A group of hackers that primarily targets companies from key industries in Asia is using heavily modified versions of a backdoor program called Bifrose that dates back to 2004.The group, which researchers from antivirus vendor Trend Micro call Shrouded Crossbow, has been targeting privatized government organizations, government contractors and companies from the consumer electronics, computer, healthcare, and financial industries since 2010.The group's activities are evidence that engaging in cyberespionage doesn't always require huge budgets, stockpiles of zero-day vulnerabilities and never-before-seen malware programs. Old cybercrime tools can be repurposed and improved for efficient attacks.To read this article in full or to leave a comment, please click here
The Wall Street Technology Association (WSTA) has revealed its 2016 educational series of events, to be held in New York City and Boston, for financial tech pros.The nearly 50-year-old non-profit's events hit on a variety of serious tech issues:* Transforming WANs with Virtualization panel discussion, NYC, Jan. 21* Mobile-First Design and Seamless Delivery seminar, NYC, Feb. 25* Analytics: Achieving a Sustainable Competitive Advantage seminar, NYC, March 15* Assessing Cybersecurity Business Risk and Managing Threats seminar, NYC, April 14* Fraud Data Intelligence Frameworks panel discussion, Boston, April 28To read this article in full or to leave a comment, please click here
No single antimalware engine can keep up with all the malware out there. But how about 57 of 'em?In this video, you'll learn how to download and run Windows Sysinternals Process Explorer to test all currently running executables on your Windows system against VirusTotal's 57 antivirus engines, which together offer the best accuracy you can ever get (with a small percentage of false positives that are pretty easy to spot).
Neither the Sysinternals Process Explorer software nor the VirusTotal service cost anything at all. The whole setup process will take you about five minutes and the scan, which you can execute any time you like, takes less than a minute. Only malware in memory will be detected, but if you're infected, very likely that malicious process will be running -- and this easy method will sniff it out. Watch and learn.To read this article in full or to leave a comment, please click here
Endpoint security solutions today are lacking in spite of significant gaps, vulnerabilities in security and heightened fear of a security breach, says Promisec, endpoint security and compliance vendor.According to Promisec data, 89 percent of VP and C-Level IT leaders who responded in a Promisec survey have a heightened fear of a breach over the next year while only 32 percent of respondents have advanced endpoint security in place.The fact that 73 percent of the respondents agree that endpoints are the most vulnerable point for attack should magnify concerns. The demand is there and analyst market valuations for endpoint security reflect that. The market value should grow from $11.62 billion this year to $17.38 billion by 2020, according to a recent MarketsandMarkets report. Analyst group TechNavio pegs the growth at a CAGR of 10.4 percent over the period 2014-2019.To read this article in full or to leave a comment, please click here
Security guards in Japan have a new tool to deter intruders: a drone that will chase down and follow people without human intervention.Made by Secom, Japan's biggest security company, the drone goes on sale Friday to organizations that need to protect large parcels of land. It will launch whenever suspicious cars or people are detected on the property by other security equipment.The drone will snap pictures and send them to a Secom monitoring center where it can determine the threat. Today, the company sends security guards to investigate potential intrusions, so a drone could reduce its response time considerably.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. I don't often write about technology products aimed at the home user, but this is one I definitely want for my home. Small offices might find this product useful as well, and there is an enterprise version in development, so it's worth me telling you about what's on my wish list this time of year.I'm talking about eBlocker, a small device that protects your personal privacy when you are surfing the web. It's from a German engineering company of the same name, eBlocker.To read this article in full or to leave a comment, please click here
Enterprises that do not have an extremely large IT operating scale or unique compliance requirements don't have much of a reason to operate internal email systems. Yesterday, Google announced Data Loss Prevention (DLP) for its enterprise Gmail service, eliminating one more compliance reason justifying the operation of custom email services within the enterprise. DLP checks email messages and attachments for sensitive data to prevent disclosure to unauthorized personnel. Sensitive data includes trade secrets or intellectual property or data regulated in industries like healthcare and financial services.Innovation often takes a back seat to compliance; the more regulated the business, the more compliance becomes a roadblock to innovation. Before Google released DLP, the burden of data loss compliance standards prevented some enterprises from taking advantage of Gmail's 900 million mailbox scale. Few enterprises can operate email services with the redundancy, resilience, and security of Google's Gmail. DLP means that many enterprises running less-efficient email services for compliance reasons now have a Gmail option.To read this article in full or to leave a comment, please click here
The FBI still wants backdoors into encrypted communications, it just doesn’t want to call them backdoors and it doesn’t want to dictate what they should look like.FBI Director James Comey told the Senate Judiciary Committee that he’d been in talks with unspecified tech leaders about his need to crack encrypted communications in order to track down terrorists and that these leaders understood the need.In order to comply, tech companies need to change their business model – by selling only communications gear that enables law enforcement to access communications in unencrypted form, he says, rather than products that only the parties participating in the communication can decrypt.To read this article in full or to leave a comment, please click here
Cybersecurity professionals often complain about the number of disparate tools they’ve deployed on their networks. Ask any enterprise CISOs and he or she will come up with a list of around 60 to 80 various security tools from a myriad of distinct vendors.This has become a nagging problem as an enterprise cybersecurity architecture based upon point tools can’t scale and requires way too much operational overhead to maintain. Thus, CISOs are moving in another direction – a tightly-coupled cybersecurity technology architecture based upon software integration.I’ve been following this transition for years and always thought it would look something like the departmental application to ERP migration of the 1990s. Oracle, SAP, and lots of professional services built an interoperable software infrastructure connecting applications across the enterprise and soon dominated the market. This is happening in cybersecurity to some extent as ecosystems form around the biggest vendors like Blue Coat, Cisco, IBM, Intel Security, Raytheon, Splunk, Symantec, and Trend Micro. To read this article in full or to leave a comment, please click here
Millions of Web users could be left unable to access websites over the HTTPS protocol if those websites only use digital certificates signed with the SHA-2 hashing algorithm.The warning comes from Facebook and CloudFlare as browser makers are considering an accelerated retirement of the older and increasingly vulnerable SHA-1 function.The two companies have put mechanisms in place to serve SHA-1 certificates from their websites to old browsers and operating systems that don't support SHA-2, but are still widely used in some regions of the world.These include Windows versions older than Windows XP with Service Pack 3, Android versions older than 2.3 (Gingerbread) and any applications that rely on OpenSSL 0.9.8 for encrypted communications.To read this article in full or to leave a comment, please click here
Several companies have moved quickly to add encryption to their mobile apps after it was discovered they failied to encrypt payment card information in transit, putting users at risk.
The apps were not using SSL/TLS (Secure Sockets Layer/Transport Layer Security), an encryption protocol that scrambles data as it's sent across the Internet, according to Wandera, a cloud and mobile security vendor.
"With so many breaches and costly data loss incidents in the news, it's hard to believe that any business would fail to take such a basic precaution as to encrypt sensitive traffic as it's transmitted to or from a website," said Michael J. Covington, senior product manager, in a video posted Wednesday.To read this article in full or to leave a comment, please click here
The D-Wave 2X quantum computer at NASA's Advanced Supercomputing facility in Silicon Valley is an impressive machine. Engineers from NASA and Google are using it to research a whole new area of computing -- one that's years from commercialization but could revolutionize the way computers solve complex problems.The machine is also being used by researchers at universities, and it's hooked up to the Internet, like other NASA supercomputers made available to academics.Engineers who showed the machine to the media on Tuesday were keen to talk about its capabilities, but less so about the security measures in place to stop hackers.To read this article in full or to leave a comment, please click here
The former US Department of State man accused of hacking into hundreds of victims’ e-mail and social media accounts, stealing thousands of sexually explicit photographs, and threatening at least 75 victims that he would post those photos and other personal information unless they agreed to his “sextortionate” demands has entered a guilty plea to the nefarious attacks.+More on Network World: 20 years ago: Hot sci/tech images from 1995+Michael C. Ford, 36, of Atlanta, was indicted by a grand jury in the U.S. District Court for the Northern District of Georgia on Aug. 18, 2015, with nine counts of cyberstalking, seven counts of computer hacking to extort and one count of wire fraud.To read this article in full or to leave a comment, please click here
The U.S. Marshals Service today warned of a telephone scam that has some scamster calling random victims and alleging they or their family members have an active federal arrest warrant and demanding payment of fines.From the US Marshals office: “On December 7, 2015, the fraudster identified himself as a Deputy United States Marshal and informed the potential victims they or their family member had active federal warrants for their arrest. The caller then gave the potential victims a contact number and information to pay the fine. The phony law enforcement officer threatened the potential victims with arrest if the fine was not paid. The fraudster then tells the victim to buy a prepaid money card from a local grocery store in the Cincinnati area. The victim is then instructed to give the access account code for the prepaid money card to the phony law enforcement officer. “To read this article in full or to leave a comment, please click here
CSO Contributing Writer Ira Winkler (The Irari Report) recently sat down for an interview with Alejandro N. Mayorkas, the deputy secretary of Homeland Security.We’ve separated the interview into three video segments, covering a variety of security-related topics.In the first video (above), Mayorkas describes the role of Homeland Security when it comes to cybersecurity, and how government agencies are working together to improve the overall cybersecurity of critical systems and infrastructure.In part 2, Winkler and Mayorkas discuss whether the power grid is vulnerable to cyberattack, and where opportunities exist for improving our defenses.To read this article in full or to leave a comment, please click here
In Part 3 of our three-part interview with Alejandro N. Mayorkas from the Department of Homeland Security, CSO Contributing Writer Ira Winkler discuss regulation in cybersecurity and liability issues of end users.
In Part 2 of this three-part video series, CSO Contributing Writer Ira Winkler (The Irari Report) discuss vulnerabilities within the power grid, and where opportunities exist for improvement.
In Part 1 of a three-part video series, CSO Contributing Writer Ira Winkler (The Irari Report) sits down with Alejandro N. Mayorkas, Deputy Secretary of Homeland Security, to discuss the agency's role in cybersecurity and how it coordinates with other government groups and private companies to secure critical infrastructure.
Google on Wednesday released a new tool for companies that want to make sure their sensitive information isn't shared via email.Gmail for Work now has Data Loss Prevention (DLP) capabilities, which allow administrators to set policies about what information users can send through Gmail. The goal is to protect confidential records and make sure users don't accidentally leak key data. For example, a policy could prohibit members of the accounting team from sending any emails with a spreadsheet attached. Policies could also be used to quarantine messages until an administrator can review them, or modify them to remind users not to share confidential information outside of the company. Google has tried to make crafting those policies easier with a library of predefined content detectors that help administrators build intelligent policies. For situations that aren't covered by the pre-built detectors, administrators can create their own. To read this article in full or to leave a comment, please click here