Archive

Category Archives for "Network World Security"

Google’s Android hacking contest fails to attract exploits

Six months ago, Google offered to pay US$200,000 to any researcher who could remotely hack into an Android device by knowing only the victim's phone number and email address. No one stepped up to the challenge.While that might sound like good news and a testament to the mobile operating system's strong security, that's likely not the reason why the company's Project Zero Prize contest attracted so little interest. From the start, people pointed out that $200,000 was too low a prize for a remote exploit chain that wouldn't rely on user interaction."If one could do this, the exploit could be sold to other companies or entities for a much higher price," one user responded to the original contest announcement in September.To read this article in full or to leave a comment, please click here

Russian hacking goes far beyond 2016 pro-Trump effort

As the Senate Intelligence Committee held its first public hearings examining Russian hacking yesterday, lawmakers received a stark warning that the intrusions have been far broader in scope than the intelligence community's finding that Russian hackers meddled in the 2016 presidential election to help Donald Trump defeat Hillary Clinton.Sen. Marco Rubio (R-Fla.) seemed to confirm as much when he announced that former aides to his presidential campaign, had been targeted by an apparent cyberattack emanating from a Russian IP address last July and again just this Wednesday.Clinton Watts, a senior fellow at the Foreign Policy Research Institute, said that his organization in the past week had detected Russian involvement in a social media campaign aimed at discrediting House Speaker Paul Ryan (D-Wis.).To read this article in full or to leave a comment, please click here

Privacy activist wants to unveil lawmakers’ browser histories

After Congress on Tuesday approved a resolution that would toss out significant online privacy protections, one Internet user decided to do something about it.Adam McElhaney, who calls himself a privacy activist and net neutrality advocate, created a website and a GoFundMe page to raise money to buy the internet histories of the legislators who backed the resolution so he can make them available and easily searchable.To read this article in full or to leave a comment, please click here

In mining user data, US ISPs must weigh cash vs. privacy

U.S. internet service providers are about to face temptation.Now that the broadband privacy rule repeal is almost certain, will they sell their customers' data to marketers, or will they keep it private?The U.S. broadband industry is telling consumers not to worry. Verizon, for instance, said that it remains committed to protecting users’ privacy.What that exactly means is unclear, and some in the industry are skeptical.Major broadband providers will be enticed to monetize their customers’ data in ad-heavy ways, said Dane Jasper, CEO of Sonic, a small ISP in California.To read this article in full or to leave a comment, please click here

After Amazon outage, HealthExpense worries about cloud lock-in

Financial services companies as popular targets of cybercriminals for the obvious reason -- they're where the money's at. And health care companies have medical records, which are very valuable on the black market since the information there can be abused in so many ways, and doesn't expire.HealthExpense, which provides health care payment services to banks and their enterprise customers, straddles both worlds."When we started, every new client asked us about security," said Marco Smit, CEO at Sunnyvale, Calif.-based Health Expense."It has to do with the data we're collecting," said company CSO Ken Lee. "We are definitely bound by HIPAA compliance, and we hold all the personal health information and financial information."To read this article in full or to leave a comment, please click here

Non-malware attacks grow – there are tools for IT security to fight back with

More and more attackers are carrying out their work without using malware so they can evade detection by traditional, file-based security platforms, which presents a tough problem for security pros trying to defend against them.Nearly two-thirds of security researchers polled by Carbon Black say they’ve noted an uptick in these attacks just since the beginning of the year, and aren’t confident that traditional anti-virus software can deal with them.+More on Network World: IBM says cybercriminals are starting to grab unstructured data, spam has rebloomed 400% and ransomware has just gone nuts+To read this article in full or to leave a comment, please click here

Cisco issues urgent reboot warning for bug in ASA and Firepower appliances

Cisco has issued an urgent request to Cisco customers running specific releases of software on their Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) appliances to reboot their devices to prevent a device from hanging and stop passing traffic.Cisco said its ASA and FTD devices are affected by a “functional software defect that will cause the device to stop passing traffic after 213 days of uptime” and that the issue is a result of a software regression bug introduced when addressing Cisco bug ID CSCva03607.+More on Network World: IBM on the state of network security: AbysmalTo read this article in full or to leave a comment, please click here

Senator: Russia used ‘thousands’ of internet trolls during US election

The Russian government used "thousands" of internet trolls and bots to spread fake news, in addition to hacking into political campaigns leading up to the 2016 U.S. election, according to one lawmaker.Disinformation spread on social media was designed to raise doubts about the U.S. election and the campaign of Democratic presidential candidate Hillary Clinton, said Senator Mark Warner, a Virginia Democrat."This Russian propaganda on steroids was designed to poison the national conversation in America," Warner said Thursday during a Senate hearing on Russian election hacking. The Russian government used "thousands of paid internet trolls" and bots to spread disinformation on social media.To read this article in full or to leave a comment, please click here

10 practical privacy tips for the post-privacy internet

ISPs and providers can now sell your data and browser histories. The U.S. Congress sold you out. If you had any browsing dignity, you don’t now. Too bad you couldn’t pay the legislators as much as the data wolves.You should have been doing these things all along, but now it’s time to decide just how much dignity you have. Most of you won’t bother. This isn’t for you. Click away, and go surf.For those remaining, take these privacy tips seriously.1. Educate yourself about cookies and clean them out regularly For some of you, this means a daily cleanout. What you DO NOT clean out (will cause you hassles) are cookies associated with financial institutions. They will put you through a drill when they don’t find the cookie that they like. Scrape them. Every browser has the ability to do this, with Chrome being the most difficult. But we’re not surprised because it’s from Google—the company whose very life depends on knowing information about you.To read this article in full or to leave a comment, please click here

IBM technology creates smart wingman for self-driving cars

IBM said that it has patented a machine learning technology that defines how to shift control of an autonomous vehicle between a human driver and a vehicle control processor in the event of a potential emergency.+More on Network World: IBM on the state of network security: AbysmalBasically the patented IBM system employs onboard sensors and artificial intelligence to determine potential safety concerns and control whether self-driving vehicles are operated autonomously or by surrendering control to a human driver.To read this article in full or to leave a comment, please click here

SS8’s time machine is designed to automate the hunt for compromises  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  When it comes to enterprise security, it has long been established that prevention, though critical, is not enough. Prevention largely depends on knowing what is bad and priming security devices like firewalls and intrusion prevention systems with the rules necessary to keep bad stuff out. The problem is, something can be bad but nobody knows it yet, so there’s no rule to put in the firewall. An attacker’s damage can be done long before the rule is created.To read this article in full or to leave a comment, please click here

Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server

A proof-of-concept exploit has been published for an unpatched vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported but still widely used.The exploit allows attackers to execute malicious code on Windows servers running IIS 6.0 with the privileges of the user running the application. Extended support for this version of IIS ended in July 2015 along with support for its parent product, Windows Server 2003.Even so, independent web server surveys suggest that IIS 6.0 still powers millions of public websites. In addition, many companies might still run web applications on Windows Server 2003 and IIS 6.0 inside their corporate networks, so this vulnerability could help attackers perform lateral movement if they access such networks through other means.To read this article in full or to leave a comment, please click here

IP theft: Declining, or just more stealthy?

Eighteen months ago, President Obama and Chinese President Xi Jinping announced, with considerable fanfare, an agreement aimed at curbing economic espionage.According to the Sept. 25, 2015 White House press release, “neither country’s government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.”So, with Xi due to meet with President Trump in early April, an obvious question is: Has the agreement been effective?The reviews on that are mixed, but there is general agreement that while it hasn’t stopped, the theft of intellectual property (IP) by the Chinese against the US is not as rampant as it was several years ago when The Commission on the Theft of American Intellectual Property estimated total losses, including jobs, competitiveness, stock value, market share, in the hundreds of billions, and former National Security Agency director Gen. Keith Alexander famously called it, “the greatest transfer of wealth in human history.”To read this article in full or to leave a comment, please click here

Open-source developers targeted in sophisticated malware attack

For the past few months, developers who publish their code on GitHub have been targeted in an attack campaign that uses a little-known but potent cyberespionage malware.The attacks started in January and consisted of malicious emails specifically crafted to attract the attention of developers, such as requests for help with development projects and offers of payment for custom programming jobs.The emails had .gz attachments that contained Word documents with malicious macro code attached. If allowed to execute, the macro code executed a PowerShell script that reached out to a remote server and downloaded a malware program known as Dimnie.To read this article in full or to leave a comment, please click here

VMware patches critical virtual machine escape flaws

VMware has released critical security patches for vulnerabilities demonstrated during the recent Pwn2Own hacking contest that could be exploited to escape from the isolation of virtual machines.The patches fix four vulnerabilities that affect VMware ESXi, VMware Workstation Pro and Player and VMware Fusion.Two of the vulnerabilities, tracked as CVE-2017-4902 and CVE-2017-4903 in the Common Vulnerabilities and Exposures database, were exploited by a team from Chinese internet security firm Qihoo 360 as part of an attack demonstrated two weeks ago at Pwn2Own.The team's exploit chain started with a compromise of Microsoft Edge, moved to the Windows kernel, and then exploited the two flaws to escape from a virtual machine and execute code on the host operating system. The researchers were awarded $105,000 for their feat.To read this article in full or to leave a comment, please click here

Trump extends Obama executive order on cyberattacks

U.S. President Donald Trump is extending by one year special powers introduced by former President Barack Obama that allow the government to issue sanctions against people and organizations engaged in significant cyberattacks and cybercrime against the U.S.Executive Order 13694 was introduced on April 1, 2015, and was due to expire on Saturday, but the president sent a letter to Congress on Wednesday evening informing it of his plans to keep it active."Significant malicious cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States, continue to pose an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States," Trump wrote in the letter. "Therefore, I have determined that it is necessary to continue the national emergency declared in Executive Order 13694 with respect to significant malicious cyber-enabled activities."To read this article in full or to leave a comment, please click here

Extreme swallows Brocade’s data center networking business for $55M

Extreme Networks continued to amass a nice nest of data center technology saying today it would buy Brocade's data center networking business for $55 million in cash from its current owner Broadcom.Broadcom bought Brocade last year for about $5.5 billion but has since sold off Brocade’s Ruckus Wireless Wi-Fi business for $800 million to Arris International and now the data center networking business to Extreme.+More on Network World: When the Internet Engineering Task Force meets this week in Chicago it will have a new chair – Cisco Fellow Alissa Cooper +To read this article in full or to leave a comment, please click here

How to fend off cyberattacks and data breaches

According to research conducted by Symantec, the number of cyberattacks against small businesses (companies with fewer than 250 employees) has been steadily growing over the last six years, with hackers specifically targeting employees (phishing). And while distributed denial of service, or DDoS, attacks are still a leading form of cyber warfare, ransomware and malware attacks, targeting users of smartphones and internet of things (IoT) devices, as well as PCs and systems running on Macs and Linux, are also a big threat to small businesses.To read this article in full or to leave a comment, please click here

Congress to US citizens: Want online privacy? Pay up!

Tuesday’s congressional vote to repeal U.S. restrictions on broadband providers doesn’t mean that online privacy is dead. Consumers will just have to pay for it.The coming repeal, which President Trump is expected to sign into law, paves a clearer path for broadband providers to sell customers’ internet browsing history and other online data, without their consent.Privacy advocates are worried. Imagine corporate giants snooping on your internet activities, and then bombarding your PC, phone and TV with targeted ads.However, the privacy rule rollback might have an opposite effect too. Expect broadband providers and other internet services to emerge offering online privacy protections -- but at a price.To read this article in full or to leave a comment, please click here

Trojan source code leak poised to spur new online banking attacks

The source code for a new Trojan program that targets banking services has been published online, offering an easy way for unskilled cybercriminals to launch potent malware attacks against users.The Trojan is called Nuclear Bot and first appeared for sale on underground cybercrime forums in early December for $2,500. It can steal and inject information from and into websites opened in Mozilla Firefox, Internet Explorer and Google Chrome and can also open a local proxy or hidden remote desktop service.These are all features commonly seen in banking Trojans, as they're used by attackers to bypass the security checks of online bank websites to perform fraud. For example, the proxy and remote desktop functionality allows hackers to initiate rogue transactions through the victims' browsers after they have been tricked into providing the second authentication factor.To read this article in full or to leave a comment, please click here

1 68 69 70 71 72 319