Open source is a wonderful thing. A significant chunk of today’s enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked. Fortunately, that’s changing. If you haven’t been looking to open source to help address your security needs, it’s a shame—you’re missing out on a growing number of freely available tools for protecting your networks, hosts, and data. The best part is, many of these tools come from active projects backed by well-known sources you can trust, such as leading security companies and major cloud operators. And many have been tested in the biggest and most challenging environments you can imagine. To read this article in full or to leave a comment, please click here
Open source is a wonderful thing. A significant chunk of today’s enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked. Fortunately, that’s changing. If you haven’t been looking to open source to help address your security needs, it’s a shame—you’re missing out on a growing number of freely available tools for protecting your networks, hosts, and data. The best part is, many of these tools come from active projects backed by well-known sources you can trust, such as leading security companies and major cloud operators. And many have been tested in the biggest and most challenging environments you can imagine. To read this article in full or to leave a comment, please click here
Every business needs to have a process in place for handling security vulnerability reports, but some organizations take a much more proactive approach to dealing with security researchers.An increasing number of hardware and software vendors have formal bug bounty programs. Google, for example, runs its own vulnerability rewards program, and Microsoft has multiple bug bounties covering Office 365, Azure, .NET and Edge as general programs covering exploits and defenses.To read this article in full or to leave a comment, please click here(Insider Story)
Ransomware is running rampant. The SonicWall GRID Threat Network detected an increase from 3.8 million ransomware attacks in 2015 to 638 million in 2016. According to a Radware report, 49 percent of businesses were hit by a ransomware attack in 2016. Quite often the attacker asks for some amount of cybercurrency – usually Bitcoin – in exchange for providing a decryption key.One question this raises is whether ransomware attacks would decrease if Bitcoin ceased to exist? Security experts answer that question with a resounding “no”, indicating that cybercriminals would just move on to another anonymous payment method to continue their extortion."Getting rid of Bitcoin to stop ransomware would be like the U.S. Government getting rid of $100 bills to try to stop drug dealers from laundering their dirty money. It’s not the right solution. Would it momentarily create a bump in the road for cyber attackers who are making millions off of ransomware? Absolutely, but only for a fleeting moment,” said Richard Henderson, global security strategist at Absolute.To read this article in full or to leave a comment, please click here(Insider Story)
A dangerous practice on the riseImage by Pexels“Shadow IT” refers to the too-common practice whereby managers select and deploy cloud services without the consent or even the knowledge of the IT department. These services act as extensions of the corporation but are steered entirely by groups that lack the knowledge or process to ensure they follow necessary guidelines, introducing security, compliance, and brand risk throughout the enterprise. Gartner predicts that by 2020, one-third of security breaches will come in through shadow IT services.To read this article in full or to leave a comment, please click here
A hacker, purportedly from Iraq, defaced a site previously used by President Donald Trump for campaign fundraising. The “hack” occurred Sunday on the server, secure2.donaldjtrump.com. It was short-lived.A screenshot of the defacement was posted on the subreddit Hacking. The page displayed an anonymous man in a fedora above the message:
Hacked By Pro_Mast3r ~Attacker GovNothing Is ImpossiblePeace From Iraq
g33xter
Ars Technica reported the server was “behind Cloudflare’s content management and security platform, and does not appear to be directly linked from the Trump Pence campaign's home page. But it does appear to be an actual Trump campaign server.”To read this article in full or to leave a comment, please click here
A hacker, purportedly from Iraq, defaced a site previously used by President Donald Trump for campaign fundraising. The “hack” occurred Sunday on the server secure2.donaldjtrump.com. It was short-lived.A screenshot of the defacement was posted on the subreddit Hacking. The page displayed an anonymous man in a fedora above the message:
Hacked By Pro_Mast3r ~Attacker GovNothing Is ImpossiblePeace From Iraq
g33xter
Ars Technica reported the server was “behind Cloudflare’s content management and security platform, and it does not appear to be directly linked from the Trump/Pence campaign's home page. But it does appear to be an actual Trump campaign server.”To read this article in full or to leave a comment, please click here
The hackers behind a sophisticated attack campaign that has recently targeted financial organizations around the world have intentionally inserted Russian words and commands into their malware in an attempt to throw investigators off.Researchers from cybersecurity firm BAE Systems have recently obtained and analyzed additional malware samples related to an attack campaign that has targeted 104 organizations -- most of them banks -- from 31 different countries.They found multiple commands and strings in the malware that appear to have been translated into Russian using online tools, the results making little sense to a native Russian speaker.To read this article in full or to leave a comment, please click here
Swimming upstream?Image by ThinkstockIf you’re a small to midsized business and you wing it when it comes to network management and security then it’s not a question of if you will have a disaster, it’s merely a question of when. Why? Because malware, accidents and disasters are all waiting in the wings to pop out and make your life hell and cost you lots of money. Now I won’t lie to you, getting insulated from the bad stuff isn’t cheap, but if you think security and reliability is expensive, try fixing a disaster. Here are 12 steps that will, in the long run, make your business safer. Think you’ve got this covered? How many have you got in place?To read this article in full or to leave a comment, please click here
New products of the weekImage by RiverbedOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Ambra for DevelopersImage by ambraTo read this article in full or to leave a comment, please click here
Getting pulled over by the cops can be stressful, especially if one of the cops is shouting, cursing and threatening to sic a 90-pound dog on a motorist to rip the *bleep* out of him. The Atlantic City cop was dropping f-bombs all over the place, doing so at least 10 times in a one-minute, 20-second video clip of the traffic stop incident which was posted on Facebook.I don’t see how you could help but be offended by the video. If not by the cop’s spewing of foul-language, then by the threats the officer made.
It is unclear why the cops pulled over the young men, but one of the cops nuked out upon discovering the driver was using his phone to film them. One of the unidentified cops said, “Listen there’s two ways that this can go. Take that phone and stick it out of my face. I’m not gonna tell you again.”To read this article in full or to leave a comment, please click here
Cheese Movers International’s restructuring resulted in some employees being unhappy with either their new role or the new management. And unhappy employees, especially those who know the system well and have access, can become major problems for companies.Verizon’s RISK Team was called in because the multinational company had heard rumblings among the disgruntled employees and found some negative comments online. While there was no evidence of a data breach, Cheese Movers' upper management was concerned something was coming.This is just one case found in Verizon’s recently released annual breach report, which examines some of the cases where the RISK Team was called in to hunt down culprits. The “ride–along edition” of Verizon’s report provides a first-person perspective of the company that calls in the heavy hitters to find out why the network has slowed, who defaced a website or where a leak is coming from. With all the accounts, the names of the companies have been changed to protect the brand from public ridicule.To read this article in full or to leave a comment, please click here
Riding alongImage by Daimler AGVerizon’s recently released annual breach report that examines some of its cases where the RISK Team was called in to hunt down culprits. The “ride –along edition” of Verizon’s report gets a first-person perspective of the company that calls in the heavy hitters to find out why the network has slowed or where a leak is. With all the accounts, the names of the companies have been changed to protect the brand from public ridicule.To read this article in full or to leave a comment, please click here(Insider Story)
TruStar's head of product, Shimon Modi, shows CSO Online's Steve Ragan how his company is changing the game when it comes to incident reporting for companies.
Chad Holmes, Principal of Ernst & Young LLP sits down with Network World's Neal Weinberg to talk about how cyber-robotics will help shape the future of cybersecurity.
Almost 20 years ago, Chris Wysopal was among a group of hackers who testified before U.S. Congress, warning it about the dangers of the internet.Unfortunately, the U.S. government is still struggling to act, he said. "You’re just going to keep ending up with the status quo," he said, pointing to the U.S. government's failure to regulate the tech industry or incentivize any change.It’s a feeling that was shared by the experts who attended this week’s RSA cybersecurity show. Clearly, the U.S. government needs to do more on cybersecurity, but what? Public and Private sector
Perhaps, the need for U.S. action hasn't been more urgent. In last year's election, Russia was accused of hacking U.S. political groups and figures in an effort to influence the outcome.To read this article in full or to leave a comment, please click here
The Internal Revenue Service rounded up some of the usual suspects in its annual look at the Dirty Dozen scams you need to watch out for this year.
It should come as no surprise that the IRS saw a big spike in phishing and malware incidents during the 2016 tax season because the agency has been very public about its battle with this scourge.
Just this month the IRS issued another warning about what it called a dangerous, evolving W-2 scams that are targeting corporations, school districts and other public and private concerns.To read this article in full or to leave a comment, please click here
Android applications that allow millions of car owners to remotely locate and unlock their vehicles are missing security features that could prevent tampering by hackers.Researchers from antivirus vendor Kaspersky Lab took seven of the most popular Android apps that accompany connected cars from various manufacturers and analyzed them from the perspective of a compromised Android device. The apps and manufacturers have not been named.The researchers looked at whether such apps use any of the available countermeasures that would make it hard for attackers to hijack them when the devices they're installed on are infected with malware. Other types of applications, such as banking apps, have such protections.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Mention “cybersecurity conference” and most people think of the annual RSA Conference, which was held last week. But halfway around the world, the annual CyberTech Tel Aviv event is building momentum as one of the largest gatherings of cybersecurity professionals in the world. This year, more than 10,000 people representing 67 countries amassed in Tel Aviv, and I had the privilege of being one of them.Israel is making a name for itself, and that name is Cyber Nation. A 2011 government resolution created the National Cyber Bureau as an advising body for the Prime Minister. The bureau’s main mission is to bolster Israel’s national cybersecurity defenses, but a secondary mission is to promote research and development in the cyber field and encourage the commercial cyber industry in Israel.To read this article in full or to leave a comment, please click here