Why the world’s top computing experts are worrying about your data

It would be difficult to come up with a better illustration of the profound effect data can have on people's lives than the Ashley Madison hack, which has not only sparked numerous lawsuits but also been associated with several suicides.On Tuesday, many of the world's experts in computer science and mathematics spent an afternoon at the Heidelberg Laureate Forum in Germany trying to figure out how the widespread collection of data about consumers can be prevented from causing more harm in the future.MORE ON NETWORK WORLD: Big data's biggest challenges "In the U.S., there are now states where jail sentencing guidelines are being set by data," said Jeremy Gillula, a staff technologist with the Electronic Frontier Foundation. "Data has a huge impact on people's lives, and that's only going to increase."To read this article in full or to leave a comment, please click here

When to host your Website’s security

Managing the daily updates and upgrades needed to keep the website secure demands a highly skilled administration team. A third party website management company provides both managed hosting and security, but the security of the site depends largely upon the provider.Larger enterprises come to website hosting providers because they have regulatory requirements that they can’t meet on their own. Commodity providers from AWS to Azure and Rackspace, provide infrastructure, but the enterprise monitors the security of the site themselves.Self-monitoring with a highly skilled team can be as reliable as entrusting their site to the security team of a web hosting provider, but not every organization has a staff with the expertise and flexibility needed to build a strong security platform program.To read this article in full or to leave a comment, please click here

Most corporate risk due to just 1% of employees

Just 1 percent of employees are responsible for 75 percent of cloud-related enterprise security risk, and companies can dramatically reduce their exposure at very little additional cost by paying extra attention to these users.According to newly-released research by CloudLock, which analyzed the behavior of 10 million users during the second quarter of this year, these users are sending out plain-text passwords, sharing files, accidentally downloading malware, clicking on phishing links, using risky applications, reusing passwords, and engaging in other types of dangerous behaviors.MORE ON CSO: The things end users do that drive security teams crazy These users include both rank-and-file employees as well as super-privileged users, software architects, and non-human accounts used to perform automated tasks.To read this article in full or to leave a comment, please click here

Top 25 computer science colleges, ranked by alumni earnings

University of California, Santa Barbara, is the top computer science school in the U.S., according to a new salary-centric report from compensation specialist PayScale.The research company ranked 187 colleges and universities with computer science programs based on the median pay of the schools' compsci alumni. By that measure, University of California, Santa Barbara, led the pack, with its graduates reporting a median mid-career salary of $147,000, PayScale said. (PayScale also ranked the highest-paying college majors.)To read this article in full or to leave a comment, please click here

AT&T Wi-Fi hotspot reportedly stuffs extra ads into Web pages

Stanford University computer scientist Jonathan Mayer was recently Web browsing at a U.S. airport when he noticed there were too many online advertisements.The website for Stanford, for example, displayed a pop-up ad for a 60 percent discount on jewelry. The Federal Communications Commission website appeared to be advertising ladies' boots. ScreenshotAn example of an ad said to be injected over the FCC's website while on an AT&T free airport Wi-Fi hotspot.To read this article in full or to leave a comment, please click here

Dell Oro Group: Check Point, Fortinet, Palo Alto making gains in security appliances

There’s a continuing shift among the top security appliance vendors that has Cisco remaining at the top of the sales heap but with Check Point Software, Fortinet and Palo Alto Networks making gains and pressuring Juniper Networks, according to new research from Dell’Oro Group.The research - which includes new data from the second quarter of this year as well as projections for next year and historical data going back to 2012 - has Cisco, with 24.9% of the network security appliance market as measured by manufacturer’s revenue, solidly in first place during the latest quarter. It is followed by Check Point (9.3%), Fortinet (8%), Palo Alto (5.2%) and Juniper (4.8%) to round out the top five.To read this article in full or to leave a comment, please click here

DARPA: Current DDoS protection isn’t cutting it

Researchers with the Defense Advanced Research Projects Agency (DARPA) will next month detail a new program they hope will ratchet-up the way the military, public and private enterprise protect their networks from distributed denial-of-service DDoS attacks.+More on network World: DARPA wants to toughen-up WAN edge networking, security+The need for such new defenses is obvious: The number of distributed denial-of-service (DDoS) attacks in first quarter of 2015 more than doubled the number of attacks in Q1 of 2014 and attack sites are growing more dangerous, and more capable of launching attacks in excess of 100 Gbps, according to a recent Akamai Technologies State of the Internet Security report.To read this article in full or to leave a comment, please click here

Comcast planning nationwide gigabit broadband in 2 years. What will it cost?

A Comcast executive says the company is currently testing technology based on the DOCSIS 3.1 standard, which can transmit data at rates up to 10 Gigabits per second (Gbps) in ideal environments, and is aiming to deploy the technology on a nationwide basis by 2018, according to a Fierce Cable article published last week. Comcast vice president of network architecture Robert Howald told Fierce Cable that the technology will enable the company to offer customers broadband speeds of 1 Gbps "and higher." From the article:To read this article in full or to leave a comment, please click here

Sharpening cyber defenses with an “attacker’s eye view”

To understand risk exposure, security pros gather and digest intelligence feeds about vulnerabilities, indications of compromise (IOCs) and other machine-readable data all the time. But real-time insight into what adversaries are seeing in underground forums, the dark web, social media and other sharing sites is hard to come by. Yet it is precisely this attacker’s eye view you need to gain a clear picture of your risk profile, to prioritize which threats are likely – even imminent – versus others.

With 411 breaches so far this year exposing 17,678,050 records, according to the Identity Theft Resource Center report, there is a growing need to use this insight to better inform and tune defenses. However, it takes more than downloading the TOR browser bundle or devising a good underground cover identity to access these sources and gather actionable intelligence. What can you do to avoid wasting time, keep your employers out of trouble with the law and make a difference in anticipating risk? It starts with understanding the intelligence gap that exists between you and your adversaries.

To read this article in full or to leave a comment, please click here

US agency tells electric utilities to shore up authentication

U.S. electric utilities should pay close attention to their authentication systems and access controls to reduce data breaches, a government agency says in a new cybersecurity guide.About 5 percent of all cybersecurity incidents that the U.S. Department of Homeland Security's industrial control cyber team responded to in 2014 were tied to weak authentication, said the U.S. National Institute of Standards and Technology (NIST). Another four percent of industrial control incidents were related to abuses of access authority, the agency said.The new cybersecurity guide, released in draft form by NIST's National Cybersecurity Center of Excellence (NCCoE) Tuesday, focuses on helping energy companies reduce their cybersecurity risks by showing them how they can control access to facilities and devices from a single console.To read this article in full or to leave a comment, please click here

Technology Short Take #53

Welcome to Technology Short Take #53. In this post, I’ve gathered links to posts about networking, virtualization, Docker, containers, Linux, configuration management, and all kinds of other cool stuff. Here’s hoping you find something useful!

Networking

  • Anthony Spiteri, who works at an Australian service provider running NSX, has some in-depth articles discussing vShield Edge and NSX Edge (part 1, part 2, part 3, and part 4). Anthony discusses features supported by both, how they handle high availability, how VPN services work, and how to handle certificates. It looks like very useful information for anyone supporting NSX in their environment.
  • Here’s a nice article on using Ansible with Arista EOS. This isn’t something I’ve had the chance to do just yet (currently needing to focus my efforts on Ansible with Linux/Cumulus Linux), but it certainly seems relatively straightforward. Without having done this myself, it seems like I’d prefer to run pyeapi on the switches directly, so the Ansible configuration remains clean (instead of having to use a local connection for the switches but SSH for everything else). Of course, I’m sure there are trade-offs each way.
  • I think I’ve mentioned this before (it’s really hard to Continue reading

Researchers create P2P Alibi Routing to avoid censorship and government surveillance

A team of University of Maryland Institute for Advanced Computer Studies (UMIACS) researchers developed "provable avoidance routing" that they call Alibi Routing; it's an overlay routing protocol that provides Internet users with a method to avoid sending their data through countries known for their censorship. Users specify where they want their packets NOT to go and Alibi Routing can provide "concrete proof" that users' data did not pass through "undesired geographic regions."The researchers unveiled Alibi Routing at the 2015 Association for Computing Machinery Special Interest Group on Data Communication (ACM SIGCOMM) conference. The research paper (pdf) "introduces a primitive, provable avoidance routing that, when given a destination and region to avoid, provides 'proof' after the fact that a packet and its response did not traverse the forbidden region. We rely on the insight that a packet could provide an 'alibi'—a place and time where it was—to prove that it must have avoided the forbidden region in transit from source to destination."To read this article in full or to leave a comment, please click here

Wyndham vs. FTC: Corporate security pros need to lawyer up about data breach protection, experts say

Corporate security executives need to meet with their legal teams to find out whether the way they protect customer data will keep them out of trouble with the Federal Trade Commission should that information be compromised in a data breach.Based on a U.S. Circuit Court of Appeals decision yesterday, the best course of action is to learn what kinds of actions the FTC has taken in the past – and why - against companies whose defenses are cracked and whose customer data is stolen. Lisa SottoTo read this article in full or to leave a comment, please click here

Certifi-gate flaw in Android remote support tool exploited by screen recording app

An application available in the Google Play store until yesterday took advantage for months of a flaw in the TeamViewer remote support tool for Android in order to enable screen recording on older devices.The app's developer discovered the vulnerability independently from security researchers from Check Point Software Technologies who presented it earlier this month at the Black Hat security conference along with similar flaws in other mobile remote support tools.The Check Point researchers dubbed the issues Certifi-gate because they stem from failures to properly validate the digital certificates of remote support apps that are supposed to communicate with privileged plug-ins installed in the system.To read this article in full or to leave a comment, please click here

1 3,115 3,116 3,117 3,118 3,119 3,611