The U.S. Central Intelligence Agency documents published by WikiLeaks Tuesday shows that one of the agency's teams specializes in reusing bits of code and techniques from public malware samples.According to the leaked documents the Umbrage team is part of the Remote Development Branch under the CIA's Center for Cyber Intelligence. It maintains a library of techniques borrowed from in-the-wild malware that could be integrated into its own projects.To read this article in full or to leave a comment, please click here
For those who pursue forensic analysis with the hope of identifying and prosecuting an attacker, they likely will find that the time spent on attack attribution is fruitless.If, however, they are looking to use what they gain through attack attribution to inform their overall security procedures from prevention to response, the effort yields valuable results.Many experts in the industry have questioned whether there is any value to attribution. SafeBreach CTO & co-founder Itzik Kotler said, "The only interesting aspect in attribution itself is to classify and put information in a box and use it over and over again."Kolter offered a hypothetical in which right now CNN gets hacked by the Chinese. "That someone can or cannot attribute it to the Chinese doesn't matter. It does matter if we can say we think this is from China," Kolter said.To read this article in full or to leave a comment, please click here
Conventional wisdom has it that most consumers simply don’t pay much attention to computer security and privacy issues. Perhaps worse, they don’t think they can do much to protect themselves without foregoing many of the benefits of our digital, connected age. Consumer Reports is trying to change both of those things. Consumer Reports’ new cybersecurity standard
The influential publication and public-interest organization announced on Monday that it has collaborated on a digital consumer-protection standard designed to define “how companies should build these products to really be good for consumers in terms of privacy and other issues,” said Maria Rerecich, who directs electronics testing at Consumer Reports, in a statement. To read this article in full or to leave a comment, please click here
A U.S. senator is probing reports of a breach of data from smart toys from Spiral Toys, writing to the company’s CEO a letter with ten questions about the issue, including about the company’s security practices.Bill Nelson, a Florida Democrat, wrote in a letter Tuesday to CEO Mark Meyers that the breach raises serious questions concerning how well the company protects the information it collects, particularly from children.Nelson also said that the incident raises questions about the vendor's compliance with the Children’s Online Privacy Protection Act that requires covered companies to have reasonable procedures to protect the confidentiality, security and integrity of personal information collected from children.To read this article in full or to leave a comment, please click here
A resolution introduced in the U.S. Senate on Tuesday aims to roll back privacy rules for broadband service providers that were approved by the Federal Communications Commission in October.The rules include the requirement that internet service providers like Comcast, AT&T, and Verizon should obtain "opt-in" consent from consumers to use and share sensitive personal information such as geolocation and web browsing history, and also give customers the option to opt out from the sharing of non-sensitive information such as email addresses or service tier information.The rules have been opposed by internet service providers who argue that they are being treated differently from other Internet entities like search engines and social networking companies.To read this article in full or to leave a comment, please click here
Thanks to WikiLeaks, antivirus vendors will soon be able to figure out if you have been hacked by the CIA.
On Tuesday, WikiLeaks dumped a trove of 8,700 documents that allegedly detail the CIA’s secret hacking operations, including spying tools designed for mobile phones, PCs and smart TVs.
WikiLeaks has redacted the actual source code from the files to prevent the distribution of cyber weapons, it said. Nevertheless, the document dump -- if real -- still exposes some of the techniques that the CIA has allegedly been using.To read this article in full or to leave a comment, please click here
Extreme Networks continued to expand its enterprise networking portfolio today buying up the network technology of Avaya Holdings– which is in Chapter 11 bankruptcy -- for $100 million.
Extreme’s Ed Meyercord, President and CEO said he expects the deal will broaden the company’s software and strengthen its presence in vertical markets such as healthcare and manufacturing.
Norman Rice, an executive vice president with Extreme added that some of Avaya’s strengths included its networking fabric and Network Micro-Segmentation technology that helps customers secure enterprise components.
+More on Network World: Avaya wants out of S.F. stadium suite, not too impressed with 49ers on field performance either+ To read this article in full or to leave a comment, please click here
Corporations concerned about the release of thousands of CIA documents detailing hacks against Apple iOS and Mac OSX, Google’s Android, Microsoft’s Windows, Linux and Solaris need to conduct a fresh round of risk assessment that takes the new revelations into account.While the trove of leaked data – known as Vault 7 – doesn’t include code for actual exploits, it does describe the types of vulnerabilities they take advantage of, which can still be of value to both defenders and potential attackers, says John Pironti, president of IP Architects, a security risk consulting firm.To read this article in full or to leave a comment, please click here
Running your own email servers doesn’t do anything to differentiate your business from the competition (except in a bad way, if you get hacked). But avoiding the effort of managing and monitoring your own mail server isn’t the only advantage of a cloud service. The scale of a cloud mail provider like Office 365 means that malware and phishing attacks are easier to spot — and the protections extend beyond your inbox.Email protection isn’t just about blocking spam anymore. It’s about blocking malicious messages aimed at infecting computers and stealing credentials. Traditional antivirus scanning isn’t the solution either, because attachments aren’t just executable files you can recognize with a signature. Often, scammers use JavaScript and macros (including PowerShell) to trigger a secondary download with the malicious payload. And embedded links often go to legitimate but compromised sites, so you also can’t rely on site reputation.To read this article in full or to leave a comment, please click here(Insider Story)
Say you just got laid off from your job. Bills are piling up and the pressure to get a new job quickly is building. Your desperation has you taking chances you wouldn’t normally take, such as clicking on a link to a job offer — even if something about it doesn't quite look right.Research firm ZeroFOX has found that unless a company has a verified recruiting account, it can be difficult for an applicant to decipher a legitimate account from an impersonator. One way to spot an impersonator is that they commonly provide Gmail, Yahoo, and other free email provider addresses through which applicants can inquire about a job and send their resumes (more advanced scammers can spoof company email domains). Some also include links to official job sites and LinkedIn for follow-up. In most cases, the impersonator uses the company logo to portray themselves as an official recruiter for the company. To read this article in full or to leave a comment, please click here
WikiLeaks has released more than 8,700 documents it says come from the CIA's Center for Cyber Intelligence, with some of the leaks saying the agency had 24 "weaponized" and previously undisclosed exploits for the Android operating system as of 2016.Some of the Android exploits were developed by the CIA, while others came from the U.S. National Security Agency, U.K. intelligence agency GCHQ, and cyber arms dealers, according to the trove of documents released Tuesday. Some smartphone attacks developed by the CIA allow the agency to bypass the encryption in WhatsApp, Confide, and other apps by collecting audio and message traffic before encryption is applied, according to the WikiLeaks analysis.To read this article in full or to leave a comment, please click here
A five-month-old flaw in Android's SSL cryptographic libraries is among the 35 critical vulnerabilities Google fixed in its March security patches for the mobile OS.The first set of patches, known as patch level 2017-03-01, is common to all patched phones and contains fixes for 36 vulnerabilities, 11 of which are rated critical and 15 high. Android vulnerabilities rated critical are those that can be exploited to execute malicious code in the context of a privileged process or the kernel, potentially leading to a full device compromise.One of the patched vulnerabilities is located in the OpenSSL cryptographic library and also affects Google's newer BoringSSL library, which is based on OpenSSL. What's interesting is that the flaw, identified as CVE-2016-2182, was patched in OpenSSL back in September. It can be exploited by forcing the library to process an overly large certificate or certificate revocation list from an untrusted source.To read this article in full or to leave a comment, please click here
The cybersecurity skills shortage is nothing new – I’ve been writing about it for years as have other analysts and researchers. I’ve also done countless presentations on this topic. Here’s a video where I’m interviewed on the cybersecurity skills shortage at the RSA Conference a few years ago. I also presented on this topic at the RSA Conference that same year. I keep writing about the cybersecurity skills shortage for one consistent and troubling reason – it ain’t getting any better. Here’s a few data points to back up this claim (note: I am an ESG employee):
As part of ESG’s annual IT spending intentions research, we asked respondents (i.e. about 600 IT and cybersecurity professionals in North America, EMEA, and the Asia Pacific region) to identify the different IT areas where their organization has a “problematic shortage” of skills. Cybersecurity has been identified as the #1 “problematic shortage” area across all of IT for the past 6 years in a row.
In 2017, 45% of organizations say they have a “problematic shortage” of cybersecurity skills. This is right in line with 2016 (46%), but these last two years represented a big Continue reading
The cybersecurity skills shortage is nothing new—I’ve been writing about it for years, as have other analysts and researchers. I’ve also done countless presentations on this topic. Here’s a video where I’m interviewed on the cybersecurity skills shortage at the RSA Conference a few years ago. I also presented on this topic at the RSA Conference that same year. RELATED: Akamai CSO takes a creative approach to finding security pros
I keep writing about the cybersecurity skills shortage for one consistent and troubling reason: It ain’t getting any better. Here’s a few data points to back up this claim: To read this article in full or to leave a comment, please click here
The BBC found itself in the no-good-deed-goes-unpunished category thanks to Facebook. Granted, the BBC was investigating for an article to see if Facebook had improved its system for removing child porn from the site after such images are reported. But trying to help “clean up” Facebook should not be rewarded by the social network reporting you to the police.Using Facebook’s “report button,” BBC journalists reported 100 images that should not be allowed on the platform according to Facebook’s guidelines that claim “nudity or other sexually suggestive content” is not permitted on the site. The images included a still from a child porn video, under-16s in sexual poses and others along the same vein. Of those, only 18 were initially removed. The other 82, Facebook said, did not violate “community standards.”To read this article in full or to leave a comment, please click here
If you thought it was bad when the FBI reported last year that ransomware was on the rise, you should read the forecasts for this year. According to SonicWall’s most recent Annual Threat Report, “ransomware attacks grew 167 times since 2015, from 3.8 million in 2015 to 638 million in 2016.”This year, TrendMicro sees a 25-percent growth in the number of new ransomware families available for use in breaches. Reports of the encroachment of ransomware on government, law enforcement, critical infrastructure, and health and safety are already climbing.To read this article in full or to leave a comment, please click here
Seeing the lightImage by PexelsA lightbulb. We can connect a lightbulb in our house to the internet in case we need to turn the lights on or off while we’re away – or if we’re too lazy to walk to the light switch. The more lightbulbs, devices, apps and online services we use and connect with on a daily basis, the more we expose ourselves to security risks. This is the nature of how our digital lives have evolved and it requires more active participation as individuals to protect ourselves and minimize exposure.To read this article in full or to leave a comment, please click here
Nearly two-thirds of consumers are worried about home IoT devices listening in on their conversations, according to a Gartner survey released Monday.Those jitters aren’t too surprising after recent news items about TV announcers inadvertently activating viewers’ Amazon Echos, or about data from digital assistants being used as evidence in criminal trials. But privacy concerns are just one hurdle smart homes still have to overcome, according to the survey.To read this article in full or to leave a comment, please click here
Kaspersky Labs announced new research this morning that shows some links between the massive Shamoon attack that took down 35,000 computers in Saudi Arabia to a new attack against a target in Europe.The Shamoon attack, which occurred in 2012, was followed by a series of related against against Gulf States earlier this year. The attacks were widely attributed to Iran.The new malware, called StoneDrill, is, like Shamoon, a wiper -- it destroys all the data on a computer.To read this article in full or to leave a comment, please click here
Joomla has exploded in popularity as an open-source website creation tool for individuals, small and medium-sized businesses, enterprises, and developers. It has been downloaded 78 million times and currently powers millions of websites.Joomla websites have not been entirely unaffected by the cyber crime problems that have plagued content management systems (CMSs) and the internet in general. A wave of fake jQuery attacks hit Joomla and WordPress sites in 2015 and 2016, affecting over 4.5 million sites.To read this article in full or to leave a comment, please click here