Survey says!Image by ThinkstockIn a tight job market, security pros are paid well, rate job satisfaction high, and will make a move for money, according to Computerworld's 2016 IT Salary Survey*.
Read the full article: With all eyes on security, talent shortage sends salaries sky highTo read this article in full or to leave a comment, please click here(Insider Story)
News of or firsthand experience with breaches that attackers managed to achieve using external service providers such as POS vendors reminds enterprises that the federated enterprise makes a bulletproof perimeter no longer possible.Failure to audit your providers is like neglecting to audit your internal enterprise, culminating in similar ramifications. In both cases, you can’t close holes you don’t know exist. But knowing what to audit can be the lion’s share of how to get it done right.In this fourth installment of a five part series designed to harden and remove vulnerabilities in incident response itself, CSO tips you off on what to audit inside those who conduct trade so closely with you and what resources to use.To read this article in full or to leave a comment, please click here(Insider Story)
Now that it has found a way to do so for its own purposes in a California terrorism case, the FBI is helping Arkansas prosecutors break into an iPhone and iPad.This time it’s to look for evidence in a murder trial, and it’s without asking Apple for help to crack the iOS devices. Instead prosecutors in Faulkner County, Ark., asked the FBI to take a shot at it, given its recent success breaking into the phone used by a terrorist in San Bernardino, Calif., according to the Associated Press.The FBI is also helping break into an iPod related to the case, the AP says.To read this article in full or to leave a comment, please click here
Reddit has removed a notice, known as a warrant canary, from its transparency report for 2015, suggesting that it may have received a secret national security order for user data.The removal of the warrant canary is a reminder to users that their online communications could be the target of investigators.The most controversial of the orders is the National Security Letter, which gives the government the authority to compel the production of customer records held by telephone companies, Internet service providers and other electronic communications service providers.Companies, who have been asked for user data by the government, are usually served the requests under a “gag order” that prohibits them from disclosing the request for data.To read this article in full or to leave a comment, please click here
CloudFlare is tweaking its systems to make it easier for legitimate Tor users to access websites that use its network to deliver content.Tor users have complained that CloudFlare-powered websites too frequently display CAPTCHAs, a security gate designed to stop automated web bots and abuse. CAPTCHAs are the squiggly text or puzzles you have to solve to prove you're a real human.The problem is that many computers employing Tor are engaged in abusive activity, resulting in CloudFlare displaying CAPTCHAs when it detects a computer using the Tor network.Legitimate Tor users thus have a poor browsing experience given the wide use of CloudFlare's CDN.To read this article in full or to leave a comment, please click here
These "free USB sticks" were left for the taking in our break room here at Network World headquarters.And, even though I’m reasonably certain I know who left them, there’s no way I’m falling for the old “No viruses! Honest!” trick.
To read this article in full or to leave a comment, please click here
The U.S. Federal Communications Commission has taken a major step toward new regulations requiring ISPs to get customer permission before using or sharing their Web-surfing history and other personal information.The FCC voted 3-2 Thursday to approve a notice of proposed rule-making, or NPRM, the first step toward passing new regulations, over the objections of the commission's two Republicans.The proposed rules, which will now be released for public comment, require ISPs to get opt-in permission from customers if they want to use their personal information for most reasons besides marketing their own products.To read this article in full or to leave a comment, please click here
We are well on our way to a world where communications traffic between mobile apps will be completely secure. Whether voice or text, monitored traffic will be encrypted and uncrackable, even with the cooperation of the app or device developers.A recent example, Facebook’s WhatsApp is reportedy causing law enforcement concern, as it appears to be impervious to decryption efforts. Government legislation forcing vendors to incorporate some type of backdoor password seems to be the only alternative to living with this new reality, but legislation may be unenforceable in the international context of app development and distribution.To read this article in full or to leave a comment, please click here
Starting with iOS 9, Apple has tried to make it harder for attackers to trick users into installing unauthorized apps on their devices by abusing stolen enterprise certificates. However, it left one door open that attackers can still exploit: the protocol used by mobile device management products.In a presentation at the Black Hat Asia security conference on Friday, researchers from Check Point Software Technologies will demonstrate that the communication between MDM products and iOS devices is susceptible to man-in-the-middle attacks and can be hijacked to install malware on non-jailbroken devices with little user interaction.Apple's tight control over the iOS App Store has made it hard, but not impossible, for attackers to infect iOS devices with malware.To read this article in full or to leave a comment, please click here
One of the best pieces of security advice any computer expert can give you is to enable two-factor authentication for websites that support it. With password breaches so common nowadays, it could be the one thing that keeps hackers from stealing your identity online. Here are five points to help you understand this technology.Two-factor authentication or two-step verification?A lot of people think they're the same thing, but that's not really accurate.There are three types of authentication factors: something you know, such as a password or PIN; something you have, such as a mobile phone or a special USB key; and something you are, such as your fingerprint or other biometric identifier.To read this article in full or to leave a comment, please click here
There’s a lot of things coming out of Microsoft’s BUILD conference, but here are three.Bash coming to Windows 10There are now 270 million monthly active devices running Windows 10 and some of those people behind those machines surely use Linux as well. After Microsoft rolls out the Windows 10 “Anniversary” update this summer, those folks can have the “real” Bash shell in Windows.First you would need to turn on Developer Mode in Windows settings and download the Bash shell from the Windows Store, but then you open the Start menu and type “bash” to open cmd.exe running Ubuntu’s /bin/bash, explained Dustin Kirkland, part of Canonical’s Ubuntu product and strategy team. Then you have “full access to all of Ubuntu user space.”To read this article in full or to leave a comment, please click here
5 dev tools for securing your codeImage by geralt via pixabayInformation security is of paramount importance these days, and there is no better place to start securing systems and data than in the software development process itself.To read this article in full or to leave a comment, please click here
Even as the White House is calling on federal agencies to make more use of open source projects, there's also a federal effort under way to reduce the number of vulnerabilities in those products via better code review tools and bug bounties.By the end of September, the Cyber Security Division at the Department of Homeland Security plans to award funding for a project designed to improve the performance of static code analysis tools."We're in the process of approving proposals now from academia and small businesses," said Kevin Greene, the division's software assurance program manager.[ ALSO ON CSO: Romancing development: How to avoid feeling vulnerable with open source ]To read this article in full or to leave a comment, please click here
Building botnets made up of routers, modems, wireless access points and other networking devices doesn't require sophisticated exploits. Remaiten, a new worm that infects embedded systems, spreads by taking advantage of weak Telnet passwords.
Remaiten is the latest incarnation of distributed denial-of-service Linux bots designed for embedded architectures. Its authors actually call it KTN-Remastered, where KTN most likely stands for a known Linux bot called Kaiten.
When scanning for new victims, Remaiten tries to connect to random IP addresses on port 23 (Telnet) and if the connection is successful, it attempts to authenticate using username and password combinations from a list of commonly used credentials, researchers from ESET said in a blog post.To read this article in full or to leave a comment, please click here
Apple's widely publicized battle with the FBI came to an unceremonious end this week when the DOJ filed a motion seeking to vacate a previous court order that would have forced Apple to help the FBI hack into the iPhone used by one of the San Bernardino terrorists.The impetus for the DOJ dropping its legal suit against Apple was that the FBI, with the assistance of a third party, finally managed to access the aforementioned iPhone's data without Apple's assistance. While the identity of the third party has never been confirmed, it's believed that an Israeli software forensics company called Cellebrite provided the FBI with a way in.And with not even a week having gone by, the FBI has reportedly begun using its recently acquired iPhone hacking solution in other criminal investigations. According to a report from the Associated Press, the FBI recently agreed to access a locked iPhone and iPod where were subject to a warrant as part of a homicide investigation in Little Rock, Arkansas. Officials involved in the case indicated that they have reason to believe that the devices contain evidence of the duo's pre-meditated murder plans.To read this article in full or Continue reading
MedStar Health said Wednesday it is restoring computer systems following a cyberattack that reportedly involved file-encrypting malware.The not-for-profit organization, which runs 10 hospitals in the Washington, D.C., area, was hit with ransomware, the Baltimore Sun reported on Wednesday, citing two anonymous sources.MedStar Health officials could not be immediately reached for comment. The organization issued two statements Wednesday, but did not describe what type of malware infected its systems.It said in one statement that its IT team has worked continuously to restore access to three main clinical systems. It said no patient data or associate data was compromised.To read this article in full or to leave a comment, please click here
Rules, smules...they don't seem to apply to Hillary Clinton. The Washington Post has an excellent piece about the Clinton email scandal.For “personal comfort” reasons, she wanted to use her personal unencrypted BlackBerry for all her email, despite warnings that it could be vulnerable. She even took it overseas, although she supposedly said she “gets it” being a security risk. Don’t be silly and expect her to use a PC; oh no, she was seemingly a CrackBerry fanboy. She also didn’t bother to tell officials that her BlackBerry was tied to her infamous private email server. That server was supposedly also for her comfort – for her “convenience.”To read this article in full or to leave a comment, please click here
In the first segment of an interview with Chris Inglis, former deputy director of NSA, the Irari Report talks with him about his perceptions of Edward Snowden’s motivations and intentions in committing his acts of espionage. In the video segment, Inglis discusses his impressions of Snowden, and theorizes as to why Snowden left for China, and to where he intended to defect.Edward Snowden's defection occurred during Inglis' tenure as Deputy Director of NSA, and as such, Inglis was extremely involved in overseeing the investigation incident and mitigation of the resulting damage. Inglis states that Snowden was indiscriminate in his release of information, and is full of rage. When asked to comment on why Snowden has not released any documents about Russian or Chinese domestic surveillance efforts, which are plentiful throughout NSA, and would have been readily available to Snowden while he was at NSA, Inglis stated that Snowden lacks any courage to speak up about any concerns while he might be held accountable.To read this article in full or to leave a comment, please click here
Jason Hoffman started his career as an internal auditor, but after 7 years he was ready to leave the job he was "really good at" and try something different. The transition to security more than 18 years ago "was probably the best decision I made in my career," says Hoffman, who is now CSO at marketing automation software vendor Marketo. "I don’t think anyone in 1998 could have predicted how important security would be today."
"Company executives and their boards are more acutely aware that security is not just an IT problem but it’s a business problem," says Hoffman. "As a result, security is getting more emphasis across all companies regardless of sector."To read this article in full or to leave a comment, please click here(Insider Story)
Companies going through a merger or acquisition, as well as their lawyers, financial advisers, and other associated firms are all tempting targets for cyberattackers, according to a new report from Digital Shadows.The attackers use public sources for the first round of information gathering, then spearphishing and malware campaigns against targeted individuals. They are often undetected because many companies still ignore cybersecurity when doing due diligence, the report said.ALSO ON CSO: How to respond to ransomware threats
The attackers are "apex predators" said Rick Holland, the company's vice president of strategy.To read this article in full or to leave a comment, please click here