What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-10-31 11:54:00 | IBM deploys machine learning to bolster online banking security program (lien direct) | Behavioral biometrics that uses machine learning is behind new features being added to IBM's Trusteer Pinpoint Detect platform, which financial institutions use to head off crooks who may have stolen the username and password of legitimate account holders.The new feature looks for anomalies between legitimate users' normal mouse gestures and those of the current user, and over time refines the accuracy of its analysis, says Brooke Satti Charles, Financial Crime Prevention Strategist for IBM Security.That analysis creates a risk score that banks can use to decide whether an ongoing transaction is fraudulent and trigger an alert. The institutions have to decide what to do about the alerts, but they could cut off the transaction or require further ID before the customer is allowed to continue, she says.To read this article in full or to leave a comment, please click here | |||
|
2016-10-31 07:35:00 | Shadow Brokers leak list of NSA targets and compromised servers (lien direct) | The Shadow Brokers are back, releasing message 5 - trick or treat. This time, instead of releasing Equation Group exploit tools, the group dumped a list of servers allegedly compromised by the NSA-linked Equation Group.As usual, the Shadow Brokers included a slaughtered-English rambling message which primarily focused on the upcoming elections. One portion reads: TheShadowBrokers is having suggestion. On November 8th, instead of not voting, maybe be stopping the vote all together? Maybe being grinch who stopped election from coming? Maybe hacking election is being the best idea? #hackelection2016.To read this article in full or to leave a comment, please click here | |||
|
2016-10-31 07:28:00 | Trend Micro\'s Enterprise Play (lien direct) | I spent a few days with Trend Micro last week at its Insight event here in Boston. While Trend is a $1 billion + global cybersecurity vendor, too many cybersecurity professionals still think of Trend as an Asian-based AV player.   This perception is completely antiquated however, as Trend now offers: A tightly-integrated next-generation endpoint security suite. There's a lot of industry rhetoric out there proclaiming Trend as a legacy AV vendor. Don't believe it! Yes, Trend Micro's endpoint security product has been around forever but the company has continuously enhanced it technology to keep up with the latest requirements. Most recently, Trend added machine learning for pre- and post-execution prevention/detection of 0-day malware which puts in on par with the next-generation endpoint security crowd. Oh, and Trend also offers its own EDR functionality as well. Armed with its new product, Trend's layered endpoint defense should meet the security efficacy and operational efficiency requirements of even the most demanding enterprises. A strong network security defense portfolio. Now that the dust has settled from Trend's acquisition of TippingPoint a year ago, the company also has robust products for network security. After HP let TippingPoint languish for a few years, Trend is once again investing in R&D, enhancing its IPS performance and usability. Furthermore, Trend plans to integrate TippingPoint network prevention capabilities with its Deep Discovery network “sandbox†for malware detection.   This integration should bolster security while streamlining operations. Trend faces stiff competition here and the company doesn't offer a network firewall, but its IPS/sandbox story should play well, especially in the small enterprise market. Cloud and virtualization support. Trend has a history here as it was one of the first vendors to work with VMware VMSafe APIs years ago. Today, Trend provides server security tools for VMware NSX as well as other cloud technologies like OpenStack, Amazon AWS, Microsoft Azure, etc. It has quietly become a hybrid cloud security leader while it watches for opportunities with container security in the near future.   A reputation for good field and product support. While our industry is gaga over “next-generation†security technologies, Trend recognizes that technology alone isn't enough. To bridge this gap, Trend is committed to training its people, hiring field engineering talent, and providing proactive support. Several customers I spoke with raved about Trend's support capabilities, saying that they view the Trend people as, “an extension of my own staff.â€Â This is strong compliment indeed. These highlights just scratch the surface of what's happening at Trend Micro. The company's enterprise portfolio also includes threat intelligence, email security, DLP, etc.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-10-31 06:08:00 | 17 essential tools to protect your online identity, privacy (lien direct) | Make no mistake: Professional and state-sponsored cybercriminals are trying to compromise your identity -- either at home, to steal your money; or at work, to steal your employer's money, sensitive data, or intellectual property.Most users know the basics of computer privacy and safety when using the internet, including running HTTPS and two-factor authentication whenever possible, and checking haveibeenpwned.com to verify whether their email addresses or user names and passwords have been compromised by a known attack.[ Watch out for 11 signs you've been hacked -- and learn how to fight back, in InfoWorld's PDF special report. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ] But these days, computer users should go well beyond tightening their social media account settings. The security elite run a variety of programs, tools, and specialized hardware to ensure their privacy and security is as strong as it can be. Here, we take a look at this set of tools, beginning with those that provide the broadest security coverage down to each specific application for a particular purpose. Use any, or all, of these tools to protect your privacy and have the best computer security possible.To read this article in full or to leave a comment, please click here | |||
|
2016-10-31 06:02:00 | Why don\'t developers have a \'spellchecker\' for security\'? (lien direct) | Despite all the news coverage about successful cyberattacks, developers are still writing code full of security vulnerabilities.Of course, nobody is perfect. We all make mistakes, and as software projects get more and more complex, it can be easy to mix potential problems.But that doesn't explain why so much software is full of the most basic errors.According to a report released this month by Veracode, 61 percent of all internally-developed applications failed a basic test of compliance with the OWASP Top 10 list on their first pass. And commercially developed software did even worse, with a 75 percent failure rate.These are basic, well-known problems, like SQL injections and cross-site scripting.To read this article in full or to leave a comment, please click here | |||
|
2016-10-31 06:00:00 | Why Blockchain\'s growing pains will be worth it (lien direct) |
HALF MOON BAY, Calif. – Experts at a recent technology conference agreed that blockchain has a bright future, but warned it may be a rocky ride until that future arrives. Blockchain is a distributed database that uses a secure digital ledger of transactions that users can share across a computer network. It's also the technology behind virtual currency bitcoin.      “When you are at the leading edge there will be mistakes. People will get a lot wrong in the next five years. I think of it kind of like running with scissors,†says Constellation Research analyst Steve Wilson at the Oct. 26 Connected Enterprise conference hosted by his company. Constellation Research Connected Enterprise conference
From left to right: Shawn Wiora, CEO of Maxxsure, Silicon Valley Product Exec Chirag Mehta, and Aron Dutta, Global Head of Blockchain at IBMTo read this article in full or to leave a comment, please click here |
Guideline | ||
|
2016-10-31 05:13:48 | Joomla websites attacked en masse using recently patched exploits (lien direct) | Attackers are aggressively attacking Joomla-based websites by exploiting two critical vulnerabilities patched last week.The flaws allow the creation of accounts with elevated privileges on websites built with the popular Joomla content management system, even if account registration is disabled. They were patched in Joomla 3.6.4, released Tuesday.Hackers didn't waste any time reverse engineering the patches to understand how the two vulnerabilities can be exploited to compromise websites, according to researchers from Web security firm Sucuri.To read this article in full or to leave a comment, please click here | |||
|
2016-10-31 03:15:00 | Beat the bad guys at their own game with SafeBreach\'s simulated cyberattacks (lien direct) | The best way to get experience with most jobs or tasks is to do them. It's difficult to learn how to drive a car without getting behind the wheel. Soldiers need to face the enemy in order to gain combat experience. And IT administrators have to experience and mitigate attacks to learn how to best defend their networks. The problem with these scenarios is that they involve a degree of risk. It's not all that helpful to learn how to counter a cyberattack if the first one you experience puts your company out of business. That's where the SafeBreach continuous security validation platform comes in. Deployed as a service, through the cloud or internally, it can show cybersecurity teams exactly where the network vulnerabilities are and how to plug those holes. It can even run wargames so that IT teams can learn the best ways to respond to attacks on their actual networks.To read this article in full or to leave a comment, please click here | |||
|
2016-10-31 03:08:00 | New products of the week 10.31.16 (lien direct) | New products of the week Our roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Atlantis Workspace Infrastructure integrated with Citrix Key features: Atlantis integrated workspace infrastructure into the Citrix management suite. The combination of applications, management and infrastructure into a single PaaS solution will lower cost and complexity for managing virtual workspaces. More info.To read this article in full or to leave a comment, please click here |
|||
|
2016-10-30 08:26:00 | FBI doesn\'t have a warrant to review new emails linked to Clinton investigation (lien direct) | After seeing reports that the Justice Department is “furious†at FBI Director Comey for telling Congress about new emails potentially related to Hillary Clinton's private email server and if she disclosed classified information, the Clinton campaign “made it personal†and accused Comey of a smear campaign. Comey, ironically the same FBI guy who recommended no criminal charges for Clinton, is now being treated like her enemy.“It is pretty strange to put something like that out with such little information right before an election,†Clinton said during a rally at Daytona Beach on Saturday. “In fact, it's not just strange; it's unprecedented and deeply troubling.†She added, “So we've called on Directory Comey to explain everything right away, put it all out on the table.â€To read this article in full or to leave a comment, please click here | |||
|
2016-10-28 17:47:55 | Hacking forum cuts section allegedly linked to DDoS attacks (lien direct) | An online hackers' forum has deleted a section that allegedly offered paid distributed denial-of-service attacks, following last Friday's massive internet disruption. HackForums.net will be shutting down the "Server Stress Testing" section, the site's admin Jesse "Omniscient" LaBrocca said in a Friday posting. "I do need to make sure that we continue to exist and given the recent events I think it's more important that the section be permanently shut down," he wrote. The section was designed to let members offer so-called stress testing services for websites as a way to check their resiliency. However, security firms claim Hack Forums was actually promoting DDoS-for-hire services that anyone can use to launch cyber attacks.To read this article in full or to leave a comment, please click here | |||
|
2016-10-28 14:39:49 | Lost thumb drives bedevil US banking agency (lien direct) | A U.S. banking regulator says an employee downloaded a large amount of data from its computer system a week before he retired and is now unable to locate the thumb drives he stored it on.The Office of the Comptroller of the Currency, which is a part of the Department of the Treasury, said the loss represented "a major information security incident" as it reported the case to Congress on Friday.The data was taken in November 2015, but its loss was only discovered in September this year as the agency reviewed downloads to removable media devices in the last two years.The employee in question used two thumb drives to store the information, both of which he is unable to locate, the agency said.To read this article in full or to leave a comment, please click here | |||
|
2016-10-28 11:59:00 | Companies complacent about data breach preparedness (lien direct) | The likelihood that companies will experience a security incident continue to rise every year. While most organizations have put a data breach preparedness plan in place to combat such incidents, most executives aren't updating or practicing the plan regularly, according to study released earlier this month."When it comes to managing a data breach, having a response plan is simply not the same as being prepared," Michael Bruemmer, vice president at Experian Data Breach Resolution (which sponsored the study) said in a statement. "Unfortunately many companies are simply checking the box on this security tactic. Developing a plan is the first step, but preparedness must be considered an ongoing process, with regular reviews of the plan and practice drills."To read this article in full or to leave a comment, please click here | |||
|
2016-10-28 11:58:00 | After DDOS attack, senator seeks industry-led security standards for IoT devices (lien direct) | Last week's massive distributed denial-of-service attack has prompted an urgent focus on the need for industry-led cybersecurity standards for internet of things devices.U.S. Sen. Mark Warner, (D-Va.) said Thursday that he favors an industry-based approach before seeking some form of government regulation of IoT security.“Last week's attack does reveal a new level of vulnerability, and I'm trying to make it clear ... that this is not a problem that the government ought to be the first actor in solving,†he said in a telephone interview.To read this article in full or to leave a comment, please click here | |||
|
2016-10-28 11:39:33 | FBI to probe new emails related to Clinton\'s private server (lien direct) | The FBI has uncovered new emails related to Hillary Clinton's use of a private email server, prompting federal authorities to investigate them.The FBI discovered the emails as part of an "unrelated case," FBI Director James Comey said in a letter to a congressional committee that was later tweeted on Friday.These emails "appear to be pertinent" to the FBI's original investigation into Clinton's private server use, which the agency wrapped up back in July, Comey said. Clinton, now the Democratic nominee for U.S. president, used the privacy server while she served as secretary of state.To read this article in full or to leave a comment, please click here | |||
|
2016-10-28 10:18:39 | New Windows code injection method could let malware bypass detection (lien direct) | Security researchers have discovered a new way that allows malware to inject malicious code into other processes without being detected by antivirus programs and other endpoint security systems.The new method was devised by researchers from security firm Ensilo who dubbed it AtomBombing because it relies on the Windows atom tables mechanism. These special tables are provided by the operating system and can be used to share data between applications."What we found is that a threat actor can write malicious code into an atom table and force a legitimate program to retrieve the malicious code from the table," Ensilo researcher Tal Liberman said in a blog post. "We also found that the legitimate program, now containing the malicious code, can be manipulated to execute that code."To read this article in full or to leave a comment, please click here | |||
|
2016-10-28 07:43:00 | Security apps you need on your new Pixel (lien direct) | Google's new Pixel phone Image by GoogleAll the brand new features of the Pixel will not protect it from increasingly frequent security threats: each user should take necessary precautions in order to protect their data, passwords or any sensitive online transactions. A new smartphone is also an attractive one-stop location for hackers who'd like to access personal bank account data, credit card passwords, name, address, social media accounts and so on.To read this article in full or to leave a comment, please click here |
|||
|
2016-10-28 04:30:00 | IDG Contributor Network: How the government can help businesses fight cyber attacks (lien direct) | When a criminal robs a store, the police visit the scene, conduct an investigation and try to bring the perpetrator to justice. What happens when a criminal breaches that same store's server and makes off with its customer's credit-card numbers? I'd argue that the response to the physical crime would be much greater and effective than how the cyber crime would be handled, although cyber attacks have the potential to cause more damage than robberies.Blame cyber criminals, not nation-states, for attacks While nation-states are typically blamed for breaches, the culprits are usually cyber criminals who are using nation-state techniques and procedures. Companies likely claim infiltration by nation-state attackers because it provides them with some cover from lawsuits and preserves business deals and partnerships. (Yahoo is using this tactic with little success.) The reasoning could look like this: how could our organization protect itself from attackers who have the support and resources of a major government? We're simply outgunned.To read this article in full or to leave a comment, please click here | Yahoo | ||
|
2016-10-28 04:00:00 | IDG Contributor Network: How much does a data breach actually cost? (lien direct) | The American public has become so inured to data breaches that it's difficult to remember them all. Infamous breaches like the ones at Target and Sony become almost forgettable when confronted with the recently disclosed half-billion accounts compromised at Yahoo in 2014.The numbers are simply staggering. It is estimated over 900,000,000 records of personally identifiable information (PII) have been stolen in the U.S. over the past few years. Keeping a memory of all the hacks and when they happened may require the use of complex data visualization.To read this article in full or to leave a comment, please click here | Yahoo | ||
|
2016-10-27 23:42:34 | Pennsylvania man sentenced to 18 months for celeb hacking (lien direct) | A Pennsylvania man was sentenced to 18 months in federal prison on charges of hacking the Google and Apple email accounts of over 100 people including celebrities, and getting access to nude videos and photographs of some people.The sentencing against Ryan Collins, 36, of Lancaster is the offshoot of a Department of Justice investigation into the online leaks of photographs of numerous female celebrities in September 2014, widely referred to as "Celebgate."But DOJ has not found any evidence linking Collins to the actual leaks or the sharing and uploading of the content.Between November 2012 and early September 2014, Collins is said to have sent e-mails to victims that appeared to be from Apple or Google and asked them to provide their usernames and passwords. Having gained access to the email accounts, he got hold of personal information including nude photographs and videos, and in some cases used a software program to download the entire contents of the victims' Apple iCloud backups, according to DOJ.To read this article in full or to leave a comment, please click here | |||
|
2016-10-27 21:13:51 | Personal data of 550,000 Red Cross blood donors was breached (lien direct) | The Australian Red Cross said its blood donor service has found that registration information of 550,000 donors had been compromised, which the agency blamed on human error by a third-party contractor.The moot issue at this point, which may decide how the breach unfolds, is that nobody knows how many people have the data. The information from 2010 to 2016 was available on the website from Sept. 5 to Oct. 25. this year.The database backup, consisting of 1.74GB with about 1.3 million records, contains information about blood donors, such as name, gender, physical address, email address, phone number, date of birth, blood type, country of birth, and previous donations, according to security researcher Troy Hunt.To read this article in full or to leave a comment, please click here | |||
|
2016-10-27 13:48:27 | Malware from Friday\'s DDoS attack continues to harass in short bursts (lien direct) | It's still unclear who pulled off Friday's massive internet disruption, but the malware largely responsible for the cyber attack has since assaulted new targets -- possibly including video gamers.Since last Friday, botnets created by the Mirai malware have been launching distributed denial-of-service attacks at seemingly random targets, in short bursts, according to a security researcher who goes by the name MalwareTech.He has tracked Mirai-powered botnets and helped produce a Twitter feed that monitors their DDoS attacks. On Wednesday alone, the feed posted close to 60 attacks, many of them lasting from 30 seconds to over a minute long.To read this article in full or to leave a comment, please click here | |||
|
2016-10-27 12:57:00 | The secret behind the success of Mirai IoT botnets (lien direct) | There's no magic behind the success of Mirai DDoS botnets that are made up of IoT devices: the software enabling them is publicly available, which makes it easy for relatively inexperienced actors to create them and turn them loose on anyone.Flashpoint speculates that the attacker in the case of the Dyn DDoS, which had an enormous impact on major Web sites, was the work of low-skilled script kiddies – a frightening prospect that contributes to Trend Micro's assessment that “the Internet of Things ecosystem is completely, and utterly, broken.â€+More on Network World: US Senator wants to know why IoT security is so anemic+To read this article in full or to leave a comment, please click here | |||
|
2016-10-27 12:24:00 | The FIDO Alliance provides strong authentication for online services  (lien direct) | This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  For many security professionals, passwords are the scourge of the authentication world, and their death can't come soon enough. Passwords are too often stolen, shared, forgotten or simply too weak or obvious to be effective. According to the 2016 Verizon Data Breach Investigations Report, 63% of confirmed data breaches involve the use of weak, default or stolen passwords.End users hate passwords too, because they create a bad user experience (UX). We are advised (or forced) to use complex combinations of numbers, characters and symbols that are practically impossible to remember, and we are supposed to have a different password for every system and application we use. Years ago I resorted to a password manager to keep track of my 300+ sets of credentials.To read this article in full or to leave a comment, please click here | |||
|
2016-10-27 12:04:00 | A spam-control issue unique to Australia? (lien direct) |
A user of Reddit's section devoted to systems administration yesterday offered up for inspection an F-bomb-laden phishing email that had eluded his company's spam filter despite the filter having been set to weed out such cursing. Then this exchange ensued: Reddit
I also laughed out loud.To read this article in full or to leave a comment, please click here |
|||
|
2016-10-27 11:16:10 | To solve IoT security, look at the big picture, ARM says (lien direct) | The recent DDoS attacks launched from IoT devices demonstrate that the internet of things spans all parts of IT and that most companies deploying it still need a lot of help.That's the message from ARM, the chip design company behind nearly every smartphone and a big chunk of IoT, at its annual TechCon event this week in Silicon Valley.Small, low-power devices like sensors and security cameras are the most visible part of IoT, and they're right in ARM's wheelhouse as the dominant force in low-power chips. But on Wednesday, the company highlighted a cloud-based SaaS offering rather than chips or edge devices themselves. IoT depends on back-end capabilities as much as edge devices, and the company wants to play a role in all of it.To read this article in full or to leave a comment, please click here | |||
|
2016-10-27 10:29:00 | CIO security lessons: Dark thinking on IoT & exploding enterprise networks (lien direct) | “How many of you or your staff had trouble getting on the internet Friday?†That was how cybersecurity consultant Bryce Austin kicked off his talk Tuesday at SIMposium 2016, a big gathering of CIOs and IT execs at the Mohegan Sun resort in Connecticut, on the "Unintended Consequences of the Internet of Things." Uncomfortable laughter ensued. Austin, who then went on to make attendees even more uncomfortable, swears that even though his session didn't make the original program, it wasn't added to the agenda as a result of the now notorious IoT-exploiting Dyn DDoS attack that unfolded Friday.To read this article in full or to leave a comment, please click here | |||
|
2016-10-27 08:53:00 | IDG Contributor Network: Securing the breach trumps breach prevention (lien direct) | In my prior posts, I discussed both the changing face of data breaches and the reality distortion field surrounding today's IT security professionals when they talk about effective ways to combat data breaches. Three things we know for certain, though, is that data breaches are not going away, our adversaries are continuing to innovate and attack, and the costs of a breach are becoming more tangible.Just this month, Verizon claimed the massive hack on Yahoo caused irreparable harm to the tech company in terms of customer trust, possibly allowing the wireless provider to withdraw from or renegotiate the terms of its $4.83 billion acquisition agreement. Also, in October, the U.K. Information Commissioner's Office hit TalkTalk with more than $400,000 in fines for its 2015 cyber attack.To read this article in full or to leave a comment, please click here | Yahoo | ||
|
2016-10-27 08:04:17 | FCC tells ISPs to get customer permission before sharing sensitive info (lien direct) | The U.S. Federal Communications Commission has passed rules requiring broadband providers to receive opt-in customer permission to share sensitive personal information, including web-browsing history, geolocation, and financial details with third parties.The FCC on Thursday voted 3-2 to adopt the new broadband privacy rules, which also include requirements that ISPs promptly notify customers of serious data breaches.Broadband customers need transparency and control over how their data is used, said Jessica Rosenworcel, one of three Democratic commissioners voting for the rules. Broadband providers are increasingly sharing customer data with third-party companies such as advertising networks and analytics firms, she said.To read this article in full or to leave a comment, please click here | |||
|
2016-10-27 06:45:27 | No need to shoot down drones! Many of them can now be hijacked (lien direct) | A security researcher has devised a method of hijacking a wide variety of radio- controlled airplanes, helicopters, cars, boats and other devices that use a popular wireless transmission technology.The attack was developed by Jonathan Andersson, manager of the Advanced Security Research Group at Trend Micro DVLabs, and targets a "wideband, frequency-agile 2.4GHz signal protocol" called DSMx. This protocol is used in radio-control (R/C) toys, including in drones, that are owned by millions of users.Andersson's attack exploits weaknesses in DSMx and was presented in detail Wednesday at the PacSec security conference in Tokyo. The researcher built a device that he dubbed Icarus, using off-the-shelf electronic components and software-defined radio (SDR). With it, he can take over the control of drones or other R/C devices and lock out their real owners in seconds.To read this article in full or to leave a comment, please click here | |||
|
2016-10-27 06:39:00 | DARPA looking to develop drone destroying, personnel protection system (lien direct) | Looking to protect military personnel from a swarming drone attack is the goal behind a new system that the researchers from the Defense Advanced Research Projects Agency are set to develop.The three-phase program, called Mobile Force Protection will in the next few years potentially develop a prototype system that could sense an attack, identify the attacker and then use a number of techniques, from communications jamming to capturing mid-flight any attacking drones. DARPA says it will offer $3 million for each phase 1 developer.To read this article in full or to leave a comment, please click here | |||
|
2016-10-27 03:55:00 | Why studying security in college is a waste of time (lien direct) | Skills gap Image by ThinkstockYou hear a lot about the skills gap in technology. And nowhere is that gap wider, many say, than security. Some companies are taking matters into their own hands. For example, Facebook is trying to teach middle schoolers how to hack so it might raise a generation savvy in security.To read this article in full or to leave a comment, please click here |
|||
|
2016-10-26 15:24:00 | DDoS attack against overwhelmed despite mitigation efforts (lien direct) | Dyn says that the DDoS attack that swamped its DNS resolution service last week was backed by far fewer internet of things (IoT) devices than it thought before.Previously it said it was hit by traffic from tens of millions of IP addresses, some of which were likely spoofed, making the actual number of bots involved far fewer. “We are still working on analyzing the data but the estimate at the time of this report is up to 100,000 malicious endpoints,†the company says in a status update.The attacks, which knocked out access to some high-profile Web sites, threw as many packets at Dyn's infrastructure as it could and the company responded with its own mitigation actions as well as cooperation from upstream internet providers who blocked some of the attack flow. “These techniques included traffic-shaping incoming traffic, rebalancing of that traffic by manipulation of [DNS querying] anycast policies, application of internal filtering and deployment of scrubbing services,†the company says.To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 14:01:00 | Lessons learned from the DYN attack (lien direct) | Although vendor-written, this contributed piece does not promote a product or service and has been edited and approved by Network World editors.The large scale DDoS attack on DYN last week interrupted access to many major web sites, and while the specifics of the attack have been widely analyzed, here are the important lessons learned:* DDoS attacks are alive and well: A few years ago DDoS attacks were hot news, but reports died down as the focus shifted to news about social engineering attacks, large scale data breachs and insider trading schemes. DDoS attacks seemed like yesterday's risk but they are very much alive and well. Â In fact, they are back and stronger than ever.To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 13:58:46 | Friday\'s DDoS attack came from 100,000 infected devices (lien direct) | Friday's massive internet disruption came from hackers using an estimated 100,000 devices, many of which have been infected with a notorious malware that can take over cameras and DVRs, said DNS provider Dyn."We are able to confirm that a significant volume of attack traffic originated from Mirai-based botnets," Dyn said in a Wednesday blog post.The malware known as Mirai had already been blamed for causing at least part of Friday's distributed denial-of-service attack, which targeted Dyn and slowed access to many popular sites in the U.S.To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 12:33:00 | Robocall Strike Force: Trial of one technique cut IRS scam complaints 90% (lien direct) | An initial progress report by the FCC-sanctioned and industry-led Robocall Strike Force this afternoon was highlighted by the claim that a trial of a single fraud-prevention technique had resulted in a 90 percent reduction in consumer complaints about scams involving automated phone calls falsely claiming to be from the IRS.Since the first meeting of the strike force in August, representatives from 30 companies held more than 100 meetings and produced a 47-page report detailing both their short-term accomplishments and future goals. And while the latter outweighed the former – a point emphasized by FCC Chairman Tom Wheeler – there was a hopefulness expressed throughout the hour-long presentation that relief from the scourge of robocalls is on the way.To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 11:56:00 | Startup Nubeva pitches Security as a Service in the cloud (lien direct) | A team made up of executives from Aruba Networks and Panzura are out with a new self-funded startup this week that aims to deploy security tools that enterprises use in their campus and extend it to the cloud.The idea of Nubeva is to create a Security as a Service platform that takes existing security tools and controls that organizations use in their data centers and other on premises infrastructure and mirror that same stack of security tools in the public cloud. Nubeva has created a platform that automates the deployment of those security resources in the public cloud.+MORE AT NETWORK WORLD: How the Dyn DDoS attack unfolded +To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 10:59:10 | DDoS attacks from webcams, routers hit Singapore\'s StarHub (lien direct) | Following Friday's massive internet disruption in the U.S., a Singapore-based broadband provider reports it faced two distributed denial-of-service attacks, forcing users offline.The attacks, which occurred Saturday and then on Monday, targeted Singapore's StarHub, briefly cutting internet access for the company's home broadband subscribers before services were restored."These two recent attacks that we experienced were unprecedented in scale, nature and complexity," StarHub said in a Facebook posting on Wednesday.In addition, the company has reportedly said that malware-infected broadband routers and webcams were involved in the two attacks, producing a spike in internet traffic that overwhelmed the company's services.To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 10:35:00 | Do you know where your sensitive documents are? (lien direct) | No organization wants to see sensitive information walk out its doors, yet it happens with alarming frequency.According to a recent study by Accusoft, a provider of document and imaging software, 34 percent of IT managers say their organization "has had sensitive information compromised due to poor file management practices." Yet 90 percent of them report being "confident they have the tools they need to protect their organizations' documents."The survey of more than 100 U.S. IT managers and 250 full-time employees revealed an alarming disconnect between IT managers and their users. "Seventy-four percent of IT managers report that their firms have a formalized document management solution," according to the report. "At the same time, less than half (49 percent) of end users believed these resources were available." And 20 percent of employees "claim they don't know what document management tools their employer uses."To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 10:33:44 | Emergency Flash Player patch fixes zero-day critical flaw (lien direct) | Adobe Systems has released an emergency patch for Flash Player in order to fix a critical vulnerability that attackers are already taking advantage of.The vulnerability, tracked as CVE-2016-7855 in the Common Vulnerabilities and Exposures database, is a use-after-free error that could lead to arbitrary code execution."Adobe is aware of a report that an exploit for CVE-2016-7855 exists in the wild, and is being used in limited, targeted attacks against users running Windows versions 7, 8.1 and 10," the company warned in a security advisory Wednesday.Users are advised to upgrade to Flash Player 23.0.0.205 on Windows and Mac and to version 11.2.202.643 on Linux. The Flash Player runtime bundled with Google Chrome and Microsoft Edge or Internet Explorer 11 on Windows 10 and 8.1 will be updated automatically through those browsers' update mechanisms.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-10-26 09:36:58 | Attackers are now abusing exposed LDAP servers to amplify DDoS attacks (lien direct) | Attackers are abusing yet another widely used protocol in order to amplify distributed denial-of-service attacks: the Lightweight Directory Access Protocol (LDAP), which is used for directory services on corporate networks.DDoS mitigation provider Corero Network Security has recently observed an attack against its customers that was reflected and amplified through Connectionless LDAP (CLDAP), a variant of LDAP that uses the User Datagram Protocol (UDP) for transport.DDoS reflection is the practice of sending requests using a spoofed source IP address to various servers on the Internet, which will then direct their responses to that address instead of the real sender. The spoofed IP address is that of the intended victim.To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 08:58:00 | FBI snags group that allegedly pinched 23,000 or $6.7 million worth of iPhones (lien direct) | The FBI today said it had arrested a group of men in connection with the theft of 23,000 Apple iPhones from a cargo area at the Miami International Airport in April.The stolen iPhones were worth approximately $6.7 million and the arrests of Yoan Perez, 33; Rodolfo Urra, 36; Misael Cabrera, 37; Rasiel Perez, 45; and Eloy Garcia, 42 were all made at the suspect's residences throughout Miami Dade County, the FBI said. These subjects are in federal custody and are facing federal charges. Their initial appearances are expected to be in federal court in Miami.+More on Network World: US Senator wants to know why IoT security is so anemic+To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 08:01:00 | Samy Kamkar hacks IoT security camera to show exploitable dangers to enterprise (lien direct) | ForeScout Technologies released an “IoT Enterprise Risk Report†(pdf) which identified seven IoT devices that can be hacked in as little as three minutes: IP-connected security systems, smart HVACs and energy meters, VoIP phones, connected printers, video conferencing systems, smart light bulbs and smart refrigerators. Although the hack might only take a few minutes to pull off, it might take weeks to find and fix.Other “key findings†of the report include: Should any of these devices become infected, hackers can plant backdoors to create and launch an automated IoT botnet DDoS attack. Cybercriminals can leverage jamming or spoofing techniques to hack smart enterprise security systems, enabling them to control motion sensors, locks and surveillance equipment. With VoIP phones, exploiting configuration settings to evade authentication can open opportunities for snooping and recording of calls. Via connected HVAC systems and energy meters, hackers can force critical rooms (e.g. server rooms) to overheat critical infrastructure and ultimately cause physical damage. Potential scenarios for after an IoT device is hacked include using compromised smart video conferencing systems for spying via camera and microphone, disabling security cameras to allow physical break-ins, snooping on calls via VoIP phones and snagging private company information via connected printers. If an attacker were to exploit a smart light bulb, Wi-Fi credentials could be extracted and used to carry out more attacks. A smart fridge could be exploited so that an attacker obtains user credentials.To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 07:46:00 | Cybersecurity Isn\'t Always a “Boardroom Issue†(lien direct) | We've all heard or read the rhetoric that “cybersecurity has become a boardroom issue.â€Â I certainly agree that we are trending in this direction but is this true today or nothing more than marketing hype?ESG recently published a new research report in collaboration with the Information Systems Security Association (ISSA) titled, The State of Cyber Security Professional Careers, to ask a number of questions and truly capture the voice of cybersecurity professionals. As part of this project, cybersecurity professionals were asked if their CISO's (or similar role) participation with executive management (i.e. CEO, board of directors, etc.) was at an adequate level. Just over (56%) half answered “yes,†but 16% thought the level of CISO participation with executive management should increase somewhat while another 12% believe that the CISO's level of participation with executive management should increase significantly. The remaining 16% responded, “don't know†(note: I am an ESG employee).  To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 05:27:00 | Flash mobs the latest threat this holiday season (lien direct) | The holiday season rings in more than just higher sales for retailers. There's also more shoplifting and lower profit margins than the rest of the year, according to a report released today. Plus, this year, there's an extra surprise -- flash mobs.Not the dancing, music-playing, watching-a-couple-get-engaged kind of flash mobs. But the kind of flash mobs where a bunch of people all show up at a store at once, pull hats low over their heads, grab everything in sight, and split.Just last week, there was a flash mob at an Apple store in Natick, Mass., that took off with more than $13,000 worth of iPhones in less than a minute.To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 05:25:00 | Russian criminals\' bank attacks go global (lien direct) | Russian cybercriminals have field tested their attack techniques on local banks, and have now begun taking them global, according to a new report -- and a new breed of mobile attack apps is coming up next.Criminals stole nearly $44 million directly from Russian banks in the last half of 2015 and the first half of 2016, according to Dmitiry Volkov, co-founder and head of threat intelligence at Moscow-based Group-IB.That was up 292 percent from the same period a year earlier. Direct, targeted attacks against banks now account for 45 percent of all bank-related cybercrime in Russia.To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 05:24:00 | Cyber after Snowden (lien direct) | Since Edward Snowden leaked classified information from the National Security Agency (NSA) in 2013, the FBI and Apple had a public battle around privacy, Shadow Brokers leaked some of the NSA's hacking tools, and Hal Martin, an ex-NSA contractor was arrested for stealing classified information.To read this article in full or to leave a comment, please click here | |||
|
2016-10-26 04:00:00 | IDG Contributor Network: OwnBackup: Don\'t rely on SaaS vendors to do their own backup and recovery (lien direct) | Back when Salesforce and its ilk invented software as a service (SaaS), there was much wailing and gnashing of the teeth about the security around these new, as-yet-unproven approaches to delivering software. Many people suggested that these vendors were fly-by-nighters-that they would fail and customers' data would be lost forever.A decade or so later, and apart from some high-profile cases (who remembers Magnol.ia?), that doomsday scenario hasn't occurred. SaaS vendors are safely doing their job and keeping customers' data safe.+ Also on Network World:Â Why it takes a cloud service to manage cloud services + Given this fact, you could be forgiven for assuming that there would be no opportunity for a vendor whose core mission is to help users backup their SaaS data. For one thing, SaaS vendors hardly ever fail and for another, even if short-term outages and small-scale losses occur, SaaS vendors can be relied upon to do their own backup and recovery. Right?To read this article in full or to leave a comment, please click here | |||
|
2016-10-25 15:32:00 | Was the Dyn DDoS attack actually a script kiddie v. PSN? (lien direct) | The massive DDoS attack that disrupted the internet address-lookup service Dyn last week was perhaps pulled off by a script kiddie targeting PlayStation Network and using Mirai malware to assemble a massive IoT botnet, according to research by Flashpoint.“Flashpoint assesses with moderate confidence that the most recent Mirai attacks are likely connected to the English-language hacking forum community, specifically uses and reads of the forum “hackforums.net,†according to a blog by Allison Nixon, director of security research at Flashpoint.She says the company has discovered the infrastructure used in the Dyn attack also targeted “a well-known video game company†that she doesn't name. A post on hackforums.net seems to agree with this possibility. It indicates the target was PlayStation Network and that Dyn was hit because it provides DNS services to PSN. Going after the name servers (NS) that provide lookups for PSN would prevent traffic from reaching PSN.To read this article in full or to leave a comment, please click here | |||
|
2016-10-25 14:24:00 | Dyn attack: US Senator wants to know why IoT security is so anemic (lien direct) |
The security around the development of Internet of Things products is weak and U.S. Sen. Mark R. Warner (D-Va.) today sent a letter to the Federal Communications Commission (FCC), the Federal Trade Commission (FTC) and the Department of Homeland Security (DHS) to ask why and what can be done to fix the problem.
Sen. Mark Warner (D-VA)
In the letter Warner, who is member of the Senate Select Committee on Intelligence and co-founder of the bipartisan Senate Cybersecurity Caucus, asked questions such as: What types of network management practices are available for internet service providers to respond to DDoS threats? And would it be a reasonable network management practice for ISPs to designate insecure network devices as “insecure†and thereby deny them connections to their networks, including by refraining from assigning devices IP addresses?To read this article in full or to leave a comment, please click here |
To see everything:
Our RSS (filtrered)
