Archive

Category Archives for "Network World Security"

Researcher finds serious flaw in Chromium-based Avast SafeZone browser

Several antivirus vendors have taken the open-source Chromium browser and created derivatives that they claim are more privacy-friendly and secure. Yet, at least two of them were recently found to have serious flaws that don't exist in Chromium.The latest example is the Avast SafeZone browser, internally known as Avastium, which is installed with the paid versions of Avast's antivirus and security suites. Google Project Zero researcher Tavis Ormandy found a vulnerability that could allow an attacker to take control of Avastium when opening an attacker-controlled URL in any other locally installed browser.By exploiting the flaw, an attacker could remotely read "files, cookies, passwords, everything," Ormandy said in a report that he sent to Avast in December and which he made public Wednesday. "He can even take control of authenticated sessions and read email, interact with online banking, etc."To read this article in full or to leave a comment, please click here

How to secure Amazon Web Services

As cloud IT has proliferated, security concerns have diminished as a barrier to adoption. But that doesn't mean you can ignore security in the cloud, since a major attack can have expensive -- and potentially business-ending -- consequences.More and more sensitive data is heading to the cloud. Genomic informatics company GenomeNext, for example, feeds raw genome sequencing data into high-speed computational algorithms running entirely on AWS. Pharmaceutical giant Bristol-Myers Squibb reduced the duration of its clinical trials by using AWS. Electronic exchange Nasdaq OMX developed FinQloud on AWS to provide clients with tools for storing and managing financial data.To read this article in full or to leave a comment, please click here

Man turns tables on scammers

Seth was weary of the calls from bogus Windows support technicians, and decided to, if not get even, at least give them a taste of their own medicine."I was really tired [of the calls], and I really hate computer scammers," said Seth, whose last name Computerworld withheld for privacy reasons. "I got fed up."Like millions of others, Seth had been on the receiving end of scammers' phone calls, who rang up and told him that they were with "Microsoft support" or "Windows support," then proceeded to claim that they had detected malware on his machine.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords "I would get these calls three or four times a year," said Seth in an interview, adding that the calls would continue for a week or more, then end, only to resume months later. He would hang up on the callers or tell them he had no computer or was running a Mac.To read this article in full or to leave a comment, please click here

Dridex banking malware mysteriously hijacked to distribute antivirus program

Users tricked by spam messages to open malicious Word documents that distribute the Dridex online banking Trojan might have a surprise: they'll get a free anitivirus program instead.That's because an unknown person -- possibly a white hat hacker -- gained access to some of the servers that cybercriminals use to distribute the Dridex Trojan and replaced it with an installer for Avira Free Antivirus.Dridex is one of the three most widely used computer Trojans that target online banking users. Last year, law enforcement authorities from the U.S. and U.K. attempted to disrupt the botnet and indicted a man from Moldova who is believed to be responsible for some of the attacks.To read this article in full or to leave a comment, please click here

The Neutrino exploit kit has a new way to detect security researchers

The developers of the Neutrino exploit kit have added a new feature intended to thwart security researchers from studying their attacks.The feature was discovered after Trustwave's SpiderLabs division found computers they were using for research couldn't make a connection with servers that delivered Neutrino."The environment seems completely fine except for when accessing Neutrino," wrote Daniel Chechik, senior security researcher.Exploit kits are one of the most effective ways that cybercriminals can infect computers with malware. They find vulnerable websites and plant code that transparently connects with another server that tries to exploit software vulnerabilities.To read this article in full or to leave a comment, please click here

Box makes it easier for businesses to control encryption of cloud data

Box has made it easier for its customers to control how stored data is encrypted with an update announced Thursday.The company announced a new service called Box KeySafe, which allows companies to control the keys used to encrypt data stored in Box. It comes in two flavors: a KeySafe with AWS Key Management Service that's designed to be easy for small companies to handle and not require a lot of time, and KeySafe with AWS CloudHSM, which uses hardware modules to manage keys via Amazon's product and is the latest revision of what was previously the Enterprise Key Management service.While that was useful for large enterprises like GE and McKinsey & Company that were willing to dedicate people to managing the security hardware, it left out smaller businesses that wanted control over their encryption keys, which is where the new product comes in. Box says the version of KeySafe that relies on Amazon's Key Management Service takes as little as 30 minutes to set up, and is simple to maintain.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Ransomware is only getting worse. How do you prepare for it?

Ransomware is big business. Over the last few years we've observed the steady rise of ransomware, with some trepidation. It is fast becoming a multi-billion dollar business, and it's getting surprisingly sophisticated. The ransomware industry is continually innovating, offering cybercriminals new technology, various business models, and all the support they need to conduct successful attacks on unsuspecting individuals and companies.Changing face of ransomware Ransomware has come full circle since it first appeared on the scene in 2005. Early crypto ransomware soon gave way to misleading apps, fake antivirus tools, and lockers. But it's back now, it's mature, and it's here to stay, according to Symantec's Evolution of Ransomware report.To read this article in full or to leave a comment, please click here

Feds grab $39M worth of fake sports gear ahead of NFL Super Bowl 50

In its annual Super Bowl-timed crackdown on counterfeit sports gear – everything from fake hats to shirts-- the U.S. Immigration and Customs Enforcement (ICE) agency said it had seized nearly 450,000 phony items worth an estimated $39 million. In 2014 it grabbed 326,147 phony items worth more than $19.5 million – so the problem isn’t getting any smaller. +More on Network World: 26 of the craziest and scariest things the TSA has found on travelers+ The crackdown, known as Operation Team Player, began at the conclusion of last year’s Super Bowl, also resulted in 41 criminal arrests and 35 convictions, ICE stated.To read this article in full or to leave a comment, please click here

DHS EINSTEIN firewall fails to detect 94% of threats, doesn’t monitor web traffic

When you think “Einstein,” something along the lines of smart probably comes to mind. But the Department of Homeland Security's $6 billion EINSTEIN intrusion detection system is closer to dumb than smart, as the firewall fails to scan for 94% of common security vulnerabilities; it doesn’t even monitor web traffic for malicious content! That is supposed to be coming in 2016, with wireless network protection coming in 2018.The newest failings of EINSTEIN, aka the National Cybersecurity Protection System (NCPS), came after an audit and are highlighted in a harsh U.S. Government Accountability Office (GAO) report (pdf) which outlines a plethora of changes that need to be implemented.To read this article in full or to leave a comment, please click here

Star Trek’s USS Enterprise gets serious Smithsonian restoration

Few museums in the world can restore and preserve important historical items like the Smithsonian. So it comes as no surprise the level of detail and effort by the Smithsonian National Air and Space Museum on the conservation of the original TV studio model of Star Trek’s main attraction, the USS Enterprise. +More on Network World: 26 of the craziest and scariest things the TSA has found on travelers+ According to a recent post on its “Air and Space” blog, the museum detailed the meticulous work going into the refurbishing of the 11-ft model: “After a year of extensive research, conservation work on the original studio model of the USS Enterprise is now underway in the Museum’s spacedock. Our goal is to stabilize the model and return it to its appearance from August of 1967, during the filming of the episode The Trouble with Tribbles, which marked the last known modification of the ship during the production of Star Trek.”To read this article in full or to leave a comment, please click here

Cybersecurity Industry News, 2/2016

Just five weeks into 2016 and it’s already been a busy year for the cybersecurity industry.  Here are just a few highlights so far:FireEye goes on a shopping spree. Ignoring Wall Street’s trepidation, FireEye continues to remain aggressive on the acquisition front by grabbing iSight Partners and Invotas.  With the addition of these two companies, FireEye can claim leadership in:  Threat intelligence.  FireEye/Mandiant was already strong in this area and with the addition of iSight, FireEye becomes the instant market leader.  FireEye already had a different view of threat intelligence, pivoting from cyber-adversaries (i.e. threat actors, TTPs, etc.) into the enterprise.  With this perspective, FireEye believes it can help customers anticipate attacks and become more proactive with prevention, detection, and response.  By adding iSight, FireEye attains a broader view of the threat landscape that can be integrated into its products and used to create a variety of threat intelligence services for enterprise and mid-market customers.  Oh, and let’s not forget that FireEye picks up a few hundred cybersecurity experts in the deal which is especially important given the acute global cybersecurity skills shortage.  This will certainly boost FireEye’s Continue reading

Serious flaws found in Netgear’s NMS300 network management system

Serious vulnerabilities in the Netgear NMS300 ProSafe network management system, an application used to discover, monitor and configure a wide range of network devices, can allow hackers to take control of the servers it's running on.The NMS300 can be installed on Windows XP, 7, 8, 10, as well as Windows Server 2003, 2008 and 2012. It allows network administrators to centrally manage network switches, routers, wireless access points, printers, network-attached storage systems, firewall appliances and other devices that support SNMP (Simple Network Management Protocol).The software is free for managing up to 200 devices and provides an easy-to-use Web graphical interface that can be accessed remotely.To read this article in full or to leave a comment, please click here

Dell is stepping in to protect the boot layer of PCs, tablets

Dell's business laptops and tablets will get an extra layer of protection from hackers with a new security tool being loaded into the company's portable computers.The new Dell security tool focuses on protecting the boot layer so PC hardware or software don't malfunction. It secures the low-level UEFI (Unified Extensible Firmware Interface), which sits in a protected layer above the OS. An attack on this firmware can compromise a system at boot time.Hacking the firmware can cause the OS and hardware components to malfunction. Hackers have shown increasingly sophisticated ways in which the UEFI -- which has replaced the conventional BIOS -- can be infected with malware. To read this article in full or to leave a comment, please click here

What did we learn about cybersecurity in 2015?

A data breach can be the biggest kind of crisis an IT leader will have to face. And when an incident occurs, it’s an emergency situation – typically an all-hands-on-deck moment.After the dust settles, however, it’s time to determine what lessons were learned from the experience. Your organization may have escaped 2015 without a data breach. But that’s no guarantee that hackers, cybercriminals and others won’t turn their attention to your business soon.2015 by the numbers According to the Identity Theft Resource Center (ITRC), organizations around the world suffered over 700 data breaches in 2015. The attacks covered every sector and records were lost in many sectors. For 2015, the ITRC reports the following findings:To read this article in full or to leave a comment, please click here

Study of another IP camera reveals serious problems

An in-depth analysis of yet another Internet-connected security camera has revealed a host of software problems.Alex Farrant and Neil Biggs, both of the research team for Context Information Security in the U.K, analyzed Motorola's Focus 73, an outdoor security camera. Images and video taken by the camera can be delivered to a mobile phone app.They found they could take control of the camera remotely and control its movement, redirect the video feed and figure out the password for the wireless network the device is connected to.One attack exploits a cross-site request forgery problem. It was possible to scan for camera connected to the Internet and then get a reverse root shell.To read this article in full or to leave a comment, please click here

Comodo to fix major flaw in knock-off Chrome browser

Comodo will release an update Wednesday to fix a serious vulnerability in its web browser, which it markets as a way for users to enhance their security.Google engineer Tavis Ormandy found that the company's Chromodo browser disables the "same origin policy," one of the most basic tenets of web security, according to a writeup.To read this article in full or to leave a comment, please click here

BleepingComputer under free speech attack as SpyHunter makers sue over bad review

BleepingComputer is a valuable asset to the Internet, in my opinion, as it is often one of the first sites to warn of newly reported ransomware; volunteer security professionals also regularly provide answers to any number of other computer questions. Yet BleepingComputer is seriously under fire for daring to engage in free speech as Enigma Software is suing the site over a negative review of Enigma’s flagship anti-malware program SpyHunter.To read this article in full or to leave a comment, please click here

Flaws in smart toy back-end servers puts kids and their families at risk

Over the past two years security researchers have shown that many Internet-connected "smart" devices have not been designed with security in mind. This also seems to be the case for their back-end systems.The latest example are flaws found in the Web services operated by smart-toy makers which could expose children's personal information and location.Researchers from security firm Rapid7 found serious vulnerabilities in the Web application programming interfaces (APIs) used by the Smart Toy line of interactive stuffed animals and the hereO GPS watch for children.In the case of Smart Toy devices, the researchers found that the manufacturer's Web service did not properly validate request senders. Through the exposed APIs, they could enumerate all customers and find their toy ID, name, type and associated child profile; they could access all children's profiles, including their names, birth dates, gender and spoken languages; they could find out when a parent or child is interacting with their toy and could associate someone's toy with a different account, effectively hijacking it.To read this article in full or to leave a comment, please click here