No matter how intelligent they claim to be, many smart home gadgets are vulnerable to hackers. Nowadays even the lock on your front door is susceptible to a cyberattack. No longer do you only have to worry about someone simply picking the lock, now a burglar could go through cyberspace to unlatch the door.Just like the lock on your front door to keep out burglars, you should protect your high-tech devices from cyber threats. Start by choosing different passwords for your internet router and each of your smart devices. It is also important to use multi-factor authentication as an added protection to prevent a hacker who guesses your password from breaking into your home. You should regularly install manufacturer updates to make sure you are running the most current security system in your home.To read this article in full or to leave a comment, please click here
The internet sure seems mad about something.You’re not kidding.More than usual, that is.You’re right. President Trump just signed a bill into law that rolls back internet privacy protections enacted by the previous administration, and that has made things just a little angry around the ol’ internet.What kind of privacy rules are we talking about here?The previous iteration of the Federal Communications Commission created new rules last October for ISPs which stipulated that those ISPs would be required to seek customer permission before selling things like browser history data to advertisers for targeting purposes.To read this article in full or to leave a comment, please click here
In the latest episode of Security Sessions, CSO Editor-in-Chief Joan Goodchild sits down with Sanjay Raja from Lumeta, a network and performance monitoring company. The two discuss how CSOs and CISOs can get a handle on the explosion of new devices entering the network and how to make sure those devices are secured.
In Jason’s last post, he discussed how we are apt to see more intricate and complex data integrity attacks this year, with the adversaries’ main motivation being financial gain and/or political manipulation.As the cyber landscape becomes increasingly complex, private enterprises and public entities are looking for ways to better protect information and preserve the integrity of their data, while individuals want to ensure that the internet remains open and provides equal access to information to all. And while there are a number of technologies that are valuable, people are now being recognized as a powerful tool to solve these problems.To read this article in full or to leave a comment, please click here
Facebook’s appeal against 381 warrants for information from the accounts of its users was rejected by a New York court on the ground that earlier orders refusing to quash the warrants issued in a criminal proceeding could not be appealed.The decision by the New York State Court of Appeals did not address key issues of whether the broad searches were unconstitutional, and whether internet service providers like Facebook have standing to challenge such warrants on behalf of their users, particularly when they are served with ‘gag orders’ that prevent providers from informing subscribers about the warrants.“This case undoubtedly implicates novel and important substantive issues regarding the constitutional rights of privacy and freedom from unreasonable search and seizure, and the parameters of a federal statute establishing methods by which the government may obtain certain types of information,” wrote Judge Leslie E. Stein, writing for the majority.To read this article in full or to leave a comment, please click here
Companies that choose to outsource their IT operations should be careful. Suspected Chinese hackers have been hitting businesses by breaching their third-party IT service providers. Major IT suppliers that specialize in cloud storage, help desk, and application management have become a top target for the hacking group known as APT10, security providers BAE Systems and PwC said in a joint report.That's because these suppliers often have direct access to their client's networks. APT10 has been found stealing intellectual property as part of a global cyberespionage campaign that ramped up last year, PwC said on Monday.To read this article in full or to leave a comment, please click here
Ask CIOs and CISOs what cybersecurity fears keep them up at night and you’ll hear a range of responses -- from social engineering hacks such as phishing, as well as malware that enables perpetrators to hijack users' websites -- the dreaded ransomware -- and denial-of-service attacks. Depending on their business you might hear them say "all of the above."These threats are driving increased spending on cybersecurity tools intended to protect corporate data from nation-state actors, lone wolf attackers and other malcontents who are seeking access to corporate data. IT leaders know that it takes only one well-placed exploit to infiltrate a corporate network, but they also acknowledge that the best approach is to shrink their attack surface and be ready to respond to an incident in the event of an attack.To read this article in full or to leave a comment, please click here
Apple released an iOS update Monday to fix a serious vulnerability that could allow attackers to remotely execute malicious code on the Broadcom Wi-Fi chips used in iPhones, iPads, and iPods.The vulnerability is a stack buffer overflow in the feature that handles authentication responses for the fast BSS transition feature of the 802.11r protocol, also known as fast roaming. This feature allows devices to move easily and securely between different wireless base stations in the same domain.Hackers can exploit the flaw to execute code in the context of the Wi-Fi chip's firmware if they're within the wireless range of the targeted devices.The issue is one of several flaws found by Google Project Zero researcher Gal Beniamini in the firmware of Broadcom Wi-Fi chips. Some of these vulnerabilities also affect Android devices and have been patched as part of Android's April security bulletin.To read this article in full or to leave a comment, please click here
Two GoFundMe campaigns have raised more than US$290,000 in an effort to buy the web browsing histories of U.S. politicians after Congress voted to allow broadband providers to sell customers' personal information without their permission.It's unclear if those efforts will succeed, however. Even though Congress scrapped the FCC's ISP privacy rules last week, the Telecommunications Act still prohibits telecom providers from selling personally identifiable information in many cases. To read this article in full or to leave a comment, please click here
Users who have had their files encrypted by any version of the Bart ransomware program are in luck: Antivirus vendor Bitdefender has just released a free decryption tool.The Bart ransomware appeared back in June and stood out because it locked victims' files inside ZIP archives encrypted with AES (Advanced Encryption Standard). Unlike other ransomware programs that used RSA public-key cryptography and relied on a command-and-control server to generate key pairs, Bart was able to encrypt files even in the absence of an internet connection.To read this article in full or to leave a comment, please click here
Corporate security pros can add a new task to their busy days: handling panicky employees worried about privacy who are using the onion router (Tor) browser as a way to protect their online activity.That practice translates into additional security alerts that require time-consuming manual sorting to determine whether the persons behind Tor sessions are friend or foe, says George Gerchow, vice president of security and compliance at Sumo Logic.Ever since congressional action started a few weeks ago to roll back privacy regulations governing ISPs, Gerchow says has seen a dramatic increase in the use of Tor for accessing his company’s services, meaning security analysts have to check out whether the encrypted, anonymized traffic coming through Tor is from a legitimate user.To read this article in full or to leave a comment, please click here
Kaspersky Lab found a “direct link” between the Lazarus group banking heist hackers and North Korea.While Lazarus is a notorious cyber-espionage and sabotage group, a subgroup of Lazarus, called Bluenoroff by Kaspersky researchers, focuses only on financial attacks with the goal of “invisible theft without leaving a trace.”The group has four main types of targets: financial institutions, casinos, companies involved in the development of financial trade software and crypto-currency businesses.To read this article in full or to leave a comment, please click here
Most organizations are pretty good at vetting job applicants up front. They interview candidates, contact references, and in many cases conduct at least rudimentary background checks to bring out any issues of concern before making a hiring decision.Government security agencies go several steps further; just ask anyone who's filled out an SF-86 and then waited while investigators delved into youthful indiscretions, overseas trips and contacts with foreigners.But it's also true that most government and private-sector organizations operate on the principle of "Once you're in, you're in." Few of them have anything remotely resembling a continuous monitoring program for current managers and staff, let alone for contractors and vendors. And yet virtually every day brings fresh news of a data breach, intellectual property theft, or other adverse event either instigated or abetted by a supposedly trusted insider.To read this article in full or to leave a comment, please click here
With nasty malware like Locky making the rounds—encrypting its victims’ files, and then refusing to unlock them unless you pay up—ransomware is a serious headache. But not all ransomware is so difficult.You can remove many ransomware viruses without losing your files, but with some variants that isn’t the case. In the past I’ve discussed general steps for removing malware and viruses, but you need to apply some specific tips and tricks for ransomware. The process varies and depends on the type of invader. Some procedures involve a simple virus scan, while others require offline scans and advanced recovery of your files. I categorize ransomware into three varieties: scareware, lock-screen viruses, and the really nasty stuff.To read this article in full or to leave a comment, please click here
Ransomware grew into a $1 billion industry last year, and ransom payments now account for nearly 10 percent of the entire Bitcoin economy.Avoiding becoming part of that statistic requires good endpoint security and effective backups. But what if your defenses fail, your backups are inadequate, all attempts to restore the data fail, and you have to pay the ransom after all -- what do you do?First of all, get the ball rolling on improving your security. Second, if the ransomware includes a recommendation for where to buy the Bitcoins, take it with a grain of salt. These guys are, after all, criminals. They might steer you wrong.Instead, go to a reputable exchange.To read this article in full or to leave a comment, please click here
Attackers prefer to reuse code and tools for as long as they keep working. In that tradition, researchers have found evidence suggesting a cyberespionage group is still successfully using tools and infrastructure that was first deployed in attacks 20 years ago.The Moonlight Maze refers to the wave of attacks that targeted U.S. military and government networks, universities, and research institutions back in the mid-to-late 1990s. While the Moonlight Maze disappeared from the radar after the FBI and Department of Defense investigation became public in 1999, there were whispers within the security community that the cyberespionage group never entirely went away. Turla, a Russian-speaking attack group that's also known as Venomous Bear, Uroburos, and Snake, was floated as a possibility, but until recently, all links were guesswork and speculation.To read this article in full or to leave a comment, please click here
With reports of Russia using social media and bots to push fake news to influence the 2016 U.S. presidential election, questions are arising over how these same tactics could be used against an enterprise."Twitter bots could absolutely be used against a company," said Dan Olds, an analyst with OrionX. "Someone using bots could manufacture a fake groundswell of opinion against a company or a product."The subject of Twitter bots has made headlines since federal investigations into Russia's interference with the presidential election unearthed evidence that the Kremlin used chatbots, particularly on Twitter, to seed fake news stories in order to confuse discussions and taint certain candidates, especially Democratic candidate Hillary Clinton.To read this article in full or to leave a comment, please click here
When it comes to creating secure applications, nothing beats focusing on the basics: secure coding in development and then testing the application for security defects. Part of the testing regime should always include an in-depth application pen test. But how do organizations know they are getting the full benefit from such assessments?What goes (or should go) into developing application security is well known. Developers should have their code vetted in their development environment. Their code should go through a series of quality and security tests in the development pipeline. Applications should be vetted again right after deployment. And, after all of that, it’s very likely that more vulnerabilities exist in the application that have yet to be uncovered.To read this article in full or to leave a comment, please click here
Insuring that your data is safeImage by Yohan CreemersInsurance firms collect and process large amounts of policyholder data including personally identifiable information (PII) and protected health information (PHI), as well as sensitive employee and company information that must be protected. Confidential data is the core of the business, and companies that collect and analyze it more effectively have a competitive advantage. And with the cost of file sharing and synchronization technology decreasing, actuaries are able to analyze and share data in real time. However, this also increases the number of unnecessary copies of sensitive business and consumer data.To read this article in full or to leave a comment, please click here
Effective today, McAfee has officially spun out from Intel, dumping the name Intel Security and operating under new majority ownership that has deep pockets to help the company aggressively acquire technology via mergers and acquisitions to supplement home-grown innovations.Investment firm TPG is making a $1.1 billion equity investment in McAfee in return for 51% ownership, giving it the cash it needs to buy companies for their technology so it can be incorporated faster into McAfee platforms than if developed via R&D.That’s a different strategy than is used by Intel in its chip business. “Identifying what it takes to run a semiconductor company is quite different from running a cybersecurity company in a rapidly changing threat landscape,” says Intel Security’s CTO Steve Grobman.To read this article in full or to leave a comment, please click here