U.S. House votes to end NSA bulk data collectionThe dragnet collection of U.S. phone records by the National Security Agency exposed by former NSA contractor Edward Snowden nearly two years ago is finally on its way to being a relic of history. The U.S. House of Representatives voted 338 to 88 in favor of a bill that prohibits the practice. However, the USA Freedom Act does extend an expiring provision in the anti-terrorism Patriot Act that allows the NSA to collect U.S. telephone and business records, but with a more limited scope.To read this article in full or to leave a comment, please click here
Burglar alarms could soon incorporate drone-detection technology if a new service from a Japanese security company is anything to judge by.Tokyo-based Sohgo Security Services, also known as Alsok, plans to introduce a system that can detect incoming drones by listening for the signature hum of their rotors.The service could be aimed at government entities, corporations and key facilities such as nuclear power plants as a terrorism countermeasure. Other potential users are people or groups in the public eye who want to ward off the prying eyes of unmanned aerial vehicles.Alsok’s move follows an incident last month when a quadcopter with trace amounts of radiation was found on the roof of the Japanese prime minister’s office, apparently a protest of the government’s nuclear energy policy.To read this article in full or to leave a comment, please click here
Google will require most extensions for its Chrome browser to be installed from its Web Store, a move intended to stop users from inadvertently installing malicious ones.Google has gradually been changing its policy around extensions to prevent abuse. Last year, it mandated that all Chrome extensions for Windows be hosted in its store, wrote Jake Leichtling, an extensions platform product manager.The change caused a 75 percent drop in requests from customers asking how to uninstall unwanted extensions, he wrote. It did not apply to the Windows developer channel, but hackers are now using that in order to install extensions, he wrote. Starting Wednesday, all extensions for Windows will have to be hosted in the store, and the same will apply to OS X in July.To read this article in full or to leave a comment, please click here
The U.S. House of Representatives has voted to rein in the National Security Agency’s bulk collection of the country’s telephone records, while allowing the agency to engage in more targeted surveillance.The House voted 338-88 late Wednesday to approve the USA Freedom Act, a bill intended to end the NSA’s mass collection of telephone metadata within the U.S. But the bill would extend an expiring provision in the anti-terrorism Patriot Act that allows the NSA to collect U.S. telephone and business records, but with a more limited scope.To read this article in full or to leave a comment, please click here
A critical vulnerability in code used by several virtualization platforms can put business information stored in data centers at risk of compromise.The flaw, dubbed Venom but tracked as CVE-2015-3456, can allow an attacker to break out from the confines of a virtual machine (VM) and execute code on the host system.This security boundary is critical in protecting the confidentiality of data in data centers, where virtualization is extensively used to allow different tenants to run servers on the same physical hardware.The flaw is located in the virtual Floppy Disk Controller (FDC) code from the QEMU open source machine emulator and virtualizer. The code is also used by the Xen, KVM and other virtualization platforms.To read this article in full or to leave a comment, please click here
Fourteen critical vulnerabilities in Internet Explorer were among the targets of Microsoft’s monthly batch of security patches released Tuesday. In all, it fixed 46 vulnerabilities across products including Windows, Internet Explorer and Office.The patches were organized in 13 security bulletins, three flagged as critical and ten as important. The critical bulletins, MS15-043, MS15-044 and MS15-045, cover remote code execution vulnerabilities in Windows, IE, Office, Microsoft .NET Framework, Microsoft Lync and Silverlight.To read this article in full or to leave a comment, please click here
Starbucks is still grappling with fraud involving its customers’ online accounts and gift cards, with some victims seeing hundreds of dollars stolen.Gift-card related fraud with Starbucks cards is not new, but recent victims were highlighted earlier this week in an article by journalist and author Bob Sullivan.Starbucks officials could not be immediately reached for comment, although Sullivan wrote the company told him that customers would not be liable for charges and transfers they didn’t make.To read this article in full or to leave a comment, please click here
A surprising amount of mobile data still crosses the Internet unencrypted, and a new free app is designed to show users what isn’t protected.The program, called Datapp, comes from the University of New Haven’s Cyber Forensics Research and Education Group (UNHcFREG), which last year showed popular Android applications such as Instagram, Grindr and OkCupid failed to safely store or transmit data.To read this article in full or to leave a comment, please click here
Security orchestration methods, and of course SDN, are driving the need for programmable interfaces in security products. The Cisco ASA Firewall added a REST API back in December with the 9.3(2) code release. I've asked Mason Harris from Cisco to write up a quick how-to primer on the ASA API capabilities. Thank you Mason for the great information.Author: Mason Harris CCIE #5916, Solutions Architect, Global EnterpriseOver the years I've seen many different custom methods used to manage ASA firewalls. Most of them involve some version of command line interface (CLI) scripting since nearly all ASA features and functions are available in this manner. Perl and Expect scripts are the common scripting languages in use today for managing ASAs.To read this article in full or to leave a comment, please click here
A security firm is warning that a group of Russian hackers known for targeting military, government and media organizations is now preparing to attack banks in the U.S. and elsewhere.The group’s preparations, which have included writing new malware, registering domain names similar to those of intended targets, and setting up command-and-control servers, were discovered by analysts from security firm Root9B.The group has been active since at least 2007 and is known by various names including APT28 and Pawn Storm. Several security vendors believe it operates out of Russia and has possible ties to that country’s intelligence agencies.To read this article in full or to leave a comment, please click here
An Israeli company has developed a product it says can detect if a mobile device connects to a fake cellular base station or Wi-Fi access point, potentially protecting critical data from falling into the hands of hackers.Two large European carriers are testing the product, which is expected to come to market in early 2016, said Dror Liwer, chief security officer and co-founder of CoroNet, based in Be’er Sheva, Israel.CoroNet’s software addresses one type of attack that was long thought to be too expensive to conduct. It involves creating a fake base station that has a stronger signal than a real one. Mobile devices are designed to connect to the station with the strongest signal.To read this article in full or to leave a comment, please click here
Tens of thousands of home routers have been infected with malware, and are being used by hackers to launch distributed denial-of-service (DDoS) attacks, including by the hacktivist group Anonymous.The router-based botnet was discovered by Web security firm Incapsula while investigating a series of DDoS attacks against dozens of its customers that have been going on since late December.Incapsula’s researchers traced the malicious traffic back to routers made by Ubiquiti Networks and distributed by ISPs around the world to their customers.The devices had DDoS malware programs installed on them—usually more than one—including some that reported back to an IRC (Internet Relay Chat) network and channel called AnonOps, the researchers said in a report published Tuesday.To read this article in full or to leave a comment, please click here
Verizon offers $4.4 billion for AOLVerizon said Tuesday that it plans to spend $4.4 billion to buy AOL, which was once a leader in Internet connectivity but has struggled to find its way as a content provider and online advertising platform. AOL still has a subscription business—anecdotally, aged users who don’t know they can get email for free from Yahoo and Google—and also owns The Huffington Post, TechCrunch, Engadget and other media brands.Public Wi-Fi set for speed boost as operators upgrade this yearWireless hotspots that can deliver hundreds of megabits per second in real-world bandwidth should soon be easier to find as operators upgrade to 802.11ac, the fastest Wi-Fi technology yet, according to a survey by IHS. By this time next year, a noticeable number of hotspots will use it, says the research firm, which expects operator spending on Wi-Fi networks to increase by 88 percent in 2015.To read this article in full or to leave a comment, please click here
Password managers are a great way to supply random, unique passwords to a high number of websites. But most still have an Achilles’ heel: Usually, a single master password unlocks the entire vault.But a group of researchers has developed a type of password manager that creates decoy password vaults if a wrong master password is supplied.A paper on the experimental software, called NoCrack, will be presented on May 19 at the IEEE Symposium on Security and Privacy in San Jose, California.NoCrack is intended to make it much more time-consuming and difficult for attackers to figure out if they’ve hit pay dirt.To read this article in full or to leave a comment, please click here
Password managers are a great way to supply random, unique passwords to a high number of websites. But most still have an Achilles’ heel: Usually, a single master password unlocks the entire vault.But a group of researchers has developed a type of password manager that creates decoy password vaults if a wrong master password is supplied.A paper on the experimental software, called NoCrack, will be presented on May 19 at the IEEE Symposium on Security and Privacy in San Jose, California.+ MORE: Beware ticking IoT security time bomb +To read this article in full or to leave a comment, please click here
A critical vulnerability in MacKeeper, a controversial security program for Mac computers, could let attackers execute malicious commands on Macs when their owners visit specially crafted Web pages.MacKeeper’s developers acknowledged the recently discovered problem and released a fix for it Friday, saying in a blog post that users should run MacKeeper Update Tracker and install version 3.4.1 or later.MacKeeper registers itself as the handler for a custom URL scheme, allowing websites to automatically call the application through the browser.Researcher Braden Thomas found an issue in the program’s validation of such URLs that makes it possible for attackers to execute arbitrary commands with root privilege when MacKeeper users visit a specially crafted website in Safari. As a proof of concept, he posted a link on Twitter that automatically executes a command to remove MacKeeper when clicked.To read this article in full or to leave a comment, please click here
A team of anonymous developers who recently created a Linux rootkit that runs on graphics cards has released a new proof-of-concept malware program that does the same on Windows. A Mac OS X implementation is also in the works.The developers are trying to raise awareness that malware can infect GPUs and that the security industry is not ready for it. Their goal isn’t to tip off malicious hackers, but the source code they released, while incomplete and buggy by design, could potentially be built upon and used for illegal purposes.The problem the developers are trying to highlight lies not with the operating systems, such as Windows or Linux, nor with the GPU (graphics processor unit) vendors, but rather with existing security tools, which aren’t designed to scan the random access memory (RAM) used by GPUs for malware code.To read this article in full or to leave a comment, please click here
China’s smartphone market slows downThe world’s largest smartphone market may be losing its appetite: first quarter shipments of the devices in China dropped by 4 percent year over year, according to IDC. It’s the first time in six years that China’s smartphone market has contracted.IBM’s slimmed down Power servers aim at cloud, in-memory databaseIBM has brought out another round of Power8 servers, targeting private, public and hybrid clouds as well as in-memory database applications and analytics. The multipurpose servers include the four-socket Power E850 and the more powerful Power E880.To read this article in full or to leave a comment, please click here
In an era when businesses are scrambling to defend against sophisticated advanced persistent threats, old school anti-virus may seem like a relic. But traditional anti-virus companies are changing with the times, delivering defense-in-depth for a BYOD world.In this review, we looked at products from seven of the original anti-virus vendors, each dating back to at least the 1990s: AVG, ESET, Kaspersky, McAfee, Symantec, Panda Software and Trend Micro. We focused on ease of installation and management, ease of use, plus the protection each suite offered beyond traditional signature-based anti-virus. Special emphasis was placed on the software’s ability to also protect mobile devices running both iOS and Android. (Read an analysis of the antivirus market.)To read this article in full or to leave a comment, please click here(Insider Story)
In ISE 1.0 Cisco introduced an integrated Guest solution with a next-generation RADIUS-based policy server. That policy server was game-changing, certainly. Other companies responded to this market changing model by making some very strategic moves with their chess pieces to be similarly positioned.Figure 1 shows an example of the ISE 1.2.x (and below) Sponsor Group Policy. Aaron T. Woland
Figure 1 - 1.0 - 1.2.x Sponsor Policy
While ISE 1.0 was and is an extremely powerful policy server, it was also viewed as being overly complex and not flexible enough in the areas of Guest life-cycle management. This was especially true when comparing ISE with it's closest competitors in the guest access management space.To read this article in full or to leave a comment, please click here