What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-01-18 12:06:27 | Failure to patch known ImageMagick flaw for months costs Facebook $40k (lien direct) | It's not common for a security-conscious internet company to leave a well-known vulnerability unpatched for months, but it happens. Facebook paid a US$40,000 reward to a researcher after he warned the company that its servers were vulnerable to an exploit called ImageTragick.ImageTragick is the name given by the security community to a critical vulnerability that was found in the ImageMagick image processing tool back in May.ImageMagick is a command-line tool that can resize, convert and optimize images in many formats. Web server libraries like PHP's imagick, Ruby's rmagick and paperclip, and Node.js's imagemagick, used by millions of websites, are based on it.To read this article in full or to leave a comment, please click here | |||
|
2017-01-18 11:22:21 | Modern warfare: Death-dealing drones and ... illegal parking? (lien direct) | A cloud of 3D-printed drones big enough to bring down the latest U.S. stealth fighter, the F35, was just one of the combat scenarios evoked in a discussion of the future of warfare at the World Economic Forum in Davos on Wednesday.Much of the discussion focused on the changes computers are bringing to the battlefield, including artificial intelligence and autonomous systems -- but also the way the battlefield is coming to computing, with cyberwar, and social media psyops an ever more real prospect.Former U.S. Navy fighter pilot Mary Cummings, now director of the Humans and Autonomy Lab at Duke University, delivered the first strike."The barrier to entry to drone technology is so low that everyone can have one, and if the Chinese go out and print a million copies of a drone, a very small drone, and put those up against an F35 and they go into the engine, you basically obviate what is a very expensive platform," she said.To read this article in full or to leave a comment, please click here | |||
|
2017-01-18 11:06:00 | IDG Contributor Network: 3 tips to improve threat detection and incident response (lien direct) | No matter the height or thickness of any wall you might try to build, the unfortunate reality is someone will most likely be able to breach it. It's really just a matter of when and how.Just as you close your doors and windows when you leave the house, you need  preventative security measures in place to protect your systems. However, these measures themselves are not enough. If you assume the bad guys will find a way to breach your protective walls, it makes more sense to focus on threat detection and incident response as ways to mitigate damage when the inevitable breach occurs.3 security controls to improve threat detection The following three security controls are surefire ways to strengthen the detective capabilities of your system.To read this article in full or to leave a comment, please click here | |||
|
2017-01-18 10:17:00 | How to get fired in 2017: Have a security breach (lien direct) | There are many reasons why IT professionals can be fired, but six out of the top nine are related to security, said a survey released this morning.For example, having a tech investment that leads to a security breach was considered a fireable offense by 39 percent of organizations, according to Osterman Research, which conducted the survey.A data breach that becomes public was a fireable offense for 38 percent of companies.Other fireable offenses included failing to modernize a security program, data breaches with unknown causes, data breaches that do not become public, and the failure of a security product or program investment.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-18 10:00:42 | Snowden allowed to stay in Russia longer (lien direct) | U.S. National Security Agency leaker Edward Snowden will be allowed to stay in Russia for "another couple of years," according to a spokeswoman for the government there. The Russian government has extended the residence permit for Snowden, the former NSA contractor charged with espionage for leaking details of U.S. surveillance operations, said Maria Zakharova, a spokeswoman for Russia's Foreign Ministry. Zakharova announced the extension on her Facebook page late Tuesday. Zakharova's post came in response to a column by Michael Morell, the former deputy director of the U.S. CIA, who said Russia can return Snowden to the U.S. as a "perfect inauguration gift" to President-elect Donald Trump.To read this article in full or to leave a comment, please click here | |||
|
2017-01-18 09:06:00 | Cyber scum suckers hit cancer agency with ransomware, threaten to contact families (lien direct) | Some cyber scum suckers sunk to an all-time low, hitting an Indiana Cancer Services agency with ransomware before threatening “to contact family members of living and deceased cancer clients, donors and community partners†if the $43,000 ransom was not paid.Cancer Services of East Central Indiana-Little Red Door, an independent, non-profit agency based in Muncie, Indiana, became a victim of a ransomware attack a week ago. This is an organization whose goals include helping to “reduce the financial and emotional burdens of those dealing with a cancer diagnosis.â€The attackers did not leave the traditional ransom demand note, oh no, but chose to personally reach out to the agency's executive director, president and vice president to make the extortion demands clear. This makes it seem more like a targeted attack and less of one that was a result of opportunity. It was also at least the second time that week that attackers attempted to ransom sensitive patient information.To read this article in full or to leave a comment, please click here | |||
|
2017-01-18 08:35:00 | DARPA wants to simulate how social media spreads info like wildfire (lien direct) | When it comes to understanding which, what and how popular information travels the Internet, we have a lot to learn.That seems to be the idea behind a new program that the researchers at The Defense Advanced Research Projects Agency will unravel next month that aims to simulate the spread and evolution of online information.+More on Network World: DARPA: Show us how to weaponize benign technologies+To read this article in full or to leave a comment, please click here | |||
|
2017-01-18 08:19:00 | IDG Contributor Network: IoT security principles from Homeland Security (lien direct) | Power grids were bombed in World War II to cripple industrial output. Today, attacks against Internet of Things (IoT) infrastructure causes even broader disruptions-without bombs.The danger is real. The U.S. Department of Homeland Security (DHS) recently published guidelines to “provide a strategic focus on security and enhance the trust framework that underpins the IoT ecosystem.†The report explains why security has to be a combined effort.To read this article in full or to leave a comment, please click here | |||
|
2017-01-18 08:04:32 | Oracle patches raft of vulnerabilities in business applications (lien direct) | Oracle released its first batch of security patches this year, fixing 270 vulnerabilities, mostly in business-critical applications. Many of the flaws can be exploited remotely without authentication.The majority of the fixes are for flaws in business products such as Oracle E-Business Suite, Oracle Fusion Middleware, Oracle PeopleSoft, Oracle Retail Applications, Oracle JD Edwards, Oracle Supply Chain Products and Oracle Database Server.E-Business Suite, which is used by companies to store key data and manage a wide range of business processes, accounts for more than 40 percent of the patched vulnerabilities -- 121. Out of these, 118 are remotely exploitable and the highest rated one has a score of 9.2 (critical) in the Common Vulnerability Scoring System.To read this article in full or to leave a comment, please click here | |||
|
2017-01-18 05:43:00 | Tips on where to start in managing risk (lien direct) | Plugging the holes Image by Les ChatfieldWhat is risk management? Any time you have something of value (like a corporate network, a website, or a mobile application), there will be risk to manage in order to protect it. As organizations innovate and change the way they use technology, the risks change too. Traditional approaches and controls are no longer good enough. Caroline Wong, vice president of security strategy at Cobalt, provides a fewtips for managing risk in today's modern business environment.To read this article in full or to leave a comment, please click here |
|||
|
2017-01-18 05:42:00 | How-and why-you should use a VPN any time you hop on the internet (lien direct) | One of the most important skills any computer user should have is the ability to use a virtual private network (VPN) to protect their privacy. A VPN is typically a paid service that keeps your web browsing secure and private over public Wi-Fi hotspots. VPNs can also get past regional restrictions for video- and music-streaming sites and help you evade government censorship restrictions-though that last one is especially tricky.The best way to think of a VPN is as a secure tunnel between your PC and destinations you visit on the internet. Your PC connects to a VPN server, which can be located in the United States or a foreign country like the United Kingdom, France, Sweden, or Thailand. Your web traffic then passes back and forth through that server. The end result: As far as most websites are concerned, you're browsing from that server's geographical location, not your computer's location.To read this article in full or to leave a comment, please click here | |||
|
2017-01-18 05:35:00 | Repealing passwords is a long way away (lien direct) | The campaign to eliminate passwords has been ongoing, and growing, for close to a decade. There are even some declarations that this might be the year, or at least ought to be the year, that it happens.Don't hold your breath. Brett McDowell, executive director of the FIDO (Fast IDentity Online) Alliance, is as passionate an advocate of eliminating passwords as anyone. He says that day is coming, given the creation of a, “new generation of authentication technology†largely based on biometrics, and a “massive collaboration among hundreds of companies†to define standards for that technology.To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 20:25:30 | WikiLeaks\' Assange confident of winning \'any fair trial\' in the US (lien direct) | WikiLeaks said that its founder Julian Assange is confident of winning 'any fair trial' in the U.S. and indicated that the founder of the whistleblowing website would stand by all the promises he had made in return for clemency to Chelsea Manning, the former U.S. soldier who disclosed classified data relating to the Iraq War to the site.On Tuesday, Manning's prison sentence was commuted by U.S. President Barack Obama raising questions whether Assange would keep his part of a deal he proposed online, and agree to extradition to the U.S.To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 16:11:51 | Can a DDoS attack on Whitehouse.gov be a valid protest? (lien direct) | When Donald Trump is inaugurated as the U.S. President on Friday, Juan Soberanis intends to protest the event -- digitally.His San Francisco-based protest platform is calling on Americans to oppose Trump's presidency by visiting the Whitehouse.gov site and overloading it with too much traffic. In effect, he's proposing a distributed denial-of-service attack, an illegal act under federal law. But Soberanis doesn't see it that way.“It's the equivalent of someone marching on Washington, D.C,†he said on Monday. “Civil disobedience has been part of the American democratic process.â€Soberanis's call to action is raising eyebrows and highlights the isssue of whether DDoS attacks should be made a legitimate form of protest. Under the Computer Fraud and Abuse Act, sending a command to a protected computer with the intent to cause damage can be judged a criminal offense. But that hasn't stopped hacktivists and cyber criminals from using DDoS attacks to force websites offline.  To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 15:46:18 | Obama commutes sentence for Manning, a WikiLeaks source (lien direct) | President Barack Obama has commuted the prison sentence of Chelsea Manning, the former U.S. soldier who disclosed classified data to WikiLeaks relating to the Iraq War.Manning was originally serving a 35-year sentence, but on Tuesday Obama reduced it. She'll now be freed on May 17.Manning was convicted of leaking U.S. military and diplomatic information to WikiLeaks back in 2010 that included videos of airstrikes in Iraq and Afghanistan, along with classified documents sent to the U.S. State Department. She was arrested and began serving jail time the same year.The data supplied by Manning helped put WikiLeaks on the map as source for secret government information but drew swift condemnation from U.S. officials. Â Â To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 13:38:00 | 7 really cool network and IT research projects (lien direct) | Researchers at top universities, backed by funding from federal and other outfits, are pumping out loads of research on network security, wireless networking and more. Here's a recap of 7 impressive projects from recent months.1. Not that you trust mobile apps in the first place… Carnegie Mellon University researchers took a deep dive into about 18,000 popular free apps on the Google Play store and found that not only about half of them lacked a privacy policy but a good number of those that have policies aren't adhering to them. As many as 4 in 10 apps with policies could be collecting location information and nearly 1 in 5 could be sharing that data without getting your permission to do so, To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 11:58:00 | Think employers must protect workers\' personal info? Think again (lien direct) | There's good news for security pros worried that their organizations may be liable if their employees' personal information gets hacked: a panel of judges in Pennsylvania says workers can't collect damages from their employer if things like Social Security numbers, bank account information, birth dates, addresses and salaries are compromised in a data breach.Even though the stolen data was used to file phony tax returns in order to get the refunds, the workers at University of Pittsburgh Medical Center (UPMC) had no reasonable expectation that the data would be safe, the Superior Court of Pennsylvania ruled recently.The case, known as in Dittman v. UPMC, pertains solely to employee records, not customer records, and not patient records, which are protected by HIPAA.To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 10:10:44 | Sensitive access tokens and keys found in hundreds of Android apps (lien direct) | Many developers still embed sensitive access tokens and API keys into their mobile applications, putting data and other assets stored on various third-party services at risk.A new study performed by cybersecurity firm Fallible on 16,000 Android applications revealed that about 2,500 had some type of secret credential hard-coded into them. The apps were scanned with an online tool released by the company in November.Hard-coding access keys for third-party services into apps can be justified when the access they provide is limited in scope. However, in some cases, developers include keys that unlock access to sensitive data or systems that can be abused.To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 09:31:10 | Terrorists are winning the digital arms race, experts say (lien direct) | Terrorist groups are embracing a huge number of digital tools to recruit members and plan attacks, putting them a step ahead of governments trying to combat them, a group of counterterrorism experts said.Twitter removed about 250,000 accounts connected with ISIS in one year, but the terrorist group uses 90 other social media platforms, Rob Wainwright, the director of Europol said Tuesday. Terrorist groups have begun to live stream their attacks, and they are using the internet to launch "innovative crowdfunding" campaigns, he said at the World Economic Forum in Davos-Klosters, Switzerland."The technology is advanced," Wainwright added. "They know what to do, and they know how to use it."To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 07:49:00 | 25 most common passwords in 2016 and how quickly they can be cracked (lien direct) | It's nearly that time again when SplashData will release its annual list of worst passwords, but this list of passwords comes from Keeper Security. The company analyzed over 10 million passwords available on the public web before publishing a list of 25 most common passwords of 2016.Keeper pointed a finger of blame at websites for not enforcing password best practices. Even if a site won't help you determine if a password is decent, then people could use common sense. It's disheartening to know that 17 percent of people still try to safeguard their accounts with “123456.†And “password†is, of course, still on the list, as well as keyboard patterns such as “qwerty†and “123456789â€.To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 07:14:00 | When real-time threat detection is essential (lien direct) | Finding the bad guys right away Image by ThinkstockWhile organizations always want to find threats as quickly as possible, that ideal is far from being met. On average, dwell times last months and give cyber criminals all the time they need to peruse a network and extract valuable information that can impact a company, its customers and its employees.To read this article in full or to leave a comment, please click here |
|||
|
2017-01-17 07:05:00 | Why Linux users should worry about malware and what they can do about it (lien direct) | Preventing the spread of malware and/or dealing with the consequences of infection are a fact of life when using computers. If you've migrated to Linux or Mac seeking refuge from the never-ending stream of threats that seems to target Windows, you can breath a lungful of fresh air-just don't let your guard down.Though UNIX-like systems such as Mac OS X and Linux can claim fewer threats due to their smaller user bases, threats do still exist. Viruses can be the least of your problem too. Ransomware, like the recent version of KillDisk, attacks your data and asks you to pay, well, a king's ransom to save your files. (In the case of KillDisk, even paying the ransom can't save you if you're running Linux.)To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 07:03:00 | The war for cybersecurity talent hits the Hill (lien direct) | Many analysts and business leaders believe there is a severe need for qualified cybersecurity professionals in the U.S., something that has caught the eye of at least one key congressman.U.S. House Homeland Security Committee Chairman Michael McCaul (R-Texas) on Wednesday said more needs to be done to address the cybersecurity labor shortage.[To comment on this story, visit Computerworld's Facebook page.]"I agree 110% that we need to strengthen the workforce" of cybersecurity professionals, McCaul said during a meeting with reporters at the National Press Club.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-17 07:02:00 | (Déjà vu) The unseemly world of Darkweb marketplaces (lien direct) | The genesis of underground markets goes back to when communication used to take place via Internet Relay Chat channels. Fast forward to the 21st Century with the evolution of cryptocurrencies and anonymous communications the underground market ecosystem has evolved.Underground markets offer a variety of services for cyber criminals to profit from, says Luis Mendieta, senior security researcher at Anomali. These forums offer items ranging from physical world items like drugs and weapons to digital world items such as spam/phishing delivery, exploit kit services, "Crypters", "Binders", custom malware development, zero-day exploits, and bulletproof hosting.To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 06:54:00 | How to handle security vulnerability reports (lien direct) | If there's a flaw in your IT security - and there probably is - you can't assume that someone in your organization will be the first to find it. But if you're lucky, instead of ending up with ransomware or a data breach, you might hear about it from a security researcher or even a smart customer who's spotted the problem and wants to warn you. Are you ready to listen?Many companies aren't, warns security consultant Troy Hunt. Hunt runs haveibeenpwned.com, a website that helps people discover if any of their accounts have been compromised by data breaches. Because of his role with the website, he routinely finds himself in a position to contact organizations about breaches and other security issues that he's found or that other people pass on to him.To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 06:52:00 | Tackling cybersecurity threat information sharing challenges (lien direct) | There's been considerable talk in recent years about the importance of cybersecurity information sharing. After all, few organizations can really work in a vacuum and no single organization can see all of the threats laying in wait on the internet.And many CISOs find it helpful to share notes with others in their industry to compare which strategies and practices work best and compare program maturity levels. But the nearly two-decade effort to share such information hasn't been smooth.Many organizations are wary of sharing sensitive cybersecurity information, especially with governments. Not only can such information jeopardize the security posture of an organization, it can damage customer impressions of a company and even affect stock values.To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 06:07:00 | Endpoint security in 2017 (lien direct) | Just a few years ago, there were about 6 to 10 well regarded AV vendors that dominated the market. Fast forward to 2017, and my colleague Doug Cahill and I are currently tracking around 50 endpoint security vendors. Why has this market changed so much in such a short timeframe? New types of targeted threats regularly circumvented signature-based AV software over the past few years. This weakness led to system compromises, data breaches and panicky CISOs in search of AV alternatives. This in turn persuaded the fat cats on Sand Hill Road to throw VC dollars at anything that hinted at endpoint security innovation.OK, I get the need for more than signature-based AV, but there simply isn't room in the market for 50 endpoint security vendors. Thus, it's safe to assume we'll see a lot of M&A activity and outright business failures this year. To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 05:00:00 | IDG Contributor Network: Dome9 offers multi-cloud security, adds native support for Azure (lien direct) | Dome9 Security, a cloud infrastructure security and compliance vendor, announced today that it is offering native support for the Microsoft Azure cloud platform.This is interesting because until now, Dome9 had strongly pushed an Amazon Web Services (AWS) story. The reasons for that are clear: AWS is the 1,000-pound elephant when it comes to cloud infrastructure, greatly eclipsing all other vendors in terms of market share. But reliance on a single vendor is risky, and the number of third-party vendors at AWS' recent re:Invent conference that looked uncomfortable at AWS announcements shows the folly of being completely tied to one platform.To read this article in full or to leave a comment, please click here | |||
|
2017-01-17 04:00:00 | IDG Contributor Network: Fighting cybercrime using IoT and AI-based automation (lien direct) | Last November, detectives investigating a murder case in Bentonville, Arkansas, accessed utility data from a smart meter to determine that 140 gallons of water had been used at the victim's home between 1 a.m. and 3 a.m. It was more water than had been used at the home before, and it was used at a suspicious time-evidence that the patio area had been sprayed down to conceal the murder scene.As technology advances, we have more detailed data and analytics at our fingertips than ever before. It can potentially offer new insights for crime investigators.One area crying out for more insight is cybersecurity.By 2020, 60 percent of digital businesses will suffer a major service failure due to the inability of IT security teams to manage digital risk, according to Gartner. If we pair all this new Internet of Things (IoT) data with artificial intelligence (AI) and machine learning, there's scope to turn the tide in the fight against cybercriminals.To read this article in full or to leave a comment, please click here | |||
|
2017-01-16 23:53:20 | Indian privacy case against WhatsApp gains momentum (lien direct) | A privacy lawsuit against WhatsApp in India over its new data sharing policy has got momentum with the country's top court seeking responses from Facebook, WhatsApp and the federal government.The privacy policy of WhatsApp at launch in 2010 did not allow sharing of user data with any other party, and after Facebook announced its acquisition of the messaging app in 2014, it was “publicly announced and acknowledged†by WhatsApp that the privacy policy would not change, according to the petition filed by Indian users of WhatsApp.WhatsApp sparked off a furore last year when it said it would be sharing some account information of users with Facebook and its companies, including the mobile phone numbers they verified when they registered with WhatsApp. The sharing of information will enable users to see better friend suggestions and more relevant ads on Facebook, it added.To read this article in full or to leave a comment, please click here | |||
|
2017-01-16 14:05:00 | China tightens control over app stores (lien direct) | China is requiring that all app stores operating in the country register with its Cyberspace Administration in an effort to battle malware but also to tighten control over uncensored content. The rules took effect Monday, in a country where domestic third-party app stores -- not from Apple or Google -- are serving billions of downloads to Android smartphones. Chinese internet companies such as Baidu, Tencent and a host of smaller, shadier local app stores have been feeding the demand, at a time when Google has largely pulled out of the market.To read this article in full or to leave a comment, please click here | |||
|
2017-01-16 09:52:00 | Critical flaw lets hackers take control of Samsung SmartCam cameras (lien direct) | The popular Samsung SmartCam security cameras contain a critical remote code execution vulnerability that could allow hackers to gain root access and take full control of them. The vulnerability was discovered by researchers from the hacking collective the Exploiteers (formerly GTVHacker), who have found vulnerabilities in the Samsung SmartCam devices in the past. The flaw allows for command injection through a web script, even though the vendor has disabled the local web-based management interface in these devices. The Samsung SmartCam is a series of cloud-enabled network security cameras that were originally developed by Samsung Techwin. Samsung sold this division to South Korean business conglomerate Hanwha Group in 2015 and the company was renamed Hanwha Techwin.To read this article in full or to leave a comment, please click here | |||
|
2017-01-16 07:48:00 | Cisco calls on Arista to stop selling products in US after agency reverses patent finding (lien direct) | The U.S. Customs and Border Protection (CBP) agency has revoked its November 2016 finding that Arista's redesigned products don't infringe a key Cisco patent -- as a result Cisco called on Arista to stop importing those products and recall others sold with redesigned software. The finding is the latest round in a high-stakes battle between Cisco and Arista over patents and copyrights that has been going on since 2014. In the summer of 2016 the US Trade Representative began an import ban as well as a cease and desist order covering Arista products imposed by the International Trade Commission in June where it ruled that Arista had infringed on a number of Cisco's technology patents.To read this article in full or to leave a comment, please click here | |||
|
2017-01-16 03:14:00 | (Déjà vu) New products of the week 1.16.17 (lien direct) | New products of the week Image by GSXOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Bill of IT Image by apptioTo read this article in full or to leave a comment, please click here |
|||
|
2017-01-15 10:02:00 | Pot dispensary IT director asks for help after tracking system software was hacked (lien direct) | Of course, in the digital world, anyone can claim to be anyone. Yet a person claiming to be the IT director of a medical marijuana dispensary took to Slashdot in hopes of receiving legal advice after the point of sale system the MMJ used was hacked.Denver-based MJ Freeway, a medical marijuana “seed-to-sale†tracking software company experienced a “service interruption†– that turned out to be a hack – a week ago on January 8. The hack of the point-of-sale system left more than 1,000 retail cannabis clients in 23 states unable to track sales and inventories. Without a way to keep records in order to comply with state regulations, some dispensaries shut down, while others reverted to tracking sales via pen and paper.To read this article in full or to leave a comment, please click here | |||
|
2017-01-13 13:48:00 | Google Cloud Key Management Service could help more enterprises encrypt data (lien direct) | Attackers are increasingly able to penetrate perimeter defenses, compromise accounts and mine data without targets even being aware of the attack, as the Democratic National Committee breach proved. Encrypting data is the best defense.Strong encryption of complex data structures requires a Key Management System (KMS). But implementing a KMS can be challenging, especially for enterprises below the security poverty line that don't have the budget to hire a multidisciplinary security team. Google may have a solution with its Cloud Key Management Service (CKMS) now in beta in select countries. Â To read this article in full or to leave a comment, please click here | |||
|
2017-01-13 08:06:00 | IDG Contributor Network: 3 security analytics approaches that don\'t work (but could) - Part 1 (lien direct) | Digital technologies have changed the face of business and government, and they will continue to do so at an even faster pace. They drive innovation, boost productivity, improve communications and generate competitive advantage, among other benefits.The dark side of this digital revolution has now come clearly into focus as well: McKinsey estimates that cyber attacks will cost the global economy $3 trillion in lost productivity and growth by 2020, while theft, sabotage and other damage inflicted by trusted insider personnel continue to cost organizations in lost revenues, revealed secrets and damaged reputations.To read this article in full or to leave a comment, please click here | |||
|
2017-01-13 08:05:00 | WhatsApp vulnerability could expose messages to prying eyes, report claims (lien direct) | When Facebook's WhatsApp turned on end-end-end encryption in its messaging service last year, it was a big deal. As all eyes were glued on Apple's fight with the FBI over unlocking the San Bernardino shooter's iPhone, WhatsApp took a huge step toward protecting its users' privacy by moving to encrypt all messages and calls being sent between its apps.But a new report suggests it might not be as secure as users think. According to The Guardian, a serious vulnerability in WhatApp's encryption could allow Facebook to intercept and read messages unbeknownst to the recipient, and only aware of by the sender if they have previously opted in to receive encryption warnings. The security flaw, which was discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley, can “effectively grant access (to users' messages)†by changing the security keys and resending messages.To read this article in full or to leave a comment, please click here | |||
|
2017-01-13 08:01:00 | Small businesses are prime targets for cyber attacks: SIEM-as-a-service can help (lien direct) | This column is available in a weekly newsletter called IT Best Practices. Â Click here to subscribe. Â In February 2016, quick service restaurant The Wendy's Company reported unusual payment card activity affecting some of its franchise restaurants. The breach was confirmed in May when the company revealed it had found evidence of malware on the affected stores' point-of-sale systems. Additional malicious activity was later reported in June.In a statement from the CEO, the company says it believes the cyberattacks resulted from service providers' remote access credentials being compromised, allowing access – and the ability to deploy malware – to some franchisees' point-of-sale systems.To read this article in full or to leave a comment, please click here | |||
|
2017-01-13 07:25:26 | After MongoDB, ransomware groups hit exposed Elasticsearch clusters (lien direct) | After deleting data from thousands of publicly accessible MongoDB databases, ransomware groups have started doing the same with Elasticsearch clusters that are accessible from the internet and are not properly secured.Elasticsearch is a Java-based search engine that's popular in enterprise environments. It's typically used in conjunction with log collection and data analytics and visualization platforms.The first report of an Elasticsearch cluster being hit by ransomware appeared on the official support forums on Thursday from a user who was running a test deployment accessible from the internet.To read this article in full or to leave a comment, please click here | |||
|
2017-01-12 20:17:07 | Suspected NSA tool hackers dump more cyberweapons in farewell (lien direct) | The hacking group that stole cyberweapons suspected to be from the U.S. National Security Agency is signing off -- but not before releasing another arsenal of tools that appear designed to spy on Windows systems.On Thursday, the Shadow Brokers dumped them online after an attempt to sell these and other supposedly Windows and Unix hacking tools for bitcoin.The Shadow Brokers made news back in August when they dumped hacking tools for routers and firewall products that they claimed came from the Equation Group, a top cyberespionage team that some suspect works for the NSA.To read this article in full or to leave a comment, please click here | |||
|
2017-01-12 17:34:42 | Guccifer 2.0, alleged Russian cyberspy, returns to deride US (lien direct) | As if the whodunnit into the hacking of the Democratic National Committee wasn't already confusing and murky enough, the supposed Romanian hacker who first released the emails resurfaced on Thursday to say everyone has it wrong.“I'd like to make it clear enough that these accusations are unfounded,†Guccifer 2.0 said in Thursday blog post. “I have totally no relation to the Russian government.â€Make of that what you will.According to U.S. intelligence agencies, Guccifer 2.0 is actually a front for Kremlin-backed cyberspies.“It's obvious that the intelligence agencies are deliberately falsifying evidence,†said a message on the Guccifer 2.0 blog.To read this article in full or to leave a comment, please click here | |||
|
2017-01-12 14:36:56 | Siblings arrested in Italy\'s worst cyberespionage operation ever (lien direct) | The Tuesday arrest of Giulio Occhionero and his sister, Francesca Maria, has brought to light what appears to be the biggest, and highest-profile, hacking of institutional and corporate accounts ever reported in Italy.The siblings have been planting the Pyramid Eye remote access Trojan on computers using a spear-phishing technique over the course of years, according to the arrest order.They attacked no fewer than 18,000 high-profile targets including former Prime Ministers Matteo Renzi and Mario Monti, President of European Central Bank Mario Draghi, as well as employees and heads of various ministries including Internal Affairs, Treasury, Finance, and Education.To read this article in full or to leave a comment, please click here | |||
|
2017-01-12 12:59:00 | Security Sessions: Will security budgets go up in 2017? (lien direct) | In the latest episode of Security Sessions, CSO Editor-in-Chief Joan Goodchild chats with CSO Publisher Bob Bragdon about recent research around IT budgets, and how much of the budgets are allocated towards security. They also discuss where the money is going, how much is flowing to automation and whether the CSO (or CISO) can get the attention of the board to get more money for security projects. | |||
|
2017-01-12 12:41:00 | Thoughts on incident response automation and orchestration (lien direct) | Just this week, I was reviewing several interviews I conducted with cybersecurity professionals on their organizations' processes and tools for incident response (IR) automation and orchestration. Here are a few things that jumped out at me:1. IR is still often anchored by basic tools, manual processes, and key personnel. While trouble ticketing and ITSM tools are pervasive and fairly mature, too many enterprise organizations still “ham and egg†it through incident response. In other words, they rely on paper forms, spreadsheets, email handoffs and some socially challenged security analyst who's really good a finding compromised systems and malicious network traffic. To read this article in full or to leave a comment, please click here | |||
|
2017-01-12 10:36:22 | GoDaddy revokes nearly 9,000 SSL certificates issued without proper validation (lien direct) | GoDaddy, one of the world's largest domain registrars and certificate authorities, revoked almost 9,000 SSL certificates this week after it learned that its domain validation system has had a serious bug for the past five months.The bug was the result of a routine code change made on July 29 to the system used to validate domain ownership before a certificate is issued. As a result, the system might have validated some domains when it shouldn't have, opening the possibility of abuse.Industry rules call for certificate authorities to check if the person requesting a certificate for a domain actually has control over that domain. This can be done in a variety of ways, including by asking the applicant to make an agreed-upon change to the website using that domain.To read this article in full or to leave a comment, please click here | |||
|
2017-01-12 10:23:00 | Trump\'s DHS pick urges more coordination on cyberthreats (lien direct) | President-elect Donald Trump's pick for Homeland Security chief wants to forge closer ties with the private sector in the cyber arena.Gen. John F. Kelly (Ret.), a more than four-decade veteran of the Marine Corps, appeared this week before the Senate Homeland Security and Governmental Affairs Committee for his confirmation hearing, the second of Trump's appointees to begin that process.In his testimony on cybersecurity, Kelly noted the challenges of keeping pace with an ever-evolving spate of threats from a variety of actors, and stressed the importance of the government coordinating its defense efforts and intelligence with the private-sector firms that could be targeted by attackers.To read this article in full or to leave a comment, please click here | |||
|
2017-01-12 10:21:00 | Trump\'s CIA nominee grilled on his advocacy of surveillance database (lien direct) | President-elect Donald Trump's nominee to head the Central Intelligence Agency wants to create a massive surveillance database by resurrecting a U.S. telephone records collection program, but some senators questioned what limits he would accept.CIA nominee Mike Pompeo, currently a Republican representative from Kansas, has called on Congress to reverse its mid-2015 decision to rein in the phone metadata collection program run by the National Security Agency, a sister agency to the CIA that focuses on signals intelligence.To read this article in full or to leave a comment, please click here | |||
|
2017-01-12 08:46:00 | Rudy Giuliani to coordinate regular cybersecurity meetings between Trump, tech leaders (lien direct) | Former New York Mayor Rudy Giuliani says Donald Trump has tapped him to gather top cybersecurity leaders to meet with the administration regularly to share “all the information available in the private sector†with the goal of improving national cyber defenses “because we're so far behind.†“The president elect-decided he wanted to bring in on a regular basis the people in the private sector, the corporate leaders in particular and thought leaders in the private sector who are working on security for cyber because we're so far behind,†Giuliani said on Fox and Friends.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-12 08:35:00 | Lessons for corporate IT from Geek Squad legal case (lien direct) | The life of the corporate desktop team can turn into a legal nightmare quickly if end users haven't agreed that it's OK for techs to search their machines, something that has come to light in a California child pornography case involving Best Buy's Geek Squad.In that case, Geeks working on a customer laptop found a pornographic picture and turned it over to the FBI, which paid them $500 and prosecuted the owner of the machine.Now the Geeks in question are in hot water because the arrangement with the FBI violates the corporate policies of Best Buy, which runs Geek Squad.To read this article in full or to leave a comment, please click here |
To see everything:
Our RSS (filtrered)
