Rajeeb Hazra, vice-president of Intel's data center group.To read this article in full or to leave a comment, please click here

Mozilla wants US to disclose to it first any vulnerability found in Tor by government hackers

Mozilla has asked a court that it should be provided information on a vulnerability in the Tor browser ahead of it being provided to a defendant in a lawsuit, as the browser is based in part on Firefox browser code.“At this point, no one (including us) outside the government knows what vulnerability was exploited and whether it resides in any of our code base,” wrote Denelle Dixon-Thayer, chief legal and business officer at Mozilla, in a blog post Wednesday.Mozilla is asking the U.S. District Court for the Western District of Washington in the interest of Firefox users to ensure that the government must disclose the vulnerability to it before it is revealed to any other party, as any disclosure without advance notice to Mozilla will increase the likelihood that the exploit will become public before Mozilla can fix any associated vulnerability in Firefox.To read this article in full or to leave a comment, please click here

Smartphone tracking apps raise security, privacy and legality questions

When it comes to smartphone tracking applications that help parents or employers to track the location of their children or perhaps monitor them by intercepting communications, few would argue the merits of such as system. But when those same kinds of apps are used to surreptitiously monitor employee activities, or the behavior of your wife or boyfriend, well, things get a little creepy and possibly illegal.+More on Network World: The most momentous tech events of the past 30 years+The watchdogs at the Government Accountability Office this waded into the smartphone tracking app quagmire and found lots of contradictory information on the topic by looking at 40 smartphone tracking apps and analyzing their websites.To read this article in full or to leave a comment, please click here

Old SAP vulnerability scares Homeland Security

The Department of Homeland Security has issued an alert about a 6-year-old SAP vulnerability that’s still being exploited enough that DHS deems it worthy of special note.But the responsibility for being vulnerable lies with SAP users. “This is a responsibility that falls on SAP customers' information security teams, service providers and external audit firms,” according to an FAQ about the vulnerability that was put out by Onapsis, an SAP-security vendor.And the company is right. The fixes should have been applied by now, since SAP has issued them. SAP issued the following statement about the patches:To read this article in full or to leave a comment, please click here

Microsoft’s May 2016 patches fix a boatload of vulnerabilities, including a zero-day

Hello, zero-days. And yes, you should be busy patching them, but Adobe isn’t releasing one of the zero-day fixes for Flash Player until tomorrow (May 12)—even though it is currently being used in real-world attacks.Microsoft released 16 security bulletins, eight of which are rated critical for remote code execution (RCE) and includes a fix for zero-day.Put another way by Bobby Kuzma, CISSP, systems engineer at Core Security: “Another fun and delightful Patch Tuesday, with a number of vulnerabilities with exploits in the wild!”To read this article in full or to leave a comment, please click here

US sounds alarm after SAP bug found affecting multinationals

The U.S. government is warning major corporations to check the configuration of their SAP software systems after a computer security company discovered at least 36 global enterprises were still vulnerable to a significant bug patched more than five years ago.The bug allows hackers to remotely gain full administrative access to SAP systems and affects at least 18 of the company's software systems, according to security vendor Onapsis.Using it, attackers can gain "complete control of the business information and processes on these systems, as well as potential access to other systems," the U.S. Department of Homeland Security said in a bulletin. It's only the third time this year the department has issued such a notice.To read this article in full or to leave a comment, please click here