The Internet of Things (IoT) presents a security threat. A key point of my last article is that manufacturers do not have the right incentives. But all is not lost. With a little ingenuity, we can make a quilt of independent pieces that can nevertheless turn out to offer good security coverage.The term “patchwork quilt” is often used pejoratively to describe something that is made up of an assortment of other parts. Yet it is worth remembering that a well-made quilt is still functional, durable and beautiful. And quilts are often made collaboratively in quilting bees. We need this sort of approach to network security.To read this article in full or to leave a comment, please click here
Cisco Systems has fixed a critical vulnerability that could allow hackers to take over servers used by telecommunications providers to remotely manage customer equipment such as routers.The vulnerability affects Cisco Prime Home, an automated configuration server (ACS) that communicates with subscriber devices using the TR-069 protocol. In addition to remotely managing customer equipment, it can also "automatically activate and configure subscribers and deliver advanced services via service packages" over mobile, fiber, cable, and other ISP networks."A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges," Cisco said in its advisory.To read this article in full or to leave a comment, please click here
Sony. Anthem. The Office of Personnel Management. Target. Yahoo. The past two years have seen one mega-breach after another—and 2017 promises to be the most catastrophic year yet.Security experts have long warned that most organizations don’t even know they’ve been breached. Attackers rely on stealth to learn about the network, find valuable information and systems, and steal what they want. Only recently have organizations improved their detection efforts and started investing the time, capital, and people needed to uncover vulnerabilities. When they do, the results are often alarming.[ 18 surprising tips for security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ]
“I think we are going to find more, not less, breaches in 2017,” says Ray Rothrock, CEO of RedSeal, a security analytics firm.To read this article in full or to leave a comment, please click here
Hewlett Packard Enterprise has acquired Niara, a startup that uses machine learning and big data analytics on enterprise packet streams and log streams to detect and protect customers from advanced cyberattacks that have penetrated perimeter defenses.
The financial terms of the deal were not disclosed.
Operating in the User and Entity Behavior Analytics (UEBA) market, Niara’s technology starts by automatically establishing baseline characteristics for all users and devices across the enterprise and then looking for anomalous, inconsistent activities that may indicate a security threat, Keerti Melkote, senior vice president and general manager of HPE Aruba and cofounder of Aruba Networks, wrote in a blog post on Wednesday.To read this article in full or to leave a comment, please click here
If you’re the CEO of a company, here’s another threat you need to worry about: hackers trying to recruit your employees for insider-related crimes.Researchers at security firms RedOwl and IntSights have noticed growing activity from online black market dealers trying to recruit company employees for insider trading and cashing out stolen credit card numbers. These dealers are appearing on underground forums located on the dark web, which are accessible through Tor, a browser designed for anonymous web surfing, according to the researchers, who published their findings on Tuesday. To read this article in full or to leave a comment, please click here
President Donald Trump may be seeking more cooperation from private businesses to shore up the defense of critical infrastructure that they control.The signing of an executive order on cybersecurity was canceled unexpectedly Tuesday, but a draft of the order was leaked to The Washington Post.In it, Trump calls for, “…economic and other incentives to: induce private sector owners and operators of the Nation’s critical infrastructure to maximize protective measures; invest in cyber enterprise risk management tools and services; and adopt best practices with respect to processes and technologies necessary for the increased sharing of and response to real-time cyber threat information.”To read this article in full or to leave a comment, please click here
The Association for Computing Machinery (ACM) has announced it will celebrate 50 years of the A.M. Turing Award -- dubbed the "Nobel Prize of Computing -- with a (tech) star-studded conference in San Francisco this summer.The two-day event, to be held June 23-24, will "explore how computing has evolved and where the field is headed," according to the ACM.MORE: Why there's no official Nobel Prize in ComputingACM, which boasts of nearly 100,000 computing professional and student members around the world, is calling the event the Celebration of 50 Years of the ACM Turing Award. If you can't attend in person, be aware that a live stream will be available.To read this article in full or to leave a comment, please click here
Can a spam filter work even without reading the content of your messages?WhatsApp thinks so. Since last April, the messenger app has been successfully fighting spam abuse, even as it’s been using end-to-end encryption.That encryption means that no one -- not even WhatsApp -- can read the content of your messages, except for the recipient.More privacy, however, can raise issues about spam detection. If WhatsApp can’t scan your messages for suspicious content, say for advertisements peddling cheap Viagra, then how can it effectively filter them out?To read this article in full or to leave a comment, please click here
Two officers of the Russian Federal Security Service (FSB) and a cybercrime investigator from Kaspersky Lab have reportedly been charged with treason for helping U.S. intelligence services.
The arrests of Ruslan Stoyanov, the head of the computer incidents investigation team at Kaspersky, and Sergei Mikhailov, the deputy head of the Information Security Center at the FSB, happened in early December and were reported in the Russian media last week.
Since then, the arrest of a third FSB officer named Dmitry Dokuchayev, who also worked for the agency's Information Security Center, came to light, and the investigation is said to have targeted even more people.To read this article in full or to leave a comment, please click here
Cisco has rolled out a second release of its Tetration Analytics package with features such as a smaller footprint and a cloud service that will go a long way toward making the system alluring to more data center customers.Announced in June of last year, Cisco’s Tetration Analytics is a turnkey analytics package that gathers information from hardware and software sensors and analyzes the information using big data and machine learning.Tetration software sensors support Linux and Windows server hosts, while hardware sensors are embedded in Cisco network switch ASICS: Nexus 9200, Nexus 9300-EX and Nexus 9500-EX, to collect flow data at line rate from all the ports. Per Cisco once in place, the Tetration platform learns its enterprise environment and any policies IT has in place. From there it can learn which applications are dependent on each other throughout their data center and into the cloud. It can monitor server behavior patterns and group servers more efficiently.To read this article in full or to leave a comment, please click here
WASHINGTON -- Social media heavyweights like Facebook and YouTube have been working with the U.S. government and other international partners as they look to take a more active role in combating terrorist propaganda and other extremist messages that have gained traction online.Officials from the popular social network and YouTube parent Google addressed the issue here at a recent tech policy conference, where they described efforts to go beyond simply removing extremist content, and actually engaging in counter-messaging programs to present alternative narratives to those advanced by groups like ISIS."We're really focused on utilizing the strength that comes out of YouTube to push back on these messages," said Alexandria Walden, Google's counsel on free expression and human rights. "We know the power of our platform, and so we know that the best way to counter messages of hate and violence is to promote messages that push back against that, that push back against the hate and extremism and xenophobia around the world."To read this article in full or to leave a comment, please click here
Mobile security firm Zimperium has launched an exploit acquisition program that aims to bring undisclosed attack code for already patched vulnerabilities out in the open.Paying for old exploits might seem like a waste of money, but there are technical and business arguments to justify such an acquisition system and they ultimately have to do with the difference between exploits and vulnerabilities.A vulnerability is a software defect with potential security implications, while an exploit is the actual code that takes advantage of that bug to achieve a specific malicious goal, often by bypassing other security barriers along the way.In practice, many vulnerabilities that get reported to vendors are not accompanied by working exploits. Showing that a programming error can lead to memory corruption is typically enough for the vendor to understand its potential implications -- for example, arbitrary code execution.To read this article in full or to leave a comment, please click here
The middle of last year, Cisco held an event in New York to release its newest product, Tetration. The product moved Cisco into the analytics market, with the information being used to help customers better understand application performance and improve data center security. This week, Cisco announced the next version of Tetration Analytics, which is focused at providing security at the application layer. Cisco also released some new deployment options to make it easier for customers to get started with Tetration. To read this article in full or to leave a comment, please click here
Well it’s bad news for some gamers and modders, about 4.5 million of them, as three different forums were hacked. If you are looking for the silver lining in the dark breach cloud, then none of the hacks were recent; the flipside? The email addresses, usernames and passwords have been “out there” since as far back as September 2015.The Witcher fans started receiving breach notifications from Have I Been Pwned, but the CD Projekt Red forum was compromised in March 2016. Have I Been Pwned
Nearly 1.9 million CD Projekt Red accounts were exposed; Have I Been Pwned numbered the burned accounts at 1,871,373.To read this article in full or to leave a comment, please click here
Macs are really no more secure than a PC, but for many years there just weren’t as many out there because of the expense of the hardware and other issues. They've historically been a much less popular choice among both consumers, enterprises, and hackers alike.The PC attack surface is much wider; therefore, criminals develop malware that works on PCs because the payout is much higher. James Plouffe, lead solutions architect at mobile-security company MobileIron, said there are, however, a couple of oft-overlooked things that also protect Macs.First, Plouffe said, "MacOS is actually BSD Unix derivative. Granted, it's heavily customized but this meant that, unlike Windows (which had a long tail of viruses reaching back to the days of MS-DOS), bad actors had a lot more heavy lifting to do to be able to attack macOS."To read this article in full or to leave a comment, please click here
Continued high demand following a record year of breachesImage by ThinkstockLast year was a record one for data breaches, with some 1,093 breaches reported. That represented a 40 percent increase over the prior year, according to the Identity Theft Resource Center. It is no wonder that information security remains one of the most top-of-mind issues for CIOs, CISOs, and CEOs. The result is continued high demand for IT security pros. “The market for IT security professionals is poised for another strong year,” notes CompTIA Senior Vice President Tim Herbert. “The security job category was one of the faster growing IT occupations during 2016. During the last 90 days, U.S. employers posted nearly 25,000 job openings for security positions.”To read this article in full or to leave a comment, please click here(Insider Story)
No single antimalware engine can keep up with all the malware out there. But how about 57 of 'em?[ 18 surprising tips for security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ]
In this video, you'll learn how to download and run Windows Sysinternals Process Explorer to test all currently running executables on your Windows system against VirusTotal's 57 antivirus engines, which together offer the best accuracy you can ever get (with a small percentage of false positives that are pretty easy to spot).To read this article in full or to leave a comment, please click here
Can’t we all get alongImage by PixabayDo deepening adoption and broader deployment of container technologies (from the likes of Docker, CoreOS and others) threaten to escalate into the latest skirmish between operations, developers and information security? Certainly, the potential exists to widen the rift, but in fact there is far more common ground than would initially suggest. Containerization introduces new infrastructure that operates dynamically and is open in nature, with more potential for cross-container activity. Containerization presents an almost unprecedented opportunity to embed security into the software delivery pipeline – rather than graft on security checks, container monitoring and policy for access controls as an afterthought.To read this article in full or to leave a comment, please click here
Last summer at the Black Hat cybersecurity conference, the DARPA Cyber Grand Challenge pitted automated systems against one another, trying to find weaknesses in the others' code and exploit them."This is a great example of how easily machines can find and exploit new vulnerabilities, something we'll likely see increase and become more sophisticated over time," said David Gibson, vice president of strategy and market development at Varonis Systems.His company hasn't seen any examples of hackers leveraging artificial intelligence technology or machine learning, but nobody adopts new technologies faster than the sin and hacking industries, he said.To read this article in full or to leave a comment, please click here
Have you ever ignored a security alert on your PC? You’re not the only one.The warnings are designed to save us from malware infections and hacking risks, but often times we’ll neglect them. It could be because we’re too busy or we’ve seen them too many times, and we've become conditioned to dismiss them -- even the most serious ones, according to Anthony Vance, a professor at Brigham Young University.Vance has been studying the problem and he’s found that introducing certain small, but noticeable changes, can make the alerts more useful and harder to ignore. "Our security UI (user interface) needs to be designed to be compatible with the way our brains work," he said at the USENIX Enigma 2017 conference on Tuesday. "Not against it."To read this article in full or to leave a comment, please click here