About that Giuliani website…

Rumors are that Trump is making Rudy Giuliani some sort of "cyberczar" in the new administration. Therefore, many in the cybersecurity scanned his website "www.giulianisecurity.com" to see if it was actually secure from hackers. The results have been laughable, with out-of-date software, bad encryption, unnecessary services, and so on.

But here's the deal: it's not his website. He just contracted with some generic web designer to put up a simple page with just some basic content. It's there only because people expect if you have a business, you also have a website.

That website designer in turn contracted some basic VPS hosting service from Verio. It's a service Verio exited around March of 2016, judging by the archived page.

The Verio service promised "security-hardened server software" that they "continually update and patch". According to the security scans, this is a lie, as the software is all woefully out-of-date. According OS fingerprint, the FreeBSD image it uses is 10 years old. The security is exactly what you'd expect from a legacy hosting company that's shut down some old business.

You can probably break into Giuliani's server. I know this because other FreeBSD servers in the same data Continue reading

BrandPost: Leadership in ‘Third Network’ efforts

The “Third Network” is a term coined by the Metro Ethernet Forum (MEF) to communicate a concept that combines the performance and security assurances of Carrier Ethernet (CE 2.0) and the agility and ubiquity of the Internet. “It gives unprecedented levels of network control to for new and evolving types of cloud-centric applications and control for network connectivity services within current network architectures as well as emerging SDN and NFV implementations,” says MEF. Top awards Each year, MEF confers Excellence Awards to recognize service, application, technology, and professional excellence and innovation in the global Third Network. For 2016, AT&T was honored to receive five awards.To read this article in full or to leave a comment, please click here

Suspected NSA tool hackers dump more cyberweapons in farewell

The hacking group that stole cyberweapons suspected to be from the U.S. National Security Agency is signing off -- but not before releasing another arsenal of tools that appear designed to spy on Windows systems.On Thursday, the Shadow Brokers dumped them online after an attempt to sell these and other supposedly Windows and Unix hacking tools for bitcoin.The Shadow Brokers made news back in August when they dumped hacking tools for routers and firewall products that they claimed came from the Equation Group, a top cyberespionage team that some suspect works for the NSA.To read this article in full or to leave a comment, please click here

Suspected NSA tool hackers dump more cyberweapons in farewell

The hacking group that stole cyberweapons suspected to be from the U.S. National Security Agency is signing off -- but not before releasing another arsenal of tools that appear designed to spy on Windows systems.On Thursday, the Shadow Brokers dumped them online after an attempt to sell these and other supposedly Windows and Unix hacking tools for bitcoin.The Shadow Brokers made news back in August when they dumped hacking tools for routers and firewall products that they claimed came from the Equation Group, a top cyberespionage team that some suspect works for the NSA.To read this article in full or to leave a comment, please click here

Guccifer 2.0, alleged Russian cyberspy, returns to deride US

As if the whodunnit into the hacking of the Democratic National Committee wasn't already confusing and murky enough, the supposed Romanian hacker who first released the emails resurfaced on Thursday to say everyone has it wrong.“I’d like to make it clear enough that these accusations are unfounded,” Guccifer 2.0 said in Thursday blog post. “I have totally no relation to the Russian government.”Make of that what you will.According to U.S. intelligence agencies, Guccifer 2.0 is actually a front for Kremlin-backed cyberspies.“It’s obvious that the intelligence agencies are deliberately falsifying evidence,” said a message on the Guccifer 2.0 blog.To read this article in full or to leave a comment, please click here

Guccifer 2.0, alleged Russian cyberspy, returns to deride US

As if the whodunnit into the hacking of the Democratic National Committee wasn't already confusing and murky enough, the supposed Romanian hacker who first released the emails resurfaced on Thursday to say everyone has it wrong.“I’d like to make it clear enough that these accusations are unfounded,” Guccifer 2.0 said in Thursday blog post. “I have totally no relation to the Russian government.”Make of that what you will.According to U.S. intelligence agencies, Guccifer 2.0 is actually a front for Kremlin-backed cyberspies.“It’s obvious that the intelligence agencies are deliberately falsifying evidence,” said a message on the Guccifer 2.0 blog.To read this article in full or to leave a comment, please click here

Siblings arrested in Italy’s worst cyberespionage operation ever

The Tuesday arrest of Giulio Occhionero and his sister, Francesca Maria, has brought to light what appears to be the biggest, and highest-profile, hacking of institutional and corporate accounts ever reported in Italy.The siblings have been planting the Pyramid Eye remote access Trojan on computers using a spear-phishing technique over the course of years, according to the arrest order.They attacked no fewer than 18,000 high-profile targets including former Prime Ministers Matteo Renzi and Mario Monti, President of European Central Bank Mario Draghi, as well as employees and heads of various ministries including Internal Affairs, Treasury, Finance, and Education.To read this article in full or to leave a comment, please click here

Siblings arrested in Italy’s worst cyberespionage operation ever

The Tuesday arrest of Giulio Occhionero and his sister, Francesca Maria, has brought to light what appears to be the biggest, and highest-profile, hacking of institutional and corporate accounts ever reported in Italy.The siblings have been planting the Pyramid Eye remote access Trojan on computers using a spear-phishing technique over the course of years, according to the arrest order.They attacked no fewer than 18,000 high-profile targets including former Prime Ministers Matteo Renzi and Mario Monti, President of European Central Bank Mario Draghi, as well as employees and heads of various ministries including Internal Affairs, Treasury, Finance, and Education.To read this article in full or to leave a comment, please click here

30% off Withings Thermo Wireless Smart Thermometer – Deal Alert

With an exceedingly simple scan across the forehead, 16 infrared sensors take over 4,000 measurements to find the hottest point. It requires no contact with the skin, unlike traditional methods, making Thermo is the most sanitary way to take anyone’s temperature. Readings appear illuminated on the device, and if desired, will sync to your smartphone for tracking and much more. Its typical list price of $100 has been reduced 30% to $70. See the discounted Withings Thermo thermometer on Amazon.To read this article in full or to leave a comment, please click here

Withings Thermo Wireless Smart Thermometer – Deal Alert

With an exceedingly simple scan across the forehead, 16 infrared sensors take over 4,000 measurements to find the hottest point. It requires no contact with the skin, unlike traditional methods, making Thermo is the most sanitary way to take anyone’s temperature. Readings appear illuminated on the device, and if desired, will sync to your smartphone for tracking and much more. Its typical list price of $100 has been reduced 30% to $70. See the discounted Withings Thermo thermometer on Amazon.To read this article in full or to leave a comment, please click here

Back from dead: Intel’s Atom chip, in Panasonic’s $2,189 Android tablet

Intel is phasing out Atom chips from mobile devices and has scaled back Android development for such devices.But Panasonic has come out with a new tablet with an Atom chip and Android 6.0 anyway. Panasonic's new Toughbook FZ-A2 has a crazy starting price of US $2,189, and its Atom x5-Z8550 chip is a big problem.Atom chips are almost disappearing from tablets, especially devices with Android. There are also questions on whether the Toughbook will get upgraded to the newer Android 7.0, code-named Nougat. Panasonic didn't provide a response to the query.To read this article in full or to leave a comment, please click here

Security Sessions: Will security budgets go up in 2017?

In the latest episode of Security Sessions, CSO Editor-in-Chief Joan Goodchild chats with CSO Publisher Bob Bragdon about recent research around IT budgets, and how much of the budgets are allocated towards security. They also discuss where the money is going, how much is flowing to automation and whether the CSO (or CISO) can get the attention of the board to get more money for security projects.

Worth Reading: Elements and principles of graphic design

Knowing the key basics of design will help you to create better, more aesthetically pleasing works of art. When creating a design, there are both elements and principles to pay attention to. Knowing both pieces of the puzzle and how to successfully incorporate them into your designs will help you to create more beautiful pieces. —Line25

The post Worth Reading: Elements and principles of graphic design appeared first on 'net work.

Worth Reading: Elements and principles of graphic design

Knowing the key basics of design will help you to create better, more aesthetically pleasing works of art. When creating a design, there are both elements and principles to pay attention to. Knowing both pieces of the puzzle and how to successfully incorporate them into your designs will help you to create more beautiful pieces. —Line25

The post Worth Reading: Elements and principles of graphic design appeared first on 'net work.

Thoughts on incident response automation and orchestration

Just this week, I was reviewing several interviews I conducted with cybersecurity professionals on their organizations’ processes and tools for incident response (IR) automation and orchestration. Here are a few things that jumped out at me:1. IR is still often anchored by basic tools, manual processes, and key personnel. While trouble ticketing and ITSM tools are pervasive and fairly mature, too many enterprise organizations still “ham and egg” it through incident response. In other words, they rely on paper forms, spreadsheets, email handoffs and some socially challenged security analyst who’s really good a finding compromised systems and malicious network traffic. To read this article in full or to leave a comment, please click here

Thoughts on incident response automation and orchestration

Just this week, I was reviewing several interviews I conducted with cybersecurity professionals on their organizations’ processes and tools for incident response (IR) automation and orchestration.  Here are a few things that jumped out at me: 1.      IR is still often anchored by basic tools, manual processes, and key personnel.  While trouble ticketing and ITSM tools are pervasive and fairly mature, too many enterprise organizations still “ham and egg” it through incident response.  In other words, they rely on paper forms, spreadsheets, email handoffs, and some socially-challenged security analyst who’s really good a finding compromised systems and malicious network traffic. To read this article in full or to leave a comment, please click here

Aruba president Dominic Orr to step down at end of the month

Dominic Orr, the president of Hewlett Packard Enterprise's Aruba, will retire at the end of January in order to spend more time with his family and pursue personal interests, the company announced this week.Orr has been the president of Aruba, which was acquired by HPE in 2015, for 11 years. He’s a veteran of the networking industry, having worked at Nortel Networks, Alteon, and Bay Systems in his lengthy career. Taking over for Orr will be Aruba founder Keerti Melkote, who currently serves as senior vice president and general manager.“Dom has created the unique ‘customer first, customer last’ culture, innovator's mindset, and the making business personal attitude that are all cornerstones of our organization’s DNA that we will continue to carry forward,” said Melkote. “While he will certainly be missed, he leaves the organization well-positioned to continue to grow and prosper.”To read this article in full or to leave a comment, please click here

Viptela taps former Cisco, Dell-EMC exec to lead SD-WAN charge

Praveen Akkiraju Praveen Akkiraju Software-Defined WAN vendor Viptela today announced industry veteran and former Cisco and Dell EMC executive Praveen Akkiraju will become its new CEO as the company looks to increase its presence in the rapidly-budding market. +More on Network World: The new rulers of the cybersecurity realm: Automation, Analytics Artificial Intelligence+To read this article in full or to leave a comment, please click here

Viptela taps former Cisco, Dell-EMC exec to lead SD-WAN charge

Praveen Akkiraju Praveen Akkiraju Software-Defined WAN vendor Viptela today announced industry veteran and former Cisco and Dell EMC executive Praveen Akkiraju will become its new CEO as the company looks to increase its presence in the rapidly-budding market. +More on Network World: The new rulers of the cybersecurity realm: Automation, Analytics Artificial Intelligence+To read this article in full or to leave a comment, please click here

1 2,393 2,394 2,395 2,396 2,397 3,840