Archive

Category Archives for "Network World Security"

SDN switches aren’t hard to compromise, researcher says

Software-defined switches hold a lot of promise for network operators, but new research due to be presented at Black Hat will show that security measures haven't quite caught up yet.Gregory Pickett, founder of the Chicago-based security firm Hellfire Security, has developed several attacks against network switches that use Onie (the Open Network Install Environment).Onie is a small, Linux based operating system that runs on a bare-metal switch. A network operating system is installed on top of Onie, which is designed to make it easy and fast for the OS to be swapped with a different one.To read this article in full or to leave a comment, please click here

File sync services provide covert way to control hacked computers

File synchronization services, used to accommodate roaming employees inside organizations, can also be a weak point that attackers could exploit to remain undetected inside compromised networks.Researchers from security firm Imperva found that attackers could easily hijack user accounts for services from Dropbox, Google Drive, Microsoft OneDrive and Box if they gain limited access to computers where such programs run—without actually stealing user names and passwords.Once the accounts are hijacked, attackers could use them to grab the data stored in them, and to remotely control the compromised computers without using any malware programs that could be detected by antivirus and other security products.To read this article in full or to leave a comment, please click here

China to plant Internet police in top online firms

China’s control over the Internet is set to expand. In a bid to better police local websites, the country’s security forces are establishing offices at the biggest online firms in the country.The country’s Ministry of Public Security announced the new measures on Tuesday, at a time when authorities have been increasingly concerned also about cyberthreats.Websites based in China already have to abide by strict provisions for online censorship, and will often delete any content deemed offensive by government censors.To read this article in full or to leave a comment, please click here

Sounds can knock drones out of the sky

Knocking a drone out of the sky is sometimes possible using an invisible weapon—sound.The vulnerability in some drones comes from a natural property of all objects—resonance. Take a wine glass: if a sound is created that matches the natural resonant frequency of the glass, the resulting effects could cause it to shatter.The same principle applies to components inside drones. Researchers at the Korea Advanced Institute of Science and Technology (KAIST) in Daejon, South Korea, analyzed the effects of resonance on a crucial component of a drone, its gyroscope. Their paper will be presented next week at the 24th USENIX Security Symposium in Washington, D.C.To read this article in full or to leave a comment, please click here

NetSol’s new con; renewing unwanted .xyz domains

My friend Michael Williams, a private investigator based in Santa Barbara, Calif., is really pissed off with Network Solutions. This is what made him mad: Mike Williams That’s from an email message he received from Network Solutions a couple of weeks ago and Mike’s problem is that he doesn’t own the domain mswssi.xyz. While Mike does own the domains mswssi.com, mswssi.net, and mswssi.org this was a domain he knew nothing about so the letter made no sense. Mike called Network Solutions customer service and discovered that he had been “given” the domain by the company but, to his knowledge, had never been told anything about it. To read this article in full or to leave a comment, please click here

How to setup a local account in Windows 10 during or after installation

You can setup a local account in Windows 10 during a clean installation and you can also setup a local account after installing Windows 10 using a Microsoft account. The process is a bit more straightforward than it was in Windows 8. If you wanted to create a local account in Windows 8.1, Microsoft made you jump through hoops and numerous screens before finally selecting “Sign in without a Microsoft account (not recommended).” Skip down to the second half if you want to know how to create a local account while installing Windows 10.To read this article in full or to leave a comment, please click here

How to set up a local account in Windows 10 during or after installation

You can setup a local account in Windows 10 during a clean installation, as well as after installing Windows 10 using a Microsoft account. The process is a bit more straightforward than it was with Windows 8.If you wanted to create a local account in Windows 8.1, Microsoft made you jump through hoops and numerous screens before finally selecting "Sign in without a Microsoft account (not recommended)." Skip down to the second half if you want to know how to create a local account while installing Windows 10.To read this article in full or to leave a comment, please click here

EFF-led group wants to give do-not-track some bite

For years now, checking the “do-not-track” option on your browser has been little more than wishful thinking on the part of users who care about privacy online. But now a group led by the Electronic Frontier Foundation is looking to make that a more meaningful action.The EFF and others have published a standard policy it hopes advertisers, analytics companies and publishers will adopt in order to respect the wishes of users who don’t want to be tracked online. Getting the support needed to make a real difference will be an uphill battle, they acknowledge.To read this article in full or to leave a comment, please click here

EFF-led group wants to give do-not-track some bite

For years now, checking the “do-not-track” option on your browser has been little more than wishful thinking on the part of users who care about privacy online. But now a group led by the Electronic Frontier Foundation is looking to make that a more meaningful action.The EFF and others have published a standard policy it hopes advertisers, analytics companies and publishers will adopt in order to respect the wishes of users who don’t want to be tracked online. Getting the support needed to make a real difference will be an uphill battle, they acknowledge.To read this article in full or to leave a comment, please click here

Senate heads toward vote on CISA cyberthreat info sharing bill

The U.S. Senate could take a preliminary vote as soon as Wednesday on a controversial bill intended to encourage businesses to share cyberthreat information with each other and with government agencies, despite concerns that the legislation would allow the widespread sharing of personal customer data.Senate leaders are attempting to iron out compromise language to address privacy concerns in the Cybersecurity Information Sharing Act (CISA), but if no compromise is reached Senate Majority Leader Mitch McConnell will schedule a so-called cloture vote on Wednesday morning, said a spokesman for McConnell, a Kentucky Republican.A cloture vote would limit debate on the bill and move the Senate toward final passage, potentially before the Senate leaves for a four-week summer recess this weekend.To read this article in full or to leave a comment, please click here

FAA has approved more than 1,000 drone exemptions

The Federal Aviation Administration today said it has issued 1,008 exemptions to businesses wanting to fly unmanned aircraft in the national airspace.The FAA said most of the exemptions allow aerial filming for uses such as motion picture production, precision agriculture and real estate photography. The agency also said it has issued grants for new and novel approaches to inspecting power distribution towers and wiring, railroad infrastructure and bridges.+More on Network World: The weirdest, wackiest and coolest sci/tech stories of 2015 (so far!)+To read this article in full or to leave a comment, please click here

Windows 10 is possibly the worst spyware ever made

The usual bumps of an OS launch are understandable and forgivable, but some of the terms of the end user service agreement for Windows 10 put the NSA to shame.Microsoft is already getting heat after it was found that Windows 10 was being auto-downloaded to user PCs without warning, and more seriously, that it was using the Internet connections of Windows 10 users to deliver Windows 10 and updates to others.But there are worse offenders. Microsoft's service agreement is a monstrous 12,000 words in length, about the size of a novella. And who reads those, right? Well, here's one excerpt from Microsoft's terms of use that you might want to read:To read this article in full or to leave a comment, please click here

Organizations should focus data sharing post-incident, not attribution

LAS VEGAS - There have been several notable security incidents in the news this year, from healthcare and retail breaches, to financial; even security firms themselves have been targeted.In each instance, attribution seems to take the lead during incident response, something organizations should resist. The key is collecting the right information and passing it on to the right people. When it comes to figuring out who did it and where they are, authorities are the ones who should take the lead – organizations that focus on this area first are wasting resources and time.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers US Attorney Ed McAndrew (DE), who has years of experience working cases dealing with Internet-based crimes under his belt, recently spoke to CSO Online and offered some unique insight into the federal side of incident response and what organizations can to do better prepare for law enforcement involvement.To read this article in full or to leave a comment, please click here

Black Hat 2015: Ransomware not all it’s cracked up to be

All ransomware is not created equal and therefore should not be universally feared, a researcher will tell the Black Hat 2015 conference this week. Engin Kirda In fact, some ransomware – which locks up infected computers until a demanded sum is paid – makes false claims about the damage it is capable of doing, and some of the data it purports to seize can be recovered, says Engin Kirda, the cofounder and chief architect at Lastline Labs.To read this article in full or to leave a comment, please click here

Black Hat 2015: Attackers use commercial Terracotta VPN to launch attacks

RSA researchers have discovered a China-based VPN network dubbed Terracotta that is used extensively to launch advanced persistent threat (APT) attacks and that hijacks servers of unsuspecting organizations in order to add new nodes to its network.The Terracotta VPN provides the infrastructure that anchors several anonymizing VPN services that are commercially marketed to the public in China, according to a briefing delivered today at the Black Hat conference.The services are pushed as a means for individuals to hide their Internet activity from prying government eyes, but are used as well by criminals seeking to cloak the origins of their attacks, RSA researchers will tell the conference.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Tuesday, August 4

Google has already started its own car companyTurns out that even while Google has been sweet-talking automakers to get its software platform into their cars, it had set up a subsidiary to compete with them, the Guardian reports. Google Auto LLC is registered as a passenger vehicle manufacturer, and was licensed last year as a carmaker in California. It’s run by Chris Urmson, project lead for Google’s self-driving cars. Google wouldn’t talk to the Guardian, which uncovered the company registration via documents it requested under the public records act.To read this article in full or to leave a comment, please click here

DHS warns about privacy implications of cybersecurity bill

The U.S. Department of Homeland Security has warned about the privacy implications of a cybersecurity bill that is intended to encourage businesses to share information about cyberthreats with the government.The DHS has also warned that the information sharing system proposed by the new bill could slow down responses in the face of a cyberthreat, if companies are allowed to share information directly with various government agencies, instead of routing it through the department.The Cybersecurity Information Sharing Act (CISA), which would give businesses immunity from customer lawsuits when they share cyberthreat data with the government, is under consideration of the Senate.To read this article in full or to leave a comment, please click here

Apple computers vulnerable to ‘Thunderstrike 2’ firmware worm

An improved attack on the firmware in Apple computers makes them vulnerable to hard-to-detect malware without even being connected to a network, according to a Black Hat conference presentation due to be given later this week.The new research highlights ongoing weaknesses in the low-level software that runs on every computer before an operating system is loaded.It comes from researchers Xeno Kovah and Corey Kallenberg of LegbaCore and Trammell Hudson of Two Sigma Investments. They showed earlier this year how they could infect a Mac’s firmware with malware by connecting malicious devices to them using Thunderbolt, Apple’s high-speed data transfer interface. The attack was dubbed Thunderstrike.To read this article in full or to leave a comment, please click here

Cisco’s SDN controller has a security hole

Cisco has issued software to fix a vulnerability in its SDN controller than allows infiltrators to access the system as root users, with access to root commands.Access to root commands would enable an attacker to access all commands and files on the controller. With that access, the attacker can then modify the system in any way desired, including granting and revoking access permissions for other users, including root users.A vulnerability in the cluster management configuration of Cisco’s Application Policy Infrastructure Controller (APIC) and Nexus 9000 switch in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access the APIC as the root user, according to a recently issued Cisco security advisory. The vulnerability is due to improper implementation of access controls in the APIC filesystem, the advisory states.To read this article in full or to leave a comment, please click here

Social Engineering: 6 commonly targeted data points that are poorly protected

It's the little things that cause the biggest problemsImage by ThinkstockThis week, thousands of hackers have traveled to Las Vegas to learn about the latest in security research and techniques during BSides Las Vegas and Black Hat. This weekend, during DEF CON, the education continues as hackers roam the halls moving from talk to talk or head over to one of the villages.To read this article in full or to leave a comment, please click here