Challenges around Operationalizing Threat Intelligence

When it comes to threat intelligence, there seem to be two primary focus areas in play:  The threat intelligence data itself and the legislative rhetoric around threat intelligence sharing (i.e. CISA, CISPA, etc.).  What’s missing?  The answer to a basic question:  How do organizations get actual value out of threat intelligence data and threat intelligence sharing in a meaningful way?As it turns out, the answer to this question isn’t obvious and many enterprises continue to struggle as they seek to “operationalize” threat intelligence.  In a recently published ESG research report titled, Threat Intelligence and Its Role Within Enterprise Cybersecurity Practices, ESG surveyed 304 cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees), and asked them to rate themselves in terms of their ability to operationalize threat intelligence (note: I am an ESG employee).  The data indicates that:To read this article in full or to leave a comment, please click here

QOTW: Outsourcing Memory

Culture is more than the aggregate of what Google describes as “the world’s information.” It’s more than what can be reduced to binary code and uploaded onto the Net. To remain vital, culture must be renewed in the minds of the members of every generation. Outsource memory, and culture withers.Nicolas Carr, The Shallows

LinkedInTwitterGoogle+FacebookPinterest

The post QOTW: Outsourcing Memory appeared first on 'net work.

Easily provision Windows instances in AWS with Ansible

Untitled_designMYTH: using Ansible to do fully-automated provisioning of Windows instances in AWS is difficult, because WinRM is not enabled by default on Amazon’s Windows AMIs, and the admin password is not known at startup.

I’d like to bust this myth once and for all. As an Ansible Solutions Architect, I often see users going to great lengths to solve both of these problems. The solutions I’ve encountered in the field have ranged from “minor maintenance hassle” to “major code-smell”, and are usually completely unnecessary; an obscure EC2 feature called User Data can replace them all. In a post on my personal blog, I demonstrate a basic use of this feature to manually provision Windows instances that are Ansible-ready on first boot, using unmodified Amazon-provided AMIs. A follow-up post expands that technique into a fully-automated provisioning sample. Try it yourself to see how easy it is to quickly spin up and configure Windows instances for any need, using only Ansible!

New iPhone 6S could let Sprint network shine

LAS VEGAS -- Apple gave Sprint a little gift this week with the new iPhone 6S in the form of faster wireless speeds via a technology called carrier aggregation.The only problem is that Sprint is just at the beginning of rolling out carrier aggregation capability nationwide, a process expected to take place over the next two years. Just this week, Sprint announced the technology's availability in Denver.To read this article in full or to leave a comment, please click here

MIT scores worst in cybersecurity

In a cybersecurity survey of 485 large colleges and universities, the Massachusetts Institute of Technology came in at the bottom of the list.In a report released today, SecurityScorecard analyzed the educational institutions based on web application security, network security, endpoint security, IP reputation, patching, and other security indicators.SecurityScorecard's chief research officer Alex Heid said they have a feeling that MIT's low scores were due in part to its cybersecurity research efforts.MORE ON CSO: What is wrong with this picture? The NEW clean desk test "They do their own malware research," he said. "They run honeypots. They're running TOR exit nodes."To read this article in full or to leave a comment, please click here

5 iPad alternatives for the enterprise

iPad alternatives for the enterpriseImage by ThinkstockApple's iPad -- no matter the generation -- is usually at the top of most "best tablets" lists. That remains true with the latest iPad Air 2 - and will probably be true when the just-announced iPad Pro becomes available. However, while the iPad offers a lot in the way of performance and design, when it comes to productivity, you might find it lacking in some areas. Without the option to use a mouse, split-screen apps and a lack of expandable storage, it may not measure up for your business needs. Or maybe you're just tired of the same old tablet and want to try something new. Whatever your reason, if you want to stray from Apple, here are five iPad alternatives that can easily move your office to your couch.To read this article in full or to leave a comment, please click here

Free speech for computers, and nine other DARPA ideas

If free speech for humans is worth fighting for, is free speech for computers worth fighting against?That's the type of question you might expect from someone who holds a doctor of philosophy degree in computer science and psychology and it's exactly what the audience at DARPA's Wait, What? conference in St. Louis heard on Thursday.Posing the question was Paul Cohen, who joined the Department of Defense-run research organization from the University of Arizona in 2013."Are you attracted or appalled by the idea of machines that have ideas and know how to express them?," he continued. "What if you were lonely? What if they were bigots? What if you could each change the other’s mind?"To read this article in full or to leave a comment, please click here

HTIRW: The Internet Society

In ending this series — which I hope has been useful for Packet Pusher’s readers to get a solid survey of the entire Internet’s operational structure — we’ll talk about one of the “forgotten” groups of people helping to build and maintain the ‘net as we know it. Without this organization the Internet probably simply […]

The post HTIRW: The Internet Society appeared first on Packet Pushers.

FireEye takes security firm to court over vulnerability disclosure

A spat between two security companies shows just how sensitive reporting software vulnerabilities can be, particularly when it involves a popular product.The kerfuffle between FireEye and ERNW, a consultancy in Germany, started after an ERNW researcher found five software flaws in FireEye's Malware Protection System (MPS) earlier this year.One of the flaws, found by researcher Felix Wilhelm, could be exploited to gain access to the host system, according to an advisory published by ERNW. To read this article in full or to leave a comment, please click here

Android ransomware changes a device’s PIN code

Researchers at security company ESET have found a type of malware that changes an Android device's PIN, the first of its kind in an ever-evolving landscape of ransomware attacks. For most users, the only option to get rid of the malware is to reset the phone to its factory settings, which unfortunately also deletes all the data on the device. The malware calls itself "Porn Droid" and bills itself as a viewer for adult content. It has only been seen on third-party Android application marketplaces or forums for pirated software, wrote Lukas Stefanko, an ESET malware analyst. But after it's installed, users see a warning supposedly from the FBI that they've allegedly viewed "prohibited pornography." It asks for a US$500 fine to be paid within three days.To read this article in full or to leave a comment, please click here

Think your meeting’s important? 25 years ago, this one spawned Wi-Fi

If you're reading this story over Wi-Fi, thank a department store designer.It was retail remodeling that spurred NCR, a venerable cash-register company, to find out how it could use newly opened frequencies to link registers and mainframes without wires. Its customers wanted to stop drilling new holes in their marble floors for cabling every time they changed a store layout.In 1985, the U.S. Federal Communications Commission voted to leave large blocks of spectrum unlicensed and let vendors build any kind of network they wanted as long as they didn't keep anyone else from using the frequencies. NCR jumped at the chance to develop a wireless LAN, something that didn't exist at the time, according to Vic Hayes, a former engineer at the company who's been called the Father of Wi-Fi. To read this article in full or to leave a comment, please click here

Think your meeting’s important? 25 years ago, this one spawned Wi-Fi

If you're reading this story over Wi-Fi, thank a department store designer.It was retail remodeling that spurred NCR, a venerable cash-register company, to find out how it could use newly opened frequencies to link registers and mainframes without wires. Its customers wanted to stop drilling new holes in their marble floors for cabling every time they changed a store layout.RELATED: WiFi blocking debate far from overIn 1985, the U.S. Federal Communications Commission voted to leave large blocks of spectrum unlicensed and let vendors build any kind of network they wanted as long as they didn't keep anyone else from using the frequencies. NCR jumped at the chance to develop a wireless LAN, something that didn't exist at the time, according to Vic Hayes, a former engineer at the company who's been called the Father of Wi-Fi. To read this article in full or to leave a comment, please click here

Video: VMworld’s not just a virtualization show anymore

VMworld used to be a conference to learn how to use server virtualization.+MORE VMWORLD COVERAGE FROM NETWORK WORLD: Why (and how) VMware created a whole new virtualization platform just for containers +Forrester analyst Dave Bartoletti says it’s not nearly a virtualization show anymore though. This year the conference focused on a variety of topics, from cloud to network virtualization, storage virtualization and hybrid cloud enablement.In the video below Bartoletti discusses VMware’s hybrid cloud strategy, and why there’s so much hype about containers in the market.To read this article in full or to leave a comment, please click here

Tech startups need to get serious about security

The head of the nation's primary consumer protection agency on Wednesday paid a visit to San Francisco, where she called on technology startups to do a better job of incorporating security protections as they race to bring new applications into the market.Federal Trade Commission Chairwoman Edith Ramirez's comments amplified the agency's "Start With Security" initiative, a program that aims to encourage businesses to prioritize cybersecurity as an integral part of their product development.[ Related: The 7 deadly sins of startup security ]To read this article in full or to leave a comment, please click here

Reports of attacks on the Department of Energy raise alarms

Attackers successfully infiltrated computer systems at the Department of Energy more than 150 times between 2010 and 2014, according to a review of federal documents by USA Today that  were obtained as a result of a Freedom of Information Act request. In all, DoE networks were targeted 1,131 times over the four-year span.While this sounds worrying -- the DoE oversees the country's power grid and nuclear weapons stockpile, after all -- there are a few things missing from the report. The attacks appear to be against the DoE's office systems and not the real-time systems that control the power grid. Those systems are typically operated by utilities and aren't directly connected to DoE's networks. The attacks in the USA Today report are equivalent to the kind universities, corporations, and other organizations regularly face.To read this article in full or to leave a comment, please click here

1 3,325 3,326 3,327 3,328 3,329 3,841