High-profile data breaches have become all too common in recent years with companies such as Target Home Depot and Anthem forced to own up to and handle PR nightmares following large-scale hacks. As a result, security has become a major priority for businesses both big and small -- but hackers always seem to be one step ahead. Experts agree that there is a growing need for cybersecurity professionals and universities across the country haven't caught up to the needs of the corporations. In fact, a recent study by CloudPassage found that most schools earn an "F" grade when it comes to teaching the next generation of cybersecurity pros.To read this article in full or to leave a comment, please click here
Attackers are using two known exploits to silently install ransomware on older Android devices when their owners browse to websites that load malicious advertisements.Web-based attacks that exploit vulnerabilities in browsers or their plug-ins to install malware are common on Windows computers, but not on Android, where the application security model is stronger.But researchers from Blue Coat Systems detected the new Android drive-by download attack recently when one of their test devices -- a Samsung tablet running CyanogenMod 10.1 based on Android 4.2.2 -- became infected with ransomware after visiting a Web page that displayed a malicious ad.To read this article in full or to leave a comment, please click here
The Panama Papers should be a wake-up call to every CEO, COO, CTO and CIO in every company.Yes, it’s good that alleged malfeasance by governments and big institutions came to light. However, it’s also clear that many companies simply take for granted that their confidential information will remain confidential. This includes data that’s shared within the company, as well as information that’s shared with trusted external partners, such as law firms, financial advisors and consultants. We’re talking everything from instant messages to emails, from documents to databases, from passwords to billing records.To read this article in full or to leave a comment, please click here
Hackers behind the Bangladesh bank heist created malware to compromise the SWIFT financial system. Security researchers said the malware allowed attackers to modify a database logging the bank’s activity over the SWIFT network, to delete records of outgoing transfer orders and to intercept incoming transfer confirmation messages, and to manipulate both account balance logs and a printer used to make hard copies of the transfer orders.The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a cooperative owned by 3,000 financial institutions. SWIFT software is supposed to securely send and receive information about financial transactions; the messaging platform is reportedly used by 11,000 banks worldwide. SWIFT admitted to Reuters that it was aware of malware targeting its client software “Alliance Access,” which is not used by all 11,000 banks.To read this article in full or to leave a comment, please click here
The hackers who stole US $81 million from Bangladesh's central bank likely used custom malware designed to interfere with the SWIFT transaction software used by many financial institutions.The attackers attempted to transfer $951 million out of Bangladesh Bank's account at the Federal Reserve Bank of New York in February, but most of the transfers were blocked before completion. The attackers did manage to send $81 million to accounts in the Philippines, and that money is still missing.Researchers from BAE Systems have recently come across several malware components that they believe are part of a custom attack toolkit that was likely used in the heist.To read this article in full or to leave a comment, please click here
New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Array Networks APV1600Key features: The APV1600, a fifth-generation application delivery controller (ADC) appliance runs Array’s Version 8.6 software to achieve industry-leading Layer-4 (3.7Gbps), Layer-7 (3Gbps) and SSL (2100TPS) benchmarks for throughput and connection speed. More info.To read this article in full or to leave a comment, please click here
On April 14, MacKeeper security researcher Chris Vickery discovered another misconfigured MongoDB, but this time the database contained the full names, addresses, birth dates and voter registration numbers for every Mexican voter. The database containing personal information on 93.4 million Mexican voters was hosted on an Amazon cloud server with “no password or any authentication of any sort” to protect it. And it has been publicly accessible since September 2015, according to Salted Hash’s Steve Ragan; although it is unknown how many people besides Vickery accessed the records.To read this article in full or to leave a comment, please click here
In my last few posts I’ve pondered the issue of how insecure WordPress installations have become. Here’s an interesting thing to try if you run a Wordpress site; install the 404 to 301 plugin and in its settings check the “Email notifications” option and enter an email address in the “Email address” field. Now, whenever a nonexistent URL is requested, you’ll get notified and, at least for me, it’s been pretty interesting to see how hackers attempt to enter my WordPress installations. To read this article in full or to leave a comment, please click here
One of the peculiar things about computer security is how much the topic is written about and discussed (a huge amount) compared to how much is actually done (always less than you think). But what’s really peculiar is that enterprises, which you’d think would have better security than organizations in, say, the SMB space, often have serious security deficiencies. Case in point: The Bangladesh Central Bank.In February this year, hackers managed to get into the Bangladesh Central Bank’s network and acquired the bank’s SWIFT credentials, codes that authorize interbank transfers. The hackers then used the credentials four times to transfer some $81 million to various accounts in the Philippines and Sri Lanka via the New York Federal Reserve but on the fifth attempt, the hackers misspelled the receiving account’s name (they spelled “Shalika Foundation” as Shalika “Fandation”)(du’oh). To read this article in full or to leave a comment, please click here
The U.S. no longer requires Apple’s assistance to unlock an iPhone 5s phone running iOS 7 used by the accused in a drug investigation, stating that an “individual provided the passcode to the iPhone at issue in this case.”
The Department of Justice has withdrawn its application in the U.S. District Court for the Eastern District of New York.
DOJ had earlier appealed to District Judge Margo K. Brodie an order from Magistrate Judge James Orenstein, ruling that Apple could not be forced to provide assistance to the government to extract data from the iPhone 5s.To read this article in full or to leave a comment, please click here
When Orange Tsai set out to participate in Facebook's bug bounty program in February, he successfully managed to gain access to one of Facebook's corporate servers. But once in, he realized other hackers had beaten him to it.Tsai thought he had stumbled on some malicious activity in Facebook's network. But, according to a statement from Facebook on Friday, what he found was something else.Tsai, a consultant with Taiwanese penetration testing outfit Devcore, had started by mapping Facebook's online properties, which extend beyond user-facing services like facebook.com or instagram.com.One server that caught his attention was files.fb.com, which hosted a secure file transfer application made by enterprise software vendor Accellion and was presumably used by Facebook employees for file sharing and collaboration.To read this article in full or to leave a comment, please click here
NASA this week said it was calling for public input on living quarters for astronauts to live in deep space as well as systems and technologies for a new Mars Orbiter.As far as the living spaces go, Congress earlier this year urged the space agency to move along its ideas for how humans would live on planets or other places far from Earth. With that pressure as a backdrop NASA said it wants US companies, universities, and non-profit organizations to offer up their best ideas for space living systems would include reliable life support systems, fire safety, atmosphere revitalization and monitoring, water processing, lighting, and fire detection and radiation protection.To read this article in full or to leave a comment, please click here
When Orange Tsai set out to participate in Facebook's bug bounty program in February, he successfully managed to gain access to one of Facebook's corporate servers. But once in, he realized that malicious hackers had beaten him to it.Tsai, a consultant with Taiwanese penetration testing outfit Devcore, had started by mapping Facebook's online properties, which extend beyond user-facing services like facebook.com or instagram.com.One server that caught his attention was files.fb.com, which hosted a secure file transfer application made by enterprise software vendor Accellion and was presumably used by Facebook employees for file sharing and collaboration.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Last year the world watched in awe as NASA's New Horizons spacecraft sent stunning pictures of Pluto back to Earth. New Horizons had traveled 3 billion miles across the solar system over a decade's time to make its closest approach to Pluto—about 7,750 miles above the surface. That's roughly the same distance from New York to Mumbai, India.This is quite an impressive scientific achievement. But what if one small bug in the navigation software had sent the spacecraft millions of miles off course? Instead of viewing the mesmerizing Pluto terrain nicknamed "the heart," disappointed NASA scientists would instead be looking at a whole lot of black nothingness. To ensure that nothing like that happens, NASA engineers use a methodology called formal verification to validate every possibility in the spacecraft's software code.To read this article in full or to leave a comment, please click here
NASA this week took a giant step toward using solar electric power for future space missions by awarding a $67 million to Aerojet Rocketdyne to develop an advanced electric propulsion system.Such a system would deploy large solar arrays that can be used to convert sunlight into electrical power that ionizes atoms of xenon which is the propellant for the spacecraft’s thrusters. The thrust of such a power plant isn’t huge but its ability to provide increasing, continuous power over a long period of time is what makes it so attractive for long-duration spaceflights.+More on Network World: NASA: Top 10 space junk missions+To read this article in full or to leave a comment, please click here
Cisco Systems has released patches to fix serious denial-of-service flaws in its Wireless LAN Controller (WLC) software, Cisco Adaptive Security Appliance (ASA) software and the Secure Real-Time Transport Protocol (SRTP) library that's used in many products.The Cisco WLC software contains two denial-of-service vulnerabilities, one of which is rated critical and could be exploited by an unauthenticated attacker through specially crafted HTTP requests sent to the device. This can cause a buffer overflow condition that, in addition to a device reload, might also allow for execution of arbitrary code on the device.To read this article in full or to leave a comment, please click here
Imagine waking up to an urgent 5 a.m. call: Something has taken over your corporate network and encrypted all of your data, and supposedly the only way to get it all back is to pay a significant sum to an anonymous third party using Bitcoin. While that scene might sound like something out of Hollywood, it is actually very real – and it’s exactly what several variants of ransomware are doing to organizations around the globe.Two recent appearances of ransomware in the news demonstrate that it is a problem that is growing in both volume and significance, as larger and larger organizations, some critical to public and social services, are impacted by an outbreak:To read this article in full or to leave a comment, please click here
A security researcher has created a free security tool that can detect attempts by ransomware programs to encrypt files on users' Macs and then block them before they do a lot of damage.Called RansomWhere? the application is the creation of Patrick Wardle, director of research and development at security firm Synack. It's meant to detect and block the encryption of files by untrusted processes.The tool monitors users' home directories and detects when encrypted files are rapidly created inside them -- a telltale sign of ransomware activity.When such activity is detected, RansomWhere? determines the process responsible and suspends it. To limit false positives -- legitimate encryption programs being detected as ransomware -- the tool whitelists all applications signed by Apple and most of those that already exist on the computer when RansomWhere? is first installed.To read this article in full or to leave a comment, please click here
Aleksandr Andreevich Panin, the Russian developer of the SpyEye botnet creation kit, and an associate were on Wednesday sentenced to prison terms by a court in Atlanta, Georgia, for their role in developing and distributing malware that is said to have caused millions of dollars in losses to the financial sector.Panin, who set out to develop SpyEye as a successor to the Zeus malware that affected financial institutions since 2009, was sentenced by the court to nine and half years in prison, while his Algerian associate Hamza Bendelladj got a 15-year term, according to the Department of Justice.After infecting victims' computers, cybercriminals were able to remotely control these compromised computers through command-and-control servers, and steal the victims’ personal and financial information using techniques such as Web injects that introduce malicious code into a victim’s browser, keystroke loggers that record keyboard activity and credit card grabbers. The information sent to the servers was then used to steal money from the financial accounts of the victims.To read this article in full or to leave a comment, please click here
The business of bug hunting is a potentially lucrative one for both seasoned security researchers and amateurs with an interest in hacking. It’s an area that’s gaining legitimacy thanks to official bug bounty programs and hacking contests, but there’s still a seedy underbelly that unscrupulous bounty hunters can take advantage of if they successfully identify a vulnerability.The average cost of a data breach is $3.8 million, according to research by the Ponemon Institute. It’s not hard to understand why so many companies are now stumping up bounties. It can also be very difficult, time consuming and expensive to root out bugs and flaws internally. Turning to the wider security community for help makes a lot of sense, and where there’s need there’s a market. To read this article in full or to leave a comment, please click here