What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-04-27 05:21:00 | 15 tricks to hold off the hackers (lien direct) | Malicious hackers have outsize reputations. They are über-geniuses who can guess any password in seconds, hack any system, and cause widespread havoc across multiple, unrelated networks with a single keystroke-or so Hollywood says. Those of us who fight hackers every day know the good guys are usually far smarter. Hackers simply have to be persistent.To read this article in full or to leave a comment, please click here | |||
|
2017-04-27 05:12:00 | Top 4 reasons to become a CISSP (lien direct) | "Should I or shouldn't I become a CISSP (Certified Information Systems Security Professional)?"To read this article in full or to leave a comment, please click here | |||
|
2017-04-27 04:55:00 | Present and future ransomware tactics model the past (lien direct) | Ransomware expert Andrew Hay has some advice: If you want to know how to avoid it now and in the future, it helps to study the past.In that spirit, Hay, cofounder and CTO at LEO Cyber Security, provided a detailed historical landscape of K&R (kidnap and ransom) in his talk titled “The Not-so-Probable Future of Ransomware†at SOURCE Boston 2017 on Wednesday.While ransomware holds information rather than people hostage, Hay said the evolution of tactics in the online world, “parallel traditional extortion rackets.â€He noted that it dates at least back to biblical times – one version of it was the “kidnapping†of Hebrews to Babylon so they could be enslaved.To read this article in full or to leave a comment, please click here | |||
|
2017-04-27 04:29:00 | Michael Raggo joins 802 Secure as chief security officer (lien direct) | Security solutions provider 802 Secure has hired Mike Raggo as its chief security officer (CSO). Raggo is an expert in mobile data and Internet of things (IoT) security. He is the author of “Mobile Data Loss: Threats & Countermeasures†and “Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols†for Syngress Books. A former security trainer, Raggo has briefed international defense agencies including the FBI and Pentagon and is a participating member of FSISAC/BITS and PCI. He is also a frequent presenter at security conferences including Black Hat, DEF CON, Gartner, RSA, DoD Cyber Crime, OWASP, HackCon and SANS.To read this article in full or to leave a comment, please click here | |||
|
2017-04-27 03:42:00 | Medical devices that could put you at security risk (lien direct) | Everyone has heard of connected insulin pumps and pace makers, but there are some other connected medical devices that might surprise you. Each of them of course pose a security risk to you and your health.Mandeep Khera, Internet of Things security expert at Arxan, ran through some of these lesser known devices. Made famous by Dick Cheney's disconnected IoT pacemaker, the security community is abuzz with speculation about potential dangers that could result from a hacked connected medical device.And while pacemakers and insulin pumps have received their 15 minutes of fame, there are a myriad of other connected medical “things†that are either already available or in development, Khera said.To read this article in full or to leave a comment, please click here | |||
|
2017-04-27 03:14:00 | 10 ways CSOs can achieve ROI on a network solution (lien direct) | Measuring ROI Image by ThinkstockWith the advent of Bring Your Own Device (BYOD), WLAN network access to customers and visitors and virtualized systems, the demand for IP addresses has exploded. Small companies might have to manage more than 1,000 IP addresses and it is not unusual for larger companies to have 10,000 or more spread across many locations. Setting up and protecting the network infrastructure is a major challenge and needs to be even more sophisticated and dynamic than ever before.To read this article in full or to leave a comment, please click here |
|||
|
2017-04-27 02:28:00 | BrandPost: Small businesses increasingly in cybercriminal crosshairs (lien direct) | Even if they envied the big budgets, global reach and market presence of big corporations, small business operators could console themselves with at least one silver lining: compared to their big brethren, small- to medium-sized businesses (SMBs) once drew relatively little attention from online hackers and cybercriminals. SMBs that still think that's the case, however, may be in for a rude awakening.While large corporations still represent the primary targets for many cyberattacks, SMBs are now squarely on attackers' radar. Why? Because even small companies often possess extremely valuable digital data, be it intellectual property, customer and employee information – from Social Security and credit card numbers to user IDs and passwords – or other highly sensitive information. Even better, from a cybercriminal's perspective, SMB cybersecurity defenses are often porous, if nonexistent.To read this article in full or to leave a comment, please click here | |||
|
2017-04-26 21:17:00 | Cyberespionage, ransomware big gainers in new Verizon breach report (lien direct) | Verizon released its tenth annual breach report this morning, and cyberespionage and ransomware were the big gainers in 2016.Cyberspionage accounted for 21 percent of cases analyzed, up from 13 percent last year, and was the most common type of attack in the manufacturing, public sector, and education.In fact, in the manufacturing sector, cyberespionage accounted for 94 percent of all breaches. External actors were responsible for 93 percent of breaches, and, 91 percent of the time, the target was trade secrets.Meanwhile, the number of ransomware attacks doubled compared to the previous year.To read this article in full or to leave a comment, please click here | |||
|
2017-04-26 12:17:00 | Microsoft adds another layer to the Windows 10 patching onion (lien direct) | Microsoft yesterday added another update cycle to Windows 10's monthly patching, saying that the new collection of non-security-only fixes would give corporate customers the "increased flexibility" they had demanded.On Monday, Michael Niehaus, director of Windows 10 product marketing, announced the new monthly update, saying that the company would initially issue it only to customers running 1703, the upgrade also known as Creators Update, which launched earlier this month."We will routinely offer one (or sometimes more than one) additional update each month," Niehaus wrote in a post to a company blog. "These additional cumulative updates will contain only new non-security updates" [emphasis added].To read this article in full or to leave a comment, please click here | |||
|
2017-04-26 09:04:00 | Cyber infrastructure: Too big to fail, and failing (lien direct) | Even the good news is bad news.While Joshua Corman didn't use that exact line in his opening keynote at SOURCE Boston this week, that was a pervasive, and sobering, theme.Corman, a founder of I am The Cavalry and director of the Cyber Statecraft Initiative for the Atlantic Council, said he was there to tell some “uncomfortable truths†about the state of cybersecurity – among them that, “the critical infrastructure of our space is too big to fail, and it's failing.â€He said the current statistics are depressing enough – that the database of CVEs (Common Vulnerabilities and Exposures), “which is the predicate for all of our intrusion detection,†holds only about 80 percent of those in existence, and that there is security “coverage†– blocking or detection technology – for only 60 percent of that number. “So you're at 60 percent of 80 percent,†he said. “At best, you're getting about 50 percent coverage of the knowns. When you make a risk decision, you're doing it with a 50 percent blind spot.To read this article in full or to leave a comment, please click here | |||
|
2017-04-26 05:41:00 | IDG Contributor Network: IT mistakes that could cost an organization millions (lien direct) | Get your ducks in a row Image by ShutterstockOften when you are new to a job, all you can think about is making a good impression--not screwing up. In security, though, there are lots of pitfalls that can be disasterous to the organization. To read this article in full or to leave a comment, please click here |
|||
|
2017-04-26 04:00:00 | Open source security risks persist in commercial software [Infographic] (lien direct) | Whatever commercial software your company uses, it probably contains open source code. Black Duck Software recently completed its second Open Source Security and Risk Analysis (OSSRA) report based on security audits of anonymized data from more than 1,000 applications in 2016 and found that 96 percent used open source code. The analysis was done by Black Duck's Center for Open Source Research and Innovation (COSRI).The use of open source occurs in all industries by organizations of all sizes for good reason. It lowers development costs, speeds time to market, and accelerates innovation. Black Duck's On-Demand audits found that on average, open source comprised 36 percent of the code base in the scanned applications.To read this article in full or to leave a comment, please click here | |||
|
2017-04-26 04:00:00 | Contrast Security responds to OWASP Top 10 controversy (lien direct) | Contrast Security has addressed the recent backlash over section A7 of the OWASP Top 10 list for 2017. The company issued a statement on the matter after industry professionals suggested the A7 addition was an example of a vendor pushing their agenda on the OWASP Top 10 project.The OWASP Top 10 for 2017 was released earlier this month in draft format, so some changes could take place before the final, official release.However, when the public started looking at the draft, sections A7 and A10 stood out. Most of those commenting on the changes agree that A10 is a good addition, as API security is important these days, while dismissing A7 as a vendor pitch.To read this article in full or to leave a comment, please click here | |||
|
2017-04-26 03:12:00 | Five ways the U.S. is educating cybersecurity talent – and what\'s still missing (lien direct) | It's no secret that the world is facing a shortage of cybersecurity talent. The (ISC)² Center for Cyber Safety and Education's 2017 Global Information Security Workforce study projects a deficit of over 1.8 million qualified cybersecurity professionals between now and 2022.To read this article in full or to leave a comment, please click here | |||
|
2017-04-26 03:04:00 | Buying fraud right off the virtual rack (lien direct) | Forter, a fraud prevention company, recently released a report showing that the apparel industry was the most desired by fraudsters and scammers - up 70 percent in attempted attacks 2016. The Fraud Attack Index report examined over 136 million transactions, discovering an almost 80 percent increase in domestic attacks over the last 12 months.  This report examines the trends in online fraud attacks across industries, comparing the different situations experienced by different industries. Overall, 2016 saw a steady rise in online fraud attack rate, which increased 8.9 percent over the course of the year. To read this article in full or to leave a comment, please click here | |||
|
2017-04-25 07:32:00 | Why we need the FTC to police ISP privacy practices (lien direct) | Critics of the recently scrapped federal privacy regulation for internet service providers (ISPs) argued that the rules were overreaching, and that broadband providers should be held to the same privacy framework as application and content providers.The only catch is, they can't.Terrell McSweeny, a commissioner at the Federal Trade Commission (FTC), laments that her agency lacks the same oversight authority over ISPs that it exerts in the general consumer internet space, where it has brought privacy cases against the likes of Google and Facebook.Then, when Congress moved last month to nullify a privacy rule for ISPs advanced by the FCC, it effectively stripped the market of federal oversight, McSweeny argued at a recent event on privacy policy.To read this article in full or to leave a comment, please click here | |||
|
2017-04-25 04:00:00 | R2Games compromised again, over one million accounts exposed (lien direct) | Online gaming company Reality Squared Games (R2Games) has been compromised for the second time in two years, according to records obtained by the for-profit notification service LeakBase. The hacker who shared the data with LeakBase says the attack happened earlier this month.Headquartered in Shenzhen, China, R2Games operates a number of free-to-play, micropayment-driven games on iOS and Android, as well as modern browsers. The company currently supports 19 online games, and claims over 52 million players.In December of 2015, stretching into July of 2016, more than 22 million R2Games accounts were compromised, exposing IP addresses, easily cracked passwords, email addresses, and usernames.To read this article in full or to leave a comment, please click here | |||
|
2017-04-25 03:05:00 | 9 questions to ask when selecting application security solutions (lien direct) | Buying decisions Image by ThinkstockThere are many factors to consider when making an application security purchasing decision, and the pressure is on organizations now more than ever to improve their security risk management preparedness. In fact, more than 80 percent of security attacks target software applications, with application vulnerabilities as the No.1 cyber-attack target. Organizations need a comprehensive application security toolkit to stay secure throughout the product lifecycle, and need to address key questions that can help them determine the right tools to address security risks.To read this article in full or to leave a comment, please click here |
|||
|
2017-04-24 09:35:00 | How to track and secure open source in your enterprise (lien direct) | Recently, SAS issued a rather plaintive call for enterprises to limit the number of open source projects they use to a somewhat arbitrary percentage. That seems a rather obvious attempt to protest the rise of the open source R programming language for data science and analysis in a market where SAS has been dominant. But there is a good point hidden in the bluster: Using open source responsibly means knowing what you're using so you can track and maintain it.To read this article in full or to leave a comment, please click here | |||
|
2017-04-21 11:56:00 | IDG Contributor Network: Three shoddy security tropes it\'s time to retire (lien direct) | Nobody warned me when I started my career in security that it would hamper my ability to watch television. Whenever something involving computers or security happens, I usually have to stick my fingers in my ears and start humming, lest my head explode with frustration at the wrongness being spewed.I'm certain ours is not the only industry where TV tropes are truly awful; I'm told medical and legal accuracy is every bit as problematic, for example. Technical subjects are difficult, especially when it's not your area of expertise, and being slavishly correct would often make good storytelling nigh on impossible. That said, there are certain clichés that are so completely over-used that it is the height of lazy storytelling that these plot devices are rehashed again and again with no significant change.To read this article in full or to leave a comment, please click here | |||
|
2017-04-21 08:32:00 | 75% off Lamicall S1 Cell Phone Dock - Deal Alert (lien direct) | Designed on a low center of gravity makes it stable. The extended hooks keep the phone in safety, and rubber cushions protect the phone from scratches and sliding. Suitable height, perfect angle of view when using Facetime and YouTube, makes it so easy to read message and emails. Compatible with iPhone and Android phones even when they have an added case.  The doc averages 4.8 out of 5 stars from over 4,500 reviewers on Amazon (86% rate a full 5 stars: see reviews), where its typical list price of $39.99 has been reduced 75% to $9.99. See this deal on Amazon.To read this article in full or to leave a comment, please click here | |||
|
2017-04-21 08:09:00 | HITB Amsterdam: hackers, waffles and coffee oh my (lien direct) | As I dragged myself out of bed the first morning it was hard to wrap my head around the fact that I was in another city for another conference. I'm not complaining, more so I wasn't sure where I was for the first few minutes.Soon after I remembered that I was in Amsterdam I wandered out into the light of the daystar. I was off in search of waffles and coffee before making my way over to the venerable Grand Krasnapolsky hotel for day one of the sessions at the 2017 iteration of the HITB Amsterdam conference.The first talk that I took in was one that tackled mainframe related security. The talk by Ayoub Elaassal called, “Breaking the fourth wall: Hacking Customer Information Control Systems†caught my attention. After having spent almost a decade in the power systems space I could not miss this presentation. I was not disappointed. I recall early on in my career a venerable grey beard looked me dead in the eye and said, “Never type $! on a mainframe.†This advice stuck with me ever since.To read this article in full or to leave a comment, please click here | |||
|
2017-04-21 05:33:00 | Cybersecurity industry braces for tighter visa rules (lien direct) | Email authentication company ValiMail just got done with the process of bringing in a new employee under the H-1B visa program, which allows companies to hire foreign experts."We just made it under the wire," said Alexander García-Tobar, CEO and co-founder at San Francisco-based ValiMail. "However, there are additional hires that we are considering, and we are very concerned."The entire U.S. technology industry, including the cybersecurity sector, is heavily dependent on foreign talent. Not only are U.S. companies interested in hiring the smartest people available, no matter where they are from, but there is also a severe shortage of infosec professionals.To read this article in full or to leave a comment, please click here | |||
|
2017-04-21 04:00:00 | Serenova hires Stuart Clark as its first CISO (lien direct) | Serenova, a contact-center-as-a-service provider, has named Stuart Clark as its first chief information security officer (CISO). A key goal of Clark in his new role will be to standardize and scale security best practices to support the company's growth. He will oversee Serenova's IT and security organization and have responsibility for driving IT strategy and innovation to scale the company's information and security system capabilities."We are seeing a new wave of cloud adoption as on-premises solutions continue to fall away, and security is now top of mind particularly in areas like financial services and healthcare where contact centers are growing," said Vasili Triant, CEO of Serenova, in a press release. "Creating the role of CISO and bringing on someone of Stuart's caliber demonstrates our unwavering commitment to protecting our customer's information assets as they make this move to cloud as well as assets of our entire company. Stuart's expertise, track record and breadth of experience across the information technology landscape means he is the right leader to join our world-class executive team."To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-04-21 03:30:00 | IDG Contributor Network: Night at the information security museum (lien direct) | Earlier this week, Ira Winkler wrote What security practitioners can learn from the United's failures. He astutely noted that organizations should learn from failure, and ideally the failure of others. I'll take his lead and provide another learning opportunity for information security professionals.Physical security is a fundamental part of information security. In fact, operating systems base much of their security controls on an assumed secure physical infrastructure.Museums are a great example of where effective physical security comes into play. Like information security teams, museum security is often understaffed with limited budgets.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-10-11 00:15:00 | BrandPost: One Day Is a Lifetime in Container Years (lien direct) | The average life span of a container is short and getting shorter. While some organizations use containers as replacements for virtual machines, many are using them increasingly for elastic compute resources, with life spans measured in hours or even minutes. Containers allow an organization to treat the individual servers providing a service as disposable units, to be shut down or spun up on a whim when traffic or behavior dictates.Since the value of an individual container is low, and startup time is short, a company can be far more aggressive about its scaling policies, allowing the container service to scale both up and down faster. Since new containers can be spun up on the order of seconds or sub seconds instead of minutes, they also allow an organization to scale down further than would previously have provided sufficient available overhead to manage traffic spikes. Finally, if a service is advanced enough to have automated monitoring and self-healing, a minuscule perturbation in container behavior might be sufficient to cause the misbehaving instance to be destroyed and a new container started in its place.To read this article in full or to leave a comment, please click here | |||
|
2016-10-11 00:00:00 | IDG Contributor Network: Diversity, STEM and Ada Lovelace Day (lien direct) | Celebrate diversity. Get kids interested in STEM. Help them become more aware of the people that are changing the world. You might have read Isis Anchalee's inspiring blog, “You May Have Seen My Face on BART.†And you may have seen tweets associated with the #ILOOKLIKEANENGINEER hashtag campaign that followed in 2015. In that spirit, I decided Ada Lovelace Day was a great day to share a short blog on this topic.To read this article in full or to leave a comment, please click here | |||
|
2016-10-10 04:48:00 | Terror suspect\'s locked iPhone could lead to a second Apple-FBI showdown (lien direct) | The FBI could be gearing up for another battle with Apple.In the wake of a mass stabbing at a Minnesota mall that was linked to the terrorist group ISIS, the FBI is looking for answers on a passcode-protected iPhone.“Dahir Adan's iPhone is locked,†FBI special agent Rich Thornton told reporters at a press conference, according to Wired. “We are in the process of assessing our legal and technical options to gain access to this device and the data it may contain.â€To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-10-10 03:29:00 | 17 tools to protect your online security (lien direct) | Last month's news about the massive data breach at Yahoo, which affected at least 500 million user records, making it the largest data breach on record, might finally be what it takes to get the average internet user to take online security into their own hands - if only they knew how.To read this article in full or to leave a comment, please click here | Yahoo | ||
|
2016-10-07 13:22:00 | U.S. officially names Russia for election hacks, but says they can\'t attribute it (lien direct) | Note: First, a quick point about the ODNI statement released today. By pushing it out late on a Friday afternoon - or rather, tossing it out in the hopes it will be buried like garbage - it feels as if the ODNI wanted to lower the impact such accusations would have.The other point is that the statement starts by blaming the Russian government for directing the recent political hacking incidents and hints they're behind Guccifer 2.0 and DCLeaks, but then immediately says they're "not now in a position to attribute this activity to the Russian Government." Make of that what you will. - Steve Full story: On Friday, as most of the public was heading home for the weekend, and people in Florida were attempting to shelter from a hurricane, the Office of the Director of National Intelligence (ODNI) released a statement officially blaming Russia for the recent string of political hacks – mostly targeting the Democrats.To read this article in full or to leave a comment, please click here | |||
|
2016-10-07 07:20:00 | War stories: just shut off telnet (lien direct) | Years ago I was working on a project that had a rather interesting premise. It was a way to send a file between two parties that was stamped as verified by a third party intermediary. Pretty basic stuff but, in the 90s it was rather neat. One of the things that I discovered was that I could issue junk commands to the application simply by launching a telnet client and connecting to the “encrypted†listening port.Yeah, that was how the developers described it. I smiled. I was able to get the application to answer various queries that, by the documentation, should have only been possible using the client application that was purpose built for said task. The client and server were supposed to have some manner of key exchange but, it did not work as advertised.To read this article in full or to leave a comment, please click here | |||
|
2016-10-07 03:22:00 | Down but not out of options: How to keep IT security together in a company that\'s gone bankrupt (lien direct) | Corporate chaos Image by peteThe supply chain upon which modern multinational commerce depends was thrown into chaos earlier this year when South Korea's Hanjin Shipping filed for bankruptcy. Dozens of container ships with hundreds of crew and thousands of pounds of cargo onboard were essentially stranded at sea, as ports barred the ships' entry for fear that they wouldn't be able to pay for docking services.To read this article in full or to leave a comment, please click here |
|||
|
2016-10-06 13:50:00 | War stories: Logs are where the dead things dwell (lien direct) | Over the years there has been one love hate relationship that I could never truly get away from entirely. That was logging on systems and anything else that had something to say. I got so silly that at one point when I was doing work for a DoD customer I had a monitor on my desk that was simply tailing the perimeter router logs. I had gone full matrix and no, I never once thought I was Neo. One company that I did work for in the past had a syslog server that was purported to be collecting logs from production systems. This was an environment where there was so much work to do that I relegated the syslog system to the back burner. I didn't like logging systems. I didn't want to have anything to do with them. I knew in my heart of hearts that this was a necessary aspect of the job but, it ranked right up there with a home lobotomy kit.To read this article in full or to leave a comment, please click here | |||
|
2016-10-06 13:20:00 | IDG Contributor Network: Time to kill security awareness training (lien direct) | October is National Cyber Security Awareness Month. I am hoping you will join me in a national program to kill cybersecurity awareness training programs. I don't know who came up with the concept of “security awareness trainingâ€, but it has reached the end of its utility and should be replaced with something else. Is all we want is for users to be “aware†of security issues? Don't we want them to be educated enough to be active parts of the solutions?I looked into the history of “security awareness trainingâ€. Did we inherit it from the pioneers?To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-10-06 12:33:00 | What CSOs can learn from the Yahoo data breach (lien direct) | The IT security industry is still buzzing after news of a data breach at Yahoo in 2014, in which more than 500 million user accounts were hacked. In the latest episode of Security Sessions, I spoke with Kevin O'Brien, CEO and founder of GreatHorn, about the key takeaway topics that CSOs should learn from the Yahoo breach. Among the highlights of the video are the following sections: 1:09 Why is there such a gap between when the breach happened (2014) and when it was discovered/reported (now). 2:50 How CSOs can change/adjust their existing security policies around email. 4:40 What new phishing attacks can CSOs expect to see in the future based on this breach (and how will attacks get more sophisticated)?To read this article in full or to leave a comment, please click here | Yahoo | ||
|
2016-10-06 12:30:00 | Metadata wrecks Guccifer 2.0\'s claims of a Clinton Foundation hack (lien direct) | On Thursday, Scot Terban, a researcher known to many online as Dr. Krypt3ia, shared some forensics results with Salted Hash. After checking with FOCA, the metadata shows the recently leaked documents from Guccifer 2.0 didn't actually come from the Clinton Foundation, they originated at the Democratic Congressional Campaign Committee (DCCC).Earlier this week, a hacker going by the name Guccifer 2.0 claimed on their blog that they've hacked the Clinton Foundation."So, this is the moment. I hacked the Clinton Foundation server and downloaded hundreds of thousands of docs and donors' databases. Hillary Clinton and her staff don't even bother about the information security. It was just a matter of time to gain access to the Clinton Foundation server. As you can see, the private server of the Clinton clan contains docs and donors lists of the Democratic committees, PACs, etc. Does it surprise you?" the hacker's blog post exclaims.To read this article in full or to leave a comment, please click here | |||
|
2016-10-06 12:27:00 | Why cybersecurity spending will drive business digitization (lien direct) | The days of CEOs regarding data protection technologies and staff as a budget drain and operating tax that stifles innovation are over. Galvanized by high-profile breaches, companies are shelling out more money to shore up corporate defenses. CEOs also recognize that security is table stakes for building digital products and are entrusting their CISOs with more responsibilities.[ Related: Security challenge: Wearing multiple hats in IT ]Fifty-nine percent of 10,000 C-Suite executives polled by PwC for the new Global State of Information Security Survey said they are investing more in cybersecurity, including data analytics, real-time monitoring, authentication tools that include biometrics and managed security services (MSS). David Burg, PwC's U.S. and global leader of cybersecurity and privacy, says anecdotal evidence also suggests that companies are turning to CISOs to build security into software, including anything from mobile applications to connected cars that exchange information with smartphones.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-10-06 12:26:00 | Drones could help with disasters like Hurricane Matthew (lien direct) | Weather disasters like Hurricane Matthew are pushing wireless carriers to test drones and other unmanned aircraft that can act as wireless hot spots for 4G LTE connections to help emergency responders.Verizon announced Thursday it had just completed a simulation in Cape May, N.J., using unmanned planes to act as flying hot spots for 4G LTE connections. First responders could use those hot spots to communicate in remote places where wireless antennas were lost or unavailable.[Here's a video of the AT&T test.]To read this article in full or to leave a comment, please click here | |||
|
2016-10-06 10:16:00 | IDG Contributor Network: Calling all students, internships designed for you (lien direct) | Breaking news, folks. It's National Cyber Security Awareness Month. You heard it here first.  Likely not. For some of you, the very expression of cyber security awareness might make you cringe. Data was 'that' word for me a few years ago. When public education went the route of all things 'data-driven', each time I heard a department head or administrator talk about showing the data and data driven decisions, it was like nails scraping down a chalk board playing on a scratched CD.While this month will be very much in your face with tips and strategies to stay safe online and be more security-minded in your professional and personal habits, there are some discussions that are worth having not just because it's October but because the industry needs some seriously skilled professionals. To read this article in full or to leave a comment, please click here | |||
|
2016-10-06 09:05:00 | Information sharing still a heavy lift (lien direct) | Everybody shares stuff, man.That line, from '70s stoner comics Cheech and Chong, was about sharing joints, of course.But today it is about information, and the message from top-level government financial and intelligence officials is that everybody needs to do more of it.At the Cambridge Cyber Summit this week, held at MIT's Kresge Auditorium and sponsored by MIT, The Aspen Institute and CNBC, several of them stressed that effectively countering the level and sophistication of cyber threats to the nation's financial, economic and political system is going to require more sharing between the public and private sectors.“Collaboration†and “cooperation†were mentioned frequently.To read this article in full or to leave a comment, please click here | |||
|
2016-10-06 03:27:00 | Business transformation proves to be a catalyst for cybersecurity spending (lien direct) | As enterprises accelerate their use of cloud computing, online services, and ready themselves for internet of things deployments, they are finding themselves strained to find the cybersecurity talent and security tools needed to secure these efforts. That's one of the most important takeaways from the Global State of Information Security Survey (GSISS) 2017 -- a worldwide study conducted by PwC, CIO and CSO released today. According to the GSISS survey, 59 percent of respondents say they are boosting their security spending as a result of their increased use of digital technologies, and retooling their business models to provide customers, employees, and partners evermore digital services and apps. These security efforts include increased investments in cloud computing environments, data monitoring, as well as managed security services. The survey was conducted online from April 4, 2016 to June 3, 2016.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-10-06 03:10:00 | Not so startling revelations of how a hacker broke in (lien direct) | Trust no one Image by PexelsAt the heart of every exploit, the vulnerability always lies in the target's trust for attacker supplied input. This is true whether the attack is network-based or a hacker is trying to gain physical access to a specific location. To effectively mitigate risk, companies and individuals need to take the necessary precautions to keep data secure. The saying in the cybersecurity consulting industry is “trust, but verify.â€To read this article in full or to leave a comment, please click here |
|||
|
2016-10-06 03:00:00 | Taking down the internet: possible but how probable? (lien direct) | The hack of the Democratic National Committee this past summer, allegedly by Russia, prompted a political firestorm, but didn't cause even a ripple in the US economy. But imagine the economic firestorm that would result if online attackers brought the entire internet down, even temporarily. You may not have to imagine it, according to Bruce Schneier, CTO of Resilient Systems, cryptography guru, blogger and international authority on internet security. In a recent post titled, "Someone is Learning How to Take Down the Internet," he wrote that he had been told by multiple sources that, ““someone has been probing the defenses of … some of the major companies that provide the basic infrastructure that makes the Internet work.â€To read this article in full or to leave a comment, please click here | |||
|
2016-10-05 13:00:00 | Chip card lawsuit to move forward against Visa, Mastercard, others (lien direct) | A federal judge has ruled it is plausible that four national credit-card companies improperly conspired “in lockstep†to set a deadline of Oct. 1, 2015 for requiring retailers to upgrade their technology to accept embedded chip cards for credit and debit card purchases.In an order issued Friday (Case number C 16-01150 WHA), U.S. District Court Judge William Alsup agreed with two small Florida businesses -- B & R Supermarket and Grove Liquors - which brought the lawsuit in March.[ ALSO ON CSO: Chip card payment confusion, anger rages on ]To read this article in full or to leave a comment, please click here | |||
|
2016-10-05 10:21:00 | I want out of Windows patch hell (lien direct) | I like Windows 10. But I don't like getting stuck in eternal reboot hell.For days now, one of my Windows 10 Anniversary Update PCs has been relentlessly rebooting and rebooting and … well, you get the idea. I'm not alone. This Sisyphean cycle is plaguing many other people.Patches were welcome. After all, the Windows 10 Anniversary Update, a.k.a. Windows 10 SP1, came with a host of problems. There were unexplained freezes, Cortana was fouled up, webcams were broken and multiple third-party applications were turned into messes.To read this article in full or to leave a comment, please click here | |||
|
2016-10-05 10:07:00 | Crisis planning: 6 ways to put people first (lien direct) | If your business is located in the southeastern U.S., you're probably bracing for hurricane Matthew, which as of this writing is headed for Florida after making landfall in Cuba. All-too-familiar with the havoc a hurricane can wreak, you likely have a battle-tested plan for dealing with such storms and their aftermath.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-10-05 08:46:00 | IDG Contributor Network: Lighting up a changing world (lien direct) | When I was a little girl, my family moved from Bronx, N.Y., to our new house in Potomac, Md. It was approximately July 2, 1976, two days before the nation's bicentennial and the biggest July 4th celebration in 100 years.My father, a NASA computing pioneer, had told me about the significance of the bicentennial and took me to buy the family a TV so we could watch the parades. My father planned to pay with a check from his New York bank, but D.C. merchants only accepted checks from local banks. We opened a new bank account and purchased a 12-inch black and white with rabbit ears, watched the parades, and then proceeded downtown in an old car and heavy traffic to see the fireworks, which clearly I still remember as a symbol of our country and the effort we make to celebrate and to protect.To read this article in full or to leave a comment, please click here | |||
|
2016-10-05 07:14:00 | War stories: the water shut off valve (lien direct) | Years ago I worked for a company that had some manner of connection to the goings on for the power grid. *cough*It was a job that afforded me all sorts of different projects as security had previously been more of an afterthought that anything else of note. Intrusion detection systems that were racked and powered but, couldn't catch a cold. A firewall that my mother could tunnel through and so forth. But, rather than whinge about it (to anyone other than my therapist) it was a great opportunity.I had some great experiences working there and a few moments that caused me to question the fabric of reality as I perceived it. One such day my co-worker, let's call him James, and I were wandering towards the door. It was the end of the day and we were clocking out. Or, so we thought.To read this article in full or to leave a comment, please click here | |||
|
2016-10-05 07:13:00 | Cybersecurity companies\' stock rises in face of post-Yahoo hack (lien direct) | Major hacks, data breaches, and a rise in global cybercrime damages are seemingly responsible for a surge in the share prices of some publicly-traded cybersecurity companies.The Cybersecurity Stock Report, published quarterly by Cybersecurity Ventures, notes the PureFunds HACK ETF -- which covers 35 cyber firms -- is up 35 percent since February 2016, when it hit a low for the year.To read this article in full or to leave a comment, please click here | Yahoo | ||
|
2016-10-04 13:00:00 | IDG Contributor Network: Are you ready to make the move to public cloud securely to leverage its benefits? (lien direct) | Disrupting technologies are forcing businesses to identify opportunities for agility, speed, efficiency and cost effectiveness across business units in order to be successful in the marketplace. This is driving the need for organizations to become digital enterprises, aggressively moving towards delivering scalable and robust enterprise infrastructure in the public cloud. Cloud technologies can offer enterprises the capabilities and potential they need to streamline business process and applications to become faster, more flexible and resilient. In the next wave of digital transformation, cloud computing can provide huge benefits to enterprises. As compute cost goes down so does the cost of IT for organizations. At the same time, cloud features such as agility, scalability and flexibility can also benefit attackers who could utilize IaaS for malware distribution.To read this article in full or to leave a comment, please click here |
To see everything:
Our RSS (filtrered)
