Archive

Category Archives for "Network World Security"

Police arrest blackmail suspect in TalkTalk data breach case

Police believe they may have found the person who tried to blackmail the CEO of TalkTalk, the U.K. telecommunications company that was the target of a data breach.Following the attack on Oct. 21, in which customers' personal information was accessed, TalkTalk CEO Dido Harding said she had received a ransom demand via email.Police have now arrested an 18-year-old on suspicion of blackmail, the fifth arrest made in connection with an attack on the company's website in which customers' personal information was accessed.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers London's Metropolitan Police Service said officers from its Cyber Crime Unit and from the Southern Wales Regional Organised Crime Unit made the latest arrest in Llanelli, Wales, after searching an address there. The person has been released on bail without charge while police continue their investigation.To read this article in full or to leave a comment, please click here

This gizmo knows your Amex card number before you’ve received it

A device built by legendary hacker Samy Kamkar calls into question the security of payment cards as the U.S. continues to grapples with card fraud. Kamkar's device, nicknamed MagSpoof, is about the size of a U.S. quarter, and it's safe to say it would be a fraudster's dream. MagSpoof can predict what a new American Express card number will be based on a canceled card's number. The new expiration date can also be predicted based on when the replacement card was requested. It can also trick point-of-sale readers into accepting payment from cards that are supposed to have a microchip with advanced cryptographic capabilities designed to deter fraud, a system known as chip-and-PIN, but do not.To read this article in full or to leave a comment, please click here

Hilton says malware targeted its credit card system

Hilton Worldwide says it has identified and removed malware that targeted card payment systems at some of its hotels over a 17 week period from late 2014 to mid 2015. The malware collected cardholder names, payment card numbers, security codes and expiration dates, the company said in a statement. The hotel chain is advising its customers to check their payment card statements for any unauthorized activity. "As a precautionary measure, customers may wish to review and monitor their payment card statements if they used a payment card at a Hilton Worldwide hotel over a seventeen-week period, from Nov. 18 to Dec. 5, 2014 or April 21 to July 27, 2015," the company said.To read this article in full or to leave a comment, please click here

DARPA wants early warning system for power-grid cyberattacks

Developing systems to protect the nation’s electric grid has been a key goal for many public, private and government developers for years – yet exerts say the grid is still largely vulnerable of serious cyberattackers.The Defense Advanced Research Projects Agency (DARPA) is looking to bolster the nation’s grid defenses with a system called Rapid Attack Detection, Isolation and Characterization (RADICS) that will detect and automatically respond to cyber-attacks on US critical infrastructure.+More on Network World: 21 more crazy and scary things the TSA has found on travelers+To read this article in full or to leave a comment, please click here

And then there were two: Another dangerous Dell root certificate discovered

The plot thickens: After Dell confirmed that one of its support tools installed a dangerous self-signed root certificate and private key on computers, users discovered a similar certificate deployed by a different Dell tool. The second certificate is called DSDTestProvider and is installed by an application called Dell System Detect (DSD). Users are prompted to download and install this tool when they visit the Dell support website and click the “Detect Product” button. The first certificate, which was reported over the weekend, is called eDellRoot and is installed by the Dell Foundation Services (DFS), an application that implements several support functions.To read this article in full or to leave a comment, please click here

Aiming to be the Costco of tech research and consulting

I believe the first time I quoted Gary Rowe in a Network World article – a print one at that – was back in July of 1991, when he was an AT&T email services director and the focus was the very glamorous topic of X.500 directories. Fast forward to 2015, I’m still with Network World and Rowe has moved on to form a new consulting and analysis firm called TechVision Research, and sure enough, when we reconnected recently, we found ourselves talking once again about some of the same themes, including identity management and privacy.To read this article in full or to leave a comment, please click here

What you need to know about Dell’s root certificate security debacle

In an attempt to streamline remote support, Dell installed a self-signed root certificate and corresponding private key on its customers' computers, apparently without realizing that this exposes users' encrypted communications to potential spying.Even more surprising is that the company did this while being fully aware of a very similar security blunder by one of its competitors, Lenovo, that came to light in February.To read this article in full or to leave a comment, please click here

How Lockheed Martin, Cisco and PWC manage cybersecurity

Cybersecurity remains a top priority for companies in all industries. The reason is clear. Criminals and other parties have access to inexpensive tools and training to attack companies and governments. The New York Times reported on the rise of ransomware earlier in 2015. This type of malicious software encrypts a user’s data and demands a payment to release it (or the data will be destroyed).Many companies are deploying greater resources to turn the tide of hackers: Google has a team of 10 full time hackers working to eliminate flaws. Given these threats, executives and technology leaders are asking for best practices and technologies. Developing security awareness in staff, growing security professionals and equipping CIOs to monitor security remain vital components to a successful security management strategy.To read this article in full or to leave a comment, please click here

Dell admits installing security hole on laptops, apologizes, offers fix

Dell acknowledges a root certificate it installed on its laptops was a bad idea and is pushing a patch to permanently remove it.In a blog post company spokesperson Laura Thomas says eDellRoot was installed as a support tool to make it faster and easier for customers to service the devices. But some of those customers discovered the certificate and recognized it as a serious security threat.To read this article in full or to leave a comment, please click here

As China moves to payment cards, cybercriminals follow

As China increasingly embraces payment cards over cash, Trend Micro is seeing an uptick in cybercriminal activity aimed at card fraud. The security company published a new study of the Chinese underground cybercriminal market, which shows a strong interest in ways to capture payment card details. "Cybercriminals quickly jumped on the noncash payment bandwagon," wrote report author Lion Gu of Trend Micro's Forward-Looking Threat Research Team. The market for such tools has been strong in countries that heavily use payment cards, so it's probably not surprising that the trade would rise in China.To read this article in full or to leave a comment, please click here

Dell security error widens as researchers dig deeper

The fallout from a serious security mistake made by Dell is widening, as security experts find more issues of concern.Researchers with Duo Security have found a second weak digital certificate in a new Dell laptop and evidence of another problematic one circulating.The issue started after it was discovered Dell shipped devices with a self-signed root digital certificate, eDellRoot, which is used to encrypt data traffic. But it installed the root certificate with the private encryption key included, a critical error that left many security experts aghast.To read this article in full or to leave a comment, please click here

Dell installs self-signed root certificate on laptops, endangering users’ privacy

Dell laptops are coming preloaded with a self-signed root digital certificate that lets attackers spy on traffic to any secure website.The reports first surfaced on Reddit and were soon confirmed by other users and security experts on Twitter and blogs. The root certificate, which has the power of a certificate authority on the laptops it's installed on, comes bundled with its corresponding private key, making the situation worse.With the private key, which is now available online, anyone can generate a certificate for any website that will be trusted by browsers such as Internet Explorer and Google Chrome that use the Windows certificate store on affected laptops. Security experts have already generated proof-of-concept certificates for *.google.com and bankofamerica.com.To read this article in full or to leave a comment, please click here

Dell computers shipping with potentially dangerous root certificate authority

At least some Dell laptops are shipping with a trusted root certificate authority pre-installed, something that those who discovered the CA are comparing to the Superfish adware installed on Lenovo machines that left them open to man-in the-middle attacks. Called eDellRoot, the trusted root CA comes as part of the standard software load on new Dell machines. A Reddit contributor who uses rotocowboy for a screen name says the implications could be dire. “For those that are unfamiliar with how this works,” he writes, “a network attacker could use this CA to sign his or her own fake certificates for use on real websites and an affected Dell user would be none the wiser unless they happened to check the website's certificate chain. This CA could also be used to sign code to run on people's machines, but I haven't tested this out yet.”To read this article in full or to leave a comment, please click here

Microsoft CEO takes a collaborative approach to cybersecurity

Satya Nadella will have you know that cybersecurity takes a village.The Microsoft CEO took to the stage this week in the nation's capital to describe a new, collaborative approach the company is taking as it deals with an evolving set of digital threats targeting an increasingly distributed tangle of users, devices and systems.[ Related: CISOs learn 5 tough lessons about conveying security risks ]Nadella positions the cyber challenge as the latest entry on a continuum of threats that have emerged with new methods of communication, recalling the emergence of mail fraud and wire fraud, and calling cyber "one of the most pressing issues of [our] time."To read this article in full or to leave a comment, please click here

Adware program Vonteera blocks security products with simple Windows UAC trick

A well-known adware program is preventing users from installing antivirus products by leveraging a Windows feature that was designed for security.The program, known as Vonteera, abuses the digital signature check performed by the Windows User Access Control (UAC) for executable files.UAC prompts users for confirmation whenever a program wants to make a system change that requires administrator-level privileges. It therefore prevents malware from silently gaining full system access if executed from a limited user account.Depending on whether an executed file is digitally signed by a trusted publisher, the UAC displays confirmation prompts indicating different levels of risk. For example, if the file is unsigned, or is signed with a self-generated certificate that Windows can't link back to a trusted certificate authority, the UAC prompt will have a yellow exclamation mark.To read this article in full or to leave a comment, please click here

FAA to drone owners: Get ready to register to fly

While an actual rule could be months away, drones weighing about 9 ounces or more will apparently need to be registered with the Federal Aviation Administration going forward.The registration requirement and other details came form the government’s UAS Task Force which was created by the FAA in last month and featured all manner of associates from Google, the Academy of Model Aeronautics and Air Line Pilots Association to Walmart, GoPro and Amazon.+More on Network World: Hot stuff: The coolest drones+Other proposed requirements were to offer a simple, free online registration system and a requirement that unmanned aircraft would need to fly with an visible registration number tying the aircraft to the owner.To read this article in full or to leave a comment, please click here

Passenger puts black powder in checked bag: How’d that decision play out?

Let’s say for the sake of discussion that the guy – anyone think it’s a woman? – did not place the 10 tubes of black powder in his checked luggage as part of a terrorist plot or amateur sting operation against TSA screeners. The TSA mentions neither in its blog post that notes the incident.Instead, this adult human being awakened one morning recently, began packing for a trip, realized he needed to transport 10 tubes of an explosive from his home in Utah through Salt Lake City International Airport, and decided the best way to do that would be to place the tubes in his suitcase alongside his shaving kit and underwear.To read this article in full or to leave a comment, please click here

Many embedded devices ship without adequate security tests, analysis shows

An analysis of hundreds of publicly available firmware images for routers, DSL modems, VoIP phones, IP cameras and other embedded devices uncovered high-risk vulnerabilities in a significant number of them, pointing to poor security testing by manufactuers.The study was performed by researchers from the Eurecom research center in France and Ruhr-University Bochum in Germany, who built an automated platform capable of unpacking firmware images, running them in an emulated environment and starting the embedded Web servers that host their management interfaces.The researchers started out with a collection of 1,925 Linux-based firmware images for embedded devices from 54 manufacturers, but they only managed to start the Web server on 246 of them. They believe that with additional work and tweaks to their platform that number could increase.To read this article in full or to leave a comment, please click here

The ‘need’ to control encryption and The Big Lie

Within hours of the recent Paris terrorist attacks, various politicians and current- and ex-government officials used it as an opportunity to push ther agendas. For example, in multiple interviews James Woolsey, former Director of the CIA, blamed Edward Snowden, the National Security Agency whistleblower: I think the blood of a lot of these French young people is on his hands ... I would give him the death sentence, and I would prefer to see him hanged by the neck until he’s dead, rather than merely electrocuted. He even went so far as to claim that the Obama administration’s changes to government surveillance policies were responsible for the inability of the US and French intelligence services to prevent the Paris attacks. Talk about a partisan viewpoint.To read this article in full or to leave a comment, please click here

NASA: Crayons and cereal help test set baseline for jet engine tests

One of the most destructive and dangerous materials a commercial or military jet engine can ingest is volcanic ash and one of the least would be crayons and cereal.But those two substances were a key part of testing NASA has been conducting on smart engine sensors that could detect and help pilots avoid a volcanic plume. The new sensors are expected to detect the degradation caused by the volcanic ash, quantify the significance of the event, and aid in identifying which components might require maintenance, NASA stated. NASA The ash plume (the brown streak) from the big 2010 volcanic eruption of Eyjafjallajökull in Iceland contributed to airline disruptions in Europe for almost a week.To read this article in full or to leave a comment, please click here