Archive

Category Archives for "Network World Security"

British Airways plane possibly hit by drone near Heathrow

A British Airways aircraft was possibly hit by a drone Sunday near Heathrow airport as it was coming to land, which is likely to increase demands for greater checks on the flights of the devices. The Airbus A320 flight from Geneva, carrying 132 passengers and five crew members, appears to have not been significantly impacted and was cleared for its next flight, according to news reports. The U.K. Civil Aviation Authority said it was aware of “a possible incident” with a drone at Heathrow on Sunday, which is subject to investigation by the Metropolitan Police. It reminded drone users of the country’s "dronecode," which prohibits drones from flying above 400 feet (about 122 meters) and requires them to stay away from aircraft, helicopters, airports and airfields.To read this article in full or to leave a comment, please click here

New products of the week 4.18.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Altify MaxKey features: Altify Max is the first "augmented intelligence" platform that combines human and machine intelligence. Altify Max includes more than 30 years of sales knowledge built-in and combines the deep muscle memory of a million sales engagements, knowledge of the world’s best sales methodologies and insights from each individual business to create instant, real-time recommendations about how to progress each opportunity. More info.To read this article in full or to leave a comment, please click here

Verodin carries out attacks safely to test network security

A software platform from startup Verodin launches simulated attacks against live networks as a way to check the effectiveness of their defenses and also train security operations personnel.Verodin’s gear includes software probes that are deployed in customer networks to act as both attackers and targets. Data about the effectiveness of the simulated attacks is fed to a Web-based management platform called a controller that shows how well the network defended itself.Verodin’s platform is similar to that from another startup called AttackIQ.To read this article in full or to leave a comment, please click here

On getting your WordPress site hacked; pay now or pay more later

In my last post I posed the question of whether it’s time to look for alternatives to the leading publishing platforms such as WordPress, Drupal, Joomla, etc., but, truth be told, finding an alternative that can do everything these products do is practically impossible … that is, unless you’re willing to spend money building a customized solution.And that may be the reality of the future; if you don’t build your own solution paying upfront at perhaps 100x the cost (thanks, Keith) of, say, a simple WordPress installation, you’ll windup paying far more than that when you get hacked. According to IBM’s tenth annual Cost of Data Breach Study:To read this article in full or to leave a comment, please click here

Hackers having a field day – time to rethink your blogging and publishing strategy

A while ago in another post I asked Is it time to give up on WordPress sites? and I got some interesting comments; here’s two that nail the issue and the growing sentiment: Marco Naseef: “extremely modular = extremely vulnerable”David Franks: “… I run a hundred or so Wordpress sites and I'm on the verge of throwing in the towel. / All the big hosts like Bluehost and Hostgator have their shared host platforms controlled by hackers and riddled with malware like dark leach. It's very dispiriting. / I think the days of Wordpress are numbered”To read this article in full or to leave a comment, please click here

Hacker who hacked Hacking Team published DIY how-to guide

The hacker responsible for bringing pwnage pain to the Hacking Team last July has published an in-depth “DIY guide” for how he pulled it off. It’s a detailed, really great read.The hacker is none other than Phineas Fisher; he runs the @GammaGroupPR Twitter account, now referred to as “Hack Back,” and previously leaked FinFisher spyware documents, including details like which antivirus solutions could detect Gamma International’s surveillance malware.To read this article in full or to leave a comment, please click here

Chrome extensions will soon have to tell you what data they collect

Google is about to make it harder for Chrome extensions to collect your browsing data without letting you know about it, according to a new policy announced Friday.Starting in mid-July, developers releasing Chrome extensions will have to comply with a new User Data Policy that governs how they collect, transmit and store private information. Extensions will have to encrypt personal and sensitive information, and developers will have to disclose their privacy policies to users.Developers will also have to post a "prominent disclosure" when collecting sensitive data that isn't related to a prominent feature. That's important, because extensions have tremendous power to track users' browsing habits and then use that for nefarious purposes.To read this article in full or to leave a comment, please click here

Schools put on high alert for JBoss ransomware exploit

More than 2,000 machines at schools and other organizations have been infected with a backdoor in unpatched versions of JBoss that could be used at any moment to install ransomware such as Samsam. That's according to Cisco's Talos threat-intelligence organization, which on Friday announced that roughly 3.2 million machines worldwide are at risk. Many of those already infected run Follett's Destiny library-management software, which is used by K-12 schools worldwide.To read this article in full or to leave a comment, please click here

A new approach to detecting compromised credentials in real-time  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.   Last year the Federal Financial Institutions Examination Council (FFIEC) issued a statement to notify financial institutions about the growing trend of cyber attacks designed to steal online credentials. While this is certainly a big issue for banks and credit unions, concern about stolen credentials extends far beyond the financial services industry. Basically any organization with valuable data is at risk of an attack initiated with seemingly legitimate credentials.To read this article in full or to leave a comment, please click here

MIT’s new bug finder uncovers flaws in Web apps in 64 seconds

Finding bugs in Web applications is an ongoing challenge, but a new tool from MIT exploits some of the idiosyncrasies in the Ruby on Rails programming framework to quickly uncover new ones.In tests on 50 popular Web applications written using Ruby on Rails, the system found 23 previously undiagnosed security flaws, and it took no more than 64 seconds to analyze any given program.Ruby on Rails is distinguished from other frameworks because it defines even its most basic operations in libraries. MIT's researchers took advantage of that fact by rewriting those libraries so that the operations defined in them describe their own behavior in a logical language.To read this article in full or to leave a comment, please click here

Hybrid GozNym malware targets customers of 24 financial institutions

A group of cybercriminals have combined two powerful malware programs to create a new online banking Trojan that has already stolen millions of dollars from customers of 24 U.S. and Canadian banks.The new threat has been dubbed GozNym by researchers from IBM X-Force because it combines the stealthy Nymaim malware and the Gozi banking Trojan.The new computer Trojan targets 22 websites that belong to banks, credit unions and e-commerce platforms based in the U.S., and two that belong to financial institutions from Canada. Business banking services appear to be a top target for GozNym's creators, according to the IBM researchers.Nymaim is what researchers call a dropper. Its purpose is to download and run other malware programs on infected computers. It is usually distributed through Web-based exploits launched from compromised websites.To read this article in full or to leave a comment, please click here

8 cyber security technologies DHS is trying to commercialize

The Department of Homeland Security is publicizing eight new cyber security technologies developed under federal grants that are looking for private businesses to turn them into commercial products.In its fourth “Cyber Security Division Transition to Practice Technology Guide”, DHS outlines the eight technologies that range from malware analysis tools to behavior analysis platforms to randomization software that protects Windows applications.+More on Network World: IRS: Tax deadline looms, scammers get more frantic+To read this article in full or to leave a comment, please click here

IDG Contributor Network: 22 new concerns added to Docker security benchmark

Security has, and continues to be, an impediment to container adoption. Whether containers are less or more secure than their virtual machine counterparts is a topic of continued debate.Like any debate, there are merits to arguments on both sides with a bit of FUD interlaced. Many efforts have been undertaken within the container ecosystem to educate adopters and improve their comprehension of available tooling and security postures within platforms and offerings—be that in the form of static analysis (image scanning), runtime vulnerability detection, provenance (image signing), fine-grained authorization, cryptographic verification, etc.The breadth of need for improved security capabilities has provided an opportunity for emerging start-ups to focus specifically on the container security space and others to dedicate their company's mission to securing the Internet. Having spent time with most of the vendors in this space, I'll say that as you might expect, it's a quickly changing landscape. One thing is evident: open source communities and vendors at every layer—from hardware through operating system, container runtime, container image, host-to-cluster orchestrator, PaaS to CaaS—have significantly marshalled forward security-centered improvements in the past year.To read this article in full or to leave a comment, please click here

Catastrophic cyber attack on U.S. grid possible, but not likely

Warnings about U.S. critical infrastructure’s vulnerabilities to a catastrophic cyber attack – a cyber “Pearl Harbor” or “9/11” – began more than 25 years ago. But they have become more insistent and frequent over the past decade.Former Defense Secretary Leon Panetta warned in a 2012 speech of both a “cyber Pearl Harbor” and a “pre-9/11 moment.”They have also expanded from within the security industry to the mass media. It was almost a decade ago, in 2007, that the Idaho National Laboratory demonstrated that a cyber attack could destroy an enormous diesel power generator – an event featured in a 2009 segment on the CBS news magazine “60 Minutes.”To read this article in full or to leave a comment, please click here

Energy Dept. serves-up $30M for future connected, automated cars

Developing advanced auto communications and automation is the central notion behind a new $30 million project announced today by the US Department of Energy’s Advanced Research Projects Agency-Energy (ARPA-E).+More on Network Wolrd: Six key challenges loom over car communication technology+The program, known as NEXTCAR or NEXT-Generation Energy Technologies for Connected and Automated on-Road vehicles will develop technology that will result in a 20% reduction in the energy consumption of future so-called Connected and Automated Vehicles, compared to vehicles without these technologies, ARPA-E stated.To read this article in full or to leave a comment, please click here

Apple probably won’t find out how the FBI hacked the San Bernardino iPhone

The strange tale of the San Bernardino iPhone seems like it’s almost over, although it touched off a national debate about encryption that’s just getting started. Apple probably won’t find out what method was used by the third-party firm that broke into the iPhone 5c used by shooter Syed Rizwan Farook, reports Reuters.The government says that the unidentified international firm that did the hack has legal ownership of the method, so while the FBI got the data it wanted, it’s unable to disclose the method to Apple. There’s actually a system in place, known as the Vulnerabilities Equities Process, that’s designed to evaluate flaws discovered by the government’s own agencies to determine if they should be disclosed to the technology companies who can patch them, or if the vulnerabilities can remain secret to be used by the NSA, FBI, or other agencies.To read this article in full or to leave a comment, please click here

Ransomware authors use the bitcoin blockchain to deliver encryption keys

Ransomware authors are using the bitcoin blockchain, which serves as the cryptocurrency's public transaction ledger, to deliver decryption keys to victims.The technique, which removes the burden of maintaining a reliable website-based infrastructure for cybercriminals, was observed in a recent version of the CTB-Locker ransomware that targets Web servers.CTB-Locker has targeted Windows computers for a long time, but a PHP-based variant capable of infecting websites first appeared in February, marking an interesting evolution of this ransomware threat.The decryption routine in the original PHP-based CTB-Locker version involved a script called access.php that served as a gateway to the attackers' back-end server. This gateway script was hosted on multiple hacked websites and was necessary to obtain the decryption key after victims made a payment.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Marines launch cyberspace warfare group

The U.S. Marine Corps intends to protect its networks and communications with a new cyberspace operations team. Notably, the organization said its new unit will have an “offensive” element.“The Marine Corps is seeing the need for defense of its networks and communications,” a press release on the Marines Corps’ website explained. That will include “what can we do to hinder an enemy,” said Sgt. Brian Mueller, a digital network exploitation analyst with the new Marine Corps Cyberspace Warfare Group (MCCYWG), in the release. He is referring to the “offensive” element.To read this article in full or to leave a comment, please click here

More than 43,000 sign petition against U.S. encryption-breaking bill

More than 43,000 people have signed a petition against proposed U.S. legislation that would require tech companies to break into their users' encrypted data when ordered to by a judge.The proposal, from Senators Richard Burr and Dianne Feinstein, would require smartphone OS developers and other tech vendors to assist law enforcement agencies by breaking their own security measures.CREDO Action, a progressive activist group, launched a petition opposing the Compliance with Court Orders Act on Tuesday, and more than 43,000 people had signed it by early Thursday afternoon.To read this article in full or to leave a comment, please click here

Cyberattack could knock out huge swath of US electric grid, lawmakers say

The U.S. government is not prepared for a cyberattack on the electrical grid that takes out power over a large area for weeks, or even months.A widespread, long-lasting power outage caused by a cyberattack may be unlikely, but the U.S. government needs to better plan for the possibility, Representative Lou Barletta, a Pennsylvania Republican, said Thursday.With some experts worried that a coordinated cyberattack could lead to widespread power outages lasting for several months, the federal government should offer more help to state and local governments planning to deal with the aftermath, Barletta said during a hearing before a subcommittee of the House of Representatives Transformation and Infrastructure Committee.To read this article in full or to leave a comment, please click here