What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-11-21 05:53:00 | 10 top holiday phishing scams (lien direct) | Scams to keep an eye out for Image by ThinkstockIt always happens this time of year, an influx of holiday related scams circulating the interwebs. Scams don't wait for the holidays, but scammers do take advantage of the increased shopping and distraction when things get busy to take your money and personal information. Jon French, security analyst at AppRiver, warns you of six holiday threats to watch out for.To read this article in full or to leave a comment, please click here |
|||
|
2016-11-21 05:45:00 | Security basics for the holiday season, and the year to come (lien direct) | Let's go shopping! Image by Diariocritico de VenezuelaAs far as theft and fraud are concerned, consumers face (and willingly accept) a moderate amount of risk when they shop online or out in their local neighborhoods. This holiday season is no different, but the risk is elevated some, because criminals are looking for easy marks and low-hanging fruit.To read this article in full or to leave a comment, please click here |
|||
|
2016-11-21 04:00:00 | Most hackable holiday gifts (lien direct) | Whether you are looking for a steal of deal on the latest and greatest gadgets or shopping to fulfill a loved one's wish list, have you considered if the gadget is one of the most hackable?If not, then Intel Security has considered it for you and released its second annual McAfee Most Hackable Holiday Gifts list.The company first surveyed people to find out what average consumers plans to purchase and what they know about securing their new devices; the findings included that the average consumer lacks “awareness about the potential risks associated with emerging connected devices, such as drones (20%), children's toys (15%), virtual reality tech (15%), and pet gifts (11%).â€To read this article in full or to leave a comment, please click here | |||
|
2016-11-21 03:52:00 | Network managers should be checking their list twice (lien direct) | Make sure it is a holly jolly time of the year As IT Ops teams begin preparation for the upcoming holiday season, which in retail is the busiest time of the year for web traffic, the team at BigPanda along with some other vendors have prepared a checklist of the key factors IT Ops teams need to consider to ensure their IT infrastructure is ready.To read this article in full or to leave a comment, please click here |
|||
|
2016-11-21 03:40:00 | New products of the week 11.21.16 (lien direct) | New products of the week Our roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.BetterWorks Program Autopilot Key features: BetterWorks Program Autopilot helps enterprise customers automate goal setting and performance management program administration. Automated program reminders, timely communications and usage dashboards all ensure engagement and adoption without administrative overhead. More info.To read this article in full or to leave a comment, please click here |
|||
|
2016-11-20 20:57:46 | Symantec will acquire identity protection firm LifeLock in $2.3B deal (lien direct) | Aiming to boost its consumer security business, Symantec is acquiring LifeLock, a vendor of identity protection services, for US$2.3 billion in enterprise value. The deal will create what the two companies described as the world's largest consumer security business with over $2.3 billion in annual revenue based on last fiscal year revenue for both companies. The immediate opportunity for Symantec comes from the large number of consumers worldwide that have been victims of cybercrime, generating as a result greater user concern in digital safety. The companies estimate the market at $10 billion, and growing in the high single digits. In the U.S. alone, the total addressable market is estimated to be about 80 million people.To read this article in full or to leave a comment, please click here | |||
|
2016-11-20 09:06:00 | IoT security camera infected within 98 seconds of plugging it in (lien direct) | One and a half minutes is all it took after plugging in an internet-connected security camera for the camera be infected with malware.Unlike the average Jane or Joe Doe who would not want their security camera to be immediately infected with malware, Rob Graham, CEO of Errata Security, called it “fun†to watch the infection happen. He tweet-documented his experience.Graham purchased an inexpensive device – this $55 IoT security camera made by JideTech.To read this article in full or to leave a comment, please click here | |||
|
2016-11-18 15:32:03 | Trump\'s national security pick is a cybersecurity hawk (lien direct) | Michael Flynn, the man President-elect Donald Trump plans to name as U.S. national security advisor, believes the government is falling behind on cybersecurity. Trump named Flynn to his cabinet on Friday after the former military intelligence leader acted as the top military advisor to Trump's presidential campaign. Flynn previously was director of the Defense Intelligence Agency and has served in U.S. intelligence operations in Afghanistan and Iraq. Flynn holds strong views on cybersecurity. He's called U.S. cyber capabilities “underwhelming.†“We have competitors out there that are rapidly catching up with us,†he said in a speech posted online last year. In 2014, after retiring as a general, he started a consulting firm called Flynn Intel Group that specializes in preventing cyber threats for clients.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-11-18 13:12:00 | IoT attacks could bring real-world damage (lien direct) | Members of Congress received a dire warning this week about security vulnerabilities in the so-called internet of things (IoT), as cyber experts cautioned that with billions of new devices coming online, coordinated hacking attacks could become -- literally -- a matter of life and death.House lawmakers convened the hearing on IoT security in response to last month's distributed denial-of-service attack on the internet addressing provider Dyn, which resulted in temporary outages at popular sites like Twitter and Spotify.[ Related: How the Dyn DDoS attack unfolded ]To read this article in full or to leave a comment, please click here | |||
|
2016-11-18 13:05:00 | With CIA choice, Trump picks a foe of Silicon Valley\'s encryption stance (lien direct) | In his nomination of Representative Mike Pompeo to head the CIA, President-elect Donald Trump has picked someone who has supported NSA surveillance programs and has criticized Silicon Valley's stance on encryption.Pompeo, a Republican from Kansas, is a former cavalry officer in the U.S. Army and a graduate of West Point military academy. He currently serves on the House Intelligence Committee and is perhaps best known for his role on the Benghazi committee that investigated Hillary Clinton.But his committee assignment has also put him in the middle of several recent issues that have pitched the U.S. intelligence community against major tech companies.To read this article in full or to leave a comment, please click here | |||
|
2016-11-18 12:09:00 | Attacks to make Ask.com Toolbar a conduit for malware are nipped in the bud (lien direct) | Attackers who were trying to turn the Ask.com Toolbar into a malware dispensary got caught early on when their scheme was picked up by security services that were looking for anomalies.The malicious actors are unknown but they managed to get the legitimate Ask.com toolbar update feature to place a dropper/uploader into the browsers of several customers of security firm Red Canary.Once installed, the dropper would bring in secondary malware including banking Trojans and other online-fraud code, says Keith McCammon, CSO of Red Canary. The secondary payloads varied, and some of the dozen or so compromised machines his team found had downloaded more than one kind, he says.To read this article in full or to leave a comment, please click here | |||
|
2016-11-18 10:45:00 | Virgin Galactic, start-up Boom tout supersonic passenger jet (lien direct) | Supersonic travel may indeed become a reality (again) if Sir Richard Branson's Virgin group and start-up Boom Supersonic have their way.Boom this week showed off its XB-1 Supersonic Demonstrator, or Baby Boom, a subscale prototype of what is to be the Boom supersonic passenger airliner which Boom says will be “the world's first independently developed supersonic jet and the fastest civil aircraft ever made.†The two-seat prototype aircraft is expected to make its first flight in late 2017 with a commercial passenger plane perhaps coming in few years, the company said.+More on Network World: TSA: Keep grandma's gravy at home but the turducken can fly+To read this article in full or to leave a comment, please click here | |||
|
2016-11-18 08:48:32 | UK mobile operator loses phones following data breach (lien direct) | In a twist, thieves in the U.K. hacked personal data to steal high-end smartphones, rather than hacking phones to steal personal data.The thefts came to light after mobile network operator Three noticed a recent increase in levels of handset fraud, the company said Friday.By accessing the system Three uses to manage handset upgrades, the perpetrators were able to intercept new high-end handsets on the way to the operator's customers.Three, however, said only eight devices have been illegally obtained through the upgrade activity -- compared to 400 stolen from its retail stores over the past four weeks.The company sought to reassure customers concerned that their personal information may have been accessed in the attempt to steal the upgrade phones.To read this article in full or to leave a comment, please click here | |||
|
2016-11-18 08:20:00 | (Déjà vu) IBM opens \'cyber-range\' to practice security battles (lien direct) | IBM Security has launched a network-emulation environment where corporate teams can play out attack scenarios so they are better prepared for incidents they might face in the real world. | |||
|
2016-11-18 07:48:00 | \'Wireless security at its finest\' (lien direct) | The person who submitted the above photo to Reddit's section devoted to IT rants presumably does not believe it depicts wireless security at its finest. In fact, the sarcasm oozes.However, not everyone in the forum held such a dim view.“There is nothing wrong with this,†writes another user. “It is public wi-fi. It has a slight security advantage over an open network in that it makes it more difficult to eavesdrop. The (would-be) attacker also has to capture the handshake when a client associates.â€There were supportive variations on that theme.To read this article in full or to leave a comment, please click here | |||
|
2016-11-17 22:03:46 | US lawmakers introduce bill to delay enhanced government hacking powers (lien direct) | U.S. lawmakers have introduced legislation to delay the coming into force on Dec. 1 of a rule change that aims to expand the government's ability to search computers and other digital devices across many jurisdictions with a single warrant.The new Review the Rule Act aims to delay for discussion proposed amendments to rule 41 of the Federal Rules of Criminal Procedure until July 1 next year. The changes to the rule have already been approved by the Supreme Court in April, and if Congress doesn't act to the contrary, they will go into effect on Dec. 1.To read this article in full or to leave a comment, please click here | |||
|
2016-11-17 19:14:06 | Without tech industry guidance, U.S. may resort to weakening encryption (lien direct) | Apple may have refused to help the FBI unlock an iPhone used by the San Bernardino shooter, but the tech industry is still better off working with the U.S. government on encryption issues than turning away, according to a former official with the Obama administration. “The government can get very creative,†said Daniel Rosenthal, who served as the counterterrorism director in the White House until January this year. He fears that the U.S. government will choose to “go it alone†and take extreme approaches to circumventing encryption, especially if another terrorist attack occurs.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-11-17 12:56:00 | TSA: Keep grandma\'s gravy at home but the turducken can fly (lien direct) | I am not sure how many problems the TSA has had with this but I was surprised to learn that Thanksgiving gravy is not allowed on carry-on bags.From the TSA: “Gravy is sadly prohibited from carry-on bags unless you pack it in accordance with our liquid polices mentioned above. You can also pack it in your checked baggage.â€+More on Network World: 26 of the craziest and scariest things the TSA has found on travelers+Gravy as well as cranberry sauce for that matter fall under the sometimes mysterious “Liquid Rules†which basically states that you're “allowed to take as many 3.4 ounce or smaller sized containers that will fit in one sealed, clear, quart-sized zip-top bag – and one bag per person. Make sure you take the zip-top bag out of your carry-on prior to sending it through the X-ray.â€To read this article in full or to leave a comment, please click here | |||
|
2016-11-17 10:55:20 | IoT gear will need better security to win a Z-Wave badge (lien direct) | Tighter security will soon be mandatory for IoT devices that use the popular Z-Wave wireless protocol.Starting next April, the Z-Wave Alliance will require all products to include its S2 (Security 2) framework before they can be certified as Z-Wave compliant. S2 is designed to prevent hackers from breaking into IoT devices that are on Z-Wave networks.Home IoT has recently proved to be a dangerous vector for internet-based attacks, such as the one that corralled thousands of IP cameras and other devices into the so-called Mirai botnet that disrupted internet service last month.To read this article in full or to leave a comment, please click here | |||
|
2016-11-17 10:49:00 | Trump remains frighteningly behind in cybersecurity (lien direct) | As we move into 2017, cybersecurity concerns continue to escalate. This past few months, we've seen some scary incidents, such as the Oct. 21 distributed denial of service (DDoS) attack on the DNS services at Dyn that used IoT devices like home routers and cameras as a botnet. Oh, and the last few months of the U.S. presidential election featured data breaches of the DNC and Clinton campaign manager John Podesta's email and the subsequent posting of this information on WikiLeaks.It's pretty alarming, and it doesn't appear things will get better anytime soon. This begs the question: What type of cybersecurity response can we expect from President Donald Trump's administration? To read this article in full or to leave a comment, please click here | |||
|
2016-11-17 08:14:00 | Cisco sales tick up, CEO Robbins bullish on data center, security, collaboration (lien direct) | Cisco announced Wednesday that it eked out 1% revenue growth in its fiscal first quarter, compared to the same quarter last year, in what CEO Chuck Robbins described as a “challenging global business environment.†Total revenue for the quarter, which ended October 29, was $12.4 billion. Net income was $2.3 billion, off 4% year over year. Switching, which represents about 30% of the company's sales, was down 7% in the quarter compared to last year. In an earnings call with financial analysts, CFO Kelly Kramer said the softness was in campus switching, which is two-thirds of the total switching business.CISCO NEWS: Cisco CEO Robbins: Wait til you see what's in our innovation pipeline | Cisco CEO: Spin-in technologies aren't dead at Cisco | Cisco/Ericsson: Assessing the mega-deal a year later Asked by analysts if this was a byproduct of macroeconomic trends or a product portfolio issue, Kramer chalked it up to the former, saying the company is confident of its portfolio and expects sales to pick up when spending increases.To read this article in full or to leave a comment, please click here | |||
|
2016-11-17 04:57:00 | 7 cybersecurity best practices that regulated industries deal with (lien direct) | Knowing the regs Image by ThinkstockWhether you work for an organization controlled by compliance standards or you are an independent IT firm looking to build your enterprise business, understanding industry regulations is crucial as it pertains to cybersecurity. Michael Hall, CISO, DriveSavers, provides a few best practices for businesses operating in or with regulated industries.To read this article in full or to leave a comment, please click here |
|||
|
2016-11-17 04:56:00 | Report: Surveillance cameras most dangerous IoT devices in enterprise (lien direct) | Networked security cameras are the most likely to have vulnerabilities when it comes to securing Internet of Things devices in the enterprise, according to a new report by Zscaler."I would consider the entire video camera category as particularly dangerous," said Deepen Desai, director of security research at Zscaler.Take, for example, the Flir FX wireless HD monitoring camera.Researchers found that the camera communicated with the parent company in plain text and without authentication tokens.To read this article in full or to leave a comment, please click here | |||
|
2016-11-17 04:55:00 | ISPs ordered to block LinkedIn in Russia (lien direct) | LinkedIn's network just got a little smaller: Russia's communications regulator ordered ISPs to block access to the business networking company on Thursday.Roskomnadzor made the order after a Moscow appeal court last week upheld an earlier ruling that LinkedIn breached Russian privacy laws.Tagansky district court ruled against LinkedIn on Aug. 4, following a complaint from the Russian federal service for the supervision of communications, information technology and mass media that its activities breached a law requiring businesses handling Russians' personal data to process that data in Russia.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords Roskomnadzor said it filed suit after LinkedIn failed to respond to two requests for information about its plans for relocating the data to Russia.To read this article in full or to leave a comment, please click here | |||
|
2016-11-16 19:03:12 | University\'s IT outsourcing could trigger discrimination lawsuit (lien direct) | A group of laid-off IT workers at the University of California, San Francisco may resort to filing a lawsuit against the school, accusing it of discrimination by outsourcing their jobs to an all Indian staff. It's a legal tactic that U.S. IT workers are increasingly considering to try and block employers from allegedly replacing their jobs with foreign workers. In the case of UCSF, the school is dismissing 49 permanent employees from its IT department and contracting the work to outside firms. But in doing so, the school is also getting rid of a diverse staff comprised of Americans from various ethnicities, and replacing them with Indian workers from one of the contractors, the laid-off workers said.To read this article in full or to leave a comment, please click here | |||
|
2016-11-16 14:00:00 | IBM sets up test range to practice fighting nightmare cyber battles safely (lien direct) | IBM Security has launched a network-emulation environment where corporate teams can play out attack scenarios so they are better prepared for incidents they might face in the real world.The facility, called a cyber range (as in shooting range), provides a place for enterprises to practice incident-response, not only for their IT and IS staffs but also for company directors, C-level executives, corporate counsel, human resources pros, public relations staff – anyone who might be drawn into an actual cyber emergency.+More on Network World: IBM: Many companies still ill-prepared for cyber attacks+To read this article in full or to leave a comment, please click here | |||
|
2016-11-16 11:47:00 | Congress members try to grasp enormity of IoT DDoS attacks (lien direct) | Today I watched an interesting Energy and Commerce subcommittee hearing about “Understanding the Role of Connected Devices in Recent Cyber Attacks.†The attacks refer to when insecure IoT devices infected with Mirai malware hammered DNS provider Dyn in October.The hearing included testimony, as well as submitted prepared remarks, from Dale Drew (pdf), CSO and senior vice president of Level 3 Communications; crypto and privacy guru Bruce Schneier (pdf); and Dr. Kevin Fu (pdf), who helped shock the world years ago by saying pacemakers and implantable cardiac defibrillators were vulnerable to hackers. You can read the experts' testimonies for specific concerns and suggestions, but this is primarily based on paraphrased commentary during the hearing.To read this article in full or to leave a comment, please click here | |||
|
2016-11-16 11:25:00 | IBM: Many companies still ill-prepared for cyber attacks (lien direct) | When it comes to responding to cyber-attacks it seems many companies are severely lacking.A study out this week conducted by the Ponemon Institute and sponsored by Resilient an IBM company said that 66% of the 2,400 security and IT professionals they interviewed said their organization is not prepared to recover from cyberattacks.+More on Network World: Cisco: Potent ransomware is targeting the enterprise at a scary rate+According to Ponemon, for the second straight year the Cyber Resilient Organization study showed that incident response challenges are hindering what the researchers called cyber resilience or what they define as the as “the alignment of prevention, detection, and response capabilities to manage, mitigate, and move on from cyberattacks.â€To read this article in full or to leave a comment, please click here | |||
|
2016-11-16 09:03:30 | US lawmakers balk at call for IoT security regulations (lien direct) | The U.S. government needs to pass regulations mandating internet of things security measures before device vulnerabilities start killing people, a security expert told lawmakers.A massive distributed denial-of-service attack aided by IoT devices in October "was benign" because a couple of websites crashed, said Bruce Schneier, a veteran cybersecurity researcher and lecturer at Harvard University. But the next attack may be more dangerous.With cars, airplanes, thermostats, and appliances now connected to the internet, "there's real risk to life and property, real catastrophic risk," Schneier told two House of Representatives subcommittees Wednesday.To read this article in full or to leave a comment, please click here | |||
|
2016-11-16 08:40:00 | Cybersecurity fabric vs. a security platform: Fabric wins (lien direct) | The shift to digital has introduced several new technologies into businesses. Internet of Things (IoT), mobility, cloud and the like allow companies to become highly agile and move with speed.However, the increased agility businesses are realizing has come with a price, which is that the complexity of IT has never been higher. There are many implications to increased complexity, but the biggest is that securing the business has become more difficult.INSIDER: 5 ways to prepare for Internet of Things security threats Securing organizations used to be straight forward: Put up a big, expensive firewall at the sole ingress/egress point, and all was good. Today there are dozens or even hundreds of entry points created from an increase in the use of cloud services, mobile workers and consumer devices. Security must now be applied at the perimeter, but also in the data center, campus, cloud, branch offices and anywhere else the business might have assets or people.To read this article in full or to leave a comment, please click here | |||
|
2016-11-16 07:46:00 | SWIFT has not seen its last \'bank robbery\' (lien direct) | A former CSO of the World Bank Treasury calls the SWIFT system outdated and open to malware attacks. Those vulnerabilities could lead to manipulation of financial transactions.SWIFT is the interbank financial messaging system for sending international money transfer instructions. The Society for Worldwide Interbank Financial Telecommunications, which the industry refers to as the SWIFT co-op maintains this system.CSO looks at the SWIFT co-op's denial of the real issue, the cost of attacks, informed expert insights into these security flaws, how hackers are using and abusing these to their profit, and what the co-op should do to seal its messaging system to mitigate further falsifications.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-11-16 07:38:00 | Cisco Founders Forum: One creative way to keep & energize talent (lien direct) |
The tech industry brims with examples of bright entrepreneurs who have struck it big by selling their startups and then hightailing it out of those larger companies once contractually eligible so that they can pursue their next venture.So what the heck is Matt Cutler still doing at Cisco three years after selling his mobile collaboration startup to the networking giant? Well, among other things, he's teaching a bunch of his peers who have stayed at Cisco after having their own companies acquired -- as well as any Cisco lifers who will listen -- a thing or two about how to keep cranking out new ideas. Cisco
Matt Cutler, Lead Evangelist for Cisco Cloud Collaboration Technologies, has big ideas on ideation.To read this article in full or to leave a comment, please click here |
Guideline | ||
|
2016-11-16 05:22:00 | Is critical infrastructure the next DDoS target? (lien direct) | The massive Distributed Denial of Service (DDoS) attack last month on Dyn, the New Hampshire-based Domain Name System (DNS) provider, was mostly an inconvenience.While it took down a portion of the internet for several hours, disrupted dozens of major websites and made national news, nobody died. Nobody even got hurt, other than financially.But the attack, enabled by a botnet of millions of Internet of Things (IoT) devices, inevitably led to speculation on what damage a DDoS of that scale or worse could do to even a portion of the nation's critical infrastructure (CI).To read this article in full or to leave a comment, please click here | |||
|
2016-11-16 02:45:00 | Welcome to the 11th Gibbs Golden Turkey Awards (lien direct) | Back for 11th helpings? Image by Mark Gibbs / psdblast.comWelcome, once again, to the Gibbs Golden Turkey Awards. It's been a few years since our last effort to point the digit of disdain at those individuals, companies or entities that don't, won't or can't come to grips with reality, maturity, ethical behavior and/or social responsibility because of their blindness, self-imposed ignorance, thinly veiled political agenda, rapaciousness and greed, or their blatant desire to return us to the Dark Ages. Or all of those sins combined. But that lapse aside, with loins girded anew with cheap girders, we undertake again the traditional annual roasting of those who deserve a damn good basting. Without further ado, here in reverse order, are the top 10 Golden Turkeys for 2016 …To read this article in full or to leave a comment, please click here |
|||
|
2016-11-15 15:20:00 | Akamai: Look for IoT devices to attack during Thanksgiving, Christmas (lien direct) | The annual holiday uptick in denial of service attacks will likely continue this year only this time with a new devastating weapon: Internet of Things (IoT) devices, according to Akamai.In its quarterly State of the Internet/Security Report, the company says certain types of DDoS attacks are on the rise compared to the third quarter last year, both in size and number. That doesn't bode well for users of the internet starting next week.“Thanksgiving, Christmas, and the holiday season in general have long been characterized by a rise in the threat of DDoS attacks,†the report says. “Malicious actors have new tools - IoT botnets - that will almost certainly be used in the coming quarter.â€To read this article in full or to leave a comment, please click here | |||
|
2016-11-15 14:30:00 | Planetary scientists push for unique asteroid deflection mission (lien direct) | Planetary scientists got together this week in Berlin express support for the future European/NASA asteroid redirect mission to develop technology that one day might prevent the Earth from being smacked by a destructive asteroid.+More on Network World: How to protect Earth from asteroid destruction+Proponents are trying to garner worldwide support for the mission pointing to the European Space Administration ministerial conference in Luzern next month where the decision will be made whether or not to fund the ESA's Asteroid Impact Mission (AIM). AIM is part of an over-arching collaborative effort with NASA known as theAsteroid Impact and Deflection Assessment (AIDA) mission.To read this article in full or to leave a comment, please click here | |||
|
2016-11-15 11:05:00 | Super Mari-owned: Startling Nintendo-based vulnerability discovered in Ubuntu (lien direct) | A vulnerability in a multimedia framework present on Version 12.04.5 of Ubuntu can be exploited by sound files meant to be played on the venerable Nintendo Entertainment System, according to security researcher Chris Evans. The vulnerability is the result of a flaw in an audio decoder called libgstnsf.so, which allows gstreamer Version 0.10 to play the NSF files that the NES uses for music. NSF files, when played, use the host system's hardware to create a virtualized version of the NES' old 6502 processor and sound hardware in real time. +ALSO ON NETWORK WORLD: Cool Yule Tools 2016: Digital disruption at Santa's Workshop + Android deems Instagram worthy of its presenceTo read this article in full or to leave a comment, please click here | |||
|
2016-11-15 10:30:00 | Netgear\'s Arlo Go camera makes security more mobile (lien direct) | In the world of networked cameras used for security situations (in home and at work), most (if not all) of the devices required an external power source as well as access to a Wi-Fi network. Netgear, through its Arlo division/brand, wants to change that with its new line of cameras that run without external power as well as LTE network support. The Arlo Go Mobile HD Security Camera (model LTE-VML4030) uses 3G and 4G LTE (via the AT&T network) for its connectivity, letting users place the cameras in areas where Wi-Fi doesn't exist (think rural, vacation cabins, marinas, farms, etc.). The camera features quick-charge rechargeable batteries, meaning you don't have to put them near a power outlet (although you can keep it charged via power cord if you like). For local storage of video footage, a built-in microSD card slot is available (in case Internet access is disrupted). The camera also supports two-way audio (with its built-in microphone and speaker), motion and audio detection, night vision, live viewing and weatherproofing for outdoor placement.To read this article in full or to leave a comment, please click here | |||
|
2016-11-15 08:34:00 | IDG Contributor Network: 2017 breach predictions: The big one is inevitable (lien direct) | We've reached that time of year where everyone in the security industry is pulling together predictions for what we expect to see over the next year, and/or slowly backing away from any imperfect predictions we might have put forth the year before.Last year, I offered up a number of predictions, but the one continuing to make huge waves in 2017 is around data integrity attacks. Quite simply, I expect that we'll see more intricate, complex and undetected data integrity attacks and for two main reasons: financial gain and/or political manipulation.To read this article in full or to leave a comment, please click here | |||
|
2016-11-15 07:50:00 | Goodbye, NAC. Hello, software-defined perimeter (lien direct) | Those of us who've been around security technology for a while will remember the prodigious rise of network access control (NAC) around 2006. Now, the ideas around NAC had been around for several years beforehand, but 2006 gave us Cisco's network admission control (aka Cisco NAC), Microsoft's network access protection (NAP) and then a whole bunch of venture-backed NAC startups (ConSentry, Lockdown Networks, Mirage Networks, etc.).There were lots of reasons why the industry was gaga over NAC at the time, but it really came down to two major factors: Broad adoption of WLANs. In 2006, wireless networking based upon 802.11 was transforming from a novelty to the preferred technology for network access. I also believe laptop sales first overtook desktop computer sales around this same timeframe, so mobility was becoming an IT staple as well. Many organizations wanted a combination of NAC and 802.1X so they could implement access policies and monitor who was accessing the network. A wave of internet worms. The early 2000s produced a steady progression of internet worms, including Code Red (2001), Nimda (2001), SQL Slammer (2003), Blaster (2003), Bagel (2004), Sasser (2004), Zotob (2005), etc. These worms could easily spread across an entire enterprise network from a single PC as soon as a user logged on. NAC was seen as a solution to this problem by providing point-to-point PC inspection and authentication over Layer 2 before systems were granted Layer 3 network access. NAC really was a good idea, but the space was over invested and many of the products were difficult to deploy and manage. As a result, NAC enthusiasm faded, although NAC deployment was making slow but steady progress. As NAC became a niche product, it lost its panache. Heck, my friends at Gartner even killed the NAC MQ when there were few vendors left and not much to write about.To read this article in full or to leave a comment, please click here | APT 15 | ||
|
2016-11-15 07:06:00 | Half of banking customers now using fintech (lien direct) | Financial technology (fintech) products and services are picking up tremendous steam, particularly with younger, tech-savvy and affluent customers, according to the World FinTech Report 2017 (WFTR), recently released by Capgemini, LinkedIn and Efma (a global nonprofit organization composed of banks and insurance companies). But even as fintech firms reshape the financial services landscape, customers are struggling to trust them."We're seeing adoption across the globe," says Bill Sullivan, head of Global Financial Services Market Intelligence at Capgemini Financial Services. "It's not so much replacing incumbents as adding on."[ Related: How 3 fintech startups are shaking up security ]To read this article in full or to leave a comment, please click here | |||
|
2016-11-15 06:00:00 | IDG Contributor Network: Synack delivers crowdsourced security for government, snags IRS contract (lien direct) | Government departments tend to be seen as “top shelf†IT customers. They tend to use larger providers, use more traditional delivery mechanisms and have a conservative approach towards newer ways of working. So, when Synack, a crowdsourced cybersecurity vendor, told me it secured a contract with the IRS, I was intrigued.+ Also on Network World: How the government can help businesses fight cyber attacks + First, a little bit about what Synack does: The company is following something of an ongoing trend in the security space in that it wrangles a bunch of “ethical hackers†to essentially try and break a client's IT systems. The idea being that those hackers can ply their trade, but instead of intruding onto organizations' IT systems out of malice, they can do so as a service (and, it must be added, for a payment). Founded in 2013 by former NSA security experts Jay Kaplan, CEO, and Dr. Mark Kuhr, CTO, Synack feels very similar to HackerOne, a company now headed by Marten Mickos of MySQL fame.To read this article in full or to leave a comment, please click here | |||
|
2016-11-15 05:01:00 | How automated investigation can accelerate threat detection (lien direct) | Finding threats quicker Image by ThinkstockCyber‫ security analysts are overwhelmed with the pressure of keeping their companies safe. Not only do they need to filter through countless alerts, many of which turn out to be false positives, but also the volume of real threats is growing exponentially. They quickly need to triage and move on, stopping the most pressing threats – but not always the most dangerous. Cyber analysts need a new, holistic approach to threat detection that monitors, analyzes and cross-references data across multiple dimensions to help them detect complex threats as early as possible.To read this article in full or to leave a comment, please click here |
|||
|
2016-11-15 04:45:00 | Security analysis of popular IoT devices (lien direct) | Have you wondered if your internet-connected devices are infected with Mirai malware and were part of the DDoS attacks?In response to the recent IoT DDoS attacks, researchers at Zscaler analyzed IoT traffic patterns not only on the days of the DDoS attacks on Dyn and Krebs on Security, but going back to July.While Zscaler does not believe any of the devices connected to Zscaler Cloud had been compromised and used in the IoT botnet attacks, ThreatLabz researchers analyzed the security of five security cameras, three smart TV entertainment devices, three smart network printers and scanners, two DVRs and NVRs, two IP phones and a partridge in a pear tree. The last one of course was just to see if you were paying attention: no partridges were harmed in the course of this research.To read this article in full or to leave a comment, please click here | |||
|
2016-11-15 04:30:00 | IDG Contributor Network: What is the General Data Protection Regulation and why should you care? (lien direct) | In 2012, the European Commission proposed new regulations on data protection that would supersede the national laws of the 28 EU member states. It was formally approved in April this year, and it will go into effect May 25, 2018. This General Data Protection Regulation (GDPR) introduces several major changes that will impact many organizations worldwide. The smart move is to familiarize yourself with the incoming regulation now, and begin preparing to comply with your obligations. The GDPR will apply to any business that operates within the EU, but also any company that processes data from EU citizens. It doesn't matter where the organization is located.To read this article in full or to leave a comment, please click here | |||
|
2016-11-14 16:13:52 | This malware attack starts with a fake customer-service call (lien direct) | Hotel and restaurant chains, beware. A notorious cybercriminal gang is tricking businesses into installing malware by calling their customer services representatives and convincing them to open malicious email attachments. The culprits in these hacks, which are designed to steal customers' credit card numbers, appear to be the Carbanak gang, a group that was blamed last year for stealing as much as $1 billion from various banks. On Monday, security firm Trustwave said that three of its clients in the past month had encountered malware built with coding found in previous Carbanak attacks.To read this article in full or to leave a comment, please click here | |||
|
2016-11-14 12:23:00 | 12 steps to lower your espionage risk (lien direct) | "What company would not like to know exactly what its competitor is doing?"When we talk about corporate espionage, we're talking about companies stealing information that gives them a competitive or economic advantage, writes Chuck Easttom in the new 3rd edition of his book Computer Security Fundamentals. It's not showy, often low-tech and sometimes downright dirty, as exemplified by Oracle CEO Larry Ellison's admission that he "hire[d] private investigators to sift through Microsoft garbage in an attempt to garner information."To read this article in full or to leave a comment, please click here | |||
|
2016-11-14 12:00:00 | UK approves extradition of British hacker to the US (lien direct) | A U.K. official has ordered the extradition of a British man to the U.S. on charges of hacking government computers belonging to NASA and the Department of Defense. Lauri Love, a 31-year-old hacktivist, has been fighting his extradition, but on Monday, U.K. Home Secretary Amber Rudd signed the order. "Mr. Love has been charged with various computer hacking offences which included targeting U.S. military and federal government agencies," the U.K. Home Office said in a statement. The U.S. originally charged Love in 2013 for allegedly stealing confidential data from thousands of government employees, including Social Security numbers and credit card details. U.S. investigators accuse Love and his accomplices of causing millions of dollars in damages.To read this article in full or to leave a comment, please click here | |||
|
2016-11-14 11:12:00 | Your security mirages (lien direct) | Yes, I was hit last week. Forensics are in progress. I got doxxed, too.It has made me realize that most of systems security is an illusion. Here are my favorite alternate realities:1. Everything is safe behind the firewall.Ever heard of UBFWI-as in User's Been Fooling With It? While IPD/IPS and firewall networked-technology has improved so vastly, there's nothing like a user with an infected laptop to bring in a lulu.2. Obscure operating systems never get hit. Hackers only go for the gold with Windows.Here, let me laugh out loud and roll on the floor. Mine was an obscure server version on an obscure branch of an obscure BSD limb. Listen to the sound of lunch getting eaten: mine. Chomp, chomp, burp.To read this article in full or to leave a comment, please click here | APT 15 | ||
|
2016-11-14 09:47:00 | Kaspersky: Windows-bundled Defender is anticompetitive, Russia opens antitrust probe (lien direct) | After Eugene Kaspersky, the founder of Kaspersky Lab, ripped into Microsoft for anticompetitive behavior in Windows 10, the Russian Federal Antimonopoly Service (FAS) opened a case against Microsoft for “abusing dominance.â€Microsoft claimed to have a “long history of cooperation†with Kaspersky and that it is “committed to work in full compliance with Russian law.â€Yet, Russia has already decided to block Microsoft-owned LinkedIn, since the law requires Russian citizens' personal data to be stored on servers within its country. In the past, Microsoft made LinkedIn censorship changes to cater to China, as opposed to being blocked like Google and Facebook. It remains to be seen if Microsoft will localize Russian users' data as the country's law demands. The New York Times added that it was unclear why LinkedIn was targeted, “rather than any other major social networking site,†but that is a “sign of growing tensions for American tech companies operating†in Russia.To read this article in full or to leave a comment, please click here |
To see everything:
Our RSS (filtrered)
