Archive

Category Archives for "Network World Security"

MIT’s new 5-atom quantum computer could make today’s encryption obsolete

Much of the encryption world today depends on the challenge of factoring large numbers, but scientists now say they've created the first five-atom quantum computer with the potential to crack the security of traditional encryption schemes.In traditional computing, numbers are represented by either 0s or 1s, but quantum computing relies on atomic-scale units, or “qubits,” that can be simultaneously 0 and 1 -- a state known as a superposition that's far more efficient. It typically takes about 12 qubits to factor the number 15, but researchers at MIT and the University of Innsbruck in Austria have found a way to pare that down to five qubits, each represented by a single atom, they said this week.To read this article in full or to leave a comment, please click here

DARPA moves ahead with radical vertical takeoff aircraft

The Defense Advanced Research Projects Agency took one step further in building a radically different vertical take off and landing or VTOL aircraft that can fly fast and carry a big load.Specifically DARPA awarded Aurora Flight Sciences the $89 million prime contract for Phase 2 of the agency’s Vertical Takeoff and Landing Experimental Plane (VTOL X-Plane) program which looks to: Achieve a top sustained flight speed of 300 kt-400 kt Raise aircraft hover efficiency from 60% to at least 75% Present a more favorable cruise lift-to-drag ratio of at least 10, up from 5-6 Carry a useful load of at least 40% of the vehicle’s projected gross weight of 10,000-12,000 pounds +More on Network World: The iconic Boeing 747 is almost 50!+To read this article in full or to leave a comment, please click here

Relatives of victims, law enforcement groups support FBI in iPhone unlocking case

Law enforcement groups and family members of victims of December's San Bernardino mass shooting have backed the FBI and opposed Apple in the court fight over an iPhone used by one of the shooters.Family members of the shooting victims "seek to remind all parties of the terrible crime -- an act of terrorism -- the United States must investigate to its fullest," wrote lawyers for family members of five victims and one witness to the shooting. "Ultimately, this is a situation where no stone can be left unturned."Much of the debate over the FBI's demands of Apple assistance has focused on the "potentially global ramifications" of Magistrate Judge Sheri Pym's Feb. 16 order requiring Apple to comply, but there's a law enforcement investigation to consider, the lawyers added.To read this article in full or to leave a comment, please click here

‘Serious risk’ that Apple-made iPhone cracking code will leak

Security experts yesterday said that there is a "serious risk" that the special iPhone-cracking software sought by the FBI would fall into the wrong hands if Apple is forced to assist the government in accessing the data on an iPhone used by one of the San Bernardino shooters."Keeping the Custom Code secret is essential to ensuring that this forensic software not pose a broader security threat to iOS users," seven security experts said Thursday in a "friends-of-the-court" brief filed with a California federal court. "But the high demand [for this software] poses a serious risk that the Custom Code will leak outside of Apple's facilities."+ ALSO ON NETWORK WORLD Apple v. FBI – Who’s for, against opening up the terrorist’s iPhone +To read this article in full or to leave a comment, please click here

Five things you need to know about ransomware

Over the past few years millions of PCs from around the world have been locked or had their files encrypted by malicious programs designed to extort money from users. Collectively known as ransomware, these malicious applications have become a real scourge for consumers, businesses and even government institutions. Unfortunately, there's no end in sight, so here's what you should know.It's not just your PC that's at riskMost ransomware programs target computers running Windows, as it's the most popular operating system. However, ransomware applications for Android have also been around for a while and recently, several variants that infect Linux servers have been discovered.To read this article in full or to leave a comment, please click here

Cerber ransomware sold as a service, speaks to victims

A new file-encrypting ransomware program called Cerber has taken creepiness for victims, but also affordability for criminals, to a new level.In terms of functionality Cerber is not very different than other ransomware threats. It encrypts files with the strong AES-256 algorithm and targets dozens of file types, including documents, pictures, audio files, videos, archives and backups.The program encrypts file contents and file names and changes the original extensions to .cerber. It can also scan for and encrypt available network shares even if they are not mapped to a drive letter in the computer.Once the encryption process is done, Cerber will drop three files on the victim's desktop named "# DECRYPT MY FILES #." They contain the ransom demand and instructions on how to pay it. One of those files is in TXT format, one is HTML and the third contains a VBS (Visual Basic Scripting).To read this article in full or to leave a comment, please click here

UN human rights chief warns of worldwide privacy implications of Apple-FBI case

A ruling ordering Apple to help the FBI access the iPhone of San Bernardino mass shooter Syed Rizwan Farook could make it impossible for the company or any other major international IT vendor to safeguard users' privacy anywhere in the world, U.N. High Commissioner for Human Rights Zeid Ra’ad Al Hussein said Friday.A decision against Apple would be "potentially a gift to authoritarian regimes, as well as to criminal hackers,” Zeid said. Authorities in other countries have already made efforts to force IT and communications companies such as Google and BlackBerry to expose their customers to mass surveillance, he added.Zeid's statement is a shot in the arm for Apple's appeal in the case. A magistrate judge in the U.S. District Court for the Central District of California, Eastern Division, has ordered Apple to provide technical assistance, including possibly signed software, to help the FBI use brute force to crack the passcode of the iPhone 5c used by Farook  in the San Bernardino, California, attack on Dec. 2, without triggering an auto-erase feature.To read this article in full or to leave a comment, please click here

San Bernardino prosecutor raises concerns about ‘cyber pathogen’ in terrorist’s iPhone

The district attorney of San Bernardino County, Michael Ramos, has raised concerns about the possibility of a 'dormant cyber pathogen’ in the iPhone 5c used by a terrorist in attacks in the county on Dec. 2.Security experts are questioning whether such a thing as a cyber pathogen at all exists.The submission was made in the U.S. District Court for the Central District of California, Eastern Division, which recently ordered Apple to help the FBI unlock by brute force the iPhone used by terrorist Syed Rizwan Farook. Apple has refused to help the FBI and raised privacy and security issues.The iPhone, owned by the San Bernardino county, may have connected to the county computer network, and “may contain evidence that can only be found on the seized phone that it was used as a weapon to introduce a lying dormant cyber pathogen that endangers San Bernardino County’s infrastructure," according to the court filing.To read this article in full or to leave a comment, please click here

Amazon disabled encryption on its tablets and phones because nobody used it

Amazon caught flack on Wednesday for disabling the encryption capabilities of its Fire phones and tablets with a software update. The company says its reasoning was simple: people didn't use it."In the fall when we released Fire OS 5, we removed some enterprise features that we found customers weren’t using," Amazon spokeswoman Robin Handaly wrote in an email.Those "enterprise features" included one that allowed users to encrypt their entire device with a PIN that would erase all their data if not entered correctly 30 times in a row. The issue surfaced recently because Amazon just allowed older tablets -- the Kindle Fire HDX 8.9 and the Fire HD 6/7 -- to upgrade from Fire OS 4, the previous version of the company's Android fork. To read this article in full or to leave a comment, please click here

US Marshals warn of ongoing nationwide telephone scam

Criminals continue to work the phones in nefarious ways – this time they are claiming to be US Marshals threatening arrest and fines for failing to report for jury duty.The US Marshals warned of the scam and said the fraudsters try to appear more credible, offering information like badge numbers and the names of actual federal judges and courthouse addresses.Victims have been told they can avoid arrest by paying a fine using a reloadable credit card, and were urged to call a number and provide their own credit card number to initiate the process, the law enforcement agency stated.To read this article in full or to leave a comment, please click here

Hacking back will only get you in more trouble

The online theft of U.S. intellectual property (IP) by other nation states continues to be a big problem, a panel of experts agreed this week at the RSA conference in a session titled, “Responses to state-sponsored economic espionage.” That much is obvious – awareness of economic cyber espionage has reached the mainstream, with CBS-TV’s newsmagazine “60 Minutes” even doing a segment on it last month, labeling it, “the great brain robbery of America.” What to do about it is also a big problem. The panel agreed that the most tempting and instinctive response of “active defense” – more commonly known as “hacking back” – is not a good one.To read this article in full or to leave a comment, please click here

Feds find $2.8B in data center consolidation savings – watchdog says could do better

The massive federal data center consolidation effort has seen $2.8 billion in cost savings and a shuttering or merging of some 3,125 sites but issues remain, according to a report from the watchdogs at the Government Accountability Office.According to the GAO, the 24 agencies participating in the Federal Data Center Consolidation Initiative have collectively made progress on their data center closures efforts. As of November 2015, agencies identified a total of 10,584 data centers, of which they reported closing 3,125 through fiscal year 2015.+More on Network World: In the face of relenting network attacks and it seems that the government’s chief weapon for combatting the assault lacks some teeth+To read this article in full or to leave a comment, please click here

VMware CEO Gelsinger talks exec changes, Dell deal and his big security focus

At this week’s RSA Conference, VMware CEO Pat Gelsinger is positioning the company’s NSX network virtualization product as a tool for encrypting data in flight and at rest, in the public cloud or on premises.It’s an attempt to showcase NSX – one of the two major network virtualization platforms on the market along with Cisco’s Application Centric Infrastructure (ACI) – as not just enabling software-defined networking (SDN), but being a serious security tool as well.+MORE AT NETWORK WORLD: Why Martin Casado is leaving VMware | VIDEO: What you didn’t know about private cloud +To read this article in full or to leave a comment, please click here