Archive

Category Archives for "Network World Security"

Study: 81% of large health care organizations breached

In the past two years, 81 percent of hospitals and health insurance companies have had a data breach, according to a report released by KPMG."These are all incidents where they have determined they lost data," said Greg Bell, Cyber US Leader at KPMG. "This wasn't just a malware or a virus infection -- it actually went to exfiltration."The study surveyed 223 senior technology and security executives at health care organizations with over $500 million in annual revenues.However, only 66 percent of the insurance executives and 53 percent of hospital executives said they said that they were prepared for an attack.To read this article in full or to leave a comment, please click here

Employees put business data at risk by installing gambling apps on their phones

If you work for a large, global company, chances are some of your peers have installed gambling apps on the mobile devices they use for work, and that's bad news for IT security.A study has found that the average company has more than one such gambling application in some employee devices, putting corporate data stored on those devices at risk.The analysis was performed by security firm Veracode, which scanned hundreds of thousands of mobile apps installed in corporate mobile environments. The study found that some companies had as many as 35 mobile gambling apps on their network environment.The company tested some of the most popular gambling apps it detected in corporate environments for potential security risks and found critical vulnerabilities that could enable hackers to gain access to a phone's contacts, emails, call history and location data, as well as to record conversations.To read this article in full or to leave a comment, please click here

HP beefs up enterprise security suite with tools to root out malware, app vulnerabilites

Hewlett-Packard has devised two new ways of securing enterprise systems in the endless war on malicious network attackers.One service inspects the Internet addresses being requested by employees for malicious links and the other service learns how an organization's coders write their programs.The two new releases aim to "protect the interactions among your most valuable assets: your users, your applications and your data," said Frank Mong, HP vice president of solutions. The company announced the new software at the HP Protect security conference, held this week near Washington.HP DNS Malware Analytics (DMA) monitors outbound DNS (Domain Name System) requests to ensure employee browsers aren't contacting rogue or malware Web sites. A DNS server provides specific numeric Internet addresses to end-user computers requesting Web sites by their domain names.To read this article in full or to leave a comment, please click here

Verizon to introduce SDN security feature later this month

Verizon will introduce a virtualized firewall service across its global network later this month, part of its move into software-defined networking.The aim is to help businesses such as manufacturers or retailers, who may be running networks in far-flung places, to have better security when connecting their applications to the corporate network, said Shawn Hakl, head of network platforms and managed services for Verizon Enterprise Solutions.The type of organizations Verizon is aiming to attract are those running a Layer 3 private network who may want a better and more reliable connection for people using mobile apps.Mobile users will connect to whatever network is available and then onto Verizon's private network, Hakl said. Applications can securely connect, and the traffic can be put through the usual security inspections before it goes into the corporate network.To read this article in full or to leave a comment, please click here

VMware pitches network virtualization for better security

VMware is making a case that network virtualization can improve security in the enterprise.VMware, one of the biggest proponents of virtualizing the entire data center, says CIOs concerned about protecting their IT infrastructures from attackers should look at virtual networking, which has been around a while but isn't as popular as server virtualization."The security industry is messy and complicated, and we spend the bulk of our dollars on products that don't really solve the problem. It simply isn't working," said Pat Gelsinger, VMware CEO, in a keynote talk at the VMworld conference in San Francisco.To read this article in full or to leave a comment, please click here

Shadow BYOD runs rampant in federal government

Government CIOs have been struggling mightily with developing prudent policies to enable employees to use their personal mobile devices for work without putting sensitive information at risk or otherwise compromising the security of agency systems.[ All About BYOD: Strategies, Resources, News and More ]As it turns out, many federal employees haven't been waiting for those policies to take effect before introducing their devices into the workplace.To read this article in full or to leave a comment, please click here

Popular Belkin Wi-Fi routers plagued by unpatched security flaws

If your Wi-Fi network is using the popular Belkin N600 DB router, be warned: it may have several vulnerabilities that could allow hackers to take it over.Remote unauthenticated attackers could exploit the vulnerabilities to spoof DNS (Domain Name System) responses and direct users to rogue websites or trick users' browsers to change the device configuration, the CERT Coordination Center (CERT/CC) at Carnegie Mellon University said Monday in an advisory.Furthermore, attackers with access to the local area network could bypass an affected router's authentication and take complete control over it, CERT/CC said.To read this article in full or to leave a comment, please click here

Cybercrooks quickly bypass Adobe Flash Player’s improved security protections

As of today, Google's Chrome browser will automatically pause ads that use Flash by default. Most Flash ads were converted to HTML5 and those HTML5 ads will still work. Flash can quickly suck the power from a laptop battery, but even worse is the never-ending supply of Flash vulnerabilities.Supposedly, the version of Flash Player released in July had "additional protections to make entire classes of security flaws much harder to exploit in the future." The future is now then, because cybercriminals have wasted no time circumventing those extra security protections.To read this article in full or to leave a comment, please click here

Intel says GPU malware is no reason to panic, yet

Malware that runs inside GPUs (graphics processing units) can be harder to detect, but is not completely invisible to security products.Researchers from Intel division McAfee Labs teamed up with members of Intel's Visual and Parallel Computing Group to analyze a proof-of-concept GPU malware program dubbed JellyFish that was released in March.Their conclusion, which was included in McAfee's latest quarterly threat report, is that running malicious code inside GPUs still has significant drawbacks and is not nearly as stealthy as its developers suggested.To read this article in full or to leave a comment, please click here

DARPA looking to sling and recover drones from aircraft motherships

The Defense Advanced Research Projects Agency is moving forward with a program that will launch and recover volleys of small unmanned aircraft from one or more existing large airplanes such as B-52s, B-1s or C-130s.The Gremlins program has as a goal to launch groups of drones or gremlins from large aircraft such as bombers or transport aircraft, as well as from fighters and other small, fixed-wing platforms while those planes are out of range of adversary defenses. When the gremlins complete their mission, a C-130 transport aircraft would retrieve them in the air and carry them home, where ground crews would prepare them for their next use within 24 hours, DARPA said.To read this article in full or to leave a comment, please click here

Intel: Criminals getting better at data exfiltration

Enterprises tend to be highly focused on keeping attackers out of their systems, but most of the actual damage happens not when the bad guys first break in, but when they're able to successfully steal data -- and the techniques they're using to do this are getting steadily more sophisticated.One of the ways that attackers evade detection is to disguize the data before sending it out, according to a new report from Intel Security."They are compressing the data so that it's smaller in size, or making it look like something else," said Intel Security CTO Steve Grobman. "Or they cut it up into little pieces and send the pieces to different places, so that the attacker can then pick up all the chunks and reassemble them."To read this article in full or to leave a comment, please click here

The Web’s ten most dangerous neighborhoods

Wouldn't it be convenient if all the spam and malware sites were all grouped together under one top-level domain -- .evil, say -- so that they would be easy to avoid? According to a new study from Blue Coat, there are in fact ten such top-level domains, where 95 percent or more of sites pose a potential threat to visitors.The worst offenders were the .zip and the .review top-level domains, with 100 percent of all sites rated as "shady," according to the report.The report is based on an analysis of tens of millions of websites visited by Blue Coat's 75 million global users. In order to protect its customers, Blue Coat has a database where it ranks websites on whether they have legitimate content, or malware, spam, scams, phishing attacks or other suspicious behaviors.To read this article in full or to leave a comment, please click here

Bought a brand-new phone? It could still have malware

A new phone is supposed to be a clean slate. But alarmingly, that's not always the case.Security company G Data has identified more than 20 mobile phones that have malware installed despite being marketed as new, according to a research report. And it doesn't appear the infection is occurring during manufacturing."Somebody is unlocking the phone and putting the malware on there and relocking the phone," said Andy Hayter, security evangelist for G Data.Many of the suspect phones are sold in Asia and Europe through third parties or middleman and aren't coming directly from the manufacturers, Hayter said.Brands of affected phones include Xiaomi, Huawei, Lenovo, Alps, ConCorde, DJC, Sesonn and Xido.To read this article in full or to leave a comment, please click here

Former Secret Service agent admits $820K Silk Road theft

A former Secret Service agent admitted Monday to stealing US$820,000 worth of bitcoins from Silk Road vendors during the investigation of the online contraband market.Shaun W. Bridges, 32, of Laurel, Maryland, pleaded guilty in the U.S. District Court for the Northern District of California to money laundering and obstruction of justice. He is scheduled for sentencing on Dec. 7, according to prosecutors.Bridges was one of two federal investigators charged with crimes committed during the probe of the Silk Road, which was shut down in October 2013.To read this article in full or to leave a comment, please click here

Tired of memorizing passwords? A Turing Award winner came up with this algorithmic trick

Passwords are a bane of life on the Internet, but one Turing Award winner has an algorithmic approach that he thinks can make them not only easier to manage but also more secure.The average user has some 20 passwords today, and in general the easier they are to remember, the less secure they are. When passwords are used across multiple websites, they become even weaker.Manuel Blum, a professor of computer science at Carnegie Mellon University who won the Turing Award in 1995, has been working on what he calls "human computable" passwords that are not only relatively secure but also don't require us to memorize a different one for each site. Instead, we learn ahead of time an algorithm and a personal, private key, and we use them with the website's name to create and re-create our own unique passwords on the fly for any website at any time.To read this article in full or to leave a comment, please click here

Russia, China said to use hacked databases to find US spies

Foreign spy agencies, including those from Russia and China, are cross-checking hacked databases to identify U.S. intelligence operatives, according to a news report.One secret network of U.S. engineers and scientists providing technical assistance to the country's overseas undercover agencies has been compromised, according to a story Monday in the Los Angeles Times.Foreign intelligence agencies are cross-referencing several compromised databases, whose information includes security clearance applications and airline records, to identify U.S. intelligence agents, the report said.To read this article in full or to leave a comment, please click here

Attivo brings deception technology to Amazon Web Services

Attivo Networks, a startup launched last year, has upgraded its deception technology so businesses can deploy it within the portion of their corporate cloud that is hosted by Amazon Web Services.That means customers can lure attackers to what looks like legitimate physical and virtual machines among their production AWS resources. It lets attackers carry out their exploits harmlessly to see what damage they are trying to do. This information can be used to find instances of the attack against real physical and virtual machines that are in use.+More on Network World: FBI: Major business e-mail scam blasts 270% increase since 2015+To read this article in full or to leave a comment, please click here

U.S. readies sanctions against China for cyber-spying

The U.S. government is working on a sanctions package against Chinese firms and individuals for cyber-espionage activities against U.S. companies, the Washington Post reported. This move comes after months of cyber-attacks on companies and government agencies which have been linked to China.The sanctions will impose costs for economic cyber-spying and not government-to-government intelligence activities. As a result, the incidents the package will cover do not include the Office of Personnel Management breach from earlier this year, because that attack was deemed to be part of traditional intelligence.To read this article in full or to leave a comment, please click here

Behind the scenes: Security operations at the Little League World Series

Each year in late August, the Little League World Series (LLWS) in South Williamsport, Pa., kicks-off. However, before the games, there’s a ramp –up on security at the Little League Baseball World Series Complex, which requires months of preparation and planning. Part of this ramp-up requires implementing temporary, yet supremely effective, security measures on top of what’s already in place, says Jim Ferguson, Director of Security for the LLWS. The LLWS has been fortunate to have several electronic security companies, including AXIS Communications, Extreme Networking, and Lenel, volunteer their time and equipment for the event for the past 17 years, Ferguson says. These companies donate cameras, access control, and wireless networking.To read this article in full or to leave a comment, please click here

Will self-driving cars become terrorists’ best friends?

Uber snapped up car hackers Charlie Miller and Chris Valasek. Miller, who had worked on Twitter’s security team, and Valasek, who had been working as Director of Vehicle Security Research at IOActive, will now join “dozens of autonomous vehicle experts hired from Carnegie Mellon University” working at Uber’s Advanced Technologies Center.To read this article in full or to leave a comment, please click here