Archive

Category Archives for "Network World Security"

Security, encryption experts: Congress is the answer to Apple v. FBI

The world’s top security and encryption experts who spent time last week at RSA Conference 2016 trying to figure out how to keep devices and communications secure yet also enable criminal investigations came up with nothing except to punt the issue to the U.S. Congress.And Congress will take up the issue this week with Attorney General Loretta Lynch scheduled to testify to the Senate Judiciary Committee. The panel is looking into the Justice Department in general, but the topic is expected to come up.+More on Network World: Hot security products at RSA 2016+To read this article in full or to leave a comment, please click here

Boeing’s self-cleaning aircraft bathroom lets you use loo without touching anything (mostly)

Boeing is looking to clean up one of the smallest and dirtiest component of travel—the commercial airplane toilet.With barely enough space to um, sit, and with high capacity usage, the commercial airline toilet perhaps is an engineering marvel but little else. Boeing however is looking to that notion with a self-cleaning aircraft bathroom– known as the Fresh Lavatory -- that the company says uses ultraviolet (UV) light to kill 99.99% of germs in the loo – and even puts down the toilet seat lid.+More on Network World: NASA: “Wild” technology will transform aviation+To read this article in full or to leave a comment, please click here

New Juniper Security CTO promises open framework for software defined network security

The new Juniper Networks liaison between the company’s engineering team and its customers says it will take time, but Juniper’s software defined security networking (SDSN) will eventually support third-party devices to help build security into the network fabric itself.It’s part of a shift from network security to a secure network that is flexible thanks to software defined networking, says Kevin Walker, Juniper’s Security CTO.The SDSN framework is designed to leverage the capabilities of the entire network to detect and assess threats, and enforce security policies across switches, routers and firewalls. Recently Juniper CEO Rami Rahim referred to this framework as “the rolling thunder of security enhancements.”To read this article in full or to leave a comment, please click here

Verizon Wireless settles FCC complaint about supercookie tracking

Verizon Wireless, in a settlement over its use of so-called supercookies to track mobile customers, will notify them about its targeted advertising practices and will obtain their permission before sharing personal identifiers with third parties.The company, in its settlement with the Federal Communications Commission, will also seek customer permission before internally sharing information gleaned by tracking its mobile customers using undeletable supercookies, the agency said Monday. The company will also pay a US$1.35 million fine for its use of the unique identifier headers, called UIDH or supercookies.To read this article in full or to leave a comment, please click here

OS X hit by first ever piece of ransomware

Over the last 15 years or so, Apple's Mac platform has traditionally been a much safer computing environment than Windows. Of course, this wasn't necessarily due to OS X having incredibly stronger security protections, but was rather a reflection of the fact that hackers were prone to targeting Windows given its stature as the most commonly used OS on the planet.But the times they are a chagin'. As the Mac has become more popular in recent years, hackers are increasingly setting their sights on OS X users who may now be operating with false sense of security as it pertains to malware.Illustrating this changing dynamic, OS X over the weekend was hit with its first piece of malware. This past Saturday, Transmissionbt.com issued a warning indicating that version 2.9 of Transmission - a popular and easy to use BitTorrent client - was infected with ransomware. As such, victims of the attack were greeted with messages stating that their hard drive had been encrypted and that the only way to decrypt it was to pay a fee of about $400.To read this article in full or to leave a comment, please click here

Maintainers of new generic top level domains have a hard time keeping abuse in check

Generic top-level domains (gTLDs) that have sprung up in recent years have become a magnet for cybercriminals, to the point where some of them host more malicious domains than legitimate ones.Spamhaus, an organization that monitors spam, botnet and malware activity on the Internet, has published a list of the world's top 10 "worst TLDs" on Saturday. What's interesting is that the list is not based on the overall number of abusive domains hosted under a TLD, but on the TLD's ratio of abusive domains compared to legitimate ones.Over the years, lists of spam-friendly top level domains have typically had .com, .net and .org at the top. However, a TLD's trustworthiness ultimately relies on the ability of the organization that manages it -- known as the registry -- to police its name space and to enforce rules for its resellers, the registrars.To read this article in full or to leave a comment, please click here

Setting the scene from RSAC 2016

Among the waves of noise, mutterings of threats, analysis, BYOD demands, the Great Fear of IoT, and the hyper-ptui of sales blather, I saw something at RSA. Call it a security crocus, that first brave flower of people paying attention. There are a smattering of hardened security professionals at RSA. They’ve seen it all, watched as secure data was opened like a can of old anchovies, and smelled just as bad. You can see it in their eyes, mostly: Skepticism mixed with scar tissue, thick skin, and I-told-you-so, with a short attention span and nary a smile. + MISS RSA? Catch up with all the news from the show +To read this article in full or to leave a comment, please click here

Welcome to the club OS X users: First Mac-targeting ransomware detected in the wild

Welcome to the club, OS X users, since you are now vulnerable to ransomware infections and popular cybercriminal extortion schemes. The Transmission BitTorrent client has the dubious honor of being chosen as the first target to deliver Mac ransomware.On Saturday, OS X Transmission users who had downloaded version 2.90 took to the forum to report “OSX.KeRanger.A” malware. On Sunday, Palo Alto Network researchers Claud Xiao and Jin Chen revealed that on March 4 they had detected the “first fully functional ransomware seen on the OS X platform.” Attackers had infected two Transmission version 2.90 installers with KeRanger.To read this article in full or to leave a comment, please click here

The 6 hottest new jobs in IT

When CompTIA conducted an intensive examination of the IT employment market last year, it uncovered demand for jobs whose titles would have been meaningless only a year or two ago: augmented reality designer, Internet of things architect, container developers.That’s no surprise, given that the IT job market is in constant flux, with new technologies emerging so quickly that hiring managers struggle to define those positions -- let alone give them a title. IBM, for example, has a director of blockchains, and Ford Motor is among many companies looking for GPU cluster engineers.To read this article in full or to leave a comment, please click here

Verizon provides a behind the scenes look at data breaches

Interesting detailsImage by ThinkstockThe Verizon RISK Team performs cyber investigations for hundreds of commercial enterprises and government agencies annually across the globe. In 2015, they investigated more than 500 cybersecurity incidents. They shared some of the details in a recent report of how they solved the cyber crimes.To read this article in full or to leave a comment, please click here

Apple exec takes to op-ed page, argues against turning back the clock to ‘less-secure time’

Apple's head of software engineering took to The Washington Post's op-ed page Sunday to reprise many of the arguments the company -- and supporters -- have made to contest a federal court order that would compel it to help the FBI break into a passcode-locked iPhone."The encryption technology built into today's iPhone represents the best data security available to consumers," asserted Craig Federighi, vice president of software engineering at Apple, in a piece published by the newspaper yesterday. But "the FBI, Justice Department and others in law enforcement are pressing us to turn back the clock to a less-secure time and less-secure technologies."To read this article in full or to leave a comment, please click here

New products of the week 3.7.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.cVu 3240NGKey features: cPacket cVu 3240NG is the most powerful distributed Network Performance Monitoring and Diagnostics (NPMD) solution on the market, delivering proactive real-time analysis, 40G line-rate performance analytics and complete packet inspection across L2-L7. More info.To read this article in full or to leave a comment, please click here

Suspected Bush family hacker Guccifer to be extradited to US

Romania's highest court has approved the temporary extradition of a convicted hacker accused of breaking into the email and social media accounts of a Bush family member and U.S. government officials.The court ruled Friday that Romanian national Marcel Lehel Lazăr will be extradited to the U.S. for a maximum of 18 months to face charges brought against him there.Lazăr was indicted in June 2014 in the U.S. District Court for the Eastern District of Virginia, accused of hacking into the email and social media accounts of high-profile victims including a family member of two former U.S. presidents, a former U.S. Cabinet member, a former member of the U.S. Joint Chiefs of Staff, and a former presidential adviser.To read this article in full or to leave a comment, please click here

The ultimate hackathon survival guide

Name a city, pick a date, and you’ll likely find a nearby hackathon, whether you’re in Des Moines, Iowa, or Yerevan, Armenia.Major League Hacking lists over 100 hackathons held in 2015 at a college or university, while Hacker League lists an additional 200-plus hosted by corporations and other organizations. Some hackathons are virtual and conducted on the Web, and there’s even a three-day event that takes place on a bus.If you’ve never attended one, however, it can seem like a daunting endeavor, with the all-night coding sessions, over-caffeinated attendees, pressure to produce under time constraints and the niggling fear that you’re not skilled enough.To read this article in full or to leave a comment, please click here(Insider Story)

Apple shuts down first-ever ransomware attack against Mac users

With the help of security researchers, Apple over the weekend quickly blocked a cyberattack aimed at infecting Mac users with file-encrypting malware known as ransomware.The incident is believed to be the first Apple-focused attack using ransomware, which typically targets computers running Windows.Victims of ransomware are asked to pay a fee, usually in bitcoin, to get access to the decryption key to recover their files.Security company Palo Alto Networks wrote on Sunday that it found the "KeRanger" ransomware wrapped into Transmission, which is a free Mac BitTorrent client. Transmission warned on its website that people who downloaded the 2.90 version of the client "should immediately upgrade to 2.92."To read this article in full or to leave a comment, please click here