New ransomware program Chimera threatens to leak user files

Ransomware creators have taken their extortion one step further: in addition to encrypting people's private files and asking for money before releasing a key, they now threaten to publish those files on the Internet if they're not paid.This worrying development has recently been observed in a new ransomware program dubbed Chimera that was documented by the Anti-Botnet Advisory Centre, a service of the German Association of the Internet Industry.The attackers behind this new threat target mainly businesses by sending rogue emails to specific employees that masquerade as job applications or business offers. The emails contain a link to a malicious file hosted on Dropbox.To read this article in full or to leave a comment, please click here

Cyber liability from perspective of board members and execs

Companies are increasingly reliant on digital spaces and the continuing stream of high-profile data breaches means cybersecurity topics – often in the form of cyber liability questions – are now a part of board and senior management discussions instead of only being discussed at the IT level. Security, following “ethical issues,” is the second-leading risk to a company’s brand.Although getting hacked has a huge impact on the bottom line, NYSE Governance Services and Vercode found that “the extent of the brand damage caused by breaches is often linked to boards’ level of preparedness. It is therefore a board’s fiduciary duty to ask the right questions to ensure due care has been followed.”To read this article in full or to leave a comment, please click here

Sprint owner confirms job cuts will be ‘in the thousands’

Sprint Chairman and SoftBank CEO Masayoshi Son told reporters in Tokyo early Wednesday that job cuts at Sprint will be "in the thousands" as part of a restructuring plan.His comments came as SoftBank, which owns more than 70% of Sprint, reported its quarterly earnings."Sprint is now in the position to increase the pace of user acquisition while cutting costs," Son said, according to Bloomberg and other news sources. "We will also cut staff. The cuts will be in the thousands."Son's comments are not out of line with things Sprint CEO Marcelo Claure has been telling Sprint workers for months.To read this article in full or to leave a comment, please click here

How Verizon analyzes security-breach data with R

Analyzing 200,000 records may not seem like a big task. But when those records are security incidents with potentially hundreds of attributes each -- types of bad actors, assets affected, category of organization and more -- it starts getting a little complex for a spreadsheet. So Verizon's annual security report, which was initially done in Excel, is now generated "soup to nuts" in R.In fact, the Verizon Data Breach Report is somewhat of "a love letter to R," Bob Rudis, managing principal and senior data scientist at Verizon Enterprise Solutions, told the EARL (Effective Applications of the R Language) Boston conference earlier today.To read this article in full or to leave a comment, please click here

There’s a Problem with IPv6 Multihoming

In an amazing turn of events, at least one IETF working group recognized we have serious problems with IPv6 multihoming. According to the email Fred Baker sent to a number of relevant IETF working groups:

PI multihoming demonstrably works, but PA multihoming when the upstreams implement BCP 38 filtering requires the deployment of some form of egress routing - source/destination routing in which the traffic using a stated PA source prefix and directed to a remote destination is routed to the provider that allocated the prefix. The IETF currently has no such recommendation, or consensus that it should have.

Here are a few really old blog posts just in case you don’t know what I’m talking about (and make sure you read the comments as well):

Read more ...

CCDE – Firewall And IPS Design Considerations

Introduction

This post will discuss different design options for deploying firewalls and Intrusion Prevention Systems (IPS) and how firewalls can be used in the data center.

Firewall Designs

Firewalls have traditionally been used to protect inside resources from being accessed from the outside. The firewall is then deployed at the edge of the network. The security zones are then referred to as “outside” and “inside” or “untrusted” and “trusted”.

CCDE basic firewall inside and outside
CCDE basic firewall inside and outside

Anything coming from the outside is by default blocked unless the connection initiated from the inside. Anything from the inside going out is allowed by default. The default behavior can of course be modified with access-lists.

It is also common to use a Demilitarized Zone (DMZ) when publishing external services such as e-mail, web and DNS. The goal of the DMZ is to separate the servers hosting these external services from the inside LAN to lower the risk of having a breach on the inside. From the outside only the ports that the service is using will be allowed in to the DMZ such as port 80, 443, 53 and so on. From the DMZ only a very limited set of traffic will be allowed Continue reading

Risky Business #388 — Cyber shrinkery, IoT shenanigans and guest Troy Hunt

This week's feature interview is with Troy Hunt of HaveIBeenPwned.com. And he's noticing something pretty weird. It's common for people to deface websites for bragging rights, and yeah, it's not new that data dumps are the new bragging fodder. But it seems like these days attackers are seeing Troy's site as the definitive place to get cred. Now they'll steal a bunch of data and Troy is their first stop.

Life is strange on the internets. That's this week's feature interview.

read more

Apple wages battle to keep App Store malware-free

Apple is facing growing challenges keeping suspicious mobile applications out of its App Store marketplace. Over the last two months, researchers have found thousands of apps that could have potentially stolen data from iOS devices. While the apps were not stealing data, security experts said it would have been trivial for attackers to configure them to do so.  Apple has removed some of affected apps since it was alerted by security companies. But the problems threaten to taint the App Store's years-long reputation as being high quality and malware free. Apple officials didn't have an immediate comment.To read this article in full or to leave a comment, please click here

Apple wages battle to keep App Store malware-free

Apple is facing growing challenges keeping suspicious mobile applications out of its App Store marketplace.Over the last two months, researchers have found thousands of apps that could have potentially stolen data from iOS devices.While the apps were not stealing data, security experts said it would have been trivial for attackers to configure them to do so. Apple has removed some of affected apps since it was alerted by security companies. But the problems threaten to taint the App Store's years-long reputation as being high quality and malware free. Apple officials didn't have an immediate comment.To read this article in full or to leave a comment, please click here

Microsoft follows Mozilla in considering early ban on SHA-1 certificates

Microsoft is considering advancing the blocking of the SHA-1 hashing algorithm on Windows to as early as June next year, taking a cue from a similar decision by Mozilla. The Redmond-based software maker had earlier said that Windows would block SHA-1 signed TLS (Transport Layer Security) certificates from Jan. 1, 2017, but is now mulling moving up the date in view of recent advances in attacks on the SHA-1 algorithm, a cryptographic hash function designed by the U.S. National Security Agency. There have been concerns about the security of the algorithm, which led Microsoft, Google and Mozilla to announce that their browsers would stop accepting SHA-1 SSL (Secure Sockets Layer) certificates.To read this article in full or to leave a comment, please click here

We should all follow Linus’s example

Yet another Linus rant has hit the news, where he complains about how "your shit code is fucking brain damaged". Many have complained about his rudeness, how it's unprofessional, and part of the culture of harassment in tech. They are wrong. Linus Torvalds is the nicest guy in tech. We should all try to be more like him.

The problem in tech isn't bad language ("your shit code"), but personal attacks ("you are shit").

A good example is Brendan Eich, who was fired from his position as Mozilla CEO because people disagreed with his political opinions. Another example is Nobel prize winner Tim Hunt who was fired because people took his pro-feminist comments out of context and painted him as a misogynist. Another example is Pax Dickinson, who was fired as CTO of Business Insider because of jokes he made before founding the company. A programmer named Curtis Yavin* was booted from a tech conference because he's some sort of monarchist. Yet more examples are the doxing and bomb threats that censor both sides of the GamerGate fiasco. The entire gamer community is a toxic cesspool of personal attacks. We have another class of people, the "SJW"s, Continue reading
1 3,191 3,192 3,193 3,194 3,195 3,773