The year in security researchImage by CSOSecurity researchers were busy in 2015 — almost as busy as the criminals whose work they studied.Among the notable numbers this year: Low tech 'visual hacking' proves to be successful nine times out of ten, most websites had at least one serious vulnerability for 150 or more days, click fraud costs businesses $6.3 billion a year in wasted ad money, and oh so much more!To read this article in full or to leave a comment, please click here
Over the past two weeks security researchers have seen a surge in attacks using a file-encrypting ransomware program called TeslaCrypt, known for targeting gamers in the past.TeslaCrypt first appeared in March and stood out because over 50 of the 185 file types it targeted were associated with computer games and related software, including game saves, custom maps, profiles, replays and mods -- content that users might have a hard time replacing.In April researchers from Cisco found a weakness in TeslaCrypt's encryption routine and created a tool that could decrypt files affected by some versions of the program.To read this article in full or to leave a comment, please click here
I’m a bit reluctant to blog about 2016 cybersecurity predictions as it seems like everyone is getting into this act. Alas, this end-of-year tradition used to be the exclusive domain of the analyst community and a few industry beacons but now it seems like every security tools vendor in the world is reaching out to me to tell me what they see in their crystal ball. So with some hesitancy, here are a few of the things I expect to see after the proverbial ball drops (in no particular order):1. Greater focus on cyber supply chain security. Enterprise CISOs realize that strong cybersecurity extends beyond the corporate LAN and that cyber-attacks and data breaches could easily start with third parties with access to the network. The OPM and Target breaches are two examples where cyber-adversaries simply compromised trusted business partners and used them as a beachhead to penetrate their targets. At the same time, we’ve seen in increase in malware hiding in firmware, system BIOS, device drivers, etc., so servers, routers, storage devices, and network appliances could all introduce malicious code into an otherwise pristine environment. I expect CISOs to extend Continue reading
What do you do if you are worried about killer robots? If you are the Pentagon and those killer robots belong to the Chinese and Russians, then you propose a $12 to $15 billion budget to fund your own AI army and next-gen weapon technology.The Pentagon’s plan for new tech, according to Reuters, will include “wearable electronics, exoskeletons, greater use of drones and manned aircraft working together, and mother ships that would send out mini-drones to execute military missions.”To read this article in full or to leave a comment, please click here
I recently had to dive very deeply into doing device administration AAA with Cisco Wireless LAN controllers and the SourceFire/Cisco FirePower Manager software. Given the interest that others have shown, I decided to write this Blog entry to share my experience.How Device Admin AAA works on the Cisco WLC
Device Administration with a Cisco Catalyst switch is capable of command-level authorizations. With the WLC, however, it is based on the sections of the menu system. It does not prevent access to those sections of the GUI, but instead prevents changes from being saved when inside a menu section that is not authorized. Figure 1 shows the different menus in the orange box, with three of the individual menus highlighted with a yellow box. To read this article in full or to leave a comment, please click here
UK police arrest man suspected of Vtech toy hackingPolice investigating the hacking of Chinese toy company Vtech have made an arrest in the U.K.In the attack on Nov. 14, someone gained access to information about Vtech customers, including names, email addresses, birth dates, photos and weakly encrypted passwords, the company said.The information was stored in a database for its Learning Lodge app store, used by many of the company's educational toys.Later last month, Vtech said the data breach affected around 4.8 million of its customers, but by early this month the figure had risen to 11.6 million, including 6.4 million children.To read this article in full or to leave a comment, please click here
Police investigating the hacking of Chinese toy company Vtech have made an arrest in the U.K.In the attack on Nov. 14, someone gained access to information about Vtech customers, including names, email addresses, birth dates, photos and weakly encrypted passwords, the company said.The information was stored in a database for its Learning Lodge app store, used by many of the company's educational toys.Later last month, Vtech said the data breach affected around 4.8 million of its customers, but by early this month the figure had risen to 11.6 million, including 6.4 million children.To read this article in full or to leave a comment, please click here
It’s that time of year when we ask security executives in a variety of industries what they would like to include on their holiday wish lists.Some of the responses we received were in the realm of pure fantasy. For example, one security chief asked for technology tools that address all of the major security threats, don’t cost anything and have top-notch 7x24x365 support with response times inside 15 minutes!+ ALSO ON NETWORK WORLD Follow all of our predictions for 2016 +Most of the wishes submitted are a bit closer to reality, and some might even come true if factors align the right way. So, with the completion of another year approaching, once again we present a listing of what security executives say they are hoping for, as they continue in their mission to protect their organizations’ systems and data.To read this article in full or to leave a comment, please click here
The open-source project behind the widely used Joomla content management system has issued a patch for a vulnerability that is now being widely used by hackers.Sucuri, a company that specializes in securing websites, wrote on Monday that attackers have been trying exploit the flaw for the last two days.As of Monday, Sucuri said "the wave of attacks is even bigger, with basically every site and honeypot we have being attacked. That means that probably every other Joomla site out there is being targeted as well."The vulnerability, which affects Joomla versions 1.5 to 3.4.5, involves the user agent string, which is information transmitted by a browser to a Web server when a user visits a Web page.To read this article in full or to leave a comment, please click here
It will come as no surprise to hear that fraud is an increasing problem across all financial institutions, but it is not only plaguing larger banks but also smaller financial institutions. Statistics show that charges of debit card fraud have grown over 400% in only three years.A case in point is Orrstown Bank, a community bank located in Pennsylvania and Maryland. Orrstown wanted a way of tackling fraud in an ongoing way, but within the context of their budget and technology constraints. Fraudulent credit card scammers have developed more abilities to work around the majority of safeguards that banks have in place.For Orrstown, analyzing the patterns of activity from transactions where a card is present used to be much simpler. Historically, the bank could either search for charges made outside of their region or rely on customers to flag fraudulent activity on their statements. However, identifying fraud today has become much more complex. For example, there has been an increasing number of cases where criminals are selling cards back into the local area from which they were stolen—thus making tracking by locality more difficult. As a result, Orrstown explored more advanced forms of data analysis that could do Continue reading
If you have a PS4 and want to run homebrew content, then you might be happy to know developer CTurt claimed, “PS4 is now officially jailbroken.”Over the weekend, CTurt took to Twitter to make the announcement. CTurt
CTurt
He did not use a jail vulnerability, he explained in a tweet. Instead, he used a FreeBSD kernel exploit.To read this article in full or to leave a comment, please click here
Very soon, the Android OS, Chrome browser and other Google products will stop trusting all digital certificates that are linked to a 20-year-old Verisign root certificate.The announcement comes after Symantec unveiled plans to retire the Class 3 Public Primary Certification Authority from public use. This is a widely trusted CA that it acquired along with Verisign's SSL business in 2010.In an alert, the company said that as of Dec. 1, it no longer was using the root certificate, which is trusted by default in most browsers and operating systems, to issue TLS/SSL or code signing certificates.To read this article in full or to leave a comment, please click here
Cloud and mobile computing have created an imperative for the tech world: Change or fail. This year, legacy vendors like Dell, EMC and Microsoft all took major steps to reinvent themselves, sparking some of the biggest tech stories of the year. And all around us we've seen portents of big change at the intersection of tech and culture: self-driving cars, wearable technology, the use of drones for fun and profit. That's prompting increased attention on safety, privacy and public policy concerns as consumers and businesses alike figure out how to manage in this pervasively connected world. Here, not necessarily in order of importance, are the IDG News Service's picks for the top 10 tech stories of 2015.To read this article in full or to leave a comment, please click here
Cloud and mobile computing have created an imperative for the tech world: Change or fail. This year, legacy vendors like Dell, EMC and Microsoft all took major steps to reinvent themselves, sparking some of the biggest tech stories of the year. And all around us we've seen portents of big change at the intersection of tech and culture: self-driving cars, wearable technology, the use of drones for fun and profit. That's prompting increased attention on safety, privacy and public policy concerns as consumers and businesses alike figure out how to manage in this pervasively connected world. Here, not necessarily in order of importance, are the IDG News Service's picks for the top 10 tech stories of 2015.To read this article in full or to leave a comment, please click here
The vast majority of tested Android apps share users' personal information like email addresses with third parties "behind-the-scenes," a report has uncovered. Many apps aren't required by the OS to notify users of the data being shared, the study finds.
Out of 110 tested Android and iOS apps, 93% of the Android apps connected surreptitiously to a strange domain called safemovedm.com, for example.
It's probably part of a background process, surmises the authors of a report published at the end of October on Harvard's open forum Journal of Technology Science (JOTS) website.The pillaging
The study found that 73% of Android apps shared Personally Identifiable Information (PII), and that "47% of iOS apps shared geo-coordinates and other location data with third parties."To read this article in full or to leave a comment, please click here
Twitter has warned some of its users that they may have been targeted in an attack by state-sponsored hackers.This is the first time that the social media website has issued such an alert, but companies like Google and Facebook have issued similar warnings in the past to their respective users."We believe that these actors (possibly associated with a government) may have been trying to obtain information such as email addresses, IP addresses and/or phone numbers," Twitter said in its notification, which some recipients then posted on their Twitter feeds.It's unclear how many users were warned, but Twitter said that only a "small group of accounts" may have been targeted. Many users who acknowledged having received the message are privacy advocates and security researchers, some of whom tweet under pseudonyms.To read this article in full or to leave a comment, please click here
Windows 10 can be intrusive. If it isn't having Cortana follow you around online, it's logging your keystrokes or sending you personalized ads. We show you four ways to keep Windows out of your business.
A former Electronic Frontier Foundation executive director will lead the Tor Project, the widely used anonymity tool that frequently comes up in debates over encryption and privacy.
Shari Steele was selected in part for her experience in growing non-profits and "will be especially valuable as we continue our campaign to diversify our funding sources," wrote Roger Dingledine, Tor's interim executive director, in a blog post.
Steele spent 20 years at the EFF, starting as a staff attorney, then legal director and eventually executive director.To read this article in full or to leave a comment, please click here
The online activist group Anonymous said it took down the Trump Tower website on Friday after it warned presidential candidate Donald Trump about his statements on banning Muslims from entering the U.S.The site was unavailable during early afternoon, New York time, and according to media reports had been down for about an hour earlier in the day. Around 9 a.m. Friday there, the Anonymous Twitter account @YourAnonNews posted tweets saying the group had taken down the site.
Trump Towers NY site taken down as statement against racism and hatred. https://t.co/n5ftLrOs1P (what you see is cloudflare offline backup)To read this article in full or to leave a comment, please click here
The diversity and capabilities as well as a lack of security found in the multitude of devices in the Internet of Things world is making people at the US Department of Homeland Security more than a little concerned.This week it put out a call for “novel ideas and technologies to improve situational awareness and security measures for protecting IoT domains, as well as technologies that will help DHS operational and support components gain comprehensive and near continuous knowledge of IoT components and systems that affect their operations and assets.”To read this article in full or to leave a comment, please click here