Archive

Category Archives for "Network World Security"

New products of the week 11.16.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Blue Jeans 3.0Key features: new integrations and centralized control, ROI and management tools. Specifically, Blue Jeans 3.0 will include: A refreshed and unified user interface offering new audio capabilities and one-click connections; WebRTC support for Google Chrome, including a new user interface, new audio capabilities, and usability improvements for frictionless meeting entry. More info.To read this article in full or to leave a comment, please click here

REVIEW: Best VPN routers for small business

We looked at six VPN routers designed for small businesses, ranging from the popular Cisco brand to lesser-known names like DrayTek and UTT Technologies. We setup and evaluated each to determine how they compare in regards to price, features, and user-friendliness. When choosing a VPN router, you want to pick one that supports the VPN protocol of your choice. If you’re look for an IPSec VPN, consider those that provide a way to simplify the configuration, such as the Cisco, Linksys or Netgear units. If you’re looking for a wide variety of VPN options, consider D-Link. If you’re looking for an inexpensive option, consider UTT Technologies. And if you’re looking for unique features, consider the DrayTek unit, or their other models with integrated Wi-Fi, fiber, or VoIP support.To read this article in full or to leave a comment, please click here

Hacktivists claim ISIS terrorists linked to Paris attacks had bitcoin funding

During Dateline coverage after the terrorist attacks on Paris, Lestor Holt asked, “Does this change the game in terms of intelligence?”Andrea Mitchell replied, “It does,” before discussing how intelligence missed any type of communication regarding the coordinated attacks. She added, “There’s such good surveillance on cell phones and there’s such good communications ability by the intelligence gathering in Europe, especially in France, especially in Great Britain and in the United States. So they may have been communicating via social media or through codes. And that’s the kind of thing that is very concerning to U.S. intelligence.”To read this article in full or to leave a comment, please click here

BitLocker encryption can be defeated with trivial Windows authentication bypass

Companies relying on Microsoft BitLocker to encrypt the drives of their employees' computers should install the latest Windows patches immediately. A researcher disclosed a trivial Windows authentication bypass, fixed earlier this week, that puts data on BitLocker-encrypted drives at risk.Ian Haken, a researcher with software security testing firm Synopsys, demonstrated the attack Friday at the Black Hat Europe security conference in Amsterdam. The issue affects Windows computers that are part of a domain, a common configuration on enterprise networks.When domain-based authentication is used on Windows, the user's password is checked against a computer that serves as domain controller. However, in situations when, for example, a laptop is taken outside of the network and the domain controller cannot be reached, authentication relies on a local credentials cache on the machine.To read this article in full or to leave a comment, please click here

Stupidity rules: Almost 24 aircraft hit with lasers in one night

Maybe it was a full moon or maybe all the dolts just came out at once, but the Federal Aviation Administration reported that lasers hit nearly two dozen aircraft across the US last night. Sadly the average number of laser strikes on aircraft is about 16 per day. FBI The FAA said three laser strikes were reported in the New York City/Newark, N.J early in the evening, followed by three incidents in Texas, where jets were struck while preparing to land at Dallas Love Field. By late evening, pilots reported laser incidents in cities from Dallas to Los Angeles and San Juan.To read this article in full or to leave a comment, please click here

CISO bets on cloud security services to protect data

In what could be considered an unusual move at a time when most companies choose to keep their cybersecurity tools on-premises, John Graham, CISO for Jabil Circuit, says the manufacturing services company is adopting more cloud security services. Graham says that moving to the cloud lets the company focus on its core business of making high-precision molds, mechanical tools and medical devices. More specifically, it allows his tech staff to focus on threat analytics. Graham expects Jabil’s cloud migration strategy to become the rule rather than the exception. John Graham, CISO for Jabil Circuit.To read this article in full or to leave a comment, please click here

Intralinks is built from the ground up for secure enterprise file sharing and collaboration

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  Close to 20 years ago I was working with a company in the process of a blockbuster merger with a competitor. The company set up numerous closed-door "clean rooms" at headquarters where teams from both companies could work through the details of the proposed deal. Scores of people from the target company came to town and lived in hotels for weeks on end.Those of us not on the merger team watched daily as boxes of documents were carted into the clean rooms. We assumed the boxes contained each company's most sensitive business information. The people in those rooms were charged with deciding if the merger was the right thing to do. They hoped the answers would be found in those precious documents. Apparently they were because the merger went through.To read this article in full or to leave a comment, please click here

Continuous integration tools can be the Achilles heel for a company’s IT security

Some of the most popular automated software building and testing tools used by developers have not been designed with security in mind and can open the door for attackers to compromise enterprise networks.These so-called continuous integration (CI) tools allow developers to automatically create software builds when code changes are contributed by developers to a central repository. The creation of these builds, which are used for quality control, is coordinated by a CI master server based on predefined rules and done on CI slave machines.If hackers manage to access a CI master server, they can steal proprietary source code, but also gain the ability to execute commands on all the machines that operate as CI slaves, security researcher and penetration tester Nikhil Mittal said Friday in a presentation at the Black Hat Europe security conference in Amsterdam. "This access could be used for lateral movement to get access to more machines."To read this article in full or to leave a comment, please click here

Ransom attacks likely to fade as small email providers resist

The spate of cyberattacks against email providers is likely to pass with time as they refuse to pay ransoms. But that doesn't mean the attacks haven't cost them. Since early this month, the list of companies that have been attacked has grown longer: first ProtonMail of Switzerland, followed by HushMail, RunBox, VFEmail, Zoho and FastMail of Australia. The companies have typically received extortion requests by email asking for 10 or 20 bitcoins in exchange for not being subjected to distributed denial-of-service (DDoS) attacks. DDoS attacks involve sending a large amount of data traffic to a company's network, causing the service to choke and go offline.To read this article in full or to leave a comment, please click here

Don’t trust that USB drive!

Picture this: You go to a trade show and you collect your allocation of freebies: Teeshirts, hats, USB drives, and so on. You get  back to your room or, more likely, you get back to your office and you start sorting out your haul of tschotskes. You plug one of the nerd sticks into your computer and then this happens: Suddenly your day has taken a nosedive. To read this article in full or to leave a comment, please click here

Cybercriminals turn to video ads to plans malware

Cybercriminals have been delivering malware through online display ads for years, but they appear to be making headway with a new distribution method: video advertisements.Both methods of attack, known as malvertising, can have a broad impact and are a major headache for the ad industry. A single malicious advertisement, distributed to several highly trafficked sites, can expose tens of thousands of computers to malware in a short time.Some ad networks and publishers have taken steps to vet their ads more thoroughly, but criminals are constantly on the lookout for weaknesses.An attack detected about two weeks ago shows how cybercriminals are showing more interest in creating malicious video ads.To read this article in full or to leave a comment, please click here

Cybercriminals turn to video ads to plant malware

Cybercriminals have been delivering malware through online display ads for years, but they appear to be making headway with a new distribution method: video advertisements. Both methods of attack, known as malvertising, can have a broad impact and are a major headache for the ad industry. A single malicious advertisement, distributed to several highly trafficked sites, can expose tens of thousands of computers to malware in a short time. Some ad networks and publishers have taken steps to vet their ads more thoroughly, but criminals are constantly on the lookout for weaknesses. An attack detected about two weeks ago shows how cybercriminals are showing more interest in creating malicious video ads.To read this article in full or to leave a comment, please click here

Lapsed Apple certificate triggers massive Mac app fiasco

A lapsed Apple digital certificate today triggered a massive app fiasco that prevented Mac users from running software they'd purchased from the Mac App Store. "Whenever you download an app from the Mac App Store, the app provides a cryptographically-signed receipt," explained Paul Haddad, a co-founder of Tapbots, the company behind the popular Tweetbot Twitter client, in an email reply to questions today. "These receipts are signed with various certificates with different expiration dates. One of those is the 'Mac App Store Receipt Signing;' that expires every two years. That certificate expired on 'Nov 11 21:58:01 2015 GMT,' which caused most existing App Store receipts to no longer be considered valid."To read this article in full or to leave a comment, please click here

IDG Contributor Network: How vulnerable are the internet’s undersea cables?

With a recent New York Times article expressing concern from military officials that some undersea internet-carrying cables are susceptible to submarine-attack by Russians, a few questions come to mind:Should we be worried? Just how much data do these cables carry? And where are they anyway?Mariners "Not many people realize that undersea cables transport nearly 100% of transoceanic data traffic," writes Nicole Starosielski in The Conversation.To read this article in full or to leave a comment, please click here

EU wants US companies to report intelligence agency data access requests

The European Union wants U.S. businesses to report when U.S. intelligence agencies request access to data they hold about Europeans; the reporting is one of the conditions EU negotiators are imposing for signature of a new Safe Harbor agreement. Since Edward Snowden's revelations about the U.S. surveillance of Internet traffic, European Commission officials have been negotiating better privacy protection for Europeans' personal information transferred to the U.S. But since the Court of Justice of the EU struck down the 2000 Safe Harbor data transfer agreement last month, the negotiations have become more urgent. More than 4000 U.S. companies relied on the agreement to process Europeans' data, either for their own use or in order to deliver services to European businesses, and although other legal mechanisms exist allowing them to continue operations, those mechanisms are also increasingly falling under suspicion.To read this article in full or to leave a comment, please click here

Half of U.S. businesses have no formal BYOD policy for security

Years after the widespread adoption of workplace smartphones, more than half of U.S. companies said they have no formal BYOD (bring your own device) policy to safeguard their enterprises, according to a survey. The survey of 447 businesses of all sizes was conducted over the summer by systems integrator Champion Solutions Group. It found that 53% of those businesses haven't implemented a formal BYOD policy, while more than one-fourth confessed they have no systematic security approach, much less a formal policy. The survey findings are "ridiculous … surprising," said Champion CEO Chris Pyle, in an interview. Mobile security best practices have been promulgated by analysts and security firms for more than a decade to protect sensitive corporate data, but there is apparently widespread variation about how companies implement security for BYOD workers.To read this article in full or to leave a comment, please click here

Juniper Networks taps new security CTO

Juniper Networks this week said it named former Walmart information security executive Kevin Walker as its new security CTO, replacing Christofer Hoff, who left last June.Walker will report to Jonathan Davidson, executive vice president and general manager of Juniper Development and Innovation. He will help lead the security strategy within Juniper and guide the company’s security product roadmap.To read this article in full or to leave a comment, please click here

Self-encrypting drives are hardly any better than software-based encryption

Companies relying on self-encrypting drives (SEDs) to secure data stored on their employees' laptops should be aware that this technology is not immune to attack and should carefully consider whether they want to use this rather than software-based approaches.Daniel Boteanu and Kevvie Fowler from KPMG Canada demonstrated three data recovery methods against laptops using SEDs at the Black Hat Europe security conference in Amsterdam Thursday.Self-encrypting drives perform the data encryption and decryption operations on a dedicated crypto processor that is part of the drive controller. That gives them several, mainly performance-related, benefits compared to software-based encryption products which rely on the CPU.To read this article in full or to leave a comment, please click here

Patch Tuesday Windows security update rendered Outlook unusable for many

Users of Microsoft Outlook for Windows reportedly ran into numerous problems on Wednesday, after Microsoft issued a buggy—but critical—security patch. As noted by ZDNet, users reported that the program became crash-prone after installing update KB3097877, particularly when loading HTML messages. In some cases users would see only a black screen when trying to log in. The problems reportedly occurred in all versions of Outlook on Windows 7 and Windows 8.1, but Windows 10 appeared to be unaffected. “Had a fleet of mission-critical tablets break today because of this,” one system administrator wrote on Reddit. “Was not a fun morning.”To read this article in full or to leave a comment, please click here