Network Security

  • Most Topular Stories

  • Synthetic Identity Fraud A Fast-Growing Category

    Dark Reading:
    Ericka Chickowski
    21 Oct 2014 | 12:30 pm
    Real SSNs tied with fake identities are reaping criminals big profits.
  • Koler Android ransomware spreading in US as SMS worm, warns AdaptiveMobile

    Techworld.com security
    21 Oct 2014 | 9:14 am
    The Koler Android ransom Trojan is spreading in the US after turning itself into an SMS worm, it has been reported. It's a tactic that could allow a rare piece of mobile malware to escape the nether-world of sideloaded apps from dodgy porn sites.
  • Wake up to a POODLE puddle

    Network Security Blog
    netsecpodcast@mckeay.net (Martin McKeay)
    14 Oct 2014 | 11:20 pm
    TL:DR – Disable SSL immediately. As of this morning SSL appears to be dead or at least dying.  The POODLE vulnerability in SSL was released last night, basically revealing a vulnerability in the way that SSL v3 uses ciphers and allows an attacker to make a plain-text attack against the encrypted traffic.  This makes the third major vulnerability released on the Internet this year and is another warning that this level of vulnerability discovery may be the new shape of things to come. I’m not going to try to explain POODLE in detail, or give you a nice logo for it.  Instead…
  • Google Expands 2-Factor Authentication For Chrome, Gmail

    Dark Reading:
    Sara Peters
    21 Oct 2014 | 10:00 am
    Google issues USB keys for Chrome users to log into Google accounts and any other websites that support FIDO universal two-factor authentication -- but it's no help to mobile users.
  • How Can Android Smart Lock Be Attacked? Maybe, and thats really bad because then you can bypass the file encryption

    Team Cymru Internet Security News
    21 Oct 2014 | 6:10 am
    3 retweets 2 favorites
  • add this feed to my.Alltop

    Network Security Blog

  • Posting other places

    netsecpodcast@mckeay.net (Martin McKeay)
    21 Oct 2014 | 9:49 am
    I’ve been blogging for some other sources lately.  It’s interesting to be creating articles for someone other than myself, because I put more thought into it and spend more time trying to organize my thoughts and outline the article before I put virtual pen to paper.  I’m writing for IBM’s Security Intelligence blog (they’re an Akamai partner) and InfoSecurity Magazine regularly and contributing to other venues as opportunity comes up and time allows.  Blog post, articles, webinars, presentations, or just shooting the breeze about security, I do it all.
  • Wake up to a POODLE puddle

    netsecpodcast@mckeay.net (Martin McKeay)
    14 Oct 2014 | 11:20 pm
    TL:DR – Disable SSL immediately. As of this morning SSL appears to be dead or at least dying.  The POODLE vulnerability in SSL was released last night, basically revealing a vulnerability in the way that SSL v3 uses ciphers and allows an attacker to make a plain-text attack against the encrypted traffic.  This makes the third major vulnerability released on the Internet this year and is another warning that this level of vulnerability discovery may be the new shape of things to come. I’m not going to try to explain POODLE in detail, or give you a nice logo for it.  Instead…
  • Understanding Apple’s new encryption model

    netsecpodcast@mckeay.net (Martin McKeay)
    5 Oct 2014 | 10:44 pm
    I understand enough about encryption to get myself in trouble, but not much more.  I can talk about it intelligently in most cases, but when we get down to the nitty gritty, bit by bit discussion of how encryption works, I want to have someone who’s really an expert explain it to me.  Which is why I’m glad that Matthew Green sat down to explain Apple’s claims of new encryption that they can’t open for law enforcement in great detail. The Too Long; Didn’t Read (I often forget what tl;dr means) version of it is that there is a unique ID that’s hidden deep…
  • “All we need to do is …. redo everything”

    netsecpodcast@mckeay.net (Martin McKeay)
    25 Sep 2014 | 11:04 pm
    I love listening to idealists.  In fact, I’d be one if it wasn’t for the crushing despair and cynicism that working in the security profession has instilled in me.  Or maybe I work in this field because the crushing despair and cynicism already existed.  In either case, I’ve lost the ability to even think “we could just fix all of our security problems if we just …”.  And when I see others saying the same thing, I have to shake my head in amusement at their naivete.  But it really makes me wonder when I see someone who’s been in security even…
  • Limiting online time

    netsecpodcast@mckeay.net (Martin McKeay)
    14 Sep 2014 | 10:55 pm
    I limit online time.  Not for me, for my children.  Apparently I’m among a fairly prestigious group of people who do so, since many of the C-level execs in Silicon Valley also limit their children’s time with tech.  Though it looks like many of them are even stricter than I am about how much time the children get to interact with their computers. We’ve always limited the amount of time our children can spend on the computer.  We found from an early age, they’d spend every waking moment playing games and surfing the internet if they could.  I wonder who…
 
 
 
  • add this feed to my.Alltop

    Tenable Network Security Blog

  • Black Hat Europe 2014

    Eileen Bator
    21 Oct 2014 | 11:52 am
    Black Hat Europe 2014, a premiere conference on information security, convened in Amsterdam this October. The Tenable EMEA team was there in full force, meeting customers and conversing with other security specialists.
  • Bashing Big Data

    Ron Gula
    13 Oct 2014 | 11:41 am
    Big data is everywhere. So is Bash, a command line interface found on most Linux and Unix machines. New Bash bugs are still being uncovered, with new patches coming out regularly. But hackers in the wild continue to look for and find ways to exploit Bash weaknesses.
  • Threat and Vulnerability Management: The Podcast

    Ron Gula
    13 Oct 2014 | 7:05 am
    In this October 13, 2014 podcast with Down the Security Rabbithole, Tenable CEO Ron Gula is interviewed by cohosts Rafal Los, James Jardine and Michael Santarcangelo on the subject of Threat and Vulnerability Management.
  • Strategies for Security Governance

    Craig Shumard
    8 Oct 2014 | 8:01 am
    In my last post, I gave some reasons why your board of directors and senior management need to be involved in your security efforts.
  • Recent Malaysian ATM Attacks Underscore Criticality of Continuous Monitoring

    Dick Bussiere
    6 Oct 2014 | 9:23 am
    Recently, an unusual series of attacks occurred against ATM machines in Malaysia.
 
  • add this feed to my.Alltop

    Spyware news

  • Critical Windows vulnerability is used to spread Sandworm malware

    16 Oct 2014 | 6:23 am
    One day it’s Shellshock, the other day it’s Sandworm. What should you know about this malware that was announced with fanfare several days ago? ISIGHT, the company that discovered this virus, says that Sandworm relies on a Windows zero-day vulnerability that is known as CVE-2014-4114. Fortunately, Microsoft patched this vulnerability in October, 2014. It has also been […]
  • What should I know about Shellshock?

    1 Oct 2014 | 5:56 am
    Everyone is now talking about Shellshock. What is that and what can you do about it? Here’s what you should remember: Shellshock is a software bug, which affects the Bash – the common command-line shell that is actively used in Linux/UNIX OS and Apple Mac OS X for controlling different programs and their features. It […]
  • Hackers relaunch multi-name rogues to steal people’s money!

    8 Sep 2014 | 11:52 pm
    Just imagine: you start your computer one day and see a window showing how Win 7 Antivirus 2014 scans your PC system. After performing it, this program informs you about a long list of viruses, including trojans, adware and other threats. Naturally, it offers you to remove these threats from your computer in exchange for […]
  • Good news from Google Chrome! We will be warned about deceptive downloads!

    22 Aug 2014 | 6:02 am
    Annoyed by adwares, browser hijackers and similar potentially unwanted programs? It seems that soon we will be capable of getting more power against infiltration of these programs. Of course, under one condition – we will have to choose Google Chrome web browser for doing our browsing on the Internet. We say so because of the […]
  • Got an email from Bank of America? It might be infected with Cryptowall virus!

    6 Aug 2014 | 5:25 am
    If you are interested in viruses, you must have heard about Cryptowall virus. This is a serious ransomware that has ability to encrypt specific files and then display a warning message asking people to pay a ransom for their decryption. At the moment of writing, this virus has ability to affect only those computers that […]
  • add this feed to my.Alltop

    Uncommon Sense Security

  • Introducing the Shoulders of InfoSec Project

    13 Oct 2014 | 12:19 pm
    "If I have seen further it is by standing on the shoulders of giants" Most famously attributed to Sir Isaac Newton, this quote reflects the sentiment of a new project.  In InfoSec we all stand on the shoulders of giants. It was just supposed to be a talk at DerbyCon, but as I dug into the topic I realized it needed to be more than just one talk. Another relevant quote is George Santayana’s oft-misquoted: “Those who cannot remember the past are condemned to repeat it.” In information security we have a very bad habit of ignoring the past; many times it isn’t even a…
  • What’s the best tool for the job?

    23 Jun 2014 | 7:54 am
    This year I’ve been thinking about fundamentals a lot.  That includes  patch management, and in preparing a presentation on the topic I pondered the question: “What is the best patch management tool?” I thought back to my favorite patch and systems management tools from past jobs when I ran mixed (but mostly Windows) networks for small businesses.  That reminded me of a lesson about tools I learned many years ago. What is the best [insert category here]?  I believe there are two answers: The one you have The one you know Note that these may not necessarily True, but…
  • Is OWASP broken?

    17 Jun 2014 | 11:00 am
    That’s a silly question.  I wasn’t going to comment on the current struggles of the Board of Directors for fear of adding to the Pointless InfoSec Drama, but I need to say a few things about it.  I am not an OWASP insider, but I do support their mission. OWASP has done a lot of great things, and continues to do so today.  As I said, I’m not an insider, but there appear to be some struggles at the global Board level and possibly organizationally at the national and international level.  And I don’t really care- I hope it gets sorted out soon, but the power of OWASP…
  • A small rant on presenting at conferences

    22 Apr 2014 | 9:31 am
    The more conferences I run the more sympathy I have for other conference organizers, even the big commercial ones, and the more inclined I am to follow their rules and requests- but I expect the conferences to have a clue about what’s involved in delivering a good presentation and facilitate that, not hinder it. If there are glitches at a BSides or other smaller, volunteer-run, or new events I’m OK with that.  It happens.  What I can’t stand are conferences which try to manage the speakers in ways that prevent delivering quality presentations. First and foremost, I hate having…
  • Threat Modeling, by Adam Shostack

    11 Apr 2014 | 5:57 pm
    Adam has a new book out, Threat Modeling: Designing for Security, and it is a great resource for anyone in security.  As with New School of Information Security, this is one to grab, read, and keep on the shelf (e-shelf?). The layout is great, after a short introduction Adam takes you into an easy, but informative practice exercise.  After the exercise there is a more in-depth introduction, which builds on what you learn in the exercise- and also answers some questions which inevitably come up during the exercise.  From the first couple of chapters the book gets progressively…
  • add this feed to my.Alltop

    cissp CISSP training Certified Information Systems Security Professional

  • MY FRIEND SHON HARRIS PASSED AWAY

    Posted by boss
    14 Oct 2014 | 11:09 pm
    March 27th, 1968  ~  October 8th, 2014OUCH! A shockwave just hit me this morning.What a devastating news I hear this morning.  My long term friend passed away.  She was so young and such an inspiration to others.  It is a very sad day for sure.On the 16 of September we were trading emails and she did not let her sickness transpire and she did not ever complain once or even mention it.  She was dynamic in her response and she soldier on as long as she could.  I was aware she was very sick but never taught it was progressing that fast.Shon was a lot more to…
  • The Holistic CISSP CBT Tutorial for the BCP and DRP domain of the CBK

    Posted by boss
    8 Aug 2014 | 12:01 pm
    Dear members, The CCCure Learning Portal  is our new Learning Portal and it will eventually replaced CCCure.org.   The CCCure.Org has lots of legacy, it has some spammer posting within articles, and it is due for retirement.   Over the next months we will migrate the relevant content of CCCure.Org to CCCure.Training.  So far I have developed 38 Hours of thorough Computer Based Tutorial on our new portal and I will continue over the next week as well. You can visit the new site at:  The CCCure Learning Portal Good day to all, I have never read as many NIST…
  • The CCCure Holistic Computer Based Tutorials (CBT) for the CISSP Exam

    Posted by
    29 Jul 2014 | 3:57 am
    Good day to all, I am pleased to say that I have just uploaded Part 3 of my Telecommunication and Network Security CBT tutorial to our Learning portal at https://cccure.training/index.php a few minutes ago.   I am now working on the 4th and last portion and it should be ready soon. That's a total of 24 hours of tutorial developed by CCCure/Clement for the CISSP CBK alone. The tutorials are available to Gold and Siver members at: https://cccure.training//m/articles/browse/category/CISSP+Online+CBT The MP3 files were uploaded as well and you can download them to listen while mobile on…
  • Prevent Your Network Getting Hacked with a Free Acunetix Security Scan

    Posted by cdupuis
    18 Jun 2014 | 2:21 pm
    Acunetix Free Scan will identify network security issues including the feared Heartbleed to allow businesses to fix them in time London, UK - 17th June 2014 – The recent Heartbleed vulnerability has highlighted the urgent need for more network level security scanning. In view of this, Acunetix has announced that it will be offering 10,000 Free Network Security scans with Acunetix Online Vulnerability Scanner (OVS) in a bid to make it easier for businesses to take control of their network security. Acunetix Online Vulnerability Scanner is a hosted security scanner that will scan a…
  • Secure Coding and Advanced Android and IOS exploitation

    Posted by
    17 Jun 2014 | 8:03 am
    VIEW THIS MAIL IN BROWSER -- CLICK HERE NOW -->  --> NotSoSecure Trainings Secure Coding for Web Developers What can you expect from this class? Covers latest industry standards such as OWASP Top 10 (2013). Insight into latest security vulnerabilities like the heartbleed bug. Thorough guidance on security best practices. References to real world analogy. Hands-on labs. Taught by the Industry's leading expert and Black Hat Trainer. --> Advanced Android and iOS Exploitation What can you expect from this class? Learn advanced techniques to audit mobile apps for security…
 
  • add this feed to my.Alltop

    Schneier on Security

  • Friday Squid Blogging: 1,057 Squid T-Shirts

    schneier
    17 Oct 2014 | 3:17 pm
    That's a lot. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Commenting has been broken for the past few days. We hope to get it fixed on Monday.
  • Hacking a Video Poker Machine

    schneier
    17 Oct 2014 | 4:35 am
    Kevin Poulsen has written an interesting story about two people who successfully exploited a bug in a popular video poker machine.
  • NSA Classification ECI = Exceptionally Controlled Information

    schneier
    16 Oct 2014 | 4:22 am
    ECI is a classification above Top Secret. It's for things that are so sensitive they're basically not written down, like the names of companies whose cryptography has been deliberately weakened by the NSA, or the names of agents who have infiltrated foreign IT companies. As part of the Intercept story on the NSA's using agents to infiltrate foreign companies and networks, it published a list of ECI compartments. It's just a list of code names and three-letter abbreviations, along with the group inside the NSA that is responsible for them. The descriptions of what they all mean would never be…
  • DEA Sets Up Fake Facebook Page in Woman's Name

    schneier
    15 Oct 2014 | 5:06 am
    This is a creepy story. A woman has her phone seized by the Drug Enforcement Agency and gives them permission to look at her phone. Without her knowledge or consent, they steal photos off of the phone (the article says they were "racy") and use it to set up a fake Facebook page in her name. The woman sued the government over this. Extra creepy was the government's defense in court: "Defendants admit that Plaintiff did not give express permission for the use of photographs contained on her phone on an undercover Facebook page, but state the Plaintiff implicitly consented by granting access to…
  • FOXACID Operations Manual

    schneier
    15 Oct 2014 | 4:29 am
    A few days ago, I saw this tweet: "Just a reminder that it is now *a full year* since Schneier cited it, and the FOXACID ops manual remains unpublished." It's true. The citation is this: According to a top-secret operational procedures manual provided by Edward Snowden, an exploit named Validator might be the default, but the NSA has a variety of options. The documentation mentions United Rake, Peddle Cheap, Packet Wrench, and Beach Head-­all delivered from a FOXACID subsystem called Ferret Cannon. Back when I broke the QUANTUM and FOXACID programs, I talked with the Guardian editors about…
  • add this feed to my.Alltop

    Infosec Events

  • Week 42 In Review – 2014

    md
    20 Oct 2014 | 2:58 pm
    Events Related BlackHat Europe 2014 Wrap-Up Day #1 – blog.rootshell.be BlackHat is back in Amsterdam and here is Xavier’s wrap-up for the first day. The day started with the Adi Shamir’s keynote and some crypto. BlackHat Europe 2014 Wrap-Up Day #2 – blog.rootshell.be Here is Xavier’s small wrap-up for the second BlackHat day. His first choice was to attend a talk about IPv6. Resources SIM Card Forensics – 0xicf.wordpress.com The SIM (subscriber identity module) is a fundamental component of cellular phones. It’s also known as an integrated circuit card (ICC), which is…
  • Week 41 In Review – 2014

    md
    13 Oct 2014 | 1:33 pm
    Resources nullcon Goa 2014: Pentesting Proprietary RF Communications by Justin Searle – youtube.com This talk will demonstrate practical techniques to identify, assess, and exploit a subclass of control systems found in your companies that use proprietary RF communications, such as fire alarms, proximity cards, automotive security gates, car alarms, conference rooms, and building automation systems. The Best DerbyCon 2014 Talks for Red Teams – blog.cobaltstrike.com DerbyCon is one of Raphael Mudge’s favorite conferences. Here is a list of talks from DerbyCon by Raphael that are…
  • Week 40 In Review – 2014

    md
    8 Oct 2014 | 2:00 am
    Resources SLouisville Infosec 2014 Videos – irongeek.com Here are the videos from the Louisville Infosec 2014 conference. You can download the videos from here. Derbycon 2014 Videos – irongeek.com These are the videos of the presentations from Derbycon 2014. You can watch and download the videos from here. Shellshocker! – Episode 029a – in-security.org You might have head something about Shellshock as the details unravel so InSecurityShow are trying to give you some insight into what you might be hearing in this important message from your friendly computer information security…
  • Information Security Events For October

    sheila
    3 Oct 2014 | 3:16 am
    Here are information security events in North America this month: Louisville Metro InfoSec Conference 2014 : October 2 in Shepherdsville, KY, USA     Rochester Security Summit 2014 : October 7 to 8 in Rochester NY, USA   MIRcon 2014 : October 7 to 8 in Washington, DC, USA     SIRACon 2014 : October 9 to 10 in Minneapolis, MN, USA     Microsoft BlueHat 2014 : October 9 to 10 in Seattle, WA, USA   Root66 Information Security Conference 2014 : October 9 in Oklahoma City, OK, USA     Learning from Authoritative Security Experiment Results (LASER)…
  • Week 39 In Review – 2014

    md
    1 Oct 2014 | 2:28 pm
    Resources (IN)Secure Magazine issue 43 (September 2014) available – net-security.org (IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics. You can download it now. A Guide to Gary McGraw’s AppsecUSA Keynote – cigital.com Here is a quick guide to the key ideas in the talk. Hope you find this little guide helpful. Hacking Apple TouchID on the iPhone 6 – youtube.com Using a fake fingerprint to bypass Apple’s TouchID fingerprint reader on the iPhone 6. latest grok-DerbyCon2014-final.pdf –…
  • add this feed to my.Alltop

    Dr Anton Chuvakin Blog PERSONAL Blog

  • Links for 2014-10-06 [del.icio.us]

    Anton Chuvakin
    7 Oct 2014 | 12:00 am
    How a bank knows it has been hacked | Marketplace.org
  • Monthly Blog Round-Up – September 2014

    1 Oct 2014 | 8:20 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list. “Top 10…
  • Links for 2014-09-26 [del.icio.us]

    Anton Chuvakin
    27 Sep 2014 | 12:00 am
    Chip and PIN: No panacea, but worth the effort – and the cost | CSO Online
  • Monthly Blog Round-Up – August 2014

    2 Sep 2014 | 10:46 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list. My classic PCI…
  • Monthly Blog Round-Up – July 2014

    1 Aug 2014 | 8:10 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list. My classic PCI…
 
  • add this feed to my.Alltop

    Security Blog

  • Shellshock and Ebola: or How I learned to seek actionable intel and ignore the FUD

    Marc Spitler
    21 Oct 2014 | 8:32 am
    The information security community was thrown into a bit of a tizzy recently with the disclosure of the bash vulnerabilities grouped together under the catchy name “Shellshock”. Days later the first instance of the Ebola virus was diagnosed on American soil. Both announcements received (and continue to receive) a significant amount of news coverage and not without reason. Both also provide an opportunity to take a collective deep breath and filter out the actionable information from the hype.  Let’s start with the question “Are we vulnerable?” For both risks,…
  • Weekly Intelligence Summary Lead Paragraph: 2014-10-17

    ssimpson
    20 Oct 2014 | 9:05 am
    Vulnerabilities, vulnerabilities and more vulnerabilities. Almost all of which are patched, but some of which are being exploited in the wild. That’s the key takeaway from this week’s intelligence collections. iSight Partners released a report on a group known as Sandworm (or Quedagh according to F-Secure), which was exploiting a previously undiscovered vulnerability in Windows OLE (CVE-2014-4114) to spread BlackEnergy malware. CrowdStrike reported on a threat group it calls Hurricane Panda that was exploiting a zero day vulnerability in Windows Kernel-Mode driver (CVE-2014-4113). to…
  • The Importance of Data

    Gabe Bassett
    16 Oct 2014 | 7:35 am
    Recently in information security defense, there has been a large push towards the data.  This post will try to explain why. First, what is our goal?  What is winning?  Winning is actually very simple.  Information security confrontations only end in one of three ways: The attacker accomplishes their goals, usually at the expense of the defender’s organization. The attacker is ‘priced out of the market’.  This can mean one of two things.  They may no longer have the resources to accomplish their goals.  (Not enough time, money, or technical expertise.)…
  • Healthcare Data Breaches: Using VCDB and Mongo to Find Answers (Part 2)

    Suzanne Widup
    13 Oct 2014 | 10:28 am
    Back in July, we looked at working with the VERIS Community Database (VCDB) data to see some basic information about security incidents in the Healthcare industry. Since that time, we’ve completed another update to the dataset, so there are more incidents for us to explore. To begin, you’ll want to drop the existing data from your database and import the new dataset to ensure you have no duplications. I didn’t cover dropping a database in the prior article, so lets go over that now. First, you’ll have your mongo database already running and you will have told mongo to use the database…
  • Weekly Intelligence Summary Lead Paragraph: 2014-10-10

    dkennedy
    10 Oct 2014 | 4:18 pm
    Different facets of DDoS risk were part of this week’s intelligence collections.  Arbor’s quarterly report noted a 42% increase in SSDP reflection attacks.  Cloudmark reported flooding attacks on DNS servers using FQDN requests prepended with randomized sub-domains.  Radware describes “Tsunami SYN Flood Attacks” with 1000 byte SYN packets that are about 20x those in normal network traffic.  And CNet has “Interview with a DDoS troll,” an exercise in rationalization concluding with: “Why would I want to stop?” ESET assesses the Sednit espionage threat actor is using a…
  • add this feed to my.Alltop

    symantec.com

  • Denial-of-service attacks—short but strong

    Candid Wueest
    21 Oct 2014 | 5:07 am
    DDoS amplification attacks continue to increase as attackers experiment with new protocols. Summary:  DDoS amplification attacks continue to increase as attackers experiment with new protocols. read more
  • PDF invoices may cost more than you expect

    Bhaskar Krishna
    20 Oct 2014 | 9:45 am
    Misspelled invoice email claims to be looking for payment but steals confidential information instead. Summary:  Misspelled invoice email claims to be looking for payment but steals confidential information instead. Contributor: Joseph Graziano PDF invoices sent over email have become increasingly common in today’s business world. However, that doesn’t mean that there are no complications with the file format. Addressing these invoices without requiring verification from the recipient can lead to a compromised computer with the user’s confidential data in jeopardy. read more
  • Dropbox users targeted by phishing scam hosted on Dropbox

    Nick Johnston
    17 Oct 2014 | 1:01 pm
    Fake Dropbox login page attempts to steal credentials for popular email services. Summary:  Fake Dropbox login page attempts to steal credentials for popular email services. In March 2014, we blogged about how Google Docs and Google Drive users were being targeted by a sophisticated phishing scam. In this scam, messages included links to a fake Google Docs login page hosted on Google itself. read more
  • Poodle: Vulnerability in old version of SSL represents new threat

    Symantec Security Response
    16 Oct 2014 | 12:41 pm
    New vulnerability in SSL 3.0 can allow attackers to extract data from supposedly secure connections. Summary:  New vulnerability in SSL 3.0 can allow attackers to extract data from supposedly secure connections. read more
  • Microsoft Patch Tuesday – October 2014

    PraveenSingh
    14 Oct 2014 | 1:37 pm
    This month the vendor is releasing eight bulletins covering a total of 24 vulnerabilities. Thirteen of this month's issues are rated ’Critical’. Summary:  This month the vendor is releasing eight bulletins covering a total of 24 vulnerabilities. Thirteen of this month's issues are rated ’Critical’. read more
 
  • add this feed to my.Alltop

    Optimal Security

  • Infosec Haiku

    Chris Merritt
    18 Oct 2014 | 3:25 pm
    Anata no joho sekyuritei konshu no haiku Huge Month for Patches —   and Much More Time to Patch It Up   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if yours is published, I’ll send you a $20 Starbux card. Please DM me at infosec-haiku@lumension.com. Contest Rules: all rulings by the judge (me) are final, blah blah blah.
  • Infosec Haiku

    Chris Merritt
    18 Oct 2014 | 3:24 pm
    Anata no joho sekyuritei konshu no haiku Vulns Galore This Week Oh So Many CERT Alerts Time to Patch It Up   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if yours is published, I’ll send you a $20 Starbux card. Please DM me at infosec-haiku@lumension.com. Contest Rules: all rulings by the judge (me) are final, blah blah blah.
  • Malicious ads run next to popular YouTube videos, laced with the Sweet Orange exploit kit

    Graham Cluley
    17 Oct 2014 | 8:47 am
    If you want to watch a video, you go to YouTube.  It’s as simple as that. Although other sites exist which host videos, Google-owned YouTube is the Goliath in the market – and gets the overwhelming bulk of the net’s video-watching traffic. And, of course, that enormous success and high traffic brings with it unwanted attention – from online criminals who are trying to find effective ways of infecting the computers of internet users. Researchers at Trend Micro have discovered a criminal campaign exploiting the YouTube platform, where some of the site’s most…
  • BadUSB Update

    Chris Merritt
    16 Oct 2014 | 9:34 am
    I have received several inquiries regarding the latest news about the so-called BadUSB vulnerability, so I thought I’d write a quick post on what we know at the moment. What is BadUSB? BadUSB is a vulnerability – not malware – in the design and implementation of firmware used on USB devices which allows it to be updated without being vetted. The “as designed” feature being exploited is the ability to update / change the firmware without being signed (no certificate) nor checked by the OS of the host system to verify that it has not been altered. This means that “bad guy code”…
  • October Patch Tuesday Fixes Critical Vulns in Windows, IE

    Russ Ernst
    14 Oct 2014 | 10:59 am
    Microsoft’s September reorg of the Trustworthy Computing Group definitely didn’t slow down the patches. Today’s October Patch Tuesday addresses 24 CVEs in 8 bulletins; 3 are critical and 5 are important. The TwC cybersecurity group is still hard at work and given the very nature of software, that’s a good thing. The industry needs a consistent patch model and hopefully, the restructure will ensure even stronger patch delivery in the future. This month, MS14-058 should be your first priority. It patches 2 CVEs in Windows Kernel-Mode Driver that could allow a remote code execution. Note…
 
  • add this feed to my.Alltop

    TRUSTe Blog

  • The Power of the Privacy Impact Assessment

    lgradman
    17 Oct 2014 | 8:59 am
    As technology has evolved, companies have realized that the data collection practices they deploy can often make the difference between success and failure. Depending on how this information is leveraged, the use of big data can push a company ahead of the competition through new data-driven strategies, uncovering numerous benefits. But the use of data … Continue reading »
  • CNIL comments on first findings from Cookie Sweep

    lgradman
    15 Oct 2014 | 1:19 pm
    Speaking at the Compliance Week Europe Conference in Brussels yesterday Sophie Narbonne, Deputy Director of Legal Affairs at the CNIL was one of the first to comment publicly following the recent European Cookie Sweep. Clarifying that they are still working on the results she said “It is clear that there is now a first layer … Continue reading »
  • October Monthly Spotlight

    lgradman
    6 Oct 2014 | 9:00 am
    October 13-14 Compliance Week Europe Brussels, Belgium Kevin Trilli, VP Product, TRUSTe will lead a workshop which looks at how compliance and privacy functions should be structured and work together and how global companies can navigate different privacy expectations between Europe and the United States. The session will include a demonstration of the TRUSTe DPM … Continue reading »
  • Top 5 Qualities in a Great CPO

    lgradman
    29 Sep 2014 | 7:00 am
    By Alexandra Ross, The Privacy Guru (@sharemindfully) Guest Blog Whenever a new position emerges at the C-suite level, you can be certain substantial debate about exactly what the role encompasses and which skills are crucial for meeting an organization’s needs will follow. It’s understandable, as a new executive role is often a response to massive … Continue reading »
  • TRUSTe Appoints Privacy Pro Josh Harris as New Director of Policy

    lgradman
    25 Sep 2014 | 3:30 am
    TRUSTe today announced that privacy specialist Josh Harris has joined the team as the new Director of Policy. Josh has an extensive background in the privacy field with experience as a former Department of Commerce staffer and Future of Privacy Forum Policy Director. Josh will be responsible for driving programs that protect consumer privacy and … Continue reading »
  • add this feed to my.Alltop

    iViZ Blog

  • Shellshock Bug: A Quick Primer

    Nilanjan De
    30 Sep 2014 | 5:27 am
    What is ShellShock Bug?  Shellshock is a security vulnerability(CVE-2014-6271) in the widely used Unix Bash Shell which was discovered by Stéphane Chazelas on 12 September 2014 and disclosed on 24 September 2014. Subsequently, various researchers have discovered multiple other vulnerabilities in bash. What is the Vulnerability? The Unix Bash Shell stores exported function definitions in environment variables. When a new instance of bash is launched, it reads these specially crafted environment variables, and interprets them as function definitions. Unfortunately, due to insufficient…
  • Anatomy of Heartbleed Bug

    Nilanjan De
    30 Apr 2014 | 5:46 am
    There has been a lot of buzz about Heartbleed[1] in the news recently. In this blog post, we have tried to put together the important things that one should know about Heartbleed. What is Heartbleed? Heartbleed is the popular name given to the recently found vulnerability(CVE-2014-0160) inOpenSSL - an open-source encryption library. More specifically, this is a bug in the OpenSSL Heartbeat protocol which results in a vulnerable server to leak or bleed confidential content in its memory space (and hence the name ‘Heartbleed’).  What’s Heartbleed bug? OpenSSL is the most popular…
  • Penetration Testing E-commerce Applications

    jitendra.chauhan
    25 Apr 2014 | 3:46 am
    Over the past decade, E-Commerce applications have grown both in terms of numbers and complexity. Currently, E-Commerce application are going forward becoming more personalized, more mobile friendly and rich in functionality. Complicated recommendation algorithms are constantly running at the back end to make content searching as personalized as possible. Why a conventional application penetration testing is not enough for E-commerce Applications? E-Commerce applications are growing in complexity, as a result conventional application penetration is simply not enough. Conventional application…
  • How effective is your SIEM Implementation?

    jitendra.chauhan
    16 Apr 2014 | 4:10 am
    During the last few penetration testing conducted for certain organizations, we have discovered a surprising fact that almost all the SIEM implementation had gaps on the implementation levels. For example, in certain cases, SIEM did not even detect at all when the internal network was conducted with rigorous penetration testing. I am not saying that all the SIEM implements are as bad as stated; however, it is mandatory to find out if your SIEM implementation is actually as effective as you perceive it. (Read More:  Is STORM Better Than HADOOP For Real Time Security Big Data Analytics?) How…
  • 10 questions to ask before you start your Bug Bounty program…

    Bikash Barai
    11 Apr 2014 | 12:49 am
    Bug bounty programs are quite common these days with several of the biggest names in the industry have launched various avatars of the program. I have been asked by a few security managers and managements about should they launch a bug bounty program. Definitely bug bounty program has the advantage of crowd sourcing. However an organization should be mature and prepared enough to launch such a program. Here are some questions which shall tell you if you are prepared or not. You are ready only if all the answers to the questions are “Yes”. You are ready if you can... The post 10 questions…
 
  • add this feed to my.Alltop

    Free IT - Security Magazines and Downloads from alltop.tradepub.com

  • The FDA are Taking Cybersecurity in Medical Devices Seriously and So Should You

    17 Oct 2014 | 12:00 am
    Medical devices are undergoing a technical transformation in terms of software, interconnectivity and interoperability. This increase of function comes with an increase in risk from cybersecurity threats which puts not only the patients with medical devices potentially at risk, but has wider implications for connected digital infrastructure too. The safety, security and privacy of patients must be protected and the providers of software for medical devices must work with regulators and the wider industry to ensure this.Request Free!
  • Symantec Intelligence Report: September 2014

    16 Oct 2014 | 12:00 am
    Read this report to learn more about:Targeted Attacks and Data BreachesMalware TacticsSocial Media and Mobile ThreatsPhishing, Spam and Email ThreatsRequest Free!
  • Five DLP Tips from Security Executives

    16 Oct 2014 | 12:00 am
    This research paper examines the findings from a new study on DLP by Symantec. The goal of the study is to understand how DLP programs impact the effectiveness of security executives, while also protecting corporate data.Request Free!
  • SANS Report - Breaches Happen: Be Prepared

    16 Oct 2014 | 12:00 am
    This paper describes how to start with improved malware reporting and gateway monitoring and how to combine this output with security intelligence from both internal and external resources. Forward thinking organizations use these and other techniques promoted by frameworks such as the Critical Security Controls. The key is to—as quickly as possible—detect hostile activity, identify and locate affected systems and devices, and respond appropriately.Request Free!
  • Best Practices for Mobile Application Lifecycle Management

    13 Oct 2014 | 12:00 am
    Home-grown enterprise apps improve productivity, business partnerships, customer satisfaction and bottom-line performance.Mobile Application Lifecycle Management (MALM) is the key to ensuring the protection of apps and associated data by integrating security throughout the end to end process. Download this white paper to learn how to address:Proactive application security best practicesEmbedded device complianceSingle sign-on supportData Loss Prevention (DLP) controlsRequest Free!
  • add this feed to my.Alltop

    IT-Security

  • Apple Pay is Here, First Notes

    Branden Williams
    20 Oct 2014 | 1:07 pm
    Apple Pay via Touch ID 12:01 hits and I hit my Software Update menu item to see if I can snag me some Apple Pay, and BAM! There it is! 20 minutes later, I am ready to go with iOS 8.1. Here are a few notes for those of you who may be using it as well. Apple Pay is a part of Passbook, and acts like any other Passbook integration. You can open Passbook and add ONE card, but any additional cards must be added under Settings -> Passbook & Apple Pay. For each card that is enrolled, you may be asked to validate your identity. Make sure that your banks have current email addresses and phone…
  • Facelift Friday!

    Branden Williams
    17 Oct 2014 | 8:07 am
    I’m so flat now! For those of you who have not noticed yet, the website has gotten a much needed update! For those of you who have been around here for a while, you will remember that the last time I did something was in 2009, right before the 2nd edition of the book published (4th edition coming soon!). Quite a bit has happened since then, including new design styles and ways to present information. I contacted Spellbrand to help put a fresh look on things! All of the old information is still here, it’s just presented a bit differently. You will also notice that I will be…
  • Enable 2-Factor Everywhere

    Branden Williams
    16 Oct 2014 | 8:25 am
    Dropbox is the latest victim to announce that a third party (Snapchat was last week) integration caused a ton of their usernames and passwords to be leaked on Pastebin. At this point, most of our super-useful cloud services (Evernote, Twitter, Facebook, Google, and Dropbox to name a few) all have the ability to turn on some kind of stepped-up authentication. Some of these use Google Authenticator, which couldn’t be any easier to use than it already is (probably). by Chipmonkey So after you go change your Dropbox password (to something unique, not used on any other website), take a few…
  • Incentives in PCI DSS

    Branden Williams
    9 Oct 2014 | 8:57 am
    ETA’s Transaction Trends publication recently featured an article by Darrel Anderson entitled Why PCI Compliance Isn’t Working. In it, he describes one of the problems that we’ve been exploring here over the last month or so—incentive structures for PCI DSS. At the ETA Strategic Leadership Forum, the CEO of a prominent payments company echoed this sentiment by suggesting that his peers in the industry should be invested in taking the bite out of processing payments. Darrel touches on this in his article when he discusses the complexity of PCI DSS and how merchants…
  • ETA Strategic Leadership Forum

    Branden Williams
    7 Oct 2014 | 8:00 am
    Photo by || UggBoy♥UggGirl || PHOTO || WORLD || TRAVEL || It’s that time of year again, and several of us are headed out to this fantastic event put on by ETA. Look me up when you are there so we can chat about some of the interesting events over the last few months. Some of those include: POS Malware Scoping Challenges with PCI DSS 3.0 Apple Pay (and P2PE) Shellshock Side channel attacks on PINs Looking forward to discussing the future of payments with some of the most influential people in the industry! This post originally appeared on BrandenWilliams.com. Possibly Related…
 
  • add this feed to my.Alltop

    Infosec Communicator »

  • Shockproofing Your Use of Social Media eBook available!

    bwadmin
    17 Oct 2014 | 8:25 am
    My Shockproofing Your Use of Social Media: 10 Things You Should Know eBook is now available on Kindle! For those of you who have attended one of my Lightning Talks about Internet Safety, this book fleshes out my recommendations for … Continue reading →
  • The Secure Communicator

    bwadmin
    17 Aug 2014 | 1:39 pm
    I had the pleasure of discussing information security best practices for technical communicators through an STC webinar. Here’s the presentation: … Continue reading →
  • Updated Shock-proofing your Use of Social Media Presentation

    bwadmin
    15 Aug 2014 | 11:08 am
    I’ve updated my Shock-proofing your Use of Social Media presentation for the Fall 2014 New Student Orientation program at the Rochester Institute of Technology. I’ve changed the passphrase example, added a new cartoon, and generally worked to make the presentation … Continue reading →
  • A Techcomm Bestiary, Summit14 edition

    bwadmin
    7 May 2014 | 12:23 pm
    I’ve changed out one slide from the Spectrum14 presentation. Looking forward to presenting this to a crowd at the STC Summit in Phoenix. … Continue reading →
  • A Techcomm Bestiary, Spectrum 2014

    bwadmin
    21 Apr 2014 | 2:38 pm
    I thought this came together pretty well and I had a great time presenting my first revision of A Techcomm Bestiary at STC Rochester’s Spectrum 2014. I may make a couple of slide changes before the STC Summit, but this … Continue reading →
  • add this feed to my.Alltop

    Infosec Communicator »

  • Shockproofing Your Use of Social Media eBook available!

    bwadmin
    17 Oct 2014 | 8:25 am
    My Shockproofing Your Use of Social Media: 10 Things You Should Know eBook is now available on Kindle! For those of you who have attended one of my Lightning Talks about Internet Safety, this book fleshes out my recommendations for … Continue reading →
  • The Secure Communicator

    bwadmin
    17 Aug 2014 | 1:39 pm
    I had the pleasure of discussing information security best practices for technical communicators through an STC webinar. Here’s the presentation: … Continue reading →
  • Updated Shock-proofing your Use of Social Media Presentation

    bwadmin
    15 Aug 2014 | 11:08 am
    I’ve updated my Shock-proofing your Use of Social Media presentation for the Fall 2014 New Student Orientation program at the Rochester Institute of Technology. I’ve changed the passphrase example, added a new cartoon, and generally worked to make the presentation … Continue reading →
  • A Techcomm Bestiary, Summit14 edition

    bwadmin
    7 May 2014 | 12:23 pm
    I’ve changed out one slide from the Spectrum14 presentation. Looking forward to presenting this to a crowd at the STC Summit in Phoenix. … Continue reading →
  • A Techcomm Bestiary, Spectrum 2014

    bwadmin
    21 Apr 2014 | 2:38 pm
    I thought this came together pretty well and I had a great time presenting my first revision of A Techcomm Bestiary at STC Rochester’s Spectrum 2014. I may make a couple of slide changes before the STC Summit, but this … Continue reading →
  • add this feed to my.Alltop

    AT&T Networking Exchange Blog » Security

  • Security audit and testing: Is your network secure?

    Jennia Hizver
    21 Oct 2014 | 3:45 am
    The media regularly features stories about hackers breaking into enterprise servers to steal sensitive data. One common scenario begins when an employee receives a phishing email that looks like a legitimate business email urging the recipient to click on a link or to open an attachment. A doorway for cyber criminals These emails are sent by attackers and typically contain a malicious program designed to attack a popular corporate desktop software. Once the program is executed, it allows the attacker to take control of the employee’s desktop, using it as a gateway into the enterprise. The…
  • The “Ice Bucket Challenge” and Cyber Security

    Jeff Huegel
    13 Oct 2014 | 3:45 am
    This summer’s The Ice Bucket Challenge took the world by storm with celebrities, executives, captains of industry, politicians, and everyday folks drenching themselves and calling out friends and colleagues to do the same to support ALS research. While this particular challenge targets a worthy cause and has raised over $100 million dollars for ALS research, “me-too-isms” in the field of security and risk management can be dangerous. Take compliance for example. We in the Security field often discuss the inappropriateness of thinking compliance is security. Some of the…
  • Proactive threat intelligence: The key to successful cybersecurity

    10 Oct 2014 | 6:45 am
    When most people think about data breaches, they think of the high-profile incidents that make international headlines. However, smaller data breaches happen every day. While these may not make headlines, they can still have a big impact on the bottom line. With so much at stake, and new advanced threats emerging daily, what can businesses do to become more proactive in their security efforts? Register for this live webinar on October 14 at 12 noon EDT to hear from Dr. Larry Ponemon, founder of the Ponemon Institute and one of the world’s most influential thinkers on data security. He’ll…
  • Threat intelligence tops the new cybersecurity agenda

    Bindu Sundaresan
    9 Oct 2014 | 3:45 am
    Security intelligence is the component missing from many organizations’ defensive arsenals. Intelligence places IT security threats in context, adding information about “who” and “why” to the technical details of “how.” Applied intelligence reinforces an organization’s security posture and directs its response in productive ways. It provides a framework for aggregation, correlation, and prediction of threats and outcomes, giving organizations an earlier warning and a guide to implementing countermeasures. Security intelligence delivers business value only when it is timely and…
  • Are you at risk of identity fraud?

    Craig Leonardi
    7 Oct 2014 | 3:45 am
    Consumers are almost twice as likely to have their identity stolen online as they are to have anything else stolen from their homes or vehicles, including the vehicle itself. Identity fraud affects over 12.6 million U.S. consumers yearly compared to physical theft which impacts 6.7 million victims per year. Over 300 million passwords were stolen last year and the count is already over a billion this year, costing business hundreds of millions of dollars in fraud and lost productivity. It is clear that relying solely on current password schemes to protect customer accounts is no longer…
 
  • add this feed to my.Alltop

    AT&T Networking Exchange Blog » Security

  • Security audit and testing: Is your network secure?

    Jennia Hizver
    21 Oct 2014 | 3:45 am
    The media regularly features stories about hackers breaking into enterprise servers to steal sensitive data. One common scenario begins when an employee receives a phishing email that looks like a legitimate business email urging the recipient to click on a link or to open an attachment. A doorway for cyber criminals These emails are sent by attackers and typically contain a malicious program designed to attack a popular corporate desktop software. Once the program is executed, it allows the attacker to take control of the employee’s desktop, using it as a gateway into the enterprise. The…
  • The “Ice Bucket Challenge” and Cyber Security

    Jeff Huegel
    13 Oct 2014 | 3:45 am
    This summer’s The Ice Bucket Challenge took the world by storm with celebrities, executives, captains of industry, politicians, and everyday folks drenching themselves and calling out friends and colleagues to do the same to support ALS research. While this particular challenge targets a worthy cause and has raised over $100 million dollars for ALS research, “me-too-isms” in the field of security and risk management can be dangerous. Take compliance for example. We in the Security field often discuss the inappropriateness of thinking compliance is security. Some of the…
  • Proactive threat intelligence: The key to successful cybersecurity

    10 Oct 2014 | 6:45 am
    When most people think about data breaches, they think of the high-profile incidents that make international headlines. However, smaller data breaches happen every day. While these may not make headlines, they can still have a big impact on the bottom line. With so much at stake, and new advanced threats emerging daily, what can businesses do to become more proactive in their security efforts? Register for this live webinar on October 14 at 12 noon EDT to hear from Dr. Larry Ponemon, founder of the Ponemon Institute and one of the world’s most influential thinkers on data security. He’ll…
  • Threat intelligence tops the new cybersecurity agenda

    Bindu Sundaresan
    9 Oct 2014 | 3:45 am
    Security intelligence is the component missing from many organizations’ defensive arsenals. Intelligence places IT security threats in context, adding information about “who” and “why” to the technical details of “how.” Applied intelligence reinforces an organization’s security posture and directs its response in productive ways. It provides a framework for aggregation, correlation, and prediction of threats and outcomes, giving organizations an earlier warning and a guide to implementing countermeasures. Security intelligence delivers business value only when it is timely and…
  • Are you at risk of identity fraud?

    Craig Leonardi
    7 Oct 2014 | 3:45 am
    Consumers are almost twice as likely to have their identity stolen online as they are to have anything else stolen from their homes or vehicles, including the vehicle itself. Identity fraud affects over 12.6 million U.S. consumers yearly compared to physical theft which impacts 6.7 million victims per year. Over 300 million passwords were stolen last year and the count is already over a billion this year, costing business hundreds of millions of dollars in fraud and lost productivity. It is clear that relying solely on current password schemes to protect customer accounts is no longer…
  • add this feed to my.Alltop

    The Redspin Report

  • Helpful Reminders About HIPAA Security Risk Analysis

    mmak
    21 Oct 2014 | 1:20 pm
    If protecting the integrity of patient health care information were not already sufficient incentive to improve IT security, being HIPAA compliant comes with even more perks for most providers. Medicare and Medicaid Electronic Health Care Record (EHR) Incentive Programs have been implemented to provide financial incentives to eligible medical professionals and hospitals that demonstrate they have satisfied the requirements of the HIPAA Security Rule. The core objective of “Protect Electronic [ Read More ]
  • All Roads in the Digital Future Lead Through Security Says Gartner

    Dan Berger
    20 Oct 2014 | 11:09 am
    Gartner recently released their Top 10 Strategic Technology Trends for 2015. These aren't your run-of-the-mill trends mind you. These are the disruptive (and often distressing) realities that appear to be just 'round the corner and will require organizations and individuals to adapt and invest or risk being left in the evolutionary dust. While some trends have been percolating along quite nicely such as cloud computing and software-defined infrastructures and applications, I don't think the real [ Read More ]
  • 4 Things You Should Know About Social Engineering

    mmak
    16 Oct 2014 | 11:03 am
    No matter how many firewalls are put up or how complex passwords may be, if your employees are unknowingly giving out their credentials to strangers, your information security will never be immune to breach. A recent flash poll conducted on security professionals by Dark Reading found that the biggest social engineering threat to organizations is not a specific type of scam, but a general lack of employee awareness. Social engineering is a tactic by which intruders use psychological manipulation [ Read More ]
  • Redspin Events in September

    mmak
    29 Aug 2014 | 1:43 pm
    Redspin will be participating in several great healthcare and security conferences this September. Make sure you tune in to get useful information about IT security, policy compliance, and penetration testing! Stanford Medicine X  (Palo Alto, CA) "Practical Information and Security Risk Management for ePatients" by Redspin VP Chris Campbell September 6 @ 9:20am HIMSS Privacy and Security Forum (Boston, MA) Look for Redspin's co-exhibition with EMC September 8-9 The Summit of the Southeast [ Read More ]
  • OIG Finds NASA Web Application Security Lacking. Is it Time to Assess Yours?

    Dan Berger
    26 Jul 2014 | 5:24 am
    We may be able to send a man to the moon but we still have a long way to go before all of our web applications are sufficiently protected from hackers. [ Read More ]
  • add this feed to my.Alltop

    F-Secure Antivirus Research Weblog

  • RATs threatening democracy activists in Hong Kong

    20 Oct 2014 | 10:18 pm
    Hong Kong has been in the headlines lately thanks to the Occupy central campaign (#occupycentral, #OccupyHK) and the umbrella revolution (#umbrellarevolution, #UmbrellaMovement). DPHK, Democratic Party Hong Kong and Alliance for True Democracy (ATD) are central players in this movement. Recent development has turned this into more than a fight for democracy. The sites of these organizations were infected with malware, and that turned it into a fight for #digitalfreedom as well. Volexity has the story with all the technical details. It seems to be RATs (Remote Access Trojans) that could be…
  • Paying For Content

    20 Oct 2014 | 10:18 pm
    I remember setting up our first website. That was 20 years ago, in 1994. When the Web was very young and there were only a handful of websites, it was easy to forecast that the Web was going to grow. And indeed, during these past 20 years, it has exploded in size. What’s even more important, the Web brought normal everyday people online. Before the Web, you would only find geeks and nerds online. Now everybody is online.Back in 1994, we were guessing what would fuel the upcoming growth of the Web. For it to grow, there has to be online content—content like news or entertainment. And for…
  • One Doesn't Simply Analyze Moudoor

    20 Oct 2014 | 10:18 pm
    Today we are pleased to see an important milestone reached in a coordinated campaign against a sophisticated and well-resourced cyber espionage group. We have recently been participating in a Coordinated Malware Eradication initiative led by Novetta, in cooperation with other security vendors particularly iSight, Cisco, Volexity, Tenable, ThreatConnect, ThreatTrack Security, Microsoft and Symantec, in the aims of disrupting the operations of this particular group. Today, we are jointly releasing an improved level of coverage against the threats utilized by the group.This espionage group,…
  • Notice: Freedome v2.0.1 Issue on iOS 8

    20 Oct 2014 | 10:18 pm
    If you (like me) have an Apple device running iOS 8 and use F-Secure Freedome, please avoid updating to version 2.0.1.If you (like me) have already updated, you may see this after opening the app:Do not "Remove Old VPN configurations" — just close the app. Version 2.0.1 should work with its existing configurations.If you need to toggle Freedome on/off…Use: Settings, General, VPN. Click the info button for your configuration and toggle "Connect On Demand".You'll be limited to only the locations that you currently have installed. But the ones that you have should work based on my…
  • Bob and Alice Discover a Mac OPSEC Issue

    20 Oct 2014 | 10:18 pm
    The following is a true story. The names have been changed because the identity of those involved is none of your business.Bob uses Linux. Alice uses Mac. Bob gave Alice a file via FAT32 formatted USB drive. Alice inserted the USB drive into her Mac, copied the file, and then gave the USB drive back to Bob. Later, Bob inserted the USB drive into his Linux computer and saw Mac files. Lots and lots of Mac files. And that's typical.Anybody who has exchanged files with a Mac user knows that Mac OS X copies various "hidden" files to USB drives.Here's the interesting part…Bob was curious…
 
  • add this feed to my.Alltop

    Pcthreat.com

  • WordProser

    20 Oct 2014 | 9:42 pm
    WordProser is ad-supported software that promises to make searching and translating information easy. It is just enough to highlight the text and this program will show you Wikipedia and Bing results in an...
  • PC Optimizer Pro

    20 Oct 2014 | 9:42 pm
    Despite the best efforts of the online security industry to secure the exact opposite, many of its consumers continue to fall into the trap set by malicious rogue security tools like PC Optimizer Pro. This...
  • Qone8.com

    20 Oct 2014 | 9:42 pm
    Qone8.com is a search engine which returns search results from Google Search. The search engine is owned by Taiwan Shui Mu Chih Ching Technology Limited, and it very similar to such browser hijackers as...
  • BRApp

    20 Oct 2014 | 9:42 pm
    BRApp is a suspicious application that you might detect on your system. If you have not downloaded and installed it yourself, there is a huge possibility that it has infiltrated your system without your...
  • V9 Redirect Virus

    20 Oct 2014 | 9:42 pm
    V9 Redirect Virus is a malicious browser hijacker which infects the system while you are browsing insecure websites or when you download spam email attachments. Once the infection gets in the system, the...
  • add this feed to my.Alltop

    Threatpost | The first stop for security news

  • D.C.’s Complicated View of Cyberwar, Regulation, Liability

    Michael Mimoso
    21 Oct 2014 | 1:03 pm
    Former NSA general counsel Stewart Baker shared his insight on Washington's perceptions of cyberwar during his keynote address at the Cybersecurity Summit in Minneapolis.
  • FTC Hires Privacy Researcher Ashkan Soltani as Chief Technologist

    Dennis Fisher
    21 Oct 2014 | 10:44 am
    The FTC has hired Ashkan Soltani, a highly regarded and respected technologist and privacy researcher, as its chief technologist. The move is the latest in a string of interesting hires by the Federal Trade Commission. In 2009 the agency hired Chris Soghoian, a privacy and security researcher, as its first in-house principal technologist. Soghoian had […]
  • Staples Looking into Potential Payment Card Breach

    Chris Brook
    21 Oct 2014 | 10:08 am
    The office supply chain Staples is reportedly looking into a payment data card breach, potentially making it the latest in a long line of retail establishments to suffer a compromise over the last year.
  • Google Adds Hardware Security Key For Account Protection

    Dennis Fisher
    21 Oct 2014 | 7:18 am
    Google is introducing an improved two-factor authentication system for Gmail and its other services that uses a tiny hardware token that will only work on legitimate Google sites. The new Security Key system is meant to help defeat attacks that rely on highly plausible fake sites that are designed to capture users’ credentials. Attackers often go […]
  • Obama Executive Order Forces Chip & Pin Payment on Government

    Brian Donohue
    20 Oct 2014 | 12:59 pm
    The Obama administration has issued an executive order aimed at speeding up the adoption of chip and PIN or EMV payment systems here in the United States.
  • add this feed to my.Alltop

    VRT

  • Shellshock - Update Bash Immediately!

    Brandon Stultz
    26 Sep 2014 | 1:44 pm
    Shellshock is a serious vulnerability. Bash, arguably the most widely distributed shell on Linux systems, fails to correctly parse environment variables with function declarations. Why the fuss over environment variables? Because these variables are often set by programs that handle network data. Examples include dhcpcd which, through this vulnerability, more or less gives you a remote shell through DHCP option 114 (and potentially others) and Apache using mod_cgi or mod_cgid when CGI scripts are either written in Bash, or otherwise spawn subshells with exported data acquired from untrusted…
  • Looking Glasses with Bacon

    Mariano Graziano
    11 Sep 2014 | 10:37 am
    This is my first post on the VRT blog and I would like to introduce myself. I am Mariano Graziano, an Italian third-year Ph.D. student at the Software and Systems Security Group at Institut Eurecom in Sophia-Antipolis (France) under the supervision of professor Davide Balzarotti. My research interests are memory forensics and automated malware analysis and currently I am an intern at Cisco in the Talos Security Intelligence and Research Group under the guidance of Alain Zidouemba for the next three months. This post is not about my current project at Cisco but is about my DEF CON talk.At DEF…
  • Microsoft Update Tuesday September 2014: another generally light month but with a significant IE bulletin

    Yves Younan, PhD
    9 Sep 2014 | 10:04 am
    This month’s Microsoft Update Tuesday is pretty light save for the Internet Explorer bulletin. While there’s only a total of 4 bulletins, they cover a total of 42 CVEs. The IE bulletin, as is usual, has the most updates for bugs and is rated critical. It covers a total of 37 CVEs. The other three bulletins are rated as important and provide updates for the remaining five vulnerabilities.MS14-052 is the IE bulletin and is rated critical. It covers a total of 37 CVEs. Of these 37 CVEs, 36 are remote code execution vulnerabilities, the other one is an information disclosure vulnerability…
  • Malware Using the Registry to Store a Zeus Configuration File

    Shaun Hurley
    4 Sep 2014 | 10:00 am
    This blog was co-authored by Andrea Allievi. A few weeks ago I came across a sample that was reading from and writing a significant amount of data to the registry. Initially, it was thought that the file may be a binary, but after some analysis it was determined that the file is a configuration file for Zeus. Within this blog post we take a look at our analysis of the data I/O in the registry.Initial Stages of InfectionThe scope of this paper is the analysis of the registry write. This section is a brief overview of what happens when the malware is executed.UnpacksCreates a copy of…
  • Discovering Dynamically Loaded API in Visual Basic Binaries

    Angel M. Villegas
    20 Aug 2014 | 7:30 am
    Performing analysis on a Visual Basic (VB) script, or when Visual Basic is paired with the .NET Framework, becomes an exercise of source code analysis. Unfortunately when Visual Basic is compiled to a Windows Portable Executable (PE) file it can become a nightmare for many malware analysts and reverse engineers.Why is it used by malware?Visual Basic binaries have a reputation for making an analysts job difficult due to the many aspects of its compilation that differ from standard C/C++ binaries. To analyze a VB PE binary it helps to be familiar with the VB scripting syntax and semantics since…
 
  • add this feed to my.Alltop

    NSS Labs

  • Add a Dash of Cloud for a More Robust Security Infrastructure

    14 Oct 2014 | 12:00 am
    As the hype around cloud computing settles, and as organizations begin to evaluate solutions, the ability of security as a service (SaaS) solutions to improve security infrastructure becomes apparent.
  • All’s Well That Ends Well

    9 Oct 2014 | 12:00 am
    In my previous blog about the Palo Alto Networks results in our recent NGFW test I expressed the hope that “Palo Alto Network executives will take this issue seriously and move quickly to protect their customers."
  • Seriously?

    1 Oct 2014 | 12:00 am
    We don’t follow up every NSS Labs test with a blog response to a vendor, but after the fun and games following our recent BDS test, we find ourselves in a similar position. This time it is Palo Alto Networks blogging about our NGFW group test, the results of which were published last week and can be found here.
  • Web Application Firewalls: Not just for PCI anymore

    30 Sep 2014 | 12:00 am
    Unlike most security technologies that attempt to identify a broad range of bad traffic by means of traditional detection methods, a web application firewall (WAF) is like a finely honed sword designed for a singular purpose: monitoring HTTP traffic between clients and web-servers. The payment card industry (PCI) accelerated the development of the WAF market since it provided a tangibly financial application of this technology. This made WAF a must-have in the arsenal of weapons for many of today’s security administrators.
  • Some systems getting BASHed, but the sky isn’t falling

    29 Sep 2014 | 12:00 am
    It has been barely 6 months since the Heartbleed vulnerability was revealed, but just as the global security community has recovered from this vulnerability, one that is more prevalent – and potentially far more damaging – has emerged. The Shellshock vulnerability exploits a weakness in the Bourne Again SHell (BASH) that is native to (and often the default for) many Unix derivatives across the globe. While the extent of the damage has yet to be determined, it is highly likely that any services running on a Unix distribution are exposed.
  • add this feed to my.Alltop

    VRT

  • Shellshock - Update Bash Immediately!

    Brandon Stultz
    26 Sep 2014 | 1:44 pm
    Shellshock is a serious vulnerability. Bash, arguably the most widely distributed shell on Linux systems, fails to correctly parse environment variables with function declarations. Why the fuss over environment variables? Because these variables are often set by programs that handle network data. Examples include dhcpcd which, through this vulnerability, more or less gives you a remote shell through DHCP option 114 (and potentially others) and Apache using mod_cgi or mod_cgid when CGI scripts are either written in Bash, or otherwise spawn subshells with exported data acquired from untrusted…
  • Looking Glasses with Bacon

    Mariano Graziano
    11 Sep 2014 | 10:37 am
    This is my first post on the VRT blog and I would like to introduce myself. I am Mariano Graziano, an Italian third-year Ph.D. student at the Software and Systems Security Group at Institut Eurecom in Sophia-Antipolis (France) under the supervision of professor Davide Balzarotti. My research interests are memory forensics and automated malware analysis and currently I am an intern at Cisco in the Talos Security Intelligence and Research Group under the guidance of Alain Zidouemba for the next three months. This post is not about my current project at Cisco but is about my DEF CON talk.At DEF…
  • Microsoft Update Tuesday September 2014: another generally light month but with a significant IE bulletin

    Yves Younan, PhD
    9 Sep 2014 | 10:04 am
    This month’s Microsoft Update Tuesday is pretty light save for the Internet Explorer bulletin. While there’s only a total of 4 bulletins, they cover a total of 42 CVEs. The IE bulletin, as is usual, has the most updates for bugs and is rated critical. It covers a total of 37 CVEs. The other three bulletins are rated as important and provide updates for the remaining five vulnerabilities.MS14-052 is the IE bulletin and is rated critical. It covers a total of 37 CVEs. Of these 37 CVEs, 36 are remote code execution vulnerabilities, the other one is an information disclosure vulnerability…
  • Malware Using the Registry to Store a Zeus Configuration File

    Shaun Hurley
    4 Sep 2014 | 10:00 am
    This blog was co-authored by Andrea Allievi. A few weeks ago I came across a sample that was reading from and writing a significant amount of data to the registry. Initially, it was thought that the file may be a binary, but after some analysis it was determined that the file is a configuration file for Zeus. Within this blog post we take a look at our analysis of the data I/O in the registry.Initial Stages of InfectionThe scope of this paper is the analysis of the registry write. This section is a brief overview of what happens when the malware is executed.UnpacksCreates a copy of…
  • Discovering Dynamically Loaded API in Visual Basic Binaries

    Angel M. Villegas
    20 Aug 2014 | 7:30 am
    Performing analysis on a Visual Basic (VB) script, or when Visual Basic is paired with the .NET Framework, becomes an exercise of source code analysis. Unfortunately when Visual Basic is compiled to a Windows Portable Executable (PE) file it can become a nightmare for many malware analysts and reverse engineers.Why is it used by malware?Visual Basic binaries have a reputation for making an analysts job difficult due to the many aspects of its compilation that differ from standard C/C++ binaries. To analyze a VB PE binary it helps to be familiar with the VB scripting syntax and semantics since…
  • add this feed to my.Alltop

    Private WiFi

  • Q&A: Founder of ‘Savvy Cyber Kids’ on Cybersecurity Best Practices

    Elaine Rigoli
    21 Oct 2014 | 1:55 am
    Technology is a part of our lives but it should not take over our lives – or ever compromise our children’s online safety. Because October is National Cyber Security Awareness Month (NCSAM), and in part to raise public awareness of the dangers of identity theft, we recently chatted with author and technology guru Ben Halpert. Although his day job is in the security and privacy fields, several years ago he launched Savvy Cyber Kids, a nonprofit to help keep children safer online. Last year Savvy Cyber Kids joined the U.S. Department of Homeland Security’s STOP.THINK.CONNECT.. campaign's…
  • WiFi Footprint: Personal VPNs Endorsed as WiFi Hotspots and Autoconnect Functionality Proliferate

    Alok Kapur
    14 Oct 2014 | 2:53 am
    "WiFi footprint" is a simple term for a complex issue: the exploding pace of WiFi hotspot creation is not abating and soon a roamable, global alternative network will become our reality. According to Marcio Avillez, vice president of network services at a company called iPass, organizations ranging from platform players to independent coffee shops see opportunities in making WiFi available, while major telecoms operators are investing heavily in WiFi rollouts. "The proliferation of devices, especially tablets, the majority of which are WiFi only, has increased users' appetites for WiFi. These…
  • University of Maryland Professors to Study WiFi Hotspot Behavior

    Jared Howe
    13 Oct 2014 | 1:00 am
    Two University of Maryland professors, David Maimon, an expert in online criminal behavior, and Jonathan Katz, the Maryland Cybersecurity Center director, recently received a $200,000 grant from the National Science Foundation to study how people access and use public WiFi hotspots. The duo plans on visiting more than 100 locations that offer public WiFi hotspots, from coffee shops to libraries, and then study user behavior at each location, such as what websites users are visiting and what data they are exposing over the network. Other study variables include the time of day users tend to…
  • Experian Survey: We Understand WiFi Dangers but Don’t Protect Ourselves from Identity Theft

    Jared Howe
    6 Oct 2014 | 10:43 am
    October is National Cyber Security Awareness Month, and in part to raise public awareness of the dangers of identity theft, Experian, a global information services company, has published a new survey regarding U.S. attitudes toward this serious problem. The survey results demonstrate that while many of us are concerned about identity theft and other issues related to unsecure public WiFi hotspots, few of us are taking steps to actually protect ourselves. What the Survey Revealed Experian’s survey revealed some interesting facts regarding our attitudes to protecting ourselves from online…
  • NCSAM 2014: PRIVATE WiFi Champions the Cause of Cybersecurity

    Elaine Rigoli
    1 Oct 2014 | 1:00 am
    Did you know that free WiFi is likely coming soon to a Coke vending machine near you? WiFi hotspots are ubiquitous – we can hop online easily at our schools, libraries, gyms, and of course at hotels and airports. While convenient, the truth about WiFi is simply frightening: it is not secure and anyone can listen in on your activity and potentially hack you. So while we may not have WiFi-enabled vending machines in the United States (yet), it is important that we raise awareness about the security threats. Today we do that by celebrating the launch of National Cyber Security Awareness Month…
 
  • add this feed to my.Alltop

    Pivot Point Security

  • Are Your Calls Being Intercepted? More on Rogue Cell Phone Towers

    Robert Oliver
    21 Oct 2014 | 4:00 am
    Recently we blogged about rogue cell towers (also called IMSI catchers, stingrays or GSM interceptors) and the potential risk they pose of intercepting cell phone calls. An ongoing investigation into the proliferation of these devices has found rogue cell phone towers all over the Washington, DC area—including near the White House, the US Capitol and the Supreme Court. Researchers and information security specialists are concerned that the towers discovered so far might be only the tip of the iceberg. The systems are designed to be portable and can be operated from a vehicle or moved around…
  • Include Domain Name Ransom or Cybersquatting in Your ISO 27001 Risk Assessment

    John
    14 Oct 2014 | 4:00 am
    ISO 27001 works great—assuming that you are great at risk assessment.  If you miss a risk, you may be vulnerable, and unfortunately some risks are often not fully considered. One such risk is Domain Name Ransom, aka cybersquatting. This topic is on my mind because I had an interesting call today with a potential client who reached out to us because his organization was being held “ransom” over a like domain name. It’s one of those risks that too few organizations consider. For illustrative purposes, say we’re talking about a professional services firm named “Platt & Verry”…
  • Has Your Business Correctly Assessed Its Information Security Risks?

    Andrew Shumate
    9 Oct 2014 | 4:00 am
    Risk is all about perception. We often make decisions about how to stay safe based on the perception of risk rather than on the actual risk. For example, people perceive far more risk around earthquakes than they do around slipping on the bathroom floor, although in most places on earth you’re hundreds of times more likely to die from the latter cause. When it comes to information security risk assessment, this aspect of human nature can lead to a false sense of confidence. That is, the perceived effectiveness of information security investments often differs from the actual security they…
  • When To Encrypt Data

    Bhaumik Shah
    23 Sep 2014 | 4:00 am
    A major mistake some organizations make is to consider data encryption as the solution for all their information security needs. “ENCRYPT EVERYTHING!!” is not a best-practice approach—not only is it impractical, but also it cannot eliminate all the risks to a company’s sensitive data. When is it appropriate to encrypt data? Anytime you want to reduce confidentiality risk. This basic maxim is applicable across a wide range of potential situations, especially these three: Encrypt data in motion. Encrypt data anytime it moves from one point to another, whether it’s within your…
  • How to Keep Mobile Communications Safe from Rogue Cell Phone Towers

    Robert Oliver
    9 Sep 2014 | 8:46 am
    From a risk management perspective, the increasingly inventive approaches taken by cyber criminals, foreign agencies, and business competitors to compromise information security place an organization’s data at escalating levels of risk. In particular, as more businesses adapt to a mobile workforce and institute Bring Your Own Device (BYOD) policies, significant questions arise about the security of mobile communications and the suitability of certain options. New mobile attack vectors make the news all the time. But a recent news clip in Forbes about the proliferation of rogue cell phone…
  • add this feed to my.Alltop

    HOTforSecurity

  • China Accused of Spying on Apple Users

    Alexandra Gheorghe
    21 Oct 2014 | 8:32 am
    Apple is the alleged victim of a man-in-the-middle attack organized by Chinese-hackers to capture users’ credentials, according to Chinese web monitor GreatFire.org. After similar attacks against Github, Google, Yahoo and Microsoft, it seems Chinese hackers tried to get access to usernames and passwords as well as other data stored on iCloud such as iMessages, photos and contacts. The Great Firewall of China used self-signed SSL certificates to intercept communications. Apparently only one IP address was attacked, therefore “not all users in China are affected because the iCloud DNS…
  • New Scareware Campaign Tricks Users with Fake Antivirus

    Alexandra Gheorghe
    21 Oct 2014 | 6:56 am
    A new type of scareware advertisement tricks users into believing their systems are infected and need expert help to remove the malware, Bitdefender warns. The malware-spreading mechanism is quite simple: the fake AV ads pop up unexpectedly when browsing the web, after the user’s computer has been previously infected with adware. Malicious ads usually enter the system under the form of an innocent-looking browser extension or application which installs itself when downloading free programs such as games, system optimizers, file converters, and others. The fake messages are very alarming and…
  • CaLLSTaCK Hacker Breaches 19 HostGator Servers Amid Hong Kong Protests

    Lucian Ciolacu
    21 Oct 2014 | 6:18 am
    The hacker going by the moniker of CaLLSTaCK has announced the breach of 19 HostGator servers amid Hong Kong Protests and in connection with the #OpHongKong Anonymous campaign, according to Security Affairs. HostGator hosts today over 9 million domains and is one of the most popular hosting service. “We have taken control of name-servers and employing measures for domain hijacking,” CaLLSTaCK said via an email for Security Affairs. “All of this will take place on November 5th during the Million Mask March.” CaLLSTaCK, also known as Alex Poucher, gained access to 19 servers and…
  • US Moving to Safer Payment Systems, Obama Says

    Alexandra Gheorghe
    20 Oct 2014 | 7:16 am
    “BuySecure”- a new initiative advocated by the US Presidency – will accelerate the adoption of EMV technology in US cards, thus, leading the way to safer payment transactions, according to an official White House announcement. 100 million Americans were affected by data breaches last year, the White House said. Driven by “America’s fastest-growing crime”, the President signed an Executive Order meant to strengthen security of credit, debit, and other type of payment cards by replacing outdated magnetic strip cards with EMV microchip technology. The White House also said that…
  • Facebook Designs Stolen Credentials Parsing System

    Lucian Ciolacu
    20 Oct 2014 | 6:45 am
    Facebook has built an automated system designed to analyze data from online published credential leaks, according to their announcement. Facebook users are going to be prompted if their usernames and passwords match the ones leaked online. This measure is going to protect users who have been compromised in third-party data breaches and have the same credentials on Facebook. The primary source seems to be Pastebin and other online repositories, as for the information, the process is completely automated and “doesn’t require us (Facebook) to know or store your actual Facebook…
 
  • add this feed to my.Alltop

    Video Surveillance

  • Another Unique Application for Video Surveillance: Counting Pedestrians

    17 Oct 2014 | 8:37 am
    New York City is leveraging its existing security camera system to the fullest by counting the number of footsteps of pedestrians in areas with the highest number of commuters. The city believes that the data, recorded by the surveillance cameras already installed in strategic locations, will give law enforcement and government officials valuable information to help curtail urban problems Some of these problems, among others, include public safety and trash collection. Watch the video below to learn more about the new citywide project:
  • Learn About Frame Rate and Shutter Speed with Axis

    16 Oct 2014 | 1:14 pm
    Do you know what the difference is between a camera's frame rate and its shutter speed? These settings are important to getting clear, steady videos and Axis is here to help you learn! Frame rate is the number of frames, or images, a camera captures per second. Shutter speed determines how much, or how little, light is let into the camera. Watch this 60-second video from Axis to learn more:
  • Suspects Accused of Stealing Valuable Office Equipment from Three Businesses

    9 Oct 2014 | 9:20 am
    It doesn't matter if you own or operate a retail business; regular office buildings and suites are also prime targets for thieves. According to a recent news report by ABC7news.com, three businesses in Fremont, California (Black Magic Design, Mac House Productions, and Core Microsystems) had hundreds of thousands of dollars of office equipment stolen by a group of suspects. Law enforcement claims that these were savvy thieves with experience in this type of theft by acting fast and knowledgeable in what they were doing. The good news is that Mac Productions' video surveillance cameras…
  • Learn About the Long-Distance Power of Wireless Surveillance

    1 Oct 2014 | 5:21 pm
    Whether you're securing a large college campus on need to keep an eye on remote buildings on your property, wireless surveillance systems make it easy to connect cameras over long distances. Using a system of wireless antennas and base stations, your system will send and receive data for up to 10 miles. To help you better understand this powerful technology and its uses, VideoSurveillance.com has released a new guide to wireless video surveillance. This guide covers how the systems work, what surveillance situations are ideal candidates for wireless systems, and how your business can benefit.
  • New HD Onboard Surveillance

    10 Sep 2014 | 4:26 pm
    Onboard recording is becoming a popular security measure by recording video evidence of altercations between passengers on public transportation, driver misconduct, and even police activity when pulling over cars. When it comes to onboard surveillance, there are a few key features to look for: HD quality, a protective housing, and audio recording. With 720p HD resolution, the Axis P3904-R M12 camera can record clear, detailed surveillance video. Ideal for use on city busses, subway trains, and cars, this camera comes with a rugged M12 connector to ensure that the bumps and shocks of driving…
  • add this feed to my.Alltop

    Infosec Communicator »

  • Shockproofing Your Use of Social Media eBook available!

    bwadmin
    17 Oct 2014 | 8:25 am
    My Shockproofing Your Use of Social Media: 10 Things You Should Know eBook is now available on Kindle! For those of you who have attended one of my Lightning Talks about Internet Safety, this book fleshes out my recommendations for … Continue reading →
  • The Secure Communicator

    bwadmin
    17 Aug 2014 | 1:39 pm
    I had the pleasure of discussing information security best practices for technical communicators through an STC webinar. Here’s the presentation: … Continue reading →
  • Updated Shock-proofing your Use of Social Media Presentation

    bwadmin
    15 Aug 2014 | 11:08 am
    I’ve updated my Shock-proofing your Use of Social Media presentation for the Fall 2014 New Student Orientation program at the Rochester Institute of Technology. I’ve changed the passphrase example, added a new cartoon, and generally worked to make the presentation … Continue reading →
  • A Techcomm Bestiary, Summit14 edition

    bwadmin
    7 May 2014 | 12:23 pm
    I’ve changed out one slide from the Spectrum14 presentation. Looking forward to presenting this to a crowd at the STC Summit in Phoenix. … Continue reading →
  • A Techcomm Bestiary, Spectrum 2014

    bwadmin
    21 Apr 2014 | 2:38 pm
    I thought this came together pretty well and I had a great time presenting my first revision of A Techcomm Bestiary at STC Rochester’s Spectrum 2014. I may make a couple of slide changes before the STC Summit, but this … Continue reading →
  • add this feed to my.Alltop

    Dice News » Security

  • Is an Ethical Hacking Certification Worth Earning?

    Myra Thomas
    25 Sep 2014 | 9:53 am
    It seems like every other month that a major corporation suffers an epic hack, with millions of customers’ data stolen. In the aftermath of those attacks, many companies are turning to ethical or “white hat” hackers to test their defenses. But is ethical hacking an effective counter to unethical hacking, especially when those who practice the latter can do pretty much whatever they want with a wide variety of tools? Ethical hacking’s cause isn’t helped by the fact that the EC-Council, the Albuquerque, New Mexico-based organization that offers a certification in ethical hacking, was…
  • Is Cyber-Liability Insurance Worth the Cost?

    Myra Thomas
    25 Sep 2014 | 8:06 am
    A growing number of companies ask vendors to buy cyber-liability insurance—and for a tech startup or an independent IT consultant, that cost can put a real dent in the bottom line. Cyber-liability insurance might include coverage for losses related to denial-of-service attacks, threats to intellectual property, business interruption, cyber extortion, and a variety of security breaches. An advisor such as an attorney or insurance agent can help firms properly assess the type and amount of cyber-liability insurance they might need, according to Veronica Somarriba, senior vice president and…
  • Can Defense Companies Hire Hackers on Their Terms?

    Mark Feffer
    13 Aug 2014 | 7:15 am
    Big-name aerospace and defense contractors like Boeing, Raytheon and Northrop Grumman are beginning to think that one answer to their cybersecurity recruiting needs  lies in the hacker community. After all, if you want to combat attacks from people who think out of the box, why not hire people who think out of the box? It’s ironic because all of these companies are known for being somewhat conservative—they work for the Defense Department, after all, and security to them is a high-stakes thing. The idea of recruiting from the ranks of the somewhat anarchic hacker community might seem…
  • IT Security Pros: Are You Worth a Million Dollars a Month?

    Nick Kolakowski
    30 Jul 2014 | 6:05 am
    Keith Alexander, former director of the National Security Agency (NSA), has decided to make money in retirement—a whole lot of money. According to reports, he wants corporations to pay him up to a million dollars a month for his IT security expertise. Alexander insists that he’s providing value for the money, in the form of proprietary technology that he claims will detect hackers who infiltrate corporate networks to steal everything from credit-card numbers to proprietary data. In a recent interview with Foreign Policy, he said that he and his business partners would file patents on the…
  • Internet of Things Increases Need for Security Pros

    Susan Hall
    21 Jul 2014 | 8:56 am
    The sheer number of “things” to be secured in the Internet of Things is expected to create a rash of jobs in cybersecurity over the next several years. “You’re going to have to secure the device or the sensor, you need to secure the data, and you’re going to have to secure that across an open network,” Intel’s head of business marketing, Stuart Dommett, told an IoT roundtable in May. “It really is a massive, massive change.” Click here to find cybersecurity jobs. Intel has argued previously that the IoT, which is expected to see 26 billion connected devices by 2020,…
 
  • add this feed to my.Alltop

    Seculert Blog on Advanced Threats and Cyber Security

  • Home Depot Hackers Already Draining Victims’ Accounts

    Liora R. Herman
    14 Oct 2014 | 11:00 pm
    The Wall Street Journal has reported that the hackers who’ve gotten their digital hands on payment card data from as many as 56 million Home Depot customers in the United States and Canada have already started draining the victims’ bank accounts, and purchasing electronics, prepaid cards (a.k.a. gift cards), and even groceries with their stolen […] The post Home Depot Hackers Already Draining Victims’ Accounts appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Backoff PoS Malware Victim Count Could Far Exceed 1000

    Liora R. Herman
    14 Oct 2014 | 5:02 am
    Kaspersky Labs is reporting that the number of victims infected by the notorious Backoff PoS malware could far exceed the approximately 1,000 estimated by officials from the US Department of Homeland Security and Secret Service. The revised damage projection is based on an analysis of intercepted traffic between infected systems and two Backoff command and […] The post Backoff PoS Malware Victim Count Could Far Exceed 1000 appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Goodwill Industries’ Security Breach- Undetected for 18 Months

    Liora R. Herman
    13 Oct 2014 | 5:00 am
    We previously wrote about a possible security breach affecting Goodwill Industries’ credit and debit card customers in 21 States; a breach that the company later confirmed and blamed on an unnamed third-party PoS vendor. Now, after obtaining some internal documents (ironically) meant to help individual Goodwill stores handle media inquiries, Brian Krebs – who broke […] The post Goodwill Industries’ Security Breach- Undetected for 18 Months appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Remotely Exploitable Vulnerability on the Loose

    Liora R. Herman
    8 Oct 2014 | 4:26 am
    A remotely exploitable vulnerability in GNU Bash dubbed “Shellshock” is on the loose, and targeting Debian and Linux distributions. Key details for CVE-2014-6271 uncovered by Akamai include: The vulnerability has existed for some time The vulnerability is exposed in SSH to authenticated sessions Key attack vectors identified so far include HTTP requests and CGI scripts, […] The post Remotely Exploitable Vulnerability on the Loose appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Malware Abuses Virtual Machines

    Liora R. Herman
    24 Sep 2014 | 1:31 am
    As reported by Jeremy Kirk of IDG News Service, Symantec researchers have identified a rather unexpected – yet effective — new tactic that bad actors are using to avoid detection when infecting virtual machines with malware: shutting up. In the past, malware that found itself in a virtual machine operational environment typically fled for the […] The post Malware Abuses Virtual Machines appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • add this feed to my.Alltop

    Managed File Transfer and Network Solutions

  • Securing Trading Partner File Transfers w/ Auto PGP Encryption & FTPS

    John Carl Villanueva
    18 Oct 2014 | 8:50 am
    Overview PGP encryption can add another layer of protection to a trading partner file transfer already secured by FTPS. It can also provide data-at-rest encryption as soon as the file arrives at the other end. In this post, we'll show you how to set up a fully automated file transfer secured by OpenPGP and FTPS using JSCAPE MFT Server triggers.   What we'd like to do     Does that look like something you could use? Here are the steps to achieve that.   1. Import your trading partner's PGP public key   Before you can PGP encrypt a file which your trading…
  • How To Set Up A HTTPS File Transfer

    John Carl Villanueva
    8 Oct 2014 | 12:26 pm
    Overview In this post, you'll learn how to set up a HTTPS file transfer. We'll begin with a "quickstart", where you'll use the default settings in order to get a HTTPS file transfer service up and running with just a few clicks. After that, we'll tackle some of the more advanced settings so you can choose your desired set of SSL/TLS cipher suites and server key. Your choice of cipher suites and keys will have an effect on the security of your HTTPS service and its compatibility with your users' web browsers.  Note: The HTTPS or HTTP Secure protocol is defined in RFC 2818, so if you…
  • Business Benefits of An SFTP Server

    John Carl Villanueva
    1 Oct 2014 | 12:48 pm
    Overview In today's data-driven world, the accuracy, integrity, speed, confidentiality, and availability of data matters a lot to businesses. That's why it's imperative for file transfer systems to be capable of meeting the highest standards in regards to those aforementioned qualities. In this post, we examine the typical SFTP server and point out what kind of benefits you'll get from it as a method for delivering business critical data.       1. Boosts speed and efficiency of business processes   SFTP servers can easily support large file transfers as well as bulk…
  • Setting SFTP Algorithms On Your SFTP Server

    John Carl Villanueva
    27 Sep 2014 | 12:43 am
    Overview In this post, we'll talk about the algorithms included in a typical SFTP server and explain their basic functions. We'll cover algorithms for key exchanges, ciphers, MACs, and compressions. After that, we'll dive into the JSCAPE MFT Server Manager Web GUI and show you where you can configure those SFTP algorithms there. Having a basic understanding of these algorithms and knowing where to configure them will enable you to strengthen your SFTP server's security or troubleshoot certain client connection issues.   What we'd like to do     Key exchanges,…
  • How To Set Up An SFTP Reverse Proxy

    John Carl Villanueva
    25 Sep 2014 | 12:11 am
    Overview An SFTP reverse proxy adds another layer of security to SFTP services. In addition to SFTP's ability to encrypt data in transit and provide 2-factor authentication, an SFTP reverse proxy brings in several other security-related benefits such as hiding user credentials and the identities of your internal servers. An SFTP reverse proxy can be easy to set up and this post will show you how.   What we'd like to do   How to do it   Believe it or not, assuming you already have an SFTP server running in the background, you'll only need 3 simple steps to set up an SFTP reverse…
  • add this feed to my.Alltop

    Radware Blog

  • Les Assises 2014 Conference Takeaways, Building a Yellow Brick Road in France

    Carl Herberger
    20 Oct 2014 | 9:18 am
    Recently, I had the good fortune to be invited to present the keynote speech at the 2014 Les Assises Security Conference held in the beautiful city state of Monaco. Les Assises is the largest information-security gathering in France and year-in and year-out it proves to be not only a huge information sharing opportunity, but also a time of self-reflection and strategy affirmation for the thousands of security executives that attend. The conference was brimming with a bursting-at-the-seams attendance and a full dance-card of top notch speakers and engaging topics to review.  I learned a lot…
  • CVE 2014-3566 POODLE: A New Vulnerability

    radware
    16 Oct 2014 | 7:33 am
    Radware’s Emergency Response Team (ERT) is reporting a new vulnerability published under CVE 2014-3566 named POODLE (Padding Oracle on Downgraded Legacy Encryption). This SSLv3 POODLE vulnerability can force a client to negotiate SSLv3 instead of TLS and then carry out BEAST (Browser Exploit Against SSL/TLS) attacks to obtain information from an encrypted stream. What Have We Learned? Unlike previous vulnerabilities we’ve seen this past year that allowed a hacker to access a server (Heartbleed and Shellshock), this new vulnerability targets clients. POODLE affects SSLv3, which…
  • REPORT: State of the Union for Ecommerce Page Speed & Web Performance [Fall 2014]

    Tammy Everts
    14 Oct 2014 | 4:08 am
    Cyber Monday is just around the corner, and early predictions point to holiday ecommerce sales hitting an all-time record of $72 billion. But retailers know that competition for this ecommerce spend will also be at an all-time high. Many will leverage aggressive strategies, ranging from rich visuals to geo-targeting campaigns, to earn their share of the holiday retail pie. These strategies, however, can come with a significant performance price tags, making pages slow to render — and ultimately driving away consumers. Today at Radware, we’ve released our latest research into the…
  • REPORT: 2014 State of the Union for Mobile Ecommerce Performance

    Tammy Everts
    14 Oct 2014 | 4:07 am
    Mobile used to take the backseat to desktop, but in 2014 this is no longer the case. One out of four people worldwide own a smartphone, and at least 55% of all time spent on retail sites takes place on mobile devices. These numbers are why we’ve decided to release our annual state of the union for mobile web performance on the same day as our quarterly desktop state of the union. In this post, I’ll walk through a high-level summary of our key findings, including statistics around mobile load times, website fragmentation across devices, and mobile performance challenges. Today, 90%…
  • Tsunami SYN Flood Attack – A New Trend in DDoS Attacks?

    radware
    8 Oct 2014 | 7:36 am
    Over the past week Radware’s Emergency Response Team (ERT) detected a new type of SYN flood which is believed to be specially designed to overcome most of today’s security defenses with a TCP-based volume attack. Within a 48-hour period two different targets in two different continents were targeted with this new technique and have experienced very high attack volumes. As a background, a normal SYN packet is characterized with about 40-60 bytes per packet.  The new attack type departs from the typical make up of a SYN packet by transmitting very large packet sizes which…
 
  • add this feed to my.Alltop

    pfSense Setup HQ

  • Bandwidth Monitoring with BandwidthD

    maximumdx
    20 Oct 2014 | 2:00 pm
    Configuring BandwithD in pfSense 2.1.5. BandwidthD tracks usage of TCP/IP subnets and builds HTML files with graphs to display utilization. Charts are built for individual IP addresses, and by default display utilization over 2 day, 8 day, 40 day, and 400 day periods. Furthermore, each IP address’s utilization can be logged at intervals of 3.3 minutes, 10 minutes, 1 hour or 12 hours in CDF format, or to a backend database server. HTTP, TCP, UDP, ICMP, VPN, and P2P traffic are color-coded. BandwidthD can produce output in two ways. The first is as a standalone application that produces…
  • Data Link Layer Advertising with ladvd

    maximumdx
    14 Oct 2014 | 2:00 pm
    Configuring ladvd under pfSense 2.1.5. ladvd sends LLDP (Link Layer Discovery Protocol) advertisements on all available interfaces. This makes connected hosts visible on managed switches. By default, it will run as a privilege-separated daemon. In addition to LLDP, ladvd also supports the following protocols: Cisco Discovery Protocol (CDP): This is a proprietary Data Link Layer protocol developed by Cisco Systems. It is used to share information about other directly connected Cisco equipment, such as the operating system version and IP address. It can also be used for On-Demand Routing, which…
  • ModSecurity: Part Two

    maximumdx
    11 Oct 2014 | 4:00 pm
    Configuring site proxies in ModSecurity under pfSense 2.1.5. In the previous article, we covered installation of ModSecurity and began configuration. In this article, we continue our look at configuration. We had covered the first five settings on the “Proxy Server Settings” tab. The next setting, the “Use mod_mem_cache” checkbox, enables mod_mem_cache, which stores cached documents in memory. In the next edit box, “mod_mem_cache memory usage”, you can set the memory usage in megabytes. The next setting, the “Use mod_disk_cache” checkbox,…
  • ModSecurity: Part One

    maximumdx
    6 Oct 2014 | 2:00 pm
    Configuring settings in ModSecurity under pfSense 2.1.5. ModSecurity is a open source toolkit for real-time web application monitoring, logging, and access control. It supplies an array of request filtering and other security features to the Apache HTTP Server, IIS, and NGINX. Its capabilities, among other things, include the following: ModSecurity gives you access to the HTTP traffic stream, in real-time, along with the ability to inspect it. This allows you to do real-time security monitoring. ModSecurity also enables you to track system elements over time and perform event correlation.
  • September 2014 Amazon Affiliate Purchases

    admin
    6 Oct 2014 | 9:00 am
    Here are some of the products readers purchased through my Amazon affiliate links during the month of September 2014: EnGenius Technologies Long-Range Wireless-N Indoor AP/Bridge (ECB300) Mikrotik RB951-2N Wireless Router 802.11b/g/n NZXT Technologies Sentry 3 5.4-Inch Touch Screen Fan Controller Cooling AC-SEN-3-B1 Oriental Furniture Modern Furniture, 6-Feet Helsinki Fabric Japanese Privacy Screen Room Divider, 4 Panel Honey Disney Infinity Power Disc Complete Series 1 Set of 20 Your purchases through this site’s Amazon affiliate links help keep the lights on at pfsensesetup.com. And…
  • add this feed to my.Alltop

    Tips4Tech Blog

  • Top 10 Tips to Share with Employees During Cyber Security Awareness Month (#NCSAM)

    Allan Pratt
    9 Oct 2014 | 7:28 pm
    There is no dispute that data breaches are becoming more common, and as a result, online safety and the protection of personally identifiable information (PII) are hot topics in the mainstream media. Therefore, the month of October presents an excellent opportunity for all businesses, especially midsize businesses, to remind employees about their responsibilities when it comes to protecting corporate data. Here are my top ten tips to share with employees during Cyber Security Awareness Month: [1] Complex Passwords All passwords should be at least 10 characters and include lower and upper case…
  • Are You Integrating Security into Your Celebration of #CXDay?

    Allan Pratt
    1 Oct 2014 | 7:47 pm
    Is the first Tuesday of October marked as a special date on your calendar? If not, the significance around social channels will alert you to this hashtag. The second Tuesday in October is #CXDay, and according to Annette Franz (@CXJourney on Twitter), “It’s a celebration of customer experience professionals, those folks who work tirelessly to design and deliver a great customer experience to their customers. The day is meant to continue to raise awareness of the importance of the customer experience.” My grad school studies were in marketing, so while my professional focus…
  • Don’t Forget Security When It Comes to E-Waste

    Allan Pratt
    24 Sep 2014 | 7:43 pm
    With school back in session and Halloween just around the corner, the December holidays will soon be here. And with December holidays quickly approaching, it’s time to start dreaming about all the new technology purchases on your holiday shopping list. But as you dream, what will you do with all your current devices? As you wonder where you’ll take your outdated smartphones, tablets, and desktops, either conduct a Google search for your nearest e-waste drop-off location or use a convenient app on your smartphone to find a location. But, whatever you do, take security precautions.
  • Don’t Forget Security When Developing Corporate Mobile Apps

    Allan Pratt
    9 Sep 2014 | 8:28 pm
    With the rise in mobile device usage, bring your own devices to work (BYOD), the Internet of Things (IoT), combined with the decline of personal computers, many corporate leaders believe that their businesses should develop a mobile application, or in tech lingo, an app. An Appcelerator survey of enterprise leaders released in January 2013 reported that 73% of enterprises built fewer than five applications, and 39% built none or just one. (1) (2) But does your business really need an app to be competitive, or do you simply want to be able to SAY you have one? Will an app fill a critical hole…
  • Privacy, Security and Voice Search: Does Your Company Know What It’s Getting Into?

    Allan Pratt
    22 Aug 2014 | 7:09 pm
    These days, everyone is using the voice search function across all platforms on all devices. Look no further than an iPhone to an Android phone to the Windows tablet, and you’ll see most people speaking questions instead of typing them. Without a doubt, it’s much easier to speak a request or question rather than typing it on a small keyboard. But do you know the reason that your device gets more accurate? The reason is because all of your voice commands are stored on servers that are owned by Microsoft, Apple or Google. As you speak, those servers are accessed and an algorithm is used…
  • add this feed to my.Alltop

    Milton Security

  • Staples Investigating Potential Breach

    Milton Security Group
    21 Oct 2014 | 9:24 am
    Staples, a popular office supply chain, announced Monday afternoon that it would join the hoards of companies that would be accepting Apple Pay. Unfortunately, they had to follow that up mere hours later with the announcement that they are investigating a potential data breach involving customer credit card data. Has Staples gone the way of Target, Home Depot, and Kmart? It certainly sounds that way. Security reporter, Brian Krebs, wrote that multiple banks had been reporting signs of credit card fraud, and that those signs were pointing to a Staples breach. According to Krebs, the customer…
  • Patch Released for Drupal SQL Injection Vulnerability

    Bethany Nolan
    16 Oct 2014 | 9:36 am
    Are you running Drupal version 7? If so, it is time to upgrade! Sektion Eins, a German PHP security firm has discovered a SQL injection flaw in Drupal, an open source content management system, version 7.   SQL, or Structured Query Language, is a programming language designed for requesting data in a relational database management system, or a relational data stream management system. A SQL injection is a malicious attack that involves inserting SQL queries in to an entry field for execution, giving the attacker the ability to pull any information out of a database that they wish to. A SQL…
  • Details of new SSL 3.0 Vulnerability, POODLE, Released

    Milton Security Group
    14 Oct 2014 | 4:20 pm
    The long rumored SSL vulnerability has finally been made public. For weeks, we’ve been hearing about the possibility that there may be another bug like Heartbleed. The question has always been, “How bad?” Then yesterday rumors swirled that it was so bad that it was being kept under wraps until a patch could be released. Today, Google published the details of a vulnerability, dubbed “The POODLE Bug” (Padding Oracle On Downgraded Legacy Encryption), that they found in the Secure Sockets Layer (SSL) version 3.0 web encryption protocol. The vulnerability may be 15 years old, but it is…
  • Oregon’s Employment Department Discovers Security Vulnerability

    Bethany Nolan
    14 Oct 2014 | 9:59 am
    The Oregon Employment Department(OED) has announced that a security vulnerability on the agency’s website may have exposed information on over 850,000 individuals who registered for job search help and other services. The Employment Department identified and stopped the security vulnerability found in the WorkSource Oregon Management Information System(WOMIS), on October 6th. The WOMIS was shut down while the security vulnerability, a lack of encryption on an older system, was addressed in order to eliminate any possibility of retrieving more social security information. The system was…
  • Cyber Espionage “Sandworm”: Is the Russian Government Involved?

    Milton Security Group
    14 Oct 2014 | 9:24 am
    Cyberspies, believed to be based out of Russia, have been targeting the North Atlantic Treaty Organization(NATO), multiple European governments, and industries  for around five years now, five years, according to researchers from iSight Partners. The Zero-Day attack code, referred to as “Sandworm”, was discovered by the security consultancy to have multiple references to literary Sci-Fi classic, Dune.  In the books, the sandworms are treated as deities, but have an unfortunate tendency to eat people. Sandworm is believed to have been running attacks since around 2009, using a zero-day…
 
  • add this feed to my.Alltop

    Cyberoam : Securing You

  • Vulnerability Alert: Remote Code Execution via Windows OLE Packager

    Cyberoam Threat Research Labs
    15 Oct 2014 | 11:55 pm
    A remote code execution vulnerability has been reported in Microsoft Windows OLE (Object Linking and Embedding) Packager. OLE allows embedding and linking to documents and other objects and is proprietary technology developed by Microsoft. The vulnerability is due to insufficient validation of certain files which can cause the OLE packager to download and execute arbitrary code. CVE ID: CVE-2014-4114 CVSS Scoring CVSS Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSS Temporal Score: 5.8 (E:U/RL:U/RC:C) Affected Software Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows…
  • Vulnerability Alert: SSL v3.0 Making Browsers Prone to Hacking

    Cyberoam Threat Research Labs
    15 Oct 2014 | 6:25 am
    Threat Description A major security flaw has been discovered in what is now recognised as an outdated Web Encryption Standard – SSL v3.0. Though, the protocol has been replaced by its succeeding TLS implementations, the backward compatibility feature still makes them vulnerable to the flaws of SSL v3.0. Google has termed the vulnerability in this 15 year old protocol as POODLE (Padding Oracle On Downgraded Legacy Encryption). This flaw can make encrypted data visible to a hacker with access to the network. POODLE has been identified as a major issue as it affects both websites as well as…
  • LimitLess KeyLogger – New Malware

    Anurag Singh
    15 Oct 2014 | 2:33 am
    A new malware was discovered by a Greek Researcher on the 20th last month, which uses a combination of AutoIT software programs[1] and a commercial keyboard logger called ‘Limitless Keylogger’. As soon as the malware infects a victim host, the keylogger records every input typed from the keyboard and sends it to a specified email address of the attacker. It can include email addresses, passwords, and confidential documents. It can lead to financial fraud, identity theft and data breach etc. This malicious software depends on AutoIT to stay undetected from end point AV. For the…
  • Payment Card Info Data Breach of World’s Largest Travel Site – TripAdvisor

    Anurag Singh
    14 Oct 2014 | 4:55 am
    On 19th September 2014, a recently acquired unit Viator of one of the largest travel site – TripAdvisor posted a Press release on their website confirming data breach of approximately 1.4 million customers, who had some form of information potentially affected by the compromise. Excerpts from the official Press Release by Viator According to the official press release by Viator, “On September 2, we were informed by our payment card service provider that unauthorized charges occurred on a number of our customers’ credit cards. We have hired forensic experts, notified law…
  • 5 Million+ Gmail and Yandex Accounts Compromised

    Anurag Singh
    8 Oct 2014 | 10:42 pm
    Around 10th September someone posted a link pointing to log-in credentials of millions of Gmail users on a Reddit webpage. The archive file containing nearly 5 million Gmail email addresses and plain text passwords was posted on Russian Bitcoin security forum known as btcsec.com on 9th September by someone who uses ‘tvskit’ alias/name on that website[1]. He said that almost 4.93 million accounts allegedly belong to Spanish, English and Russian users and claimed that over 60 percent of accounts are active. Along with Gmail, thousands of log-in credentials for Russia’s largest search…
Log in