What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-03-16 07:42:00 | Why is incident response automation and orchestration so hot? (lien direct) | I couldn't attend the RSA Conference this year, but many cybersecurity professionals and my ESG colleagues told me that incident response (IR) automation and orchestration was one of the hottest topics in the halls of the Moscone Center-through the bar at the W hotel and even at the teahouse on the garden at Yerba Buena.  Was this rhetoric just industry hype? Nope. This buzz is driven by the demand side rather than suppliers. In truth, cybersecurity professionals need immediate IR help for several reasons:1. IR is dominated by manual processes. Let's face it, IR tasks such as fetching data, tracking events or collaborating with colleagues depend upon the organizational, communications and technical skills of individuals within the security operations team. These manual processes ultimately get in the way of overall IR productivity.To read this article in full or to leave a comment, please click here | |||
|
2017-03-16 06:55:00 | Cisco security advisory dump finds 20 warnings, 2 critical (lien direct) | It's a bad week for all things network security as Cisco spewed out 20 Security Advisories and Alerts – two critical and three high-impact – that customers should be aware of and implement patches where they can.Cisco, like other big enterprise vendors, regularly issues security warnings but 20 in one day is an unusual amount for the networking giant. Others like Microsoft and Oracle issue tons of security bulletins monthly mostly without much fanfare – for example Microsoft for March, released 18 security bulletins split into nine critical and nine important security updates.To read this article in full or to leave a comment, please click here | |||
|
2017-03-16 06:05:00 | Crime ring used Amazon, eBay to sell stolen printer ink (lien direct) | Apparently, big bucks can be made selling stolen printer ink cartridges online.A dozen suspects are accused of pulling in more than US$12 million by selling the stolen cartridges and retail electronics on Amazon and eBay, New York Attorney General Eric Schneiderman said on Wednesday.Sixty-four-year-old Richard Rimbaugh allegedly led the operation for more than 20 years by recruiting people to steal the goods from retail stores across 28 states.Rimbaugh and his "theft crews" allegedly went out each week to steal new merchandise, which also included computer software, Schneiderman said.To read this article in full or to leave a comment, please click here | |||
|
2017-03-16 06:01:00 | Smackdown: Office 365 vs. G Suite management (lien direct) | When you choose a productivity platform like Microsoft's Office 365 or Google's G Suite, the main focus is on the platform's functionality: Does it do the job you need?That's of course critical, but once you choose a platform, you have to manage it. That's why management capabilities should be part of your evaluation of a productivity and collaboration platform, not only its user-facing functionality.You've come to the right place for that aspect of choosing between Office 365 and Google G Suite.[ InfoWorld's deep look: Why (and how) you should manage Windows 10 PCs like iPhones. | The essentials for Windows 10 installation: Download the Windows 10 Installation Superguide today. ] Admin console UI. Both the Office 365 and G Suite admin consoles are well designed, providing clean separation of management functions and clear settings labels, so you can quickly move to the settings you want and apply them.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-03-16 05:52:00 | Want good cyber insurance? Read the fine print (lien direct) | One of the main reasons to buy insurance is to prevent the cost of an accident or other disaster from breaking the bank. But what if simply buying insurance threatens to break the bank?That scenario is starting to worry some organizations, for several reasons.First is the simple but powerful market force of supply and demand. More and more organizations, spooked by regular stories of catastrophic breaches – such as the compromise of more than 1.5 billion Yahoo! accounts, which took down its acquisition value by a reported $350 million – are seeking insurance. And when demand rises, the price tends to do so as well.To read this article in full or to leave a comment, please click here | Yahoo | ||
|
2017-03-16 05:50:00 | Expert: Apple may have deployed unauthorized patch by mistake (lien direct) | Last month, reports came out that Apple accidentally installed a fake firmware patch on internal development servers. That's a lesson to all companies to be careful about where they get their patches.What may have happened is that an Apple employee installed a patch shared by the hardware vendor's employee, instead of using the official release of the patch, said Chris Nietzold, senior platform engineer at security appliance manufacturer MBX Systems."They procured the firmware from an unofficial source and didn't follow the official release schedule," he said.The firmware included a potential security vulnerability and Apple reportedly ended its relationship with the supplier, Super Micro Computer, as a result.To read this article in full or to leave a comment, please click here | |||
|
2017-03-16 04:36:00 | Pwnie Express eases security remediation with a risk-assessment tool (lien direct) | Pwnie Express is adding a tool that ranks the risks its security service finds on customer networks and makes it easier to remediate them.The new feature of the company's Pulse service assesses potential vulnerabilities that its sensors detect in customers' networks and issues a grade in each of four categories. This Device Risk Scorecard points out problems, prioritizes them by urgency and tells how to fix them.The scorecard looks at wireless infrastructure configuration, client connection behaviors, network host configuration, and shadow IT and rogue devices and computes a grade for each. Customers can drill down to find what discoveries account for low scores and follow the remediation suggestions to fix the problems.To read this article in full or to leave a comment, please click here | |||
|
2017-03-15 18:20:04 | US faces limits in busting Russian agents over Yahoo breach (lien direct) | In a rare move, the U.S. has indicted two Russian government agents for their suspected involvement in a massive Yahoo data breach. But what now? Security experts say Wednesday's indictment might amount to nothing more than naming and shaming Russia. That's because no one expects the Kremlin to play along with the U.S. indictment. “I can't imagine the Russian government is going to hand over the two FSB officers,†said Jeremiah Grossman, chief of security strategy at SentinelOne. "Even in the most successful investigations, state hackers are still immune from prosecution or retaliation," said Kenneth Geers, a research scientist at security firm Comodo.To read this article in full or to leave a comment, please click here | Yahoo | ||
|
2017-03-15 15:37:00 | Inside the Russian hack of Yahoo: How they did it (lien direct) | One mistaken click. That's all it took for hackers aligned with the Russian state security service to gain access to Yahoo's network and potentially the email messages and private information of as many as 500 million people. The U.S. Federal Bureau of Investigation has been investigating the intrusion for two years, but it was only in late 2016 that the full scale of the hack became apparent. On Wednesday, the FBI indicted four people for the attack, two of whom are Russian spies. Here's how the FBI says they did it: The hack began with a spear-phishing email sent in early 2014 to a Yahoo company employee. It's unclear how many employees were targeted and how many emails were sent, but it only takes one person to click on a link, and it happened.To read this article in full or to leave a comment, please click here | Yahoo | ||
|
2017-03-15 12:17:00 | \'Don\'t be this guy\' (lien direct) | No wonder people from Massachusetts get called that name we all find kind of amusing but I still shouldn't print on this website for networking professionals. The Massachusetts State Police posted the above photo to Facebook a few hours ago, along with this admonishment: Soooo..... this just happened. Trooper Paul Copponi just stopped this vehicle on the Massachusetts Turnpike in Weston. How little regard do you have to have for the lives and safety of your fellow citizens, not to mention your own life and safety, to do this?To read this article in full or to leave a comment, please click here | |||
|
2017-03-15 11:31:44 | Microsoft fixes record number of flaws, some publicly known (lien direct) | Microsoft's batch of security patches for March is one of the largest ever and includes fixes for several vulnerabilities that are publicly known and actively exploited.The company published 17 security bulletins covering 135 vulnerabilities in its own products and one separate bulletin for Flash Player, which has its security patches distributed through Windows Update. Nine bulletins are rated critical and nine are rated as important.The affected products include Windows, Internet Explorer, Microsoft Edge, Microsoft Office, Exchange, Skype for Business, Microsoft Lync, and Silverlight.To read this article in full or to leave a comment, please click here | |||
|
2017-03-15 09:29:00 | Appeals court rules Americans have no legal recourse if hacked by foreign governments (lien direct) | Put aside the matter of Russian interference in our presidential election to instead consider this scenario: If Vladimir Putin ordered his government-employed hackers to plant spyware on your personal computer – stealing all your data and even recording your Skype calls – you would have no access to any legal remedy in the U.S. court system. Preposterous, you say? That's the law, according to the United States Court of Appeals for the District of Columbia Circuit, which yesterday upheld a lower court decision denying even a day in court to an American citizen who moved here from Ethiopia 30 years ago and was victimized by that country's government in the exact fashion described above.To read this article in full or to leave a comment, please click here | |||
|
2017-03-15 09:07:14 | Four charged, including Russian gov\'t agents, for massive Yahoo hack (lien direct) | The U.S. Federal Bureau of Investigation has charged four people, including two Russian state intelligence agents, for their involvement in a massive hack of Yahoo that affected half a billion accounts.In September, Yahoo said hackers had managed to steal personal data on more than 500 million users during an attack in late 2014. The stolen data included names, email addresses, telephone numbers and hashed passwords. Blame for the attack was put on a "state-sponsored" group.On Wednesday, the FBI said that group was the Russian Federal Security Service, the FSB, and it identified agents Dmitry Dokuchaev and Igor Sushchin as leaders of the attack.To read this article in full or to leave a comment, please click here | Guideline | Yahoo | |
|
2017-03-15 09:00:00 | PII of 33,698,126 Americans leaked online (lien direct) | The personal identifying information (PII)-names, email addresses, phone numbers, physical addresses, employers and job titles-for 33,698,126 Americans has been leaked online.The data, a 52.2GB CSV file, came from a commercial corporate database. Security researcher Troy Hunt determined that the breach came from NetProspex, a service provided by Dun & Bradstreet, which ironically was named as a 2017 world's most ethical company.To read this article in full or to leave a comment, please click here | |||
|
2017-03-15 06:05:12 | Malicious uploads allowed hijacking of WhatsApp and Telegram accounts (lien direct) | A vulnerability patched in the web-based versions of encrypted communications services WhatsApp and Telegram would have allowed attackers to take over accounts by sending users malicious files masquerading as images or videos.The vulnerability was discovered last week by researchers from Check Point Software Technologies and was patched by the WhatsApp and Telegram developers after the company privately shared the flaw's details with them.The web-based versions of WhatsApp and Telegram synchronize automatically with the apps installed on users' phones. At least in the case of WhatsApp, once paired using a QR code, the phone needs to have an active internet connection for WhatsApp messages to be relayed to the browser on the computer.To read this article in full or to leave a comment, please click here | |||
|
2017-03-15 05:30:29 | Twitter accounts hacked, Twitter Counter steps forward as culprit (lien direct) | Twitter Counter, a third-party analytics service, appears once again to have provided a gateway for hackers to post messages to high-profile Twitter accounts.An unlikely number of Twitter users suddenly learned to speak Turkish on Wednesday, posting an inflammatory message in the language replete with Nazi swastikas.Among those posting the message were the Twitter accounts of Forbes magazine, the Atlanta Police Department, and Amnesty International, one of the few hacked accounts one might expect to speak Turkish.Fears that these accounts had all been hacked were quickly allayed, when Twitter identified a third-party app as being to blame.To read this article in full or to leave a comment, please click here | |||
|
2017-03-15 05:08:00 | Hire a DDoS service to take down your enemies (lien direct) | With the onrush of connected internet of things (IoT) devices, distributed denial-of-service attacks are becoming a dangerous trend. Similar to what happened to DNS service provider Dyn last fall, anyone and everyone is in the crosshairs. The idea of using unprotected IoT devices as a way to bombard networks is gaining momentum.The advent of DDoS-for-hire services means that even the least tech-savvy individual can exact revenge on some website. Step on up to the counter and purchase a stresser that can systemically take down a company.To read this article in full or to leave a comment, please click here | |||
|
2017-03-15 00:51:39 | Court blocks American from suing Ethiopia for infecting his computer (lien direct) | An appeals court has barred an Ethiopian-born U.S. citizen from filing a civil suit against the African country, which allegedly infected his computer with spyware and monitored his communications.The U.S. Court of Appeals for the District of Columbia Circuit ruled Tuesday that foreign states are immune from suit in a U.S. court unless an exception to the Foreign Sovereign Immunities Act (FSIA) applies.The person, who is referred to in court documents by the pseudonym Kidane, was born in Ethiopia and lived there for 30 years before seeking asylum in the U.S. He lives in Maryland.To read this article in full or to leave a comment, please click here | |||
|
2017-03-14 15:49:00 | Apple downplays importance of CIA\'s iPhone hacking capabilities (lien direct) | In a massive data dump last week, Wikileaks released thousands upon thousands of highly secretive and sensitive CIA documents which detail the extent of the government agency's spying tools. Aside from interesting tidbits regarding the CIA attempting to eavesdrop on targets via Samsung HDTVs, the leaked documents also reference the CIA's efforts to hack into iOS devices.In fact, the CIA even has a specialized team devoted entirely towards coming up with security exploits for iOS devices, and in particular the iPhone. Even though the iPhone only accounts for less than 15% of global smartphone marketshare, Apple's iconic smartphone attracts a disproportionate amount of attention because it's proven to be quite popular among "social, political, diplomatic and business elites."To read this article in full or to leave a comment, please click here | |||
|
2017-03-14 13:37:00 | Microsoft stays security bulletins\' termination (lien direct) | Microsoft today postponed the retirement of the security bulletins that for nearly two decades have described in detail the month's slate of vulnerabilities and accompanying patches.The bulletins' last stand was originally scheduled for January, with a replacement process ready to step in Feb. 14. Rather than a set of bulletins, Microsoft was to provide a searchable database of support documents dubbed the "Security Updates Guide" or SUG.But just hours before February's security updates were to be released, Microsoft announced that it was postponing the entire collection to March 14, citing "a last-minute issue" that might impact some customers. The Redmond, Wash. company never spelled out exactly what led it to decide on the unprecedented delay.To read this article in full or to leave a comment, please click here | |||
|
2017-03-14 12:57:00 | Thieves steal Petya ransomware then use it for free (lien direct) | Crooks are stealing code from the purveyors of Petya ransomware and using it to extort money from innocent victims, stiffing the creators of the malware out of the cut they are supposed to get.Rather than following the rules of licensing Petya, another criminal group is stealing and modifying the ransomware so they can use it without paying, according to the SecureList blog by researchers at Kaspersky Lab.+More on Network World: DARPA fortifies early warning system for power-grid cyber assault+To read this article in full or to leave a comment, please click here | |||
|
2017-03-14 12:10:00 | DOJ: No, we won\'t say how much the FBI paid to hack terrorist\'s iPhone (lien direct) | The U.S. Department of Justice yesterday argued that it should not have to reveal the maker of a tool used last year to crack an alleged terrorist's iPhone or disclose how much it paid for the hacking job, court documents showed.That tool was used last year by the FBI to access a password-protected iPhone 5C previously owned by Syed Rizwan Farook, who along with his wife, Tafsheen Malik, killed 14 in San Bernardino, Calif., in December 2015. The two died in a shootout with police later that day. Authorities quickly labeled them terrorists.In March 2016, after weeks of wrangling with Apple, which balked at a court order compelling it to assist the FBI in unlocking the iPhone, the agency announced it had found a way to access the device without Apple's help. Although the FBI acknowledged it had paid an outside group to crack the iPhone, it refused to identify the firm or how much it paid.To read this article in full or to leave a comment, please click here | |||
|
2017-03-14 11:36:00 | Microsoft releases 18 security bulletins, 9 rated critical, many bugs disclosed/exploited (lien direct) | Be prepared for restarts and big day of patching after Microsoft skipped Patch Tuesday in February. For March, Microsoft released 18 security bulletins split into nine critical and nine important security updates.Rated criticalMS17-006 patches 12 security issues in Internet Explorer. One of three information disclosure flaws has been publicly disclosed but is not being exploited, one of the three memory corruption bugs has been publicly disclosed but is not being exploited, and one of them has not been publicly disclosed but is being exploited. Both of the browser spoofing vulnerabilities have been publicly disclosed as has the Internet Explorer elevation of privilege flaw. The patch also addresses a scripting engine information disclosure bug and two scripting engine memory corruption flaws.To read this article in full or to leave a comment, please click here | |||
|
2017-03-14 11:28:00 | DARPA fortifies early warning system for power-grid cyber assault (lien direct) | The Defense Advanced Research Projects Agency (DARPA) continues to hone the system it hopes would quickly restore power to the U.S. electric grid in the event of a massive cyberattack. The research agency this week said it awarded defense system stalwart BAE Systems an $8.6 million contract to develop a system under its Rapid Attack Detection, Isolation and Characterization (RADICS) program that has as its central goal to develop technology that will detect and automatically respond to cyber-attacks on US critical infrastructure.+More on Network World: Cisco's Jasper deal – one year, 18 million new IoT devices later, challenges remain+To read this article in full or to leave a comment, please click here | |||
|
2017-03-14 11:06:38 | Hackers use dangerous Petya ransomware in targeted attacks (lien direct) | In a case of no honor among thieves, a group of attackers has found a way to hijack the Petya ransomware and use it in targeted attacks against companies without the program creators' knowledge.A computer Trojan dubbed PetrWrap, being used in attacks against enterprise networks, installs Petya on computers and then patches it on the fly to suit its needs, according to security researchers from antivirus vendor Kaspersky Lab.The Trojan uses programmatic methods to trick Petya to use a different encryption key than the one its original creators have embedded inside its code. This ensures that only the PetrWrap attackers can restore the affected computers to their previous state.To read this article in full or to leave a comment, please click here | |||
|
2017-03-14 08:55:41 | The NSA\'s foreign surveillance: 5 things to know (lien direct) | A contentious piece of U.S. law giving the National Security Agency broad authority to spy on people overseas expires at the end of the year. Expect heated debate about the scope of U.S. surveillance law leading up to Dec. 31.One major issue to watch involves the way the surveillance treats communications from U.S. residents. Critics say U.S. emails, texts, and chat logs -- potentially millions of them -- are caught up in surveillance authorized by Section 702 of the Foreign Intelligence Surveillance Act (FISA).U.S. residents who communicate with foreign targets of the NSA surveillance have their data swept up in what the NSA calls "incidental" collection. The FBI can then search those communications, but it's unclear how often that happens.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-03-14 07:42:00 | IBM\'s position on Security Analytics and Operations (SOAPA), part 2 (lien direct) | Last week, I wrote about my interview with IBM security general manager Marc van Zadelhoff, where we talked about his perspective about the transition from security analytics and operations point tools to an integrated event-based security analytics and operations platform architecture (SOAPA). In part 2 of the interview, we talked about SOAPA requirements, intelligence and the need for SOAPA to scale. You can view the interview here. Some of the highlights include:To read this article in full or to leave a comment, please click here | |||
|
2017-03-14 06:04:00 | FBI trained Geek Squad techs on law-enforcement tactics, new records show (lien direct) | The connection between the FBI and Best Buy's internal service and repair organization Geek Squad went a lot further than initially thought, according to newly unsealed records in a case involving a doctor charged with child pornography after bringing in a laptop for repair. The Orange County (California) Weekly has been all over a case involving a well-respected physician Dr. Mark A. Rettenmaier. Rettenmaier took his laptop to the Mission Viejo Best Buy in November 2011 after he was unable to start it. + Also on Network World: Why you shouldn't trust Geek Squad ever again + While performing a recovery scan of his data files, a Geek Squad technician found an image of "a fully nude, white prepubescent female on her hands and knees on a bed, with a brown choker-type collar around her neck." The technician notified his boss, who alerted the FBI. To read this article in full or to leave a comment, please click here | |||
|
2017-03-14 05:43:00 | 10 must-ask questions for evaluating EDR tools (lien direct) | Endpoint detection and response (EDR) products give IT staff visibility into endpoints for detecting malicious activity, analyzing data and providing appropriate response. EDR is part of a burgeoning security market, peppered with well-known vendors such as Carbon Black, Cisco, CrowdStrike and FireEye.Anyone looking at EDR today has come across the term "threat hunting," the process of searching through voluminous amounts of data to find signs of a threat actor or emerging attack rather than relying on known threat signatures. It's a combination of threat intelligence and big data analytics. Threat hunting is a critical component of a comprehensive EDR solution and a key differentiator from endpoint protection platforms (EPPs), with which they are often confused.To read this article in full or to leave a comment, please click here | |||
|
2017-03-14 05:33:00 | Continuous authentication: Why it\'s getting attention and what you need to know (lien direct) | User authentication is one of the basic components of any cyber security program. Identifying an individual based on a username, password or other means helps companies ensure that the person is who he or she claims to be when accessing a system, application or network.But in some cases traditional authentication processes are not enough to provide strong security throughout a user work session. That's where continuous authentication comes in. The concept is still relatively new, and experts say few products yet exist in the market. But it's gaining more attention as companies look for ways to prevent unauthorized access to their critical business data.To read this article in full or to leave a comment, please click here | |||
|
2017-03-14 05:00:08 | It\'s time to turn on HTTPS: the benefits are well worth the effort (lien direct) | After Edward Snowden revealed that online communications were being collected en masse by some of the world's most powerful intelligence agencies, security experts called for encryption of the entire web. Four years later, it looks like we've passed the tipping point. The number of websites supporting HTTPS -- HTTP over encrypted SSL/TLS connections -- has skyrocketed over the past year. There are many benefits to turning on encryption, so if your website not yet support the technology it's time to make the move. Recent telemetry data from Google Chrome and Mozilla Firefox shows that over 50 percent of web traffic is now encrypted, both on computers and mobile devices. Most of that traffic goes to a few large websites, but even so, it's a jump of over 10 percentage points since a year ago.To read this article in full or to leave a comment, please click here | |||
|
2017-03-13 17:30:56 | Mirai is the hydra of IoT security: too many heads to cut off (lien direct) | Efforts to stop Mirai, a malware found infecting thousands of IoT devices, have become a game of whack-a-mole, with differing opinions over whether hackers or the security community are making any headway.The malicious code became publicly available in late September. Since then, it's been blamed for enslaving IoT devices such as DVRs and internet cameras to launch massive distributed denial-of-service attacks, one of which disrupted internet access across the U.S. in October.The good news: Last month, police arrested one suspected hacker who may have been behind several Mirai-related DDoS attacks.To read this article in full or to leave a comment, please click here | |||
|
2017-03-13 10:22:00 | WikiLeaks dump brings CIA spying powers into the spotlight (lien direct) | Has the CIA ever spied on you? That's a key question swirling around the WikiLeaks document dump that allegedly details the U.S. agency's secret hacking tools. The documents themselves don't reveal much about who the CIA might have snooped on. But the agency certainly has the power to spy on foreigners outside the U.S., said Paul Pillar, a former deputy counterterrorism chief with the CIA. That's its job after all: to collect foreign intelligence. But even so, the CIA is pretty selective with its targets.   To read this article in full or to leave a comment, please click here | |||
|
2017-03-13 08:57:00 | GOP senator alleges password-hijack attempts after blasting WikiLeaks founder (lien direct) | Sen. Ben Sasse (R-Neb.) Saturday claimed that hackers were trying to gain access to his personal and government-issued devices through bogus password-reset notifications.In a short flurry of Twitter messages, Sasse blamed the hacking attempts on his criticism of WikiLeaks and its founder, Julian Assange, earlier in the week."Heads-up...I've been critical of Assange & WikiLeaks this week. So...big surprise: Am having multiple 'password reset' attempts right now," Sasse tweeted Saturday. The probing was hitting "basically every device, every platform, personal and govt," he added in a follow-up tweet.To read this article in full or to leave a comment, please click here | |||
|
2017-03-13 08:23:00 | Cisco jumps on ex-Juniper exec Davidson for service provider biz (lien direct) |
That was fast. Networking veteran Jonathan Davidson is re-joining Cisco a little less than a week after resigning as rival Juniper executive VP and general manager. Cisco/Jonathan Davidson
Davidson is joining Cisco's Service Provider Business Unit and will report to Yvette Kanouff, the senior vice president and general manager that unit.+More on Network World: Cisco's Jasper deal – one year, 18 million new IoT devices later, challenges remain+To read this article in full or to leave a comment, please click here |
|||
|
2017-03-13 07:12:00 | Rapid7 discloses multiple vulnerabilities in telepresence robot (lien direct) | You know the telepresence robots that roll around offices with a camera, microphone and iPad attached in order to give remote users a way to participate “face-to-face†in meetings? It would be trippy if an attacker were able to take control of such a robot, but also entirely possible. Today, Rapid7 revealed three security flaws it discovered in the mobile conferencing device Double Telepresence Robot. Rapid7 researcher Deral Heiland discovered three vulnerabilities: unauthenticated access to data, static user session management, and weak Bluetooth pairing. Two of three vulnerabilities disclosed to Double Robotics were patched in January, a really quick response considering the fixes were deployed about a week after the flaws were disclosed to the company.To read this article in full or to leave a comment, please click here | |||
|
2017-03-13 06:45:00 | Old nemesis spam becoming significant way for attackers to subvert data (lien direct) | Spam is once again raising its ugly head as a chief way for attackers to grab protected data.IBM's X-Force Threat Intelligence group said today that one of the key findings from its forthcoming Threat Intelligence Index for 2017 is that spam volume grew dramatically throughout 2016, bringing with its host of new malicious attachments harboring banking Trojans and ransomware.+More on Network World: IBM technology moves even closer to human speech recognition parity+“Attackers are not limited to a single set of tools, however. The ongoing expansion of domain name choices has added another instrument to the spammer's toolbox: enticing recipients to click through to malicious sites, ultimately allowing attackers to infiltrate their networks,†wrote Ralf Iffert, Manager, X-Force Content Security in a blog about the spam findings. “More than 35% of the URLs found in spam sent in 2016 used traditional, generic top-level domains (gTLD) .com and .info. Surprisingly, over 20% of the URLs used the .ru country code top-level domain (ccTLD), helped mainly by the large number of spam emails containing the .ru ccTLD.â€To read this article in full or to leave a comment, please click here | |||
|
2017-03-13 06:40:04 | How much are vendor security assurances worth after the CIA leaks? (lien direct) | Following the recent revelations about the U.S. Central Intelligence Agency's cyberespionage arsenal, software vendors reiterated their commitments to fix vulnerabilities in a timely manner and told users that many of the flaws described in the agency's leaked documents have been fixed.While these assurances are understandable from a public relations perspective, they don't really change anything, especially for companies and users that are the target of state-sponsored hackers. The software they use is not less safe, nor better protected, than it was before WikiLeaks published the 8,700-plus CIA documents last Tuesday.To read this article in full or to leave a comment, please click here | |||
|
2017-03-13 06:05:00 | Disaster recovery: How is your business set up to survive an outage? (lien direct) | Asynchronous vs synchronous. Dark disaster recovery vs. active architecture. Active/active vs. active/passive. No setup is objectively better or worse than another. The best one for you primarily depends on your level of tolerance for what happens when the server goes down.Security experts say how individual companies choose to save their data in anticipation of an outage depends on how long they can survive before the “lights†are turned back on. What level of availability does your company need? Is the face of your company an ecommerce site where even a few minutes offline can cost an astronomical sum? Will the cost of an active-active system outweigh the potential loss of business from an outage?To read this article in full or to leave a comment, please click here | |||
|
2017-03-13 05:54:00 | How to remove ransomware: Use this battle plan to fight back (lien direct) | Ransomware doesn't sneak into your PC like ordinary malware. It bursts in, points a gun at your data, and screams for cash-or else. And if you don't learn to defend yourself, it could happen again and again.Armed gangs of digital thieves roaming the information superhighway sounds like an overwrought action movie, but the numbers say it's true: Ransomware attacks rose from 3.8 million in 2015 to 638 million in 2016, an increase of 167 times year over year, according to Sonicwall-even as the number of malware attacks declined. Why steal data when you can simply demand cash?To read this article in full or to leave a comment, please click here | |||
|
2017-03-13 04:30:00 | IDG Contributor Network: How to avoid falling for the W-2 phishing scam (lien direct) | While this blog is nominally mine, I don't come up with ideas in a vacuum. This article on W-2 scams sprung from a conversation I had with my colleague Steve Williams, who ended up being my co-author. Check out more about him at the end of this piece.Multiple times each year, LinkedIn feeds and information security forums light up with examples of the latest and greatest versions of phishing attacks. Most recently the hot stories have been about a simple targeted request that avoids links, attachments, and malware, plays friendly with email filters, and appears extremely urgent to the recipient. This form of phishing is known as the W-2 scam.To read this article in full or to leave a comment, please click here | |||
|
2017-03-13 03:45:00 | IDG Contributor Network: Botnets: Is your network really protected? (lien direct) | The tech world moves at a tremendous pace, unleashing wave after wave of innovation intended to improve our everyday lives. Many new devices, from security cameras to fridges, or TVs to baby monitors, are now internet connected. This affords us remote access and facilitates the collection of data, which is ostensibly used to make our systems “smarter.â€However, it also opens new doors into our offices and homes through which hackers can come uninvited.There were around 6.4 billion connected things in use worldwide in 2016, and that's set to grow to 8.4 billion this year, according to Gartner. There's no doubt that the Internet of Things (IoT) will bring many benefits, but it also brings greater risk.To read this article in full or to leave a comment, please click here | |||
|
2017-03-13 03:00:00 | Setting up DLP features for email security (lien direct) | Network World contributing editor David Strom provides a roundup of how to enable data leak prevention features on three email security platforms. | |||
|
2017-03-13 03:00:00 | Zix wins 5-vendor email encryption shootout (lien direct) | Email encryption products have made major strides since we last looked at them nearly two years ago. They have gotten easier to use and deploy, thanks to a combination of user interface and encryption key management improvements, and are at the point where encryption can almost be called effortless on the part of the end user. Our biggest criticism in 2015 was that the products couldn't cover multiple use cases, such as when a user switches from reading emails on their smartphone to moving to a webmailer to composing messages on their Outlook desktop client. Fortunately, the products are all doing a better job handling multi-modal email.To read this article in full or to leave a comment, please click here | |||
|
2017-03-13 02:47:00 | (Déjà vu) New products of the week 3.13.2017 (lien direct) | New products of the week Image by 1EOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Tachyon Image by 1ETo read this article in full or to leave a comment, please click here |
|||
|
2017-03-12 08:41:00 | On web\'s 28th anniversary, its creator Tim Berners-Lee takes aim at fake news (lien direct) | Today, on the 28th anniversary of the web, its creator warned of three trends that must die for the web to be all that it should be. One of those is the spreading of fake news.On March 12, 1989, Tim Berners-Lee submitted his original proposal for the creation of the World Wide Web. 28 years later, in an open letter, Berners-Lee said that in the last 12 months, “I've become increasingly worried about three new trends, which I believe we must tackle in order for the web to fulfill its true potential as a tool which serves all of humanity.†We've lost control of our personal data. It's too easy for misinformation to spread on the web. Political advertising online needs transparency and understanding. As it stands now for most of the web, people get free content in exchange for their personal data. Once companies have our data, we no longer have control over with whom it is shared. We can't pick and choose what gets shared; it's generally “all or nothing.â€To read this article in full or to leave a comment, please click here | |||
|
2017-03-10 13:56:00 | Cisco issues critical warning around Apache Struts2 vulnerability (lien direct) | Cisco's security team today called the weakness in Apache Struts “critical†and is evaluating many its products to assess the impact.The company said it will publish a list of vulnerable products here as it learns of them.Earlier this week Apache revealed a vulnerability in the Jakarta multipart parser used in Apache Struts2 that could let an attacker execute commands remotely on the targeted system using what's known as acrafted Content-Type header value.-More on Network World: Cisco's Jasper deal – one year, 18 million new IoT devices later, challenges remain+To read this article in full or to leave a comment, please click here | |||
|
2017-03-10 11:25:00 | IDG Contributor Network: Tech crime as a service escalates (lien direct) | Criminals are increasingly offered crime as a service (CaaS) and are using sharing-economy ride-sharing and accommodation services, too, a major law enforcement agency says.Europol, the European Union's policing office says tech-oriented CaaS is being offered to swathes of the underbelly of Europe. Criminals gain an advantage because they can perform crimes better and more efficiently, and they can work at scales greater than their existing technical proficiency.+ Also on Network World:Â Anonymous hacker causes dark web to shrink by as much as 85% + An estimated 5,000 internationally operating crime gangs are currently being investigated in the trading bloc, according to Europol.To read this article in full or to leave a comment, please click here | |||
|
2017-03-10 10:54:00 | Anonymous hacker causes dark web to shrink by as much as 85% (lien direct) | An attack by Anonymous, the shadowy hacker crew that seems to alternate between good guys and bad guys depending on the issue, help cut the dark web down by as much as 85 percent, according to a new report. Anonymous turned its sights on Freedom Hosting II, a hosting service for Tor-based sites, at the start of February. Freedom Hosting II (FHII) was the host to over 10,000 dark web sites, many of them hosting images of sexually abused children. It was named after another host, Freedom Hosting, that Anonymous took down in 2011. An Anonymous hacker went after the service after they discovered the provider knew what was going on and did nothing to stop it. The hacker who did it told Vice it was his first hack, and he didn't intend to take down the site-just look through it. When he found large amounts of child porn, he deduced the site knew what was going on and he decided to take down the hosts. To read this article in full or to leave a comment, please click here | |||
|
2017-03-10 07:18:00 | IBM\'s position on Security Analytics and Operations (SOAPA) (lien direct) | Just what is a security operations and analytics platform architecture (SOAPA) anyway? In the past, most enterprises anchored their security analytics and operations with one common tool: Security Information and Event Management (SIEM) systems. Now, SIEM still plays a major role here, but many organizations are supplementing their security operations centers (SOCs) with additional data, analytics tools and operations management systems. We now see SOCs as a nexus for things like endpoint detection and response tools (EDR), network analytics, threat intelligence platforms (TIPs) and incident response platforms (IRPs). In aggregate, security operations is changing, driven by a wave of new types of sensors, diverse data sources, analytics tools and operational requirements. And these changes are driving an evolution from monolithic security technologies to a more comprehensive event-driven software architecture along the lines of SOA 2.0, where disparate security technologies connected with middleware for things like data exchange, message queueing and business-level trigger conditions. To read this article in full or to leave a comment, please click here |
To see everything:
Our RSS (filtrered)
