This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. It’s a great time to be in the SD-WAN business. IDC estimates that worldwide SD-WAN revenues will exceed $6 billion in 2020, with a compound annual growth rate of more than 90% over the 2015-to-2020 forecast period. According to IHS, as of the end of 2016, 13% of North American enterprises already have the technology in production and 62% are in lab trials. By 2018, 82% are expected to be using SD-WAN.Those are some pretty remarkable adoption rates for a technology that is still in its early days.To read this article in full or to leave a comment, please click here
Citrix’s CSO Stan Black has been in the cybersecurity field for 20 years. He has seen generations of employees come and go at the software and data security company. There are three generations working side by side at Citrix – and a fourth on the way. Citrix has 9,500 employees with 51 percent being Millennials. With each generation comes a new security challenge that employers need to be overcome so that eventually enterprise security is second nature by the time future generations are in the workforce. CSO Managing Editor Ryan Francis recently asked Black how these challenges can be lessened in future generations. What is the biggest security issue you see of new employees?To read this article in full or to leave a comment, please click here
Over two dozen HP laptop models have been secretly recording users’ keystrokes, possibly by mistake, according to a Swiss security firm.The keylogger is found within the PCs' audio driver software and has existed since at least Dec. 2015, the security firm Modzero said in a Thursday blog post. The audio driver was designed to identify when a special key on the PC was used. But in reality, the software will capture all the keystrokes and write them in an unencrypted file located on the laptop.In other cases, the keystrokes will be passed to a Microsoft Windows debugging interface on the PC, and expose them to possible capture, Modzero said. To read this article in full or to leave a comment, please click here
President Donald Trump has finally signed a long-awaited executive order on cybersecurity, and he called for the U.S. government to move more into the cloud and modernize its IT infrastructure.The order, signed on Thursday, is designed to "centralize risk" and move the government's agencies toward shared IT services, White House homeland security adviser Tom Bossert said in a press briefing To read this article in full or to leave a comment, please click here
Nearly thirty different Hewlett-Packard Windows PC models may be recording every keystroke their owners make and storing them in a human-readable file accessible to any user on the PC. Oh, boy.Switzerland-based security company Modzero recently discovered a keylogger present in an audio program in HP PCs called MicTray. Modzero reported it on their blog early Thursday morning.You can also find a complete list of affected HP PC models in the company's security advisory. Affected models include PCs from the HP Elitebook 800 series, HP ProBook 600 and 400 series', the EliteBook Folio G1, and others. The program has existed on HP PCs since at least late 2015, Modzero says.To read this article in full or to leave a comment, please click here
Users of Asus RT-N and RT-AC series routers should install the latest firmware updates released for their models because they address vulnerabilities that could allow attackers to hijack router settings.The flaws were discovered by researchers from security consultancy outfit Nightwatch Cybersecurity and leave many Asus router models exposed to cross-site request forgery (CSRF) attacks.CSRF is an attack technique that involves hijacking a user's browser when visiting a specially crafted website and forcing it to send unauthorized requests to a different website -- or in this case, the router web-based administration interface accessible over the local area network (LAN).To read this article in full or to leave a comment, please click here
Earlier this week, I posted a blog about changes cybersecurity technology procurement changes at enterprise organizations. According to ESG research, enterprises are consolidating the number of cybersecurity vendors they do business with and purchasing security products designed for integration (note: I am an ESG employee). Eventually, CISOs will buy more products from fewer vendors, leading to the rise of a few enterprise-class cybersecurity technology vendors that dominate the space. These vendors will offer tightly integrated cybersecurity technology architectures that span across applications, host systems, networks, and cloud-based assets, offering capabilities for threat analysis/investigations as well as prevention, detection, and response.To read this article in full or to leave a comment, please click here
Enterprises are changing their cybersecurity technology procurement habits and consolidating the number of cybersecurity vendors they do business with and purchasing security products designed for integration, according to ESG research. Eventually, CISOs will buy more products from fewer vendors, leading to the rise of a few enterprise-class cybersecurity technology vendors that dominate the space. These vendors will offer tightly integrated cybersecurity technology architectures that span across applications, host systems, networks and cloud-based assets, offering capabilities for threat analysis/investigations, as well as prevention, detection and response.To read this article in full or to leave a comment, please click here
The fraud rates for online ads are scary, with advertisers losing billions of dollars each year.Last week, Pixalate released a report showing that 35 percent of U.S. desktop ad impressions sold through programmatic advertising networks are fraudulent. Programmatic ads are those purchased through online networks, often through automatic bidding systems, instead of directly from individual publishers.U.S. advertisers spent more $25 billion on programmatic online ads last year, meaning that about $8 billion is lost to fraud.To read this article in full or to leave a comment, please click here
Intel has told a court that MGT Capital Investments has gone ahead with the announcement of the “John McAfee Privacy Phone,” even though the company that proposes to change its name to “John McAfee Global Technologies” has previously said that it did not plan to launch products and services under the McAfee mark.The chipmaker claims it acquired the mark when it bought McAfee Inc. in 2011, and has used and promoted it for security products, services, and publications for consumers and businesses. Security expert John McAfee has stated that he did not sign away rights to his personal name.Intel spun off last month its security business as a separate company, called McAfee, in which it now owns 49 percent of the equity, with the balance owned by investment firm TPG. The federal court had earlier refused John McAfee and MGT Capital a preliminary injunction until the resolution of the dispute on Intel’s transfer of marks and related assets containing the word McAfee as part of the spin-out.To read this article in full or to leave a comment, please click here
Bot-herding software called Persirai, which incorporates pieces of the Mirai botnet code, can commandeer significant chunks of a known 150,000 IP cameras that are vulnerable to Mirai and use them to fire off distributed denial-of-service attacks.The Persirai botnet has attacked at least four targets, starting in a predictable pattern, according to researchers at Trend Micro.Persirai takes advantage of a known vulnerability in the cameras to infect them, has them download malware from a command and control server, and then puts them to work either infecting other vulnerable cameras or launching DDoS attacks. “Based on the researchers’ observation, once the victim’s IP Camera received C&C commands, which occurs every 24 hours at 12:00 p.m. UTC, the DDoS attacks start,” the researchers say.To read this article in full or to leave a comment, please click here
Flaws in passwords can be eliminated with artificial intelligence (AI), say researchers. This includes identifying common words that hackers know, too. The mending is accomplished with AI-garnered analysis of existing insecure passwords, coupled with feedback to the user based on that. It makes password creation more reliable, say scientists from Carnegie Mellon University and the University of Chicago.+ Also on Network World: Vendors approve of NIST password draft +
The group says it’s no good simply telling users their password isn’t secure when they attempt to create one—like the current password strength meters do using colored graphs. The meter should tell the creator what’s wrong with the secret word and advise how to conjure up a better one.To read this article in full or to leave a comment, please click here
Some supporters of a U.S. Federal Communications Commission plan to repeal its recent net neutrality rules have apparently resorted to dirty tricks.An apparent bot-generated campaign has posted more than 83,400 comments on the FCC's website supporting the agency's plan to gut its own net neutrality rules.A handful of people whose names are on the bot-generated comments have denied making the comments, according to a report by ZDNet. The 83,400 comments, filed to the FCC's comment system between Monday and Wednesday, all contain the same text, reading in part:To read this article in full or to leave a comment, please click here
The Tuesday updates for Internet Explorer and Microsoft Edge force those browsers to flag SSL/TLS certificates signed with the aging SHA-1 hashing function as insecure. The move follows similar actions by Google Chrome and Mozilla Firefox earlier this year.Browser vendors and certificate authorities have been engaged in a coordinated effort to phase out the use of SHA-1 certificates on the web for the past few years, because the hashing function no longer provides sufficient security against spoofing.SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made -- for example, for outdated payment terminals.To read this article in full or to leave a comment, please click here
Cisco this week said it patched a critical vulnerability in its widely deployed IOS software that was disclosed in the WikiLeaks dump of CIA exploits earlier this year.Cisco had in March issued a “critical” security advisory for the IOS software that runs on some 300 models of its Catalyst switches and other networking equipment.+More on Network World: FBI/IC3: Vile $5B business e-mail scam continues to breed+Cisco this week wrote: “A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.”To read this article in full or to leave a comment, please click here
As shocking as it is, President Donald Trump fired FBI Director James Comey yesterday, despite the agency investigating possible collusion with Russia to interfere with the 2016 presidential election.Trump’s letter to Comey stated: “While I greatly appreciate you informing me, on three separate occasions, that I am not under investigation, I nevertheless concur with the judgement of the Department of Justice that you are not able to effectively lead the Bureau.”Trump said new leadership was needed to restore “public trust and confidence” in the FBI.To read this article in full or to leave a comment, please click here
Forrester Research recently released its report naming Sungard AS, Bluelock, IBM and iland as the top disaster recovery-as-a-service companies.With enterprises expecting their network up at all times, backup and recovery are key to keeping things running smoothly with no downtime. With ransomware waiting to pounce the minute a user clicks on a link, companies rely on network recovery in a matter of minutes not days.To read this article in full or to leave a comment, please click here
Check Point is investing heavily in educating IT pros about the cloud, not only to promote their own cloud security products but to give potential customers the skills they’ll need to keep their jobs as their employers move more and more resources to public cloud providers. Check Point
“We try to explain how to be relevant in the cloud,” says Itai Greenberg, head of cloud security for Check Point.A lot of old-school IT security workers need to learn about how cloud infrastructure works, the terminology used, the interconnections between cloud and corporate owned networks and the ins and outs of APIs, among other skills.To read this article in full or to leave a comment, please click here
In late March when I got an unsettling message on my Gmail account: "Warning: Google may have detected government-backed attackers trying to steal your password."Google sends them out when it detects a "government-backed attacker" has attempted to hack an account through phishing or malware.Last time I saw one, I added two-factor authentication to many of my accounts. This time it prompted me to ask: Can I do even better? Martyn Williams/IDGNS
A security warning message displayed by Google.To read this article in full or to leave a comment, please click here
Over 100,000 internet-connected cameras may be falling prey to a new IoT malware that’s spreading through recently disclosed vulnerabilities in the products. The malware, called Persirai, has been found infecting Chinese-made wireless cameras since last month, security firm Trend Micro said on Tuesday. The malware does so by exploiting flaws in the cameras that a security researcher reported back in March. The researcher, Pierre Kim, found that the vulnerabilities can allow an attacker to remotely execute code on the cameras, effectively hijacking them.At least 1,250 camera models produced by a Chinese manufacturer possess the bugs, the researcher went on to claim.To read this article in full or to leave a comment, please click here