What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-09-26 08:18:00 | Cisco: 13 IOS, IOS XE security flaws you should patch now (lien direct) | Cisco this week warned its IOS and IOS XE customers of 13 vulnerabilities in the operating system software they should patch as soon as possible.All of the vulnerabilities – revealed in the company's semiannual IOS and IOS XE Software Security Advisory Bundle – have a security impact rating (SIR) of "high". Successful exploitation of the vulnerabilities could allow an attacker to gain unauthorized access to, conduct a command injection attack on, or cause a denial of service (DoS) condition on an affected device, Cisco stated. "How to determine if Wi-Fi 6 is right for you" Two of the vulnerabilities affect both Cisco IOS Software and Cisco IOS XE Software. Two others affect Cisco IOS Software, and eight of the vulnerabilities affect Cisco IOS XE Software. The final one affects the Cisco IOx application environment. Cisco has confirmed that none of the vulnerabilities affect Cisco IOS XR Software or Cisco NX-OS Software. Cisco has released software updates that address these problems. | |||
|
2019-08-28 03:00:00 | What is phishing? Learn how this attack works (lien direct) | Phishing is a method of trying to gather personal information using deceptive e-mails and websites. Here's what you need to know about this increasingly sophisticated form of cyberattack. | |||
|
2019-08-22 12:53:00 | Texas ransomware attacks: to pay or not to pay? | TECH(feed) (lien direct) | Nearly two dozen cities in Texas have been hit by a ransomware attack executed by a single threat actor. These attacks beg the question: Is it ever worth it to pay a cyber attacker's ransom? In this episode of TECH(feed), Juliet discusses the pattern of ransomware attacks on local governments, how municipalities have responded and how to prevent a ransomware attack in the first place. | Ransomware Threat | ||
|
2019-08-22 08:21:00 | Don\'t worry about shadow IT. Shadow IoT is much worse. (lien direct) | For years, IT departments have been railing about the dangers of shadow IT and bring-your-own-device. The worry is that these unauthorized practices bring risks to corporate systems, introducing new vulnerabilities and increasing the attack surface.That may be true, but it's not the whole story. As I've long argued, shadow IT may increase risks, but it can also cut costs, boost productivity and speed innovation. That's why users are often so eager to circumvent what they see as slow and conservative IT departments by adopting increasingly powerful and affordable consumer and cloud-based alternatives, with or without the blessing of the powers that be. Just as important, there's plenty of evidence of that enlightened IT departments should work to leverage those new approaches to serve their internal customers in a more agile manner. | |||
|
2019-08-06 15:20:00 | Microsoft finds Russia-backed attacks that exploit IoT devices (lien direct) | The STRONTIUM hacking group, which has been strongly linked by security researchers to Russia's GRU military intelligence agency, was responsible for an IoT-based attack on unnamed Microsoft customers, according to the company. a blog post from the company's security response center issued Monday.Microsoft said in a blog that the attack, which it discovered in April, targeted three specific IoT devices – a VoIP phone, a video decoder and a printer (the company declined to specify the brands) – and used them to gain access to unspecified corporate networks. Two of the devices were compromised because nobody had changed the manufacturer's default password, and the other one hadn't had the latest security patch applied. | APT 28 | ||
|
2019-07-31 10:33:00 | The latest large-scale data breach: Capital One | TECH(feed) (lien direct) | Just a few days after Equifax settled with the FTC over its 2017 data breach, Capital One announced it was the target of a March attack. Identifying information and bank account numbers are among some of the data breached in the attack that affects 100 million people. A software engineer is behind the attack and is awaiting a hearing. In this episode of TECH(feed), Juliet discusses the consequences of the attack and how to find out if you've been affected. | Equifax | ||
|
2019-07-31 08:40:00 | Remote code execution is possible by exploiting flaws in Vxworks (lien direct) | Eleven zero-day vulnerabilities in WindRiver's VxWorks, a real-time operating system in use across an advertised 2 billion connected devices have been discovered by network security vendor Armis.Six of the vulnerabilities could enable remote attackers to access unpatched systems without any user interaction, even through a firewall according to Armis. About IoT: What is the IoT? How the internet of things works What is edge computing and how it's changing the network Most powerful Internet of Things companies 10 Hot IoT startups to watch The 6 ways to make money in IoT What is digital twin technology? [and why it matters] Blockchain, service-centric networking key to IoT success Getting grounded in IoT networking and security Building IoT-ready networks must become a priority What is the Industrial IoT? [And why the stakes are so high] The vulnerabilities affect all devices running VxWorks version 6.5 and later with the exception of VxWorks 7, issued July 19, which patches the flaws. That means the attack windows may have been open for more than 13 years. | |||
|
2019-06-26 08:08:00 | Tracking down library injections on Linux (lien direct) | While not nearly commonly seen on Linux systems, library (shared object files on Linux) injections are still a serious threat. On interviewing Jaime Blasco from AT&T's Alien Labs, I've become more aware of how easily some of these attacks are conducted.In this post, I'll cover one method of attack and some ways that it can be detected. I'll also provide some links that will provide more details on both attack methods and detection tools. First, a little background. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] Shared library vulnerability Both DLL and .so files are shared library files that allow code (and sometimes data) to be shared by various processes. Commonly used code might be put into one of these files so that it can be reused rather than rewritten many times over for each process that requires it. This also facilitates management of commonly used code. | |||
|
2019-05-17 10:56:00 | Microsoft issues fixes for non-supported versions of Windows Server (lien direct) | Microsoft took the rare step of issuing security fixes for both the server and desktop versions of Windows that are long out of support, so you know this is serious.The vulnerability (CVE-2019-0708) is in the Remote Desktop Services component built into all versions of Windows. RDP, formerly known as Terminal Services, itself is not vulnerable. CVE-2019-0708 is pre-authentication and requires no user interaction, meaning any future malware could self-propagate from one vulnerable machine to another.CVE-2019-0708 affects Windows XP, Windows 7, Windows Server 2003, Windows Server 2008 R2, and Windows Server 2008. It does not impact Microsoft's newest operating systems; Windows 8 through 10 and Windows Server 2012 through 2019 are not affected. | Malware Vulnerability | ★★★★★ | |
|
2019-05-16 03:00:00 | WhatsApp attacked by spyware | TECH(feed) (lien direct) | WhatsApp's recent spyware hack took advantage of a security vulnerability and allowed attackers to access private, digital communication. In this episode of TECH(feed), Juliet walks through the hack, who was affected and how you can secure your devices ASAP. | Hack Vulnerability | ||
|
2019-05-09 12:25:00 | Cisco adds AMP to SD-WAN for ISR/ASR routers (lien direct) | Cisco has added support for Advanced Malware Protection (AMP) to its million-plus ISR/ASR edge routers, in an effort to reinforce branch and core network malware protection at across the SD-WAN.Cisco last year added its Viptela SD-WAN technology to the IOS XE version 16.9.1 software that runs its core ISR/ASR routers such as the ISR models 1000, 4000 and ASR 5000, in use by organizations worldwide. Cisco bought Viptela in 2017. More about SD-WAN How to buy SD-WAN technology: Key questions to consider when selecting a supplier How to pick an off-site data-backup method SD-Branch: What it is and why you'll need it What are the options for security SD-WAN? The release of Cisco IOS XE offered an instant upgrade path for creating cloud-controlled SD-WAN fabrics to connect distributed offices, people, devices and applications operating on the installed base, Cisco said. At the time Cisco said that Cisco SD-WAN on edge routers builds a secure virtual IP fabric by combining routing, segmentation, security, policy and orchestration. | Malware | ||
|
2019-04-24 11:06:00 | Cisco: DNSpionage attack adds new tools, morphs tactics (lien direct) | The group behind the Domain Name System attacks known as DNSpionage have upped their dark actions with new tools and malware to focus their attacks and better hide their activities. Cisco Talos security researchers, who discovered DNSpionage in November, this week warned of new exploits and capabilities of the nefarious campaign. More about DNS: DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key “The threat actor's ongoing development of DNSpionage malware shows that the attacker continues to find new ways to avoid detection. DNS tunneling is a popular method of exfiltration for some actors and recent examples of DNSpionage show that we must ensure DNS is monitored as closely as an organization's normal proxy or weblogs,” Talos wrote. “DNS is essentially the phonebook of the internet, and when it is tampered with, it becomes difficult for anyone to discern whether what they are seeing online is legitimate.” | Malware Threat | ||
|
2019-04-17 08:11:00 | Cisco Talos details exceptionally dangerous DNS hijacking attack (lien direct) | Security experts at Cisco Talos have released a report detailing what it calls the “first known case of a domain name registry organization that was compromised for cyber espionage operations.”Talos calls ongoing cyber threat campaign “Sea Turtle” and said that state-sponsored attackers are abusing DNS to harvest credentials to gain access to sensitive networks and systems in a way that victims are unable to detect, which displays unique knowledge on how to manipulate DNS, Talos stated. More about DNS: DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key By obtaining control of victims' DNS, the attackers can change or falsify any data on the Internet, illicitly modify DNS name records to point users to actor-controlled servers; users visiting those sites would never know, Talos reported. | Threat | ||
|
2019-04-08 06:20:00 | How to quickly deploy, run Linux applications as unikernels (lien direct) | Building and deploying lightweight apps is becoming an easier and more reliable process with the emergence of unikernels. While limited in functionality, unikernals offer many advantages in terms of speed and security.What are unikernels? A unikernel is a very specialized single-address-space machine image that is similar to the kind of cloud applications that have come to dominate so much of the internet, but they are considerably smaller and are single-purpose. They are lightweight, providing only the resources needed. They load very quickly and are considerably more secure -- having a very limited attack surface. Any drivers, I/O routines and support libraries that are required are included in the single executable. The resultant virtual image can then be booted and run without anything else being present. And they will often run 10 to 20 times faster than a container. | |||
|
2019-03-25 22:05:00 | How to hack your own Wi-Fi network (lien direct) | One way to bolster your understanding of Wi-Fi security is to do some hacking yourself. That doesn't mean you should infiltrate a company's network or snoop on a neighbor's setup. Rather, ethical hacking and legitimate Wi-Fi penetration testing – done in cooperation with the network owner – can help you learn more about the strengths and limitations of wireless security. Understanding potential Wi-Fi vulnerabilities can help you to better protect the networks you manage and ensure safer connections when you access other wireless networks.Start with a Wi-Fi stumbler General purpose Wi-Fi stumblers are the simplest and most innocent tools to add to your pen testing kit. Though typically passive tools, they serve an important purpose. They allow you to see what access points (AP) are nearby and their details, such as the signal level, security/encryption type, and media access control (MAC) address. It's a tool even a hacker would utilize to find the next victim. | Hack Tool | ||
|
2019-03-05 12:00:00 | Huawei\'s possible lawsuit, ransomware readiness, old malware resurfaces | TECH(feed) (lien direct) | The ongoing battle between the U.S. and Huawei could soon go to court as Huawei reportedly prepares to sue the U.S. government. Plus, 2019 will see ride sharing companies going public… but which will be first? And as a decade-old malware resurfaces in enterprise networks, a report questions if the world is ready for the next large-scale ransomware attack. | Ransomware Malware | ||
|
2019-02-27 07:39:00 | Protecting the IoT: 3 things you must include in an IoT security plan (lien direct) | With many IT projects, security is often an afterthought, but that approach puts the business at significant risk. The rise of IoT adds orders of magnitude more devices to a network, which creates many more entry points for threat actors to breach. A bigger problem is that many IoT devices are easier to hack than traditional IT devices, making them the endpoint of choice for the bad guys.IoT is widely deployed in a few industries, but it is in the early innings still for most businesses. For those just starting out, IT and security leaders should be laying out their security plans for their implementations now. However, the landscape of security is wide and confusing so how to secure an IoT deployment may not be obvious. Below are three things you must consider when creating an IoT security plan. | Hack Threat Guideline | ||
|
2019-02-19 15:03:00 | Edge security: There\'s lots of attack surfaces to worry about (lien direct) | The problem of edge security isn't unique – many of the issues being dealt with are the same ones that have been facing the general IT sector for decades.But the edge adds its own wrinkles to those problems, making them, in many cases, more difficult to address. Yet, by applying basic information security precautions, most edge deployments can be substantially safer. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The most common IoT vulnerability occurs because many sensors and edge computing devices are running some kind of built-in web server to allow for remote access and management. This is an issue because many end-users don't – or, in some cases, can't – change default login and password information, nor are they able to seal them off from the Internet at large. There are dedicated gray-market search sites out there to help bad actors find these unsecured web servers, and they can even be found with a little creative Googling, although Joan Pepin, CISO at security and authentication vendor Auth0, said that the search giant has taken steps recently to make that process more difficult. | Vulnerability | ||
|
2019-01-31 06:32:00 | DARPA explores new computer architectures to fix security between systems (lien direct) | Solutions are needed to replace the archaic air-gapping of computers used to isolate and protect sensitive defense information, the U.S. Government has decided. Air-gapping, used often now, is the practice of physically isolating data-storing computers from other systems, computers, and networks. It theoretically can't be compromised because there is nothing between the machines - there are no links into the machines; they're removed.However, many say air-gapping is no longer practical, as the cloud and internet takes a hold of massive swaths of data and communications.“Keeping a system completely disconnected from all means of information transfer is an unrealistic security tactic,” says Defense Advanced Research Projects Agency (DARPA) on its website, announcing an initiative to develop completely new hardware and software that will allow defense communications to take place securely among myriad existing systems, networks, and security protocols. | |||
|
2019-01-28 09:11:00 | Build security into your IoT plan or risk attack (lien direct) | The Internet of Things (IoT) is no longer some futuristic thing that's years off from being something IT leaders need to be concerned with. The IoT era has arrived. In fact, Gartner forecasts there will be 20.4 billion connected devices globally by 2020.An alternative proof point is the fact that when I talk with people about their company's IoT plans, they don't look at me like a deer in headlights as they did a few years ago. In fact, often the term “IoT” doesn't even come up. Businesses are connecting more “things” to create new processes, improve efficiency, or improve customer service.As they do, though, new security challenges arise. One of which is there's no “easy button.” IT professionals can't just deploy some kind of black box and have everything be protected. Securing the IoT is a multi-faceted problem with many factors to consider, and it must be built into any IoT plan. | Guideline | ||
|
2018-11-15 06:48:00 | Download Malwarebytes Today and Protect Your Data for Free (lien direct) | Everyone lives on the internet, period. Whether you're streaming a standup special on Netflix, answering emails from your boss, chatting on Tinder, or completing everyday errands like paying bills online, you're likely spending most of your day tangled up in the world wide web. Unfortunately, that makes you a high-risk candidate for a cyber attack at some point along the way, be it through malware, phishing, or hacking. Best-case scenario, it sucks up your time to fix (or your money by paying someone else to fix it). Worst case scenario, it puts you and your computer out of commission for days and damages your files beyond repair. Not to mention the sheer terror of knowing some hacker has complete and total access to virtually everything about you, including all of your banking and credit card information. Malwarebytes is a free program built to help you avoid the above scenarios altogether - and it makes traditional antivirus look old, tired, and played out (seriously it's free, download it here). | |||
|
2018-11-13 10:55:00 | GPUs are vulnerable to side-channel attacks (lien direct) | Computer scientists at the University of California at Riverside have found that GPUs are vulnerable to side-channel attacks, the same kinds of exploits that have impacted Intel and AMD CPUs.Two professors and two students, one a computer science doctoral student and a post-doctoral researcher, reverse-engineered a Nvidia GPU to demonstrate three attacks on both graphics and computational stacks, as well as across them. The researchers believe these are the first reported side-channel attacks on GPUs.[ Read also: What are the Meltdown and Spectre exploits? | Get regularly scheduled insights: Sign up for Network World newsletters ] A side-channel attack is one where the attacker uses how a technology operates, in this case a GPU, rather than a bug or flaw in the code. It takes advantage of how the processor is designed and exploits it in ways the designers hadn't thought of. | |||
|
2018-10-11 22:00:00 | (Déjà vu) Talking DerbyCon, spy chip whispers and Google\'s data breach | Salted Hash Ep 47 (lien direct) | Steve Ragan and J.M. Porup catch up post-DerbyCon conference to discuss psychological issues in the infosec community, supply chain security and whether it's time to make China the boogeyman again, as well as Google's recent data breach. | Data Breach | ||
|
2018-10-11 22:00:00 | (Déjà vu) Talking DerbyCon, Chinese whispers and Google\'s data breach | Salted Hash Ep 47 (lien direct) | Steve Ragan and J.M. Porup catch up post-DerbyCon conference to discuss psychological issues in the infosec community, supply chain security and whether it's time to make China the boogeyman again, as well as Google's recent data breach. | Data Breach | ||
|
2018-08-31 12:49:00 | VirusTotal Intelligence, a search engine for malware | Salted Hash Ep 45 (lien direct) | In this episode, host Steve Ragan talks with Karl Hiramoto, technical solutions consultant for VirusTotal, maker of VirusTotal Intelligence, a searchable detection tool for malware. | Malware Tool | ||
|
2018-08-16 08:01:00 | How to protect your infrastructure from DNS cache poisoning (lien direct) | Domain Name System (DNS) is our root of trust and is one of the most critical components of the internet. It is a mission-critical service because if it goes down, a business's web presence goes down.DNS is a virtual database of names and numbers. It serves as the backbone for other services critical to organizations. This includes email, internet site access, voice over internet protocol (VoIP), and the management of files.You hope that when you type a domain name that you are really going where you are supposed to go. DNS vulnerabilities do not get much attention until an actual attack occurs and makes the news. For example, in April 2018, public DNS servers that managed the domain for Myetherwallet were hijacked and customers were redirected to a phishing site. Many users reported losing funds out of their account, and this brought a lot of public attention to DNS vulnerabilities. | |||
|
2018-08-08 13:28:00 | Chip maker TSMC will lose millions for not patching its computers (lien direct) | Taiwanese chip-making giant Taiwan Semiconductor Manufacturing Co. (TSMC), whose customers include Apple, Nvidia, AMD, Qualcomm, and Broadcom, was hit with a WannaCry infection last weekend that knocked out production for a few days and will cost the firm millions of dollars.Most chip companies are fabless, meaning they don't make their own chips. It's a massively expensive process, as Intel has learned. Most, like the aforementioned firms, simply design the chips and farm out the manufacturing process, and TSMC is by far the biggest player in that field.CEO C.C. Wei told Bloomberg that TSMC wasn't targeted by a hacker; it was an infected production tool provided by an unidentified vendor that was brought into the company. The company is overhauling its procedures after encountering a virus more complex than initially thought, he said. | Tool Patching | Wannacry | |
|
2018-08-08 02:54:00 | An inside look at hybrid Office 365 phishing attacks | Salted Hash Ep 41 (lien direct) | In this episode, Steve Ragan shows what a hybrid phishing attack looks like as it starts off on one service, and quickly moves to another. | |||
|
2018-07-10 07:23:00 | The aftermath of the Gentoo GitHub hack (lien direct) | Gentoo GitHub hack: What happened? Late last month (June 28), the Gentoo GitHub repository was attacked after someone gained control of an admin account. All access to the repositories was soon removed from Gentoo developers. Repository and page content were altered. But within 10 minutes of the attacker gaining access, someone noticed something was going on, 7 minutes later a report was sent, and within 70 minutes the attack was over. Legitimate Gentoo developers were shut out for 5 days while the dust settled and repairs and analysis were completed.The attackers also attempted to add "rm -rf" commands to some repositories to cause user data to be recursively removed. As it turns out, this code was unlikely to be run because of technical precautions that were in place, but this wouldn't have been obvious to the attacker. | Hack | ||
|
2018-06-11 12:33:00 | Automation critical to scalable network security (lien direct) | Securing the business network has been and continues to be one of the top initiatives for engineers. Suffering a breach can have catastrophic consequences to a business, including lawsuits, fines, and brand damage from which some companies never recover.To combat this, security professionals have deployed a number of security tools, including next-generation firewalls (NGFW) such as Cisco's Firepower, which is one of the most widely deployed in the industry. Managing firewalls becomes increasingly difficult Managing a product like Firepower has become increasingly difficult, though, because the speed at which changes need to be made has increased. Digital businesses operate at a pace never seen before in the business world, and the infrastructure teams need to keep up. If they can't operate at this accelerated pace, the business will suffer. And firewall rules continue to grow in number and complexity, making it nearly impossible to update them manually. | |||
|
2018-06-11 04:52:00 | Supermicro is the latest hardware vendor with a security issue (lien direct) | Security researchers with Eclypsium, a firm created by two former Intel executives that specializes in rooting out vulnerabilities in server firmware, have uncovered vulnerabilities affecting the firmware of Supermicro servers. Fortunately, it's not easily exploited.The good news is these vulnerabilities can be exploited only via malicious software already running on a system. So, the challenge is to get the malicious code onto the servers in the first place. The bad news is these vulnerabilities are easily exploitable and can give malware the same effect as having physical access to this kind of system.“A physical attacker who can open the case could simply attach a hardware programmer to bypass protections. Using the attacks we have discovered, it is possible to scale powerful malware much more effectively through malicious software instead of physical access,” Eclypsium said in a blog post announcing its findings. | |||
|
2018-05-16 04:00:00 | What an Apple phishing attack looks like | Salted Hash Ep 32 (lien direct) | How can you tell the difference between a legitimate email and a phishing attack? Host Steve Ragan shows what an Apple phishing attack looks like, screen by screen, showing the difference between the real and the fake. | |||
|
2018-04-24 03:00:00 | Mingis on Tech: The lowdown on Android security (lien direct) | Google's Android OS sometimes gets unfairly maligned as being weak on security. Computerworld blogger JR Raphael explains why that's a misconception and how users can keep their devices safe. | |||
|
2018-04-17 21:00:00 | Is it time to kill the pen test? | Salted Hash Ep 22 (lien direct) | Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping companies improve their defenses. | |||
|
2018-02-28 12:21:00 | Memcached servers can be hijacked for massive DDoS attacks (lien direct) | A flaw in the implementation of the UDP protocol for Memcached servers can allow anyone to launch a massive Distributed Denial of Service (DDoS) attack with little effort.The problem was first discovered by security researchers at content delivery network (CDN) specialist Cloudflare. Since then, CDN specialist Akamai and security provider Arbor Networks have also published their findings.Also read: Getting the most out of your next-generation firewall Memcached is a Web-based massive memory cache for database-drive sites, such as websites, that caches the most frequently retrieved data and keeps it in memory rather than getting it from the hard disk over and over again. It is a combination of open-source software and standard server hardware that consists of memory, memory, and more memory. | |||
|
2018-02-01 03:00:00 | How to eliminate the default route for greater security (lien direct) | If portions of enterprise data-center networks have no need to communicate directly with the internet, then why do we configure routers so every system on the network winds up with internet access by default?Part of the reason is that many enterprises use an internet perimeter firewall performing port address translation (PAT) with a default policy that allows access the internet, a solution that leaves open a possible path by which attackers can breach security.+Also on Network World: IPv6 deployment guide; What is edge computing and how it's changing the network?+ | |||
|
2018-01-30 08:56:00 | What is microsegmentation? How getting granular improves network security (lien direct) | Microsegmentation is a method of creating secure zones in data centers and cloud deployments that allows companies to isolate workloads from one another and secure them individually. It's aimed at making network security more granular. Microsegmentation vs. VLANs, firewalls and ACLs Network segmentation isn't new. Companies have relied on firewalls, virtual local area networks (VLAN) and access control lists (ACL) for network segmentation for years. With microsegmentation, policies are applied to individual workloads for greater attack resistance. | |||
|
2018-01-22 06:00:00 | The people you call when you\'ve had a breach | Salted Hash Ep 15 (lien direct) | Rob Lee, faculty fellow at the SANS Technology Institute, talks with host Steve Ragan about his group's work to help companies out of sticky situations, plus the state of the security industry and predictions for 2018. | |||
|
2017-11-29 12:00:00 | Tech Talk: Uber hack, Google tracks, AWS packs (in China) ... and Firefox is back (lien direct) | Our tech panel looks at how Uber (secretly) handled last year's hack and the controversy around Google's decision to track Android users' locations. Then it's time to discuss why AWS is selling off hardware in China and what Mozilla is up to with its new Firefox Quantum. | Uber | ||
|
2017-09-27 14:00:00 | Tech Talk: The Equifax data breach, a new Apple Watch and the A.I. revolution (lien direct) | With the Equifax breach still making waves, the new Apple Watch now on wrists and A.I. seemingly everywhere, our panel digs into what's happening in the IT world. | Equifax | ||
|
2017-09-19 12:28:00 | Microsoft launches data security technology for Windows Server, Azure (lien direct) | Data is at its greatest risk of being compromised when it is being used, when moving from a secure database around the servers or apps in memory. So, Microsoft is launching a new technology for Windows Server and Azure that protects the data while it's being processed. Microsoft claims the service, called Azure confidential computing, makes it the first public cloud provider to offer encryption of data while in use. Encrypting data while it is being manipulated is pretty CPU-intensive, and there is no word on the performance impact of this service. “Despite advanced cybersecurity controls and mitigations, some customers are reluctant to move their most sensitive data to the cloud for fear of attacks against their data when it is in use,†Mark Russinovich, Microsoft Azure CTO, wrote in a company blog post. “With confidential computing, they can move the data to Azure knowing that it is safe not only at rest, but also in use from [various] threats.â€Â To read this article in full or to leave a comment, please click here | |||
|
2017-09-12 07:25:00 | Today\'s property rules don\'t work in our IoT world (lien direct) |
Property and ownership are among the most basic concepts of a modern society. Our ability to clarify who owns what separates us from savages because property and ownership help us maintain our independence and identity.The rules of property and ownership have evolved over centuries. There are clear transfer procedures for all types of property, including real estate, cars and even books. The problem is these age-old concepts are not holding up in our connected and digital world. Cambridge University Press
“Property ownership as we know it is under attack and fading fast,†writes Joshua Fairfield in his book Owned: Property, Privacy, and the New Digital Serfdom. “The Internet of Things and digital property ownership systems are being built on the old feudal model.â€To read this article in full or to leave a comment, please click here |
|||
|
2017-08-24 07:33:00 | This Linux tool could improve the security of IoT devices (lien direct) | The first rule of building a secure and feature-rich ecosystem is software management - push and pull software updates and software discovery through an app store mechanism from a trusted source.In the go-to-market IoT race, though, that often doesn't happen. Many Internet of Things (IoT) product developers have ignored the traumatic early history of Microsoft Windows, Android and web platforms, and expoits of IoT devices - because software updates have not been designed in - are regularly reported.+ Also on Network World: How to improve IoT security + Those earlier platforms have been hardened, updates have been automated, and the app discovery and installation have been made trustworthy. IoT developers need to follow their lead. To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-08-23 08:18:00 | Connected cars have an \'indefensible\' security vulnerability (lien direct) | One of the most attractive promises of IoT-powered connected cars is enhanced safety. Connected cars use the Internet of Things (IoT) to help avoid accidents and control a wide array of safety technologies, from anti-lock brakes to airbags.But according to security firm Trend Micro, these safety systems are even more vulnerable to hacking than was previously thought. In a blog post published last week, "The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard," the company publicized an effective, vendor-neutral hack that is “currently indefensible by modern car security technology.â€To read this article in full or to leave a comment, please click here | |||
|
2017-08-23 06:44:00 | How to protect your network from ransomware attacks (lien direct) | Ransomware attacks are becoming more rampant now that criminals have learned they are an effective way to make money in a short amount of time. Attackers do not even need any programming skills to launch an attack because they can obtain code that is shared among the many hacker communities. There are even services that will collect the ransom via Bitcoin on behalf of the attackers and just require them to pay a commission. This all makes it more difficult for the authorities to identify an attacker.+ Also on Network World:Â Network vulnerability analysis 101: Free online training + Many small and medium-size businesses pay ransoms because they do not backup their data and do not have any other options available to recover their data. They sometimes face the decision of either paying the ransom or being forced out of business. Also, hospitals that do not back up all their critical patient data and are not able to retrieve it in a timely manner will immediately pay the ransom because it is critical to access records of patients who require immediate care. It can become a life-or-death situation for someone in intensive care.To read this article in full or to leave a comment, please click here | |||
|
2017-08-10 03:00:00 | Mingis on Tech: Android vs iOS – Which is more secure? (lien direct) | Apple's iOS has long had the reputation of being more secure than Android, but that may not necessarily be the case. Here's how to evaluate each side's claims about mobile security. | |||
|
2017-06-25 08:42:00 | Even weak hackers can pull off a password reset MitM attack via account registration (lien direct) | At the IEEE Symposium on Security and Privacy 2017, researchers from the College of Management Academic Studies in Israel presented an interesting paper on bad password reset processes, “The Password Reset MitM Attack†(pdf). It explains how a weak attacker could take over accounts by exploiting vulnerabilities in password reset procedures.They dubbed the attack: password reset man-in-the-middle (PRMitM). The researchers said Google is “extremely vulnerable†to PRMitM, but Facebook, Yahoo, LinkedIn, Yandex and other sites and email services are also vulnerable as well as mobile apps like Whatsapp, Snapchat and Telegram.To read this article in full or to leave a comment, please click here | Yahoo | ||
|
2017-06-23 04:03:01 | It\'s time to upgrade to TLS 1.3 already, says CDN engineer (lien direct) | Businesses dragging their heels over rolling out TLS 1.2 on their website might have an excuse to delay a little longer: Version 1.3 of the TLS (Transport Layer Security) encryption protocol will be finalized later this year, and early deployments of it are already under way.TLS, the successor to SSL, is used to negotiate secure connections to web or mail servers, encrypting data on the move.Six years in the making, TLS 1.2 added new, stronger encryption options -- but retained all the older, weaker encryption schemes that had gone before in the name of backward compatibility. Unfortunately, this meant that someone able to perform a man-in-the-middle attack could often downgrade connections to a weaker encryption system without the user being aware.To read this article in full or to leave a comment, please click here | |||
|
2017-06-20 09:18:00 | 198 million American voter records found unprotected on the internet (lien direct) | You'd think if someone had amassed personal information on nearly every registered US voter, and stored that information on an Amazon S3 storage bucket, that it would at least be protected with a password. But thanks to a misconfigured server, personal data of 198 million Americans voters could be downloaded by anyone who happened across it. It is believed to be the largest leak of voter records to have ever occurred anywhere in the world.That giant oops caused by Deep Root Analytics, a data analytics firm contracted to compile the information for the Republican National Committee, contained names, birthdates, home and mailing addresses, phone numbers, party affiliations, suspected ethnicities and religions, as well as analytics on who people would likely vote for and their stance on hot-button issues such as gun control and abortion.To read this article in full or to leave a comment, please click here | |||
|
2017-06-18 08:22:00 | Hackers attacked 4 Florida school districts, allegedly hoped to hack voting systems (lien direct) | We've heard a lot about Russians attackers attempting to hack the US election, but another hacking group also allegedly wanted to interfere with the election; they attempted to pivot from compromised school districts to state voting systems.The Miami Herald reported that MoRo, a group of hackers based in Morocco, penetrated “at least four Florida school district networks†and purportedly searched for a way “to slip into other sensitive government systems, including state voting systems.â€To read this article in full or to leave a comment, please click here |
To see everything:
Our RSS (filtrered)
