What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-04-09 07:29:00 | Dallas blames hacker for setting off all 156 emergency warning sirens (lien direct) | Imagine it being nearly midnight and the emergency warning sirens start wailing and continue to scream for about an hour and a half. That's what happened in Dallas on Friday; at 11:42 p.m., the city's 156 emergency sirens blasted out warnings and continued to wail until 1:17 a.m. on Saturday. Dallas officials claim the siren warning system was hacked and it was one of the largest breaches of an emergency siren system.At first, a city spokesperson blamed the blaring sirens on a “system malfunction.†The 1.6 million people in the city were asked to stop calling 911 because there was no emergency. The normal wait time for a 911 call in Dallas is reportedly 10 seconds, but at one point the 911 system was so clogged with calls that the wait time stretched to six minutes.To read this article in full or to leave a comment, please click here | |||
|
2017-04-09 07:05:00 | Startup founded by FireEye alum goes after FireEye (lien direct) |
A former FireEye engineer has kicked off a startup whose machine learning and artificial intelligence technologies will compete against his former employer's threat-prevention platforms.SlashNext makes Active Cyber Defense System, a service with a cloud-based learning component that can detect data exfiltration, malware, exploits and social engineering attacks, says the company's founder and CEO Atif Mushtaq. SlashNext
SlashNext CEO Atif Mushtaq: "The system has a low false positive rate."To read this article in full or to leave a comment, please click here |
|||
|
2017-04-07 18:33:44 | The iCloud hackers\' bitcoin ransom looks like a fake (lien direct) | A group of hackers who claimed to hold millions of iCloud accounts for ransom said on Friday they'd been paid. But one bitcoin expert says that's bogus. The Turkish Crime Family grabbed headlines last month by claiming they had the stolen login credentials for more than 700 million icloud.com, me.com and mac.com accounts. They demanded increasing ransoms from Apple while threatening to wipe the data from devices connected to the affected accounts if it did not.On Friday, the hackers tweeted that they had been paid US$480,000 in bitcoin. As proof, the group posted a link showing a transaction on Blockchain.info, a popular bitcoin wallet.  To read this article in full or to leave a comment, please click here | |||
|
2017-04-07 12:21:00 | WikiLeaks: CIA used bits of Carberp Trojan code for malware deployment (lien direct) | When the source code to a suspected Russian-made malware leaked online in 2013, guess who used it? A new release from WikiLeaks claims the U.S. CIA borrowed some of the code to bolster its own hacking operations.On Friday, WikiLeaks released 27 documents that allegedly detail how the CIA customized its malware for Windows systems.The CIA borrowed a few elements from the Carberp financial malware when developing its own hacking tool known as Grasshopper, according to those documents.Carberp gained infamy as a Trojan program that can steal online banking credentials and other financial information from its victims' computers. The malware, which likely came from the criminal underground, was particularly problematic in Russia and other former Soviet states.To read this article in full or to leave a comment, please click here | |||
|
2017-04-07 11:53:06 | Twitter pulls lawsuit after US government backs down (lien direct) | Twitter has withdrawn a lawsuit against the U.S. government after the Customs and Border Protection backed down on a demand that the social media outlet reveal details about a user account critical of the agency.The lawsuit, filed Thursday, contended that the customs agency was abusing its investigative power. The customs agency has the ability to get private user data from Twitter when investigating cases in areas such as illegal imports, but this case was far from that.The target of the request was the @alt_uscis account, one of a number of "alt" accounts that have sprung up on Twitter since the inauguration of President Donald Trump. The accounts are critical of the new administration and most claim to be run by current or former staff members of government agencies.To read this article in full or to leave a comment, please click here | |||
|
2017-04-07 11:37:46 | IoT malware starts showing destructive behavior (lien direct) | Hackers have started adding data-wiping routines to malware that's designed to infect internet-of-things and other embedded devices. Two attacks observed recently displayed this behavior but likely for different purposes.Researchers from Palo Alto Networks found a new malware program dubbed Amnesia that infects digital video recorders through a year-old vulnerability. Amnesia is a variation of an older IoT botnet client called Tsunami, but what makes it interesting is that it attempts to detect whether it's running inside a virtualized environment.To read this article in full or to leave a comment, please click here | |||
|
2017-04-07 10:49:58 | Samsung\'s squashing of malicious Tizen smart TV bugs is turning messy (lien direct) | After 40 critical vulnerabilities on Samsung's Tizen -- used in smart TVs and smartwatches -- were exposed this week by Israeli researcher Amihai Neiderman, the company is scrambling to patch them.But Samsung still doesn't know many of the bugs that need to be patched. It's also unclear when Tizen devices will get security patches, or if older Tizen devices will even get OS updates to squash the bugs.Beyond Samsung's smart TVs, Tizen is also used in wearables like Gear S3 and handsets like Samsung's Z-series phones, which have sold well in India. Samsung wants to put Tizen in a range of appliances and IoT devices. Tizen also has been forked to be used in Raspberry Pi.To read this article in full or to leave a comment, please click here | |||
|
2017-04-07 10:09:28 | US lawmakers demand to know how many residents are under surveillance (lien direct) | Two powerful U.S. lawmakers are pushing President Donald Trump administration's to tell them how many of the country's residents are under surveillance by the National Security Agency.In a letter sent Friday, Representatives Bob Goodlatte and John Conyers Jr. asked the Office of the Director of National Intelligence to provide an estimate of the number of U.S. residents whose communications are swept up in NSA surveillance of foreign targets. Goodlatte, a Republican, is chairman of the House Judiciary Committee, and Conyers is the committee's senior Democrat.Committee members have been seeking an estimate of the surveillance numbers from the ODNI for a year now. Other lawmakers have been asking for the surveillance numbers since 2011, but ODNI has failed to provide them.To read this article in full or to leave a comment, please click here | |||
|
2017-04-07 09:40:00 | DARPA semantic program seeks to glean truth from obfuscation (lien direct) | In this era where disinformation, alternative facts and other falsehoods are the rule of the day, the researchers at DARPA are looking to build a mechanism that can glean some truth from the obfuscation.DARPA says the program, called Active Interpretation of Disparate Alternatives (AIDA), looks to develop a “semantic engine†that generates alternative interpretations or meaning of real-world events, situations, and trends based on data obtained from an extensive range of channels. The program aims to create technology capable of aggregating and mapping pieces of information automatically derived from multiple media sources into a common representation or storyline, and then generating and exploring multiple theories about the true nature and implications of events, situations, and trends of interest, DARPA says. +More on Network World: DARPA plan would reinvent not-so-clever machine learning systems+  To read this article in full or to leave a comment, please click here | |||
|
2017-04-07 08:57:00 | CyberX assesses industrial environments for cyber risks, provides continuous monitoring (lien direct) | This column is available in a weekly newsletter called IT Best Practices. Â Click here to subscribe. Â The U.S. Department of Homeland Security (DHS) received reports of 59 cyber incidents at energy facilities in 2016. This is an increase of nearly a third over 2015. Security specialists believe this number is quite conservative, considering that energy companies aren't required to report cyberattacks to DHS.But the actual number of incidents isn't the really concerning part of the story. More worrisome, say federal cybersecurity officials and private security specialists, is that the vast majority of energy industry companies lack the technology and personnel to continuously monitor their operational systems for anomalous activity, which leaves them unable to detect intrusions when they happen. Consequently, they don't even know about incidents to be able to report them.To read this article in full or to leave a comment, please click here | |||
|
2017-04-07 08:31:00 | The \'new\' McAfee (lien direct) | I've worked with McAfee for a long time-from its independent days, during the Network Associates timeframe, through financial issues, back to McAfee and the go-go Dave DeWalt era, and finally as Intel Security. To be honest, Intel's acquisition of McAfee was always a head-scratcher for me. The 20-somethings on Wall Street crowed about Intel cramming McAfee security in its chip set, but this made no sense to me-Intel had long added security (and other) functionality into its processors with lukewarm market reception. The two cultures were a mismatch, as well. Ultimately, it seems Intel came to a similar conclusion and recently spun out McAfee in a private equity stew. To read this article in full or to leave a comment, please click here | |||
|
2017-04-07 07:47:00 | McAfee: Trend indicates 2017 will be bumper year for new malware (lien direct) | A cycle of increasing new malware is well underway and could last the rest of this year if a trend established over the past two years continues.Defenders enjoyed a nine-month dip in malware innovation last year, but that's over with, according to a cycle identified by McAfee Labs.Its latest McAfee Labs Threats Report says that starting at the beginning of 2015, the volume of new threats has fluctuated in a regular pattern, with two to three quarters of growth followed by three quarters of decline. The last three quarters of 2016 showed decline, so the next uptick should have started last quarter.To read this article in full or to leave a comment, please click here | |||
|
2017-04-07 04:49:00 | Robots: Lots of features, not much security (lien direct) | Robots are supposed to do good things for us, not bad things to us.But there is plenty of evidence that, like the billions of other connected devices that make up the Internet of Things (IoT), the growth of robot technology is coming with loads of features, but not much of a security blanket.More evidence came in a report on home, business and industrial robots released last month by security research firm IOActive, which found that “most†of them lacked what experts generally call “basic security hygiene.â€Those included the predictable list: Insecure communication channels, critical information sent in cleartext or with weak encryption, no requirement for user names or passwords for some services, weak authentication in others, and a lack of sufficient authorization to protect critical functions such as software installation or updates.To read this article in full or to leave a comment, please click here | |||
|
2017-04-06 13:43:55 | Apache Struts 2 exploit used to install ransomware on servers (lien direct) | Attackers are exploiting a vulnerability patched last month in the Apache Struts web development framework to install ransomware on servers.The SANS Internet Storm Center issued an alert Thursday, saying an attack campaign is compromising Windows servers through a vulnerability tracked as CVE-2017-5638.The flaw is located in the Jakarta Multipart parser in Apache Struts 2 and allows attackers to execute system commands with the privileges of the user running the web server process.This vulnerability was patched on March 6 in Struts versions 2.3.32 and 2.5.10.1. Attackers started exploiting the flaw almost immediately, leaving very little time for server administrators to deploy the update.To read this article in full or to leave a comment, please click here | |||
|
2017-04-06 10:13:00 | US trade lobbying group attacked by suspected Chinese hackers (lien direct) | A group of what appears to be Chinese hackers infiltrated a U.S. trade-focused lobbying group as the two countries wrestle with how they treat imports of each other's goods and services.The APT10 Chinese hacking group appears to be behind a "strategic web compromise" in late February and early March at the National Foreign Trade Council, according to security vendor Fidelis Cybersecurity.The NFTC lobbies for open and fair trade and has pledged to work with U.S. President Donald Trump to "find ways to address Chinese policies that frustrate access to their market and undermine fair trade, while at the same time encouraging a positive trend in our trade relationship." Trump will meet with China President Xi Jinping in Florida this week.To read this article in full or to leave a comment, please click here | APT 10 | ||
|
2017-04-06 07:55:42 | F-Secure buys Little Flocker to combat macOS ransomware (lien direct) | With attacks against Mac users growing in number and sophistication, endpoint security vendor F-Secure has decided to acquire Little Flocker, a macOS application that provides behavior-based protection against ransomware and other malicious programs.Little Flocker can be used to enforce strict access controls to a Mac's files and directories as well as its webcam, microphone and other resources. It's particularly effective against ransomware, spyware, computer Trojans and other malicious programs that attempt to steal, encrypt or destroy files.F-Secure plans to integrate Little Flocker, which it calls "the most advanced security technology available for Macs," into its new Xfence technology. Xfence is designed to add behavioral-based protection to its existing endpoint security products for macOS.To read this article in full or to leave a comment, please click here | |||
|
2017-04-06 06:38:00 | IDG Contributor Network: Flatbed scanners are latest cyberattack vector (lien direct) | Office scanners are now susceptible to attack, according to researchers. The ubiquitous office equipment's light-sensitivity can allow passing vehicles, or laser-carrying drones to trigger malware in a network, says a research team from two Israeli universities.The computer experts say they have been able to successfully create a test “covert channel†between a server and flatbed scanner. The proof-of-concept hack, in some experimental cases, was performed almost a kilometer away from the scanner. They used a kind of infiltrating illumination to fool the device.Numerous light sources could be used, they say. Hijacked smart bulbs and lasers were both used for the data-grab in experiments, the Ben-Gurion University of the Negev, and Weizmann Institute of Science researchers say in their paper (PDF).To read this article in full or to leave a comment, please click here | |||
|
2017-04-06 05:18:00 | Prevent or detect? What to do about vulnerabilities (lien direct) | Today's CISOs are undoubtedly overwhelmed with trying to make the most informed, efficient, and economical decisions about securing the most valuable assets in the enterprise. In the days of old, those decisions were a little bit easier because investing in prevention provided decent protection.That's not true today, which is why Ira Winkler president of Secure Mentem and author of Advanced Persistent Security said that trying to protect against every threat is not cost efficient.Shifting the mentality of those defenders who came to age in the world of preventative protection has been slow going. As a result, some security programs are failing, "Not because the bad guys got in, but because they got out," Winkler said.To read this article in full or to leave a comment, please click here | |||
|
2017-04-06 05:16:00 | Trust issues: Know the limits of SSL certificates (lien direct) | Certificate authorities (CAs) have given themselves a black eye lately, making it hard for users to trust them. Google stopped trusting Symantec after discovering the CA had mis-issued thousands of certificates over several years, and researchers found that phishing sites were using PayPal-labeled certificates issued by Linux Foundation's Let's Encrypt CA. Even with these missteps, the CAs play a critical role in establishing trust on the internet.To read this article in full or to leave a comment, please click here | |||
|
2017-04-06 05:10:00 | What enterprises can learn in the aftermath of a phishing attack (lien direct) | The problem: spearphishing Image by John Singleton Copley/National Gallery of ArtSpearphishing is a top attack vector used by cyber adversaries today. Consists of fraudulent emails that appear to be legitimate which target specific organizations, groups, or individuals to gain access to information systems. Targeted spear phishing also leverages social engineering which includes research about specific targets of interest. Organizations rely on email connectivity with the outside to function and thus is an entry into a potential target's environment that bypasses many of the legacy security stack.To read this article in full or to leave a comment, please click here |
|||
|
2017-04-05 18:09:07 | US says laptop ban may expand to more airports (lien direct) | The U.S. might add other airports to its ban restricting passengers from bringing laptops and other electronics into the cabin for certain flights from the Middle East.“We may take measures in the not too distant future to expand the number of airports,†said Homeland Security secretary John Kelly on Wednesday during a congressional hearing.Last month, the U.S. announced the ban, which affects ten airports, all of which are in Muslim-majority countries. Passengers flying to the U.S. are barred from bringing any electronic devices larger than a smartphone into a plane's cabin, and must instead check them in as baggage.    To read this article in full or to leave a comment, please click here | |||
|
2017-04-05 15:16:00 | Cisco issues variety of security warnings on wireless gear (lien direct) | Cisco warned of a variety of vulnerabilities – from letting attackers issue DDOS attack to making devices unexpectedly reload -- in some of its wireless access point and LAN gear.The only critical alert came for vulnerability in Cisco Wave 2 Aironet 1830 Series and Cisco Aironet 1850 Series Access Points.In those devices, running Cisco Mobility Express Software, a vulnerability could let an unauthenticated, remote attacker take complete control of an affected device, the company stated.+More on Network World: Cisco expands wireless reach with access points, management software+To read this article in full or to leave a comment, please click here | |||
|
2017-04-05 09:34:04 | Critical Xen hypervisor flaw endangers virtualized environments (lien direct) | A critical vulnerability in the widely used Xen hypervisor allows attackers to break out of a guest operating system running inside a virtual machine and access the host system's entire memory.This is a serious violation of the security barrier enforced by the hypervisor and poses a particular threat to multi-tenant data centers where the customers' virtualized servers share the same underlying hardware.The open-source Xen hypervisor is used by cloud computing providers and virtual private server hosting companies, as well as by security-oriented operating systems like Qubes OS.The new vulnerability affects Xen 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x and has existed in the Xen code base for over four years. It was unintentionally introduced in December 2012 as part of a fix for a different issue.To read this article in full or to leave a comment, please click here | |||
|
2017-04-05 07:41:00 | Is it crazy to be afraid of password managers? (lien direct) | I admit it: Like most people, I'm terrible at passwords. Too often I use too-simple passwords, and I don't always come up with a new one for every site and service I log into. Then, when I do come up with a strong, unique password, I often forget it entirely and have to request an email to reset it-typically to something either too easy to guess or something I'll instantly forget again.+ Also on Network World: Stop using password manager browser extensions + That's why password managers exist. They're designed to let you enter a single, secure password in one place and then generate new, strong passwords for every application where you need one.To read this article in full or to leave a comment, please click here | |||
|
2017-04-05 06:36:00 | IDG Contributor Network: The evolution of data center segmentation (lien direct) | Data center transformation has delivered better resource utilization, scalability and automation for data center environments. While software-defined networking (SDN) and automation platforms can tie in network security, the options have been largely inflexible and static, limiting the amount of security automation that can be delivered. This has become even more apparent as DevOps environments continue to grow.MORE ON NETWORK WORLD: Understanding Software-Defined Networking Micro-segmentation as a concept has been around for several years. It has recently become more mainstream with organizations now dedicating budgets and personnel to micro-segmentation projects. Micro-segmentation itself is really an evolution in network security. While many of the concepts (i.e. private VLANs) have been around for years, the implementation and use of these has evolved with micro-segmentation. Â Â To read this article in full or to leave a comment, please click here | |||
|
2017-04-05 06:34:00 | After Congress revokes Internet privacy rules, downloads double of VPN-equipped Opera browser (lien direct) | Opera Software today boasted that the number of new U.S. users of its namesake browser more than doubled days after Congress voted to repeal restrictions on broadband providers eager to sell customers' surfing history.Opera debuted a VPN -- virtual private network -- a year ago, and finalized the feature in September. A VPN disguises the actual IP address of the user, effectively anonymizing the browsing, and encrypts the data transmitted to and from sites, creating a secure "tunnel" to the destination.By using a VPN, U.S. users block their Internet service providers (ISPs) from recording their online activity.To read this article in full or to leave a comment, please click here | |||
|
2017-04-05 06:25:00 | IBM: Tax-related spam up 6,000% since Dec.; Darkweb tactics net billions (lien direct) | Tis' the season for tax villains. The notion that spam has been increasing lately has been obvious recently and for more evidence of that nasty trends you need look no further than this fact: From Dec 2016 to Feb 2017, IBM X-Force researchers saw a 6,000% increase in tax-related spam emails.And that's just one of a number of tax season scams and frauds IBM X-Force security researchers have been tracking in a report “Cybercrime Riding Tax Season Tides: Trending Spam and Dark Web Findings†issued today.+More on Network World: IRS Dirty Dozen: Phishing, phone cons and identity theft lead scam list for 2017+To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-04-05 06:23:00 | What home products are most susceptible to cyber burglars? (lien direct) | No matter how intelligent they claim to be, many smart home gadgets are vulnerable to hackers. Nowadays even the lock on your front door is susceptible to a cyberattack. No longer do you only have to worry about someone simply picking the lock, now a burglar could go through cyberspace to unlatch the door.Just like the lock on your front door to keep out burglars, you should protect your high-tech devices from cyber threats. Start by choosing different passwords for your internet router and each of your smart devices. It is also important to use multi-factor authentication as an added protection to prevent a hacker who guesses your password from breaking into your home. You should regularly install manufacturer updates to make sure you are running the most current security system in your home.To read this article in full or to leave a comment, please click here | |||
|
2017-04-05 06:19:00 | FAQ: What just happened to online privacy? (lien direct) | The internet sure seems mad about something.You're not kidding.More than usual, that is.You're right. President Trump just signed a bill into law that rolls back internet privacy protections enacted by the previous administration, and that has made things just a little angry around the ol' internet.What kind of privacy rules are we talking about here?The previous iteration of the Federal Communications Commission created new rules last October for ISPs which stipulated that those ISPs would be required to seek customer permission before selling things like browser history data to advertisers for targeting purposes.To read this article in full or to leave a comment, please click here | |||
|
2017-04-05 06:00:00 | Security Sessions: Realistic ways to lock down IoT (lien direct) | In the latest episode of Security Sessions, CSO Editor-in-Chief Joan Goodchild sits down with Sanjay Raja from Lumeta, a network and performance monitoring company. The two discuss how CSOs and CISOs can get a handle on the explosion of new devices entering the network and how to make sure those devices are secured. | |||
|
2017-04-05 03:45:00 | IDG Contributor Network: Hacking for the greater good (lien direct) | In Jason's last post, he discussed how we are apt to see more intricate and complex data integrity attacks this year, with the adversaries' main motivation being financial gain and/or political manipulation.As the cyber landscape becomes increasingly complex, private enterprises and public entities are looking for ways to better protect information and preserve the integrity of their data, while individuals want to ensure that the internet remains open and provides equal access to information to all. And while there are a number of technologies that are valuable, people are now being recognized as a powerful tool to solve these problems.To read this article in full or to leave a comment, please click here | |||
|
2017-04-05 00:23:09 | Facebook appeal over New York search warrants fails (lien direct) | Facebook's appeal against 381 warrants for information from the accounts of its users was rejected by a New York court on the ground that earlier orders refusing to quash the warrants issued in a criminal proceeding could not be appealed.The decision by the New York State Court of Appeals did not address key issues of whether the broad searches were unconstitutional, and whether internet service providers like Facebook have standing to challenge such warrants on behalf of their users, particularly when they are served with 'gag orders' that prevent providers from informing subscribers about the warrants.“This case undoubtedly implicates novel and important substantive issues regarding the constitutional rights of privacy and freedom from unreasonable search and seizure, and the parameters of a federal statute establishing methods by which the government may obtain certain types of information,†wrote Judge Leslie E. Stein, writing for the majority.To read this article in full or to leave a comment, please click here | |||
|
2017-04-04 13:39:28 | Chinese hackers go after third-party IT suppliers to steal data (lien direct) | Companies that choose to outsource their IT operations should be careful. Suspected Chinese hackers have been hitting businesses by breaching their third-party IT service providers. Major IT suppliers that specialize in cloud storage, help desk, and application management have become a top target for the hacking group known as APT10, security providers BAE Systems and PwC said in a joint report.That's because these suppliers often have direct access to their client's networks. APT10 has been found stealing intellectual property as part of a global cyberespionage campaign that ramped up last year, PwC said on Monday.To read this article in full or to leave a comment, please click here | APT 10 | ||
|
2017-04-04 13:12:00 | IT leaders share how they quell cybersecurity attacks (lien direct) | Ask CIOs and CISOs what cybersecurity fears keep them up at night and you'll hear a range of responses -- from social engineering hacks such as phishing, as well as malware that enables perpetrators to hijack users' websites -- the dreaded ransomware -- and denial-of-service attacks. Depending on their business you might hear them say "all of the above."These threats are driving increased spending on cybersecurity tools intended to protect corporate data from nation-state actors, lone wolf attackers and other malcontents who are seeking access to corporate data. IT leaders know that it takes only one well-placed exploit to infiltrate a corporate network, but they also acknowledge that the best approach is to shrink their attack surface and be ready to respond to an incident in the event of an attack.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-04-04 11:56:02 | Apple fixes wireless-based remote code execution flaw in iOS (lien direct) | Apple released an iOS update Monday to fix a serious vulnerability that could allow attackers to remotely execute malicious code on the Broadcom Wi-Fi chips used in iPhones, iPads, and iPods.The vulnerability is a stack buffer overflow in the feature that handles authentication responses for the fast BSS transition feature of the 802.11r protocol, also known as fast roaming. This feature allows devices to move easily and securely between different wireless base stations in the same domain.Hackers can exploit the flaw to execute code in the context of the Wi-Fi chip's firmware if they're within the wireless range of the targeted devices.The issue is one of several flaws found by Google Project Zero researcher Gal Beniamini in the firmware of Broadcom Wi-Fi chips. Some of these vulnerabilities also affect Android devices and have been patched as part of Android's April security bulletin.To read this article in full or to leave a comment, please click here | |||
|
2017-04-04 10:17:21 | Politicians\' web browsing history targeted after privacy vote (lien direct) | Two GoFundMe campaigns have raised more than US$290,000 in an effort to buy the web browsing histories of U.S. politicians after Congress voted to allow broadband providers to sell customers' personal information without their permission.It's unclear if those efforts will succeed, however. Even though Congress scrapped the FCC's ISP privacy rules last week, the Telecommunications Act still prohibits telecom providers from selling personally identifiable information in many cases. To read this article in full or to leave a comment, please click here | |||
|
2017-04-04 09:36:56 | A free decryption tool is now available for all Bart ransomware versions (lien direct) | Users who have had their files encrypted by any version of the Bart ransomware program are in luck: Antivirus vendor Bitdefender has just released a free decryption tool.The Bart ransomware appeared back in June and stood out because it locked victims' files inside ZIP archives encrypted with AES (Advanced Encryption Standard). Unlike other ransomware programs that used RSA public-key cryptography and relied on a command-and-control server to generate key pairs, Bart was able to encrypt files even in the absence of an internet connection.To read this article in full or to leave a comment, please click here | |||
|
2017-04-04 09:32:00 | Privacy rollback can cause headaches for corporate security pros (lien direct) | Corporate security pros can add a new task to their busy days: handling panicky employees worried about privacy who are using the onion router (Tor) browser as a way to protect their online activity.That practice translates into additional security alerts that require time-consuming manual sorting to determine whether the persons behind Tor sessions are friend or foe, says George Gerchow, vice president of security and compliance at Sumo Logic.Ever since congressional action started a few weeks ago to roll back privacy regulations governing ISPs, Gerchow says has seen a dramatic increase in the use of Tor for accessing his company's services, meaning security analysts have to check out whether the encrypted, anonymized traffic coming through Tor is from a legitimate user.To read this article in full or to leave a comment, please click here | |||
|
2017-04-04 08:22:00 | Kaspersky Lab reveals \'direct link\' between banking heist hackers and North Korea (lien direct) | Kaspersky Lab found a “direct link†between the Lazarus group banking heist hackers and North Korea.While Lazarus is a notorious cyber-espionage and sabotage group, a subgroup of Lazarus, called Bluenoroff by Kaspersky researchers, focuses only on financial attacks with the goal of “invisible theft without leaving a trace.â€The group has four main types of targets: financial institutions, casinos, companies involved in the development of financial trade software and crypto-currency businesses.To read this article in full or to leave a comment, please click here | Medical | APT 38 | |
|
2017-04-04 08:15:00 | IDG Contributor Network: Knowing when a trusted insider becomes a threat (lien direct) | Most organizations are pretty good at vetting job applicants up front. They interview candidates, contact references, and in many cases conduct at least rudimentary background checks to bring out any issues of concern before making a hiring decision.Government security agencies go several steps further; just ask anyone who's filled out an SF-86 and then waited while investigators delved into youthful indiscretions, overseas trips and contacts with foreigners.But it's also true that most government and private-sector organizations operate on the principle of "Once you're in, you're in." Few of them have anything remotely resembling a continuous monitoring program for current managers and staff, let alone for contractors and vendors. And yet virtually every day brings fresh news of a data breach, intellectual property theft, or other adverse event either instigated or abetted by a supposedly trusted insider.To read this article in full or to leave a comment, please click here | |||
|
2017-04-04 05:00:00 | How to rescue your PC from ransomware (lien direct) | With  nasty malware like Locky making the rounds-encrypting its victims' files, and then refusing to unlock them unless you pay up-ransomware is a serious headache. But not all ransomware is so difficult.You can remove many ransomware viruses without losing your files, but with some variants that isn't the case. In the past I've discussed general steps for removing malware and viruses, but you need to apply some specific tips and tricks for ransomware. The process varies and depends on the type of invader. Some procedures involve a simple virus scan, while others require offline scans and advanced recovery of your files. I categorize ransomware into three varieties: scareware, lock-screen viruses, and the really nasty stuff.To read this article in full or to leave a comment, please click here | |||
|
2017-04-04 04:58:00 | Here\'s where to buy the Bitcoins to pay a ransom (lien direct) | Ransomware grew into a $1 billion industry last year, and ransom payments now account for nearly 10 percent of the entire Bitcoin economy.Avoiding becoming part of that statistic requires good endpoint security and effective backups. But what if your defenses fail, your backups are inadequate, all attempts to restore the data fail, and you have to pay the ransom after all -- what do you do?First of all, get the ball rolling on improving your security. Second, if the ransomware includes a recommendation for where to buy the Bitcoins, take it with a grain of salt. These guys are, after all, criminals. They might steer you wrong.Instead, go to a reputable exchange.To read this article in full or to leave a comment, please click here | |||
|
2017-04-04 04:56:00 | Old attack code is new weapon for Russian hackers (lien direct) | Attackers prefer to reuse code and tools for as long as they keep working. In that tradition, researchers have found evidence suggesting a cyberespionage group is still successfully using tools and infrastructure that was first deployed in attacks 20 years ago.The Moonlight Maze refers to the wave of attacks that targeted U.S. military and government networks, universities, and research institutions back in the mid-to-late 1990s. While the Moonlight Maze disappeared from the radar after the FBI and Department of Defense investigation became public in 1999, there were whispers within the security community that the cyberespionage group never entirely went away. Turla, a Russian-speaking attack group that's also known as Venomous Bear, Uroburos, and Snake, was floated as a possibility, but until recently, all links were guesswork and speculation.To read this article in full or to leave a comment, please click here | |||
|
2017-04-04 04:55:00 | After political Twitter bot revelation, are companies at risk? (lien direct) | With reports of Russia using social media and bots to push fake news to influence the 2016 U.S. presidential election, questions are arising over how these same tactics could be used against an enterprise."Twitter bots could absolutely be used against a company," said Dan Olds, an analyst with OrionX. "Someone using bots could manufacture a fake groundswell of opinion against a company or a product."The subject of Twitter bots has made headlines since federal investigations into Russia's interference with the presidential election unearthed evidence that the Kremlin used chatbots, particularly on Twitter, to seed fake news stories in order to confuse discussions and taint certain candidates, especially Democratic candidate Hillary Clinton.To read this article in full or to leave a comment, please click here | |||
|
2017-04-04 04:53:00 | What makes a good application pen test? Metrics (lien direct) | When it comes to creating secure applications, nothing beats focusing on the basics: secure coding in development and then testing the application for security defects. Part of the testing regime should always include an in-depth application pen test. But how do organizations know they are getting the full benefit from such assessments?What goes (or should go) into developing application security is well known. Developers should have their code vetted in their development environment. Their code should go through a series of quality and security tests in the development pipeline. Applications should be vetted again right after deployment. And, after all of that, it's very likely that more vulnerabilities exist in the application that have yet to be uncovered.To read this article in full or to leave a comment, please click here | |||
|
2017-04-04 04:52:00 | 5 ways data classification can prevent an insurance data breach (lien direct) | Insuring that your data is safe Image by Yohan CreemersInsurance firms collect and process large amounts of policyholder data including personally identifiable information (PII) and protected health information (PHI), as well as sensitive employee and company information that must be protected. Confidential data is the core of the business, and companies that collect and analyze it more effectively have a competitive advantage. And with the cost of file sharing and synchronization technology decreasing, actuaries are able to analyze and share data in real time. However, this also increases the number of unnecessary copies of sensitive business and consumer data.To read this article in full or to leave a comment, please click here |
|||
|
2017-04-04 04:45:00 | McAfee on its own as independent security vendor (lien direct) | Effective today, McAfee has officially spun out from Intel, dumping the name Intel Security and operating under new majority ownership that has deep pockets to help the company aggressively acquire technology via mergers and acquisitions to supplement home-grown innovations.Investment firm TPG is making a $1.1 billion equity investment in McAfee in return for 51% ownership, giving it the cash it needs to buy companies for their technology so it can be incorporated faster into McAfee platforms than if developed via R&D.That's a different strategy than is used by Intel in its chip business. “Identifying what it takes to run a semiconductor company is quite different from running a cybersecurity company in a rapidly changing threat landscape,†says Intel Security's CTO Steve Grobman.To read this article in full or to leave a comment, please click here | |||
|
2017-04-04 04:00:00 | IDG Contributor Network: 5 biggest cybersecurity questions answered (lien direct) | Some things never change. Computer security, however, is not one of them. New threats, patches and problems emerge each and every week.Many of the key questions and knowledge gaps remain remarkably consistent, and the patterns become clear when you tap into a platform with tens of thousands of those questions.That's what Experts Exchange does. The sum of this computer security community is a reflection on the top computer security anxieties in the world right now.So, join me as I reveal the most commonly asked security questions.1. How can I surf the web anonymously? To browse the internet without fear of targeted advertising or traceable questions posted online doesn't seem like a big ask. As online tracking systems become more sophisticated and harder to shake, however, the likelihood of private, anonymous browsing is becoming a long-ago memory. Take into account the latest ISP changes, where the U.S. government allows providers to not only track, but sell your browsing history without your consent. To read this article in full or to leave a comment, please click here | |||
|
2017-04-03 21:05:03 | Intel divests McAfee after rough marriage, will now secure hardware (lien direct) | Intel's finally washing its hands of McAfee after seven up and down years, which included a lawsuit last year from John McAfee, after whom the company is named.The chip maker has divested its majority holdings in McAfee to investment firm TPG for US$3.1 billion.McAfee will now again become a standalone security company, but Intel will retain a minority 49 percent stake. The chip maker will focus internal operations on hardware-level security.For Intel, dumping majority ownership in McAfee amounts to a loss. It spent $7.68 billion to acquire McAfee in 2010, which was a head-scratcher at the time. Intel's McAfee acquisition will stand as one of the company's worst acquisitions.To read this article in full or to leave a comment, please click here | |||
|
2017-04-03 17:56:21 | Notorious iOS spyware has an Android sibling (lien direct) | Security researchers have uncovered the Android version of an iOS spyware known as Pegasus in a case that shows how targeted electronic surveillance can be.Called Chrysaor, the Android variant can steal data from messaging apps, snoop over a phone's camera or microphone, and even erase itself.On Monday, Google and security firm Lookout disclosed the Android spyware, which they suspect comes from NSO Group, an Israeli security firm known to develop smartphone surveillance products.Fortunately, the spyware never hit the mainstream. It was installed less than three dozen times on victim devices, most of which were located in Israel, according to Google. Other victim devices resided in Georgia, Mexico and Turkey, among other countries.To read this article in full or to leave a comment, please click here |
To see everything:
Our RSS (filtrered)
