Archive

Category Archives for "Network World Security"

How to assess security automation tools

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  During my recent trip to Tel Aviv to attend CyberTech 2017, I had a one-on-one conversation with Barak Klinghofer, co-founder and CTO of Hexadite. He gave me a preview of an educational presentation he was to give two weeks later at the RSA Conference. His insight is worth repeating for anyone looking to add automation tools to their security toolset.As I saw at CyberTech, and I’m sure was the case at RSA, the hottest topics were security automation, automated incident response and security orchestration. These can be confusing terms, as every vendor describes them a little bit differently.To read this article in full or to leave a comment, please click here

New York State cybersecurity regulations: Who wins?

As you probably know by now, on February 16, the State of New York’s Department of Financial Services (DFS) finalized its new cybersecurity regulations, which take effect on March 1, 2017. These regulations are somewhat redundant with others in the financial services industry (i.e. FFIEC, GLBA, NIST CSF, OCC, etc.) but tend to go a bit further with several specific prescriptive requirements. For example, the New York State cybersecurity regulations cover nonpublic data (rather than customer data), mandate the presence of a CISO (or third-party equivalent) and require a program for secure data destruction.To read this article in full or to leave a comment, please click here

Ethernet 2.5GBASE-T and 5GBASE-T grows, testing on tap from UNH lab

The University of New Hampshire InterOperability Laboratory (UNH-IOL) said it would begin offering testing and standards conformance services 2.5GBASE-T and 5GBASE-T Ethernet products.The broad testing services safeguard that Ethernet products and services are interoperable and will help customers boost network speed up to five times without requiring cabling infrastructure changes.The Ethernet Alliance in September wrote that the IEEE 802.3bz Standard for Ethernet Amendment sets Media Access Control Parameters, Physical Layers and Management Parameters for 2.5G and 5Gbps Operation lets access layer bandwidth evolve incrementally beyond 1Gbps, it will help address emerging needs in a variety of settings and applications, including enterprise, wireless networks.To read this article in full or to leave a comment, please click here

Eleven-year-old root flaw found and patched in the Linux kernel

Linux system administrators should be on the watch for kernel updates because they fix a local privilege escalation flaw that could lead to a full system compromise.The vulnerability, tracked as CVE-2017-6074, is over 11 years old and was likely introduced in 2005 when the Linux kernel gained support for the Datagram Congestion Control Protocol (DCCP). It was discovered last week and was patched by the kernel developers on Friday.The flaw can be exploited locally by using heap spraying techniques to execute arbitrary code inside the kernel, the most privileged part of the OS. Andrey Konovalov, the Google researcher who found the vulnerability, plans to publish an exploit for it a few days.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Is DevOps security about behavior or process?

One of my main roles is improving the security of the software produced by my employer, and it was in that role that I attended the annual gathering of the security industry in San Francisco last week. The RSA Conference is one of the two global security conferences I attend, the other being Blackhat. While Blackhat has become more corporate, it’s still dominated by hackers and focuses more on vulnerabilities, whereas RSA is very much a corporate event focused on enterprise security and security policy.RELATED: Machine learning offers new hope against cyber attacks Several of the tracks at RSA this year covered the area of security in the development process. I was most interested in the Advanced Security & DevOps track. DevOps is a hot topic in the industry, and now we have SecDevOps, or perhaps DevSecOps as the new security buzzword spinoff. Behind the buzzwords, however, I learned some useful lessons, a few of which I’d like to discuss here.To read this article in full or to leave a comment, please click here

How to scrub your private data from ‘people finder’ sites

It doesn’t matter what you do online: The internet knows a ton about you, and that information is a mouse click away.Search any people finder site—Spokeo, PeekYou, Whitepages, to name a few—and odds are you’ll find a page listing your full name, date of birth, names of family members, current address, and phone number. Depending on the site's aggressiveness, it may offer (for a low membership fee or the price of registering an account) additional details such as past addresses, social media profiles, marital status, employment history, education, court cases such as bankruptcies, hobbies, and even a photo of where you live.[ 18 surprising tips for security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ] Forget the National Security Agency. Aggregator sites such as Intelius, Radaris, and PeopleFinder have data warehouses full of information about you, accessible to people without your permission, and used for purposes you know nothing about. While these sites ostensibly provide background checks and other public services, they also simplify identity theft, stalking, and doxxing (exposing personal information online to encourage harassment), which is both creepy and downright dangerous.To read this article in full or to leave Continue reading

Why DRaaS is a better defense against ransomware

Recovering from a ransomware attack doesn’t have to take daysImage by Eric E CastroIt’s one thing for a user’s files to get infected with ransomware, it’s quite another to have a production database or mission-critical application infected. But, restoring these databases and apps from a traditional backup solution (appliance, cloud or tape) will take hours or even days which can cost a business tens or hundreds of thousands of dollars. Dean Nicolls, vice president of marketing at Infrascale, shares some tangible ways disaster recovery as a service (DRaaS) can pay big dividends and quickly restore systems in the wake of a ransomware attack.To read this article in full or to leave a comment, please click here

Are you afraid your car will be taken over?

In 2013 Charlie Miller and Chris Valesek showed how easy it was to take over a connected car. It was a monumental moment that made the auto industry stand up and take notice of the vulnerability of the connected cars they manufactured.Miller and Valesek were not maliciously running cars off the road, but they did give demonstrations so that the auto industry would begin to take security seriously. As seen in this video, the two researchers had the capability through their laptops to shut down the vehicle's engine on the highway or spew window washing fluid onto the windshield, which could startle an unsuspecting driver to perhaps jerk the wheel and hit another car. They identified more than seven major categories of remote attack surfaces, based on their study of 20 models (2014 to 2015) from different car manufacturers.To read this article in full or to leave a comment, please click here

Police arrest man suspected of building million-router German botnet

Last year, someone turned a German internet service provider into a million-router botnet. German police think they will soon have the culprit.The U.K.'s National Crime Agency (NCA) made an arrest on Wednesday in connection with the November 2016 hack on Deutsche Telekom. The agency said it arrested a 29-year-old man at Luton airport, acting on a European Arrest Warrant issued by the public prosecutor's office in Cologne, Germany.The German Federal Criminal Police Office (Bundeskriminalamt, or BKA), which led the investigation, said it had worked with British law enforcement officials to arrest the man, a Briton.To read this article in full or to leave a comment, please click here

Amid cyberattacks, ISPs try to clean up the internet

If your computer’s been hacked, Dale Drew might actually know something about that.He's CSO (chief security officer) at Level 3 Communications, a major internet backbone provider that's routinely on the lookout for cyberattacks on the network level. The company has linked more than 150 million IP addresses to malicious activity worldwide.That means all of those IP addresses have computers behind them that are probably involved in distributed denial-of-service attacks, email spam, or breaches of company servers, Drew said.Hackers have managed to hijack those computers to "cause harm to the internet," but the owners don't always know that, Drew said. To read this article in full or to leave a comment, please click here

A hard drive’s LED light can be used to covertly leak data

The seemingly harmless blinking lights on servers and desktop PCs may give away secrets if a hacker can hijack them with malware. Researchers in Israel have come up with an innovative hack that turns a computer's LED light into a signaling system that shows passwords and other sensitive data. The researchers at Ben-Gurion University of the Negev demonstrated the hack in a YouTube video posted Wednesday. It shows a hacked computer broadcasting the data through a computer’s LED light, with a drone flying nearby reading the pattern. The researchers designed the scheme to underscore vulnerabilities of air-gapped systems, or computers that have been intentionally disconnected from the internet.To read this article in full or to leave a comment, please click here

7.4% of software on PCs are past end of life

A new Secunia Research report states that the average private user in the U.S. has 75 programs installed on their PC, and 7.4% of them are past end of life and no longer patched by the vendor.   By being past end of life, this software becomes a popular attack target by hackers because the programs are so widespread on devices today. This was the warning from Microsoft when it ended support for Windows XP in 2014—that people should no longer use it because exploits would no longer be fixed.  The report from Secunia Research, which is owned by Flexera Software, covers findings for the fourth quarter of 2016 in 12 countries. In the U.S., it found 7.5 percent of private users had unpatched Windows operating systems in Q4 of 2016, up from 6.1 percent in Q3 of 2016 and down from 9.9 percent in Q4 of 2015.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Reaching the cybersecurity tipping point

Remember that moment when you really committed yourself to solid security and privacy practices? The moment when you committed to never clicking on a link you weren’t sure about, to always checking for badges on people coming in the door, to always using your password manager to create a complex password? If you do, you reached your “cybersecurity tipping point.”For many, that moment has not yet come. And if you are reading this article, it might be your job to get your employees to hit that point. And you already know that the hard part is figuring out how.To read this article in full or to leave a comment, please click here

What to expect from the Trump administration on cybersecurity

Look for U.S. President Donald Trump's administration to push for increased cybersecurity spending in government, but also for increased digital surveillance and encryption workarounds.That's the view of some cybersecurity policy experts, who said they expect Trump to focus on improving U.S. agencies' cybersecurity while shying away from new cybersecurity regulations for businesses. Trump is likely to look for ways for the National Security Agency and other agencies to assist the government and companies defend against cyberattacks, said Jeffrey Eisenach, a visiting scholar at the American Enterprise Institute and a tech advisor during Trump's presidential transition.To read this article in full or to leave a comment, please click here

New macOS ransomware spotted in the wild

A new file-encrypting ransomware program for macOS is being distributed through bittorrent websites and users who fall victim to it won't be able to recover their files, even if they pay.Crypto ransomware programs for macOS are rare. This is the second such threat found in the wild so far, and it's a poorly designed one. The program was named OSX/Filecoder.E by the malware researchers from antivirus vendor ESET who found it.OSX/Filecoder.E masquerades as a cracking tool for commercial software like Adobe Premiere Pro CC and Microsoft Office for Mac and is being distributed as a bittorrent download. It is written in Apple's Swift programming language by what appears to be an inexperienced developer, judging from the many mistakes made in its implementation.To read this article in full or to leave a comment, please click here

How the DOT discovered its network was compromised by shadow IT

When Richard McKinney set out to migrate the Department of Transportation (DOT) to Microsoft Office 365, he got a valuable lesson in shadow IT, one that could serve as a cautionary tale for other government leaders as they look to upgrade and consolidate their systems.McKinney, who only recently stepped down as CIO at DOT, had been leading a turnaround mission at the department since his arrival, but when it came time for the Office 365 rollout, he quickly discovered how chaotic the situation was, with hundreds of unauthorized devices running undetected on the sprawling network.To read this article in full or to leave a comment, please click here

Cisco touts next-gen firewall gear for midsize installations

Cisco is coming out with four next-generation firewall boxes aimed at giving smaller organizations protection that is better sized to their needs and engineered to minimize performance hits as additional security services are turned on.The devices make up a family called the Cisco Firepower 2100 series and are built around dual, multi-core processors. That architecture enables custom processing of traffic requiring threat inspection, and also supports tagging traffic that doesn’t need threat inspection so it flows through only the separate network processing unit.These features combine to provide ample processing power for services such as IPS and also lighten the total load on that processor by diverting traffic that doesn’t require those services, Cisco says.To read this article in full or to leave a comment, please click here

IDG Contributor Network: What is OWASP, and why it matters for AppSec

Modern software development is firmly focused on speed. The race to be first in the market is extremely competitive. To innovate, companies develop at breakneck pace, quickly establishing feedback loops that allow them to hone their software. Security, however, is often an afterthought for stressed developers and the business people pushing them to deliver faster.The importance of application security (AppSec) is widely understood, with 97 percent of respondents to the SANS Institute’s 2016 State of Application Security report revealing they have an AppSec program in place.To read this article in full or to leave a comment, please click here

1 84 85 86 87 88 319