Archive

Category Archives for "Network World Security"

IDG Contributor Network: Why every business needs a WISP

If you don't have a written information security program (WISP) in place for your business, then you could be risking data theft, legal action, and punitive fines. The law in many states now dictates that you must take steps to safeguard personal information. They vary in strictness, but there are nearly 50 different regulations you need to cater for if you're doing business across the United States.You can't afford to bury your head in the sand and assume it will never happen to you. Research from the Identity Theft Resource Center (PDF) shows an alarming rise in incidences of personal data theft every year since they started recording. They report 783 breaches last year, compared to just 157 in 2005.To read this article in full or to leave a comment, please click here

8 new threat intelligence products to make you bulletproof

Threat intelligence + big data = real securityImage by ThinkstockThreat Intelligence and the use of data to flag critical security indicators were popular topics in Las Vegas at the Black Hat conference in early in August –and for good reason. As enterprises struggle to understand their network vulnerabilities, they have to consider the many layers of defense needed to secure their most valuable data. Security teams are inundated with threat data and overburdened by the need to allot countless man-hours to the task of weeding out the noise from the real threats.To read this article in full or to leave a comment, please click here

Microsoft issues out-of-band patch for critical Internet Explorer flaw

Wikimedia A dangerous flaw in Internet Explorer has prompted Microsoft to issue a patch outside its regularly scheduled monthly security updates in order to head off a known exploit of the vulnerability.The company has issued a security bulletin that describes how users who are lured to specially crafted webpages could have attackers take over control of their computers with the same rights as the user who logged into the machine.To read this article in full or to leave a comment, please click here

Adobe patches important flaw in LiveCycle Data Services

Adobe Systems released a security patch for LiveCycle Data Services, a development tool used by businesses to synchronize data between back-end servers and rich Internet applications built with Adobe Flex or AIR. The hotfix is available for LiveCycle Data Services 3.0.0, 4.5.1, 4.6.2 and 4.7.0 and addresses a vulnerability that could lead to information disclosure. The flaw is tracked as CVE-2015-3269 in the Common Vulnerabilities and Exposures database and is rated important by Adobe. The issue is associated with parsing crafted XML entities and falls into a class of vulnerabilities known as XML External Entity (XXE).To read this article in full or to leave a comment, please click here

How Adblock Plus could work as malware protection

Last week I discussed one of the pros of ad blockers – how they could significantly reduce the amount of network traffic consumed by pesky advertising, especially auto-playing videos.As I said then and will repeat now, it's a double-edged sword. On the one hand, I don't blame users of ad blockers, now numbering close to 200 million worldwide. Ads are obnoxious. They aren't content to just be there, they have to grab you, oftentimes rudely. See also: Adblock Plus could improve network performance, too At the same time, Network World and every other tech news site lives and dies by ads, so I and everyone else published here (plus those folks behind the scenes) need you to see and click on those ads.To read this article in full or to leave a comment, please click here

Microsoft issues emergency patch for zero-day IE flaw being exploited in the wild

Microsoft issued an emergency out-of-band security update on Tuesday to address a zero-day vulnerability in Internet Explorer. All supported versions of Internet Explorer need to be patched as the remote code execution vulnerability is actively being exploited in the wild. While some publications have reported the hole is not being exploited, Microsoft listed "yes" under "exploited."MS15-093 is rated critical for Internet Explorer 7 to 11, which happen to be all supported versions of IE on Windows clients; it's rated moderate for Windows servers. The patch addresses the vulnerability by modifying how IE handles objects in memory.To read this article in full or to leave a comment, please click here

Keep these cybersecurity holidays marked on your calendar

It’s no happy day for enterprises when cyber thugs celebrate their favorite ‘holidays’—special days when they attack with even more cunning and fervor. Learn these days and get ready to respond to related exploitations.  Software Support Retirement / End of Support Day. This is the date when support ends for any OS or software package. Unsupported software leaves enterprises open to attack. Because the vendor will no longer make general releases of security patches, each new hole attackers uncover will remain vulnerable. To prepare for this day and defend the enterprise against such attacks, investigate the availability of extended support offered by the vendor at a premium. Weigh that cost against an investment in deploying the latest software product or version that replaces the older product. Either of these avenues is going to cost you.To read this article in full or to leave a comment, please click here

Internet company Web.com hit by credit card breach

Hackers breached the computer systems of Internet services provider Web.com Group and stole credit card information of 93,000 customers.According to a website set up by the company to share information about the incident, Web.com discovered the security breach on Aug. 13 as part of its ongoing security monitoring.Attackers compromised credit card information for around 93,000 accounts, as well as the names and addresses associated with them. No other customer information, like social security numbers was affected, the company said.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers According to the company, the verification codes for the exposed credit cards were not leaked. However, there are websites on the Internet that don't require such codes for purchases.To read this article in full or to leave a comment, please click here

Cisco: Flash exploits are soaring

Cisco is reporting that successful exploits of Flash vulnerabilities are soaring, partly because they are rapidly being incorporated in kits that take advantage of the flaws as well as because enterprises aren’t patching fast enough, which leaves them open to attack.For the first five months of 2015, the Common Vulnerabilities and Exposures project has reported 62 Adobe Flash Player vulnerabilities that resulted in code execution on user machines, Cisco says in its 2015 Midyear Security Report.To read this article in full or to leave a comment, please click here

Russian cyberspies targeted punk rock band Pussy Riot

A closely watched band of suspected Russian hackers have spied on domestic targets, including two members of the outspoken punk rock band Pussy Riot.Trend Micro said the group, which it refers to as Pawn Storm, has also targeted a software developer in Russia, politicians, artists and journalists in the country.“Pawn Storm’s targets have mostly been external political entities outside of Russia, but after our analysis we found that a great deal of targets can actually be found within the country’s borders,” wrote Feike Hacquebord, a Trend Micro threat researcher, in a blog post on Tuesday.To read this article in full or to leave a comment, please click here

Hackers release full data dump from Ashley Madison, extramarital dating site

AshleyMadison.com's owner said Tuesday it is examining a large batch of data posted online by hackers who breached the website last month. A group calling itself Impact Team initially posted a sample of the data online on July 19, giving the site's owner, Avid Life Media, a month to shut down AshleyMadison.com and another site, Establishedmen.com. The group in part contested the moral position of Ashley Madison, which caters to people seeking extramarital affairs.  Avid Life Media, based in Toronto, said in a statement that it is "actively monitoring and investigating this situation to determine the validity of any information posted online."To read this article in full or to leave a comment, please click here

Microsoft pushes emergency update for Internet Explorer vulnerability

Windows users are encouraged to update their computers as soon as possible, after Microsoft pushed out a patch for an issue in Internet Explorer that lets attackers remotely run malicious code with whatever privileges the current user has.  The "Critical" vulnerability affects Internet Explorer versions 7 through 11 on Windows 7, 8, 8.1, 10 and Vista. Windows Server 2008, 2012, 2012 R2 and the Windows Server Technical Preview are all effected, but Internet Explorer runs in a "Enhanced Security Configuration" that should mitigate the effects of this problem. The "out-of-band" patch was released outside Microsoft's typical Patch Tuesday release cycle and allows users and administrators to update their computers quickly. To read this article in full or to leave a comment, please click here

DARPA wants low-power chips that handle high-impact applications

DARPA DARPA’s  Circuit Realization At Faster Timescales (CRAFT) program aims to make it easier, faster and cheaper to design custom circuits akin to this one, which was specially designed to provide a range of voltages and currents for testing an infrared sensor device that had been a candidate for an orbiting telescope. Heavyweight 3D imagery and complex unmanned aircraft systems are just two applications that beg for the low power, high performance custom integrated circuits the researchers at the Defense Advanced Research Projects Agency are looking to build.To read this article in full or to leave a comment, please click here

Anti-privacy award for most monitoring across the web goes to U.S. wireless carriers

Wireless carriers worldwide are still tracking users via "supercookies" or "perma-cookies," yet Americans are tracked by U.S. wireless carriers more than any other carrier in any other country, according to a new report by the digital rights group Access. "Injecting tracking headers out of the control of users, without their informed consent, may abuse the privileged position that telcos occupy." Those tracking headers "leak private information about users and make them vulnerable to criminal attacks or even government surveillance."It came to light in 2014 that Verizon Wireless and AT&T were injecting special tracking headers, aka "supercookies," to secretly monitor users' web browsing habits. So Access setup the "Am I being tracked?" website for users to find out if their mobile carriers were tracking the websites they visited on their phone. More than 200,000 people from 164 different countries tried out the Amibeingtracked tool; 15.3% were being tracked by tracking headers deployed by their wireless carriers. Of those, the most monitoring occurred in the U.S.To read this article in full or to leave a comment, please click here

Another serious vulnerability found in Android’s media processing service

Pixabay Android The Android service that processes multimedia files has been the source of several vulnerabilities recently, including a new one that could give rogue applications access to sensitive permissions.The latest vulnerability in Android's mediaserver component was discovered by security researchers from antivirus firm Trend Micro and stems from a feature called AudioEffect.The implementation of this feature does not properly check some buffer sizes that are supplied by clients, like media player applications. Therefore it is possible to craft a rogue application without any special permissions that could exploit the flaw to trigger a heap overflow, the Trend Micro researchers said Monday in a blog post.To read this article in full or to leave a comment, please click here

Car hacking news: Ransomware threat could reach auto dealerships

It would be a heck of time to be shopping for a new set of wheels. The theme of digitally beating up cars continued with two teams of security researchers at the 24th USENIX Security Symposium.After two years of having their research suppressed by Volkswagen and a UK court, Flavio Garcia, Roel Verdult, and Baris Ege were finally able to present their research (pdf) at USENIX. The researcher paper details "how the cryptography and authentication protocol used in the Megamos Crypto transponder can be targeted by malicious hackers looking to steal luxury vehicles."To read this article in full or to leave a comment, please click here

IRS: Tax breach much worse than originally thought

The cyberattack on U.S. taxpayer data reported by the Internal Revenue Service earlier this year now appears to be much worse than originally thought, the agency announced Monday, with as many as 300,000 citizens now believed to be potential victims.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords Whereas in May the IRS reported that sensitive information of about roughly 100,000 taxpayers had been stolen by thieves through its "Get Transcript" online application, its latest estimates more than double that number. It's now believed that the thieves potentially gained access to more than 300,000 taxpayer accounts after attempting to breach more than 600,000.To read this article in full or to leave a comment, please click here

10 more security startups to watch

The emergence of cybersecurity startups has continued unabated as entrepreneurs vie for corporate customers seeking new technologies to battle ever increasing and innovative attackers. The expertise of these new companies range from various improvements to encryption products to analyzing the wealth of security-incident data gathered from networks to gear that detects the potentially malicious wireless activity of Internet of Things devices.MORE ON NETWORK WORLD: 10 young security companies to watch in 2015 Based on the continued interest in these startups from venture capital investors, these companies will continue to proliferate. Here are 10 more security startups we are watching and why.To read this article in full or to leave a comment, please click here

Darkode vendor of Facebook malware pleads guilty to one charge

A New York man pleaded guilty Monday to one federal spam-related charge for selling access to a botnet of Facebook accounts on a now-shuttered cybercriminal forum.Eric L. Crocker, 29, of Binghamton, New York, could face up to three years in prison and a US$250,000 fine, according to the U.S. Attorney's Office for the Western District of Pennsylvania. He was charged with violating the CAN-SPAM Act, according to a court document.Crocker was accused of selling access to a botnet he and others built of compromised Facebook accounts, according to the indictment. His customers used the access to send high volumes of spam.To read this article in full or to leave a comment, please click here

Gaming services, hosting companies hit with new type of DDoS attack

Gaming and hosting companies have been hit with a new kind of DDoS attack that could snowball without preventive steps, Level 3 Communications warned on Monday. Attackers have figured out how to abuse portmap services that have been left openly accessible on the Internet, said Dale Drew, chief security officer for Level 3. "We think it has the potential to be very, very bad," Drew said. Portmap, also referred to as RPCbind, is an open-source utility for Unix systems but also is in Windows. It maps network port numbers to available services. For example, portmap might be used if someone wants to mount a Windows drive from a Unix file system. Portmap would tell Unix where the drive is located and the right port number.To read this article in full or to leave a comment, please click here