Chances are you heard about the pair of clever guys who earlier this year hacked into a Jeep Cherokee's onboard system over the Internet and turned off the engine while the car was on the highway. Although the hack was a controlled demonstration, it proved that such actions are possible, and that scared a lot of people. Arxan Technologies
Click for full size connected car security infographicTo read this article in full or to leave a comment, please click here
When one of the terrorists involved in the Paris shootings dropped his smartphone in a trashcan outside the Bataclan concert venue on Friday night, he wasn't worried about encrypting his text messages or stored documents. Why would he be? With a bomb strapped to his waist, he knew he was about to die.But that telephone, and wiretaps on another, led police to announce Thursday that the suspected organizer of the shootings and a string of other attacks, Abdel Hamid Abaaoud, was dead.The phone discarded by one of the terrorists contained an SMS sent to an unidentified recipient at 9.42 p.m. local time, moments before the shooting there began: "On est parti on commence" ("We're going in"), public prosecutor François Molins told a news conference Wednesday evening.To read this article in full or to leave a comment, please click here
Encrypted messaging app maker Telegram blocked 78 ISIS-related propaganda channels in reaction to abuse reports sent by users, Telegram tweeted late Wednesday.The Berlin-based company said in a statement that it took the action because "we were disturbed to learn that Telegram's public channels were being used by ISIS to spread propaganda. We are carefully reviewing all reports sent to use at [email protected] and are taking appropriate action to block such channels."Telegram also said it will block terrorist bots and channels including those that are ISIS-related, but will not block anybody who peacefully expresses alternative opinions. Telegram announced on its second anniversary in August that it was delivering 10 billion messages daily.To read this article in full or to leave a comment, please click here
Cybersecurity and IT professionals would be wise to review the findings of the 9/11 Commission report published in 2004. The report provides a comprehensive analysis of events surrounding the attacks and points to a number of systemic problems in several areas:
Management. “The missed opportunities to thwart the 9/11 plot were symptoms of a broader inability to adapt the way government manages problems to the new challenges of the twenty-first century… Management should have ensured that information was shared and duties were clearly assigned across agencies, and across the foreign-domestic divide.”
The chain of command. “At more senior levels, communication was poor. Senior military and FAA leaders had no effective communication with each other. The chain of command did not function well.”
Emergency response. “Effective decision making in New York was hampered by problems in command and control and in internal communications. Within the Fire Department of New York, this was true for several reasons: the magnitude of the incident was unforeseen; commanders had difficulty communicating with their units; more units were actually dispatched than were ordered by the chiefs; some units self-dispatched; and once units arrived at the World Trade Center, they were neither comprehensively accounted for Continue reading
An Internet of Things security startup thinks it can reduce the complexity of a home full of connected devices to three colors: red, orange, and green.
Those colors will glow from a wireless orb that looks like a smooth river rock and is small enough to fit in your hand. But it's what is behind this friendly bit of decor that will make the colors meaningful. The San Francisco startup, Dojo-Labs, makes a network security device that plugs into your home Internet gateway and talks to a cloud-based service. It's all managed through a smartphone app.
Dojo aims for nothing less than protecting a consumer's entire collection of home IoT gear against cyber attacks. It plans to do that by monitoring all devices around the clock for odd behaviors and then either alerting the user and fixing the problem (orange light) or telling the user there's something they need to do (red light). When everything's fine, it will show a green light. The orb is wireless, battery-powered and controlled by Dojo's client device via Bluetooth.To read this article in full or to leave a comment, please click here
A hacking group that crippled South Korean banks, government websites and news agencies in early 2013 may be active again, Palo Alto Networks said Wednesday.The firewall maker said it found strong similarities between malware used in a recent attack in Europe and that used in the South Korean attacks, referred to as Dark Seoul and Operation Troy.The organization in Europe that was attacked was likely a victim of spear-phishing, where an email with a malware attachment or a harmful link is sent to hand-picked employees.The malware had been wrapped into legitimate video player software that was hosted by an industrial control systems company, wrote Bryan Lee and Josh Grunzweig of Palo Alto in a blog post. The code appears to be the same as the malware used in the Dark Seoul attacks although without the destructive component that wipes hard drives.To read this article in full or to leave a comment, please click here
Security company Damaballa said it has found two utilities that are closely related to capabilities seen in the destructive malware that hit Sony Pictures Entertainment last year.
The utilities were discovered as Damballa was investigating a new version of the "Destover" malware, which rendered thousands of computers unusable at Sony after attackers stole gigabytes of sensitive company information.
One key question in the Sony breach is how the attackers were able to evade security systems. What Damaballa found are two utilities that help mask new files introduced to a system.
"Both utilities would be used during an attack to evade detection while moving laterally through a network to broaden the attack surface," wrote senior threat researchers Willis McDonald and Loucif Kharouni, in a blog post on Wednesday.To read this article in full or to leave a comment, please click here
The process of naming a startup is fraught with peril - founders need to find a name which is catchy, ideally short, and one for which the URL is still available. Seemingly throwing most of the rules (at least about brevity or sense) out the window, Secret Double Octopus, a new company just emerging from stealth, has at least ensured one thing - no one will forget its name.Beyond quirky names, however, this company is doing something interesting. Yet another cybersecurity company that originated in Israel, Secret Double Octopus (we'll call it SDO to avoid the risks of overuse injury from repeatedly typing the name) is all about securing networking traffic and authentication beyond the traditional approaches of PKI, SSL and VPN. SDO aims to help secure data in transit, whether it's between sites, between a website and the cloud, or within mobile or IoT use cases. SDO's approach employs secret sharing, thereby eliminating the need for cryptographic keys.To read this article in full or to leave a comment, please click here
The U.S. federal government is trying to move more into the cloud, but service providers' lack of transparency is harming adoption, according to Arlette Hart, the FBI's chief information security officer. "There's a big piece of cloud that's the 'trust me' model of cloud computing," she said during an on-stage interview at the Structure conference in San Francisco Wednesday. That's a tough sell for organizations like the federal government that have to worry about protecting important data. While Hart said that the federal government wants to get at the "enormous value" in public cloud infrastructure, its interest in moving to public cloud infrastructure is also tied to a need for greater security. To read this article in full or to leave a comment, please click here
The U.S. government's financial support for the development of smartphone encryption apps doesn't surprise security experts.U.S. intelligence agencies are probably involved in funding commercial encryption apps through the government's Open Technology Fund to stay on top of terrorists and organized criminals that use encryption to cloak their communications, several security experts said Wednesday.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers
"It would not surprise me if federal agencies were funding encryption apps because it is possibly the only option available to monitor terrorism and organized crime," said Darren Hayes, assistant professor and director of cybersecurity at Pace University. "ISIS members have been actively pushing potential recruits to move to encrypted communications."To read this article in full or to leave a comment, please click here
Cancer-screening laboratory LabMD won its case against the FTC. LabMD was accused of two data breaches, one in 2012 and one in 2008, when a company spreadsheet that contained sensitive personal information of 9,000 consumers was found on a peer-to-peer network. Seven years of litigation later, FTC Chief Administrative Law Judge Chappell’s issued an initial ruling (pdf) dismissing the FTC’s complaint against LabMD since the FTC had failed to prove that LabMD’s “alleged failure to employ ‘reasonable and appropriate’ data security ‘caused, or is likely to cause, substantial injury to consumers’.”To read this article in full or to leave a comment, please click here
VirusTotal, the most widely used online file-scanning service, is now executing suspicious Mac apps submitted by users inside a sandbox to generate information that could improve the analysis and detection of Mac malware.This comes at a time when, according to security vendors, the number of potentially unwanted Mac OS X applications, especially adware programs, is at an all time high.VirusTotal, a Google-owned service, allows users to upload suspicious files and scan them with 54 different antivirus products. However, its scan results are not perfect and should not be taken as guarantees that files are safe.To read this article in full or to leave a comment, please click here
There could be supersonic private passenger flights buy 2023 if Airbus and Aerion have their way.The two companies this week expanded their existing partnership and detailed the results of their research – the AS2, a 170-ft. long needle-shaped, three-engine jet capable of hitting speeds over 1,200MPH – about Mach 1.5. The idea is to test fly the jet by 2021 -- which can handle about 12 passengers -- and have it in service by 2023.
Airbus/Aerion AS2To read this article in full or to leave a comment, please click here
Adobe has released security updates for its ColdFusion application server, LiveCycle Data Services framework and Premiere Clip iOS app.
The company published hotfixes for ColdFusion versions 11 and 10, namely ColdFusion 11 Update 7 and ColdFusion 10 Update 18. Both updates address two input validation issues that could be exploited to execute cross-site scripting (XSS) attacks.
In addition, the hotfixes include an updated version of BlazeDS, a Java messaging protocol for rich Internet applications, that resolves an important server-side request- forgery vulnerability.To read this article in full or to leave a comment, please click here
This is an election where extreme positions have become the norm, and the implications for science and technology may be huge.In some cases, the Republican and Democratic candidates have stated positions with clarity. But many of ideas are still vague, roughly sketched out and incomplete.+ ALSO ON NETWORK WORLD Techies back Democrats in Presidential race +These emerging proposals, the ones with the most impact on technology, deserve attention. The surviving candidates are certain to refine them in the months ahead. But here's a look at some tech implications of the 2016 contest.To read this article in full or to leave a comment, please click here
SentinelOne has added a feature to its endpoint detection products that can restore files encrypted by cybercriminals, a common type of attack known as ransomware.
The "rollback" feature will be available in the 1.6 versions of its Endpoint Protection Platform (EPP) and the Endpoint Detection and Response (EDR) products at no charge, said Dal Gemmell, director of product management.
SentinelOne is among several vendors that are trying to displace traditional antivirus vendors with products that detect malware using deep analysis rather than signature-based detection.
The company's products use a lightweight agent on endpoints such as laptops and desktops, which looks at the core of the operating system -- the kernel -- as well the the user space, trying to spot changes that might be linked to malware.To read this article in full or to leave a comment, please click here
A U.S. senator plans to introduce legislation that would delay the end of the bulk collection of phone metadata by the National Security Agency to Jan. 31, 2017, in the wake of security concerns after the terror attacks last Friday in Paris.Senator Tom Cotton, a Republican from Arkansas, believes that the termination of the program, scheduled for month-end under the USA Freedom Act, "takes us from a constitutional, legal, and proven NSA collection architecture to an untested, hypothetical one that will be less effective."The transition will happen in less than two weeks, at a time when the threat level for the U.S. is "incredibly high," he said Tuesday.To read this article in full or to leave a comment, please click here
Cisco is working to build the confidence of prospective customers in its products, two years after disclosures of spying by the U.S. National Security Agency seeded doubt, particularly in China.
It is increasingly putting more stringent security requirements on its suppliers and has launched a beta program that allows customers to analyze its products in a highly secure environment before buying.
The efforts are intended to introduce more transparency to allay growing concerns over how supply chains could be opportunistically used by spies and cybercriminals.
"I worry about manipulation, espionage and disruption," said Edna Conway, chief security officer of Cisco's global value chain, in a recent interview. "We worry about tainted solutions, counterfeit solutions and the misuse of intellectual property."To read this article in full or to leave a comment, please click here
The Blackhole exploit kit has made a surprising reappearance two years after cybercriminals stopped using it, according to security vendor Malwarebytes.Exploit kits are frameworks planted on Web pages that try to find software flaws on the computers in order to silently install malware.Blackhole was one of most popular exploit kits, but it faded from prominence after its alleged creator, who went by the nickname Paunch, was arrested in Russia. The kit was sold or rented to other cybercriminals in the underground economy for hacking tools.To read this article in full or to leave a comment, please click here
In the first criminal copyright infringement sentence imposed for a cyberlocker operator in the United States, the owner of the RockDizMusic.com got 36 months in prison and ordered to forfeit $50,851.05 and pay $48,288.62 in restitution.The US Department of Justice said Rocky Ouprasith, 23, of Charlotte, North Carolina operated RockDizMusic.com, a website originally hosted on servers in France and later in Canada, from which Internet users could find and download infringing digital copies of popular, copyrighted songs and albums.+More on Network World: 17 Real Big Sci/Tech projects+To read this article in full or to leave a comment, please click here