Threat intelligence needs to grow up

Security teams are overwhelmed with a massive amount of threat data. While a decade ago no one was talking about threat intelligence except government agencies, organizations are now bombarded with threat data leaving them challenged with identifying what is relevant.Aggregating that data requires a shift in mindset and a maturing of threat intelligence in order to better mitigate risks.Experts say that collecting data for the purposes of having data does no good and can actually detract from a security intelligence program by using up time and man power to analyze data that is most often noise rather than real indicators of threat.MORE ON CSO:10 tips to make sure you are ready when a disaster strikes If the long-term goal of enterprises is to have mature threat intelligence programs, they need to conduct an internal risk assessment and design a plan of action.To read this article in full or to leave a comment, please click here

IMUNES on Linux

The IMUNES open-source network simulator can now be installed on and run on Linux. Previously, IMUNES was available only for the FreeBSD operating system.

IMUNES-linux

The Linux version of IMUNES is ready to be used and can set up and run network emulation scenarios. It does not yet have all the features offered in the FreeBSD version of IMUNES but the development team intends make add in more features until both versions support similar capabilities.

In this post, we will show how to install the Linux version of IMUNES on Ubuntu 14.04, look at the tool set used by IMUNES on Linux, and experiment with a simple network simulation scenario.

Compatibility with Linux versions

IMUNES is compatible with all popular Linux distributions.

The IMUNES development team seems to be testing IMUNEs on the latest available Linux distributions. If you are using Linux distributions like Ubuntu 15.04, you can follow the standard IMUNES install directions. However, if you are using a long-term-supported distribution like Ubuntu 14.04, there are some extra software dependencies that you must install.

Install IMUNES in Ubuntu 14.04

I am using Ubuntu 14.04 LTS as my host operating system. When installing IMUNES on Ubuntu Continue reading

Where Should WAN Functionality Live?

Improving outdated WAN architecture is not a simple decision, due to the growing number of technology options and services.

Risky Business #378 — Mary Ann Davidson vs Krebs and Dowd

On this week's show we're chatting with Mark Dowd and Brian Krebs about Oracle CSO Mary Ann Davidson's somewhat odd blog post from earlier this week. In the post she laid into security researchers for violating Oracle's EULA when reverse engineering their products. The post got pulled, much drama, we sift through the ashes of that. Plus we chat to Brian about the daring $46.7m online heist against Ubiquiti Networks.

Lenovo’s Motorola business to produce phones at quicker pace, less cost

In the wake of lackluster earnings, Lenovo said it is working towards pumping out products faster from its newly acquired Motorola Mobility division.Lenovo wants the Motorola team to shorten its product development time, CEO Yang Yuanqing said in an earnings conference call Thursday. “By the end of the life cycle the product is not competitive, particularly the Moto G, the Moto X,” he said.Yang wants the company to update its smartphones and add new models every six months. “In the future we will improve our product development cycle. So in every moment our product will be competitive,” he said.Following a streamlining of the business, Lenovo will also create a simpler handset portfolio, with fewer models.To read this article in full or to leave a comment, please click here

Struggling Lenovo to cut 3,200 jobs, streamline handset business

Lenovo is laying off 3,200 employees and trimming down its smartphone portfolio in response to a slowdown in its PC and handset sales.The Chinese company faced a particularly tough market environment during the second quarter, its CEO Yang Yuangqing said Thursday. Demand is down for PCs and tablets, and competition in China’s smartphone market is cutting into sales.The company reported second quarter earnings that failed to meet its expectations. Net profit declined 51 percent year over year to reach US$105 million. Revenue increased by only 3 percent from a year ago, to reach $10.7 billion.In response, Lenovo has announced cost-cutting measures that will reduce its employee strength of 60,000 by 5 percent. It is also restructuring its mobile business group, to pave the way for a simpler product portfolio with fewer smartphone models.To read this article in full or to leave a comment, please click here

Datanauts 006 – Assessing IPv6 Readiness

New IPv4 address space is almost gone from the global market. Organizations need to introduce IPv6 into their environments to ensure uninterrupted business operations with the rest of the world. Yet, implementing IPv6 is not as simple as firing up a routing scheme. How does an organization know if it’s ready? Special guest Ed Horley joins the Datanauts in this discussion.

The post Datanauts 006 – Assessing IPv6 Readiness appeared first on Packet Pushers.

Updates are coming for a telematics unit that hacked a Corvette

Security updates are being distributed for a telematics control unit (TCU) that security researchers showed could be manipulated to remotely apply the brakes of a Corvette, according to the device’s French manufacturer.The device is a small dongle that plugs into the On-Board Diagnostics II (OBD-II) port on a vehicle, usually located under the driver’s side dashboard. TCUs with cellular connections are increasingly being used in vehicles by insurance companies to monitor drivers or for fleet management.At the USENIX security conference this week in Washington, D.C., academics from the University of California demonstrated how a C4E family dongle from Paris-based Mobile Devices Ingenierie could be remotely accessed.To read this article in full or to leave a comment, please click here

Using Vagrant with CumulusVX

Cumulus recently announced their CumulusVX platform, which is a virtualized instance of their operating system typically found on network switches. They’ve provided a few options to run this, and in this blog post, I’ll be exploring the use of Vagrant to set up a topology with Cumulus virtual devices. Brief Review of Vagrant In software development, there is a very crucial need to consistently and repeatably set up development and test environments.

Using Vagrant with CumulusVX

Brief Review of Vagrant

In software development, there is a very crucial need to consistently and repeatably set up development and test environments. We’ve had the “but it worked on my laptop” problem for a while, and anything to simplify the environment set up and ensure that everyone is on the same page will help prevent it.

Vagrant is a tool aimed at doing exactly this. By providing a simple CLI interface on top of your favorite hypervisor (i.e. Virtualbox) you can distribute Vagrantfiles, which are essentially smally Ruby scripts, and they provide the logic needed to set up the environment the way you want it. In addition, it can call external automation tools like Ansible and Puppet to go one step further, and actually interact with the operating system itself to perform tasks like installing and configuring software.

What we get out of a tool like Vagrant is a Continue reading

Using Vagrant with CumulusVX

Brief Review of Vagrant

What we get out of a tool like Vagrant is a Continue reading

Google’s Niantic Labs to become independent company

Two days after announcing a sweeping reorganization, Google has detailed its first departure. Niantic Labs, an augmented reality unit of Google, will be spun off into an independent company.The split, which is unusual for Google, means that Niantic Labs won’t be part of Alphabet, the new holding company that is expected to be formed later this year to include Google and other parts of the company.The move was announced by Niantic Labs in a Google+ post on Wednesday, and confirmed by Winnie King, a spokeswoman for Google.She said the split would allow Niantic to accelerate its growth, “which will help them align more closely with investors and partners in the entertainment space,” but didn’t provide any more details.To read this article in full or to leave a comment, please click here

Use SAP’s mobile platform? Patch now to avoid these ‘high risk’ vulnerabilities

Three high risk vulnerabilities in SAP Mobile could give attackers access to encrypted information stored in mobile devices, security firm Onapsis reported Wednesday.All three vulnerabilities were recently fixed by SAP, but systems are only safe if the patches are applied.“SAP runs so many of the world’s largest enterprises that any vulnerability must be taken very seriously,” said Nicholas Taylor, CEO of Netlogx, another security provider.One of the flaws enables keystream recovery and could allow an attacker with access to a vulnerable device to decrypt credentials and other sensitive information stored within, Onapsis said. The attacker could then potentially connect to other business systems to access additional data.To read this article in full or to leave a comment, please click here

Cisco Switch Sales Rebound Under New CEO

Chuck Robbins' first earnings report is a good one.

Cisco’s new CEO hints at deals in software and security

Chuck Robbins has only been in the job three weeks but the new CEO of Cisco Systems is already dropping hints about acquisitions.On Wednesday, Cisco reported growth in its revenue and profits for the quarter just ended, and in a conference call to discuss the results Robbins was asked about Cisco’s plans for long term growth.“We’ll continue to be very acquisitive going forward, especially in areas like software and security,” he said.They’re two of the areas Cisco has flagged as growth opportunities in the past. They’re also areas where it can generate recurring revenue from subscriptions, something it wants to do more of.Cisco has already been on something of an acquisitions streak, with six purchases announced in less than five months. They include Internet security provider OpenDNS, which it’s buying for $635 million.To read this article in full or to leave a comment, please click here

Microsoft’s Surface Hub collaboration tool delayed until 2016

People who pre-ordered the Surface Hub from Microsoft were notified Wednesday that their mega-display and conference room collaboration tool won’t arrive until 2016, at least four months after Microsoft originally planned.Pre-orders for the Surface Hub, which is a massive touch-sensitive and camera-equipped display designed to help people work together in an office and across the Web, opened July 1. Following strong demand for the devices, Microsoft said two weeks later that it would be reworking its manufacturing processes to keep up with interest, and would have to delay the devices’ roll-out. Wednesday’s announcement means companies that planned to install the devices know when to expect their new hardware.To read this article in full or to leave a comment, please click here

Verizon preps super-fast 10Gbps broadband

Verizon engineers have finished lab and field tests of a new fiber optic network capable of 10Gbps, or 10 times the speed of Google Fiber and some other currently-available networks. A popular Verizon FIOS service now offering 75Mbps speeds can transfer a two-hour HD movie in 17 minutes; the new 10Gbps network can transfer the same movie in just 8 seconds, according to Shweta Jain, a FIOS engineer at Verizon. She spoke in a Verizon video to announce the successful testing. Verizon hasn't said where the service will first be offered and at what cost. The company will seek proposals for equipment and software later this year to support commercial development.To read this article in full or to leave a comment, please click here

DOJ calls for encryption balance that includes law enforcement needs

It’s possible for companies to design their encryption systems to allow law enforcement agencies to access customer data with court-ordered warrants while still offering solid security, U.S. Department of Justice officials said.When DOJ and FBI officials raised recent concerns over end-to-end encryption on Android and iOS mobile phones, some security experts suggested it was difficult or unsafe to build in provider access to encrypted consumer data. But many companies already offer encryption while retaining some access to user information, two senior DOJ officials said Wednesday.To read this article in full or to leave a comment, please click here

Dropbox adds U2F support for better security

Two-factor authentication is often held up as a best practice for security in the online world, but Dropbox on Wednesday announced a new feature that’s designed to make it even tougher.Whereas two-step verification most commonly involves the user’s phone for the second authentication method, Dropbox’s new U2F support adds a new means of authenticating the user via Universal 2nd Factor (U2F) security keys instead.What that means is that users can now use a USB key as an additional means to prove who they are.“This is a very good advancement and adds extra security over mobile notifications for two-factor authentication,” said Rich Mogull, CEO with Securosis.To read this article in full or to leave a comment, please click here

« Previous 1 … 3,353 3,354 3,355 3,356 3,357 … 3,835 Next »