Network Security

  • Most Topular Stories

  • Police-themed ransomware targets U.S., Canadian users

    Computerworld Network Security News
    9 May 2012 | 10:45 am
    A ransomware application that locks computers and asks their owners to pay fines for allegedly violating several laws through their online activity is targeting U.S. and Canadian users, malware experts from security firm Trend Micro said on Wednesday.

  • Be aware about malware spread via hotel Wi-Fi connections

    Spyware news
    gabriele
    15 May 2012 | 7:21 am
    FBI warns about the new type of malware attack that is targeting travelers abroad through the hotel internet WiFi networks. It has been reported to be masquerading as an official software update which is presented for the victim when he/she tries to connect to the internet connection in the hotel room. According to recent analysis from the FBI, this virus is particularly dangerous for business travelers because it may be used to steal corporate or other sensitive information. In order to spread their malware, attackers have been using pop-up windows notifying to update widely-known software…

  • Russian cybercriminals earned $4.5 billion in 2011

    Computerworld Network Security News
    23 Apr 2012 | 11:07 pm
    Russian-speaking hackers earned an estimated $4.5 billion globally using various online criminal tactics, Russian security analyst firm Group-IB said in a report published on Tuesday.

  • Most of the Internet's top 200,000 HTTPS websites are insecure, group says

    Computerworld Network Security News
    26 Apr 2012 | 11:51 am
    Ninety percent of the Internet's top 200,000 HTTPS-enabled websites are vulnerable to known types of SSL attack, according to a report by the Trustworthy Internet Movement (TIM), a nonprofit organization that tries to solve Internet security, privacy and reliability problems.

  • Hardening the network against targeted APT attacks

    SearchSecurity: Network Security Tactics
    14 May 2012 | 8:41 am
    Mike Chapple offers best practices to defend your network against the latest threat to the security landscape, targeted APT attacks.
  • add this feed to my.Alltop

    Network World on Security

  • ICO website hit by DDoS attack

    Anh Nguyen
    16 May 2012 | 2:07 am
    The Information Commissioner's Office (ICO) website has been taken offline following a suspected distributed denial of service (DDoS) attack.

  • A Secure BYOD Policy at MasterCard? Priceless.

    Kim S. Nash
    15 May 2012 | 3:44 am
    More than a year into its bring-your-own-device program, MasterCard Worldwide continuously assesses the security technology and policies that allow 30 percent of its employees worldwide to use their personal iPhones, iPads and Android devices at work.

  • 10 hacks that made headlines

    Joan Goodchild
    15 May 2012 | 3:24 am
    In our first Rogues Gallery, we looked at ten infamous social engineers -- con men who exploited human weaknesses rather than technical vulnerabilities.

  • Zeus variant tricks Facebook, webmail users into exposing card details

    Lucian Constantin
    15 May 2012 | 3:17 am
    A new variant of the Zeus trojan tricks users into exposing their debit card details by displaying rogue offers when they visit Facebook, Gmail, Yahoo and Hotmail, according to researchers from security firm Trusteer.

  • Wikipedia warns users about malware injecting ads into its pages

    Lucian Constantin
    15 May 2012 | 1:33 am
    Rogue browser extensions might inject commercial ads into Wikipedia pages, Wikimedia Foundation said
 
 
 
  • add this feed to my.Alltop

    Network Security Blog

  • Network Security Podcast, Episode 275

    netsecpodcast@mckeay.net (Martin McKeay)
    1 May 2012 | 7:58 pm
    By the grace of FSM, schedules synced up this week so we could all get together (despite Martin’s perpetual jet lag). Narrowly avoiding a discussion of CISPA (we’ll save that for later), the gang touches on some vulnerability disclosure gaffes, an “attack back” proposal (what year is this?), and more. Network Security Podcast, Episode 275, May 1, 2012 Time:  34:21 Show notes: RuggedCom Owes its Customers an Explanation Oracle scrambles to contain 0-day SNAFU The history of a -probably- 13 years old Oracle bug: TNS Poison ‘Stand Your Cyberground’ Law: A…

  • Network Security Podcast, Episode 272 v2

    netsecpodcast@mckeay.net (Martin McKeay)
    24 Apr 2012 | 7:30 pm
    As a follow up to last week’s episode, Martin was joined last week by Josh Corman to talk to Wade Baker about the 2012 Verizon Data Breach Investigation Report.  Wade talks to us about how the information for the report was gathered, some of the strengths and weaknesses of the analysis and finally how the amazing puzzle that is the front cover was concieved.  The episode is a little longer than normal, but worth the time. When this podcast was first release, it was mistakenly seen by iTunes as the PDF of the DBIR as being the podcast.  Subsequent attempts to upload were similarly…

  • Something to think on from Source Boston

    netsecpodcast@mckeay.net (Martin McKeay)
    18 Apr 2012 | 8:26 am
    “The Internet will never again be as free as it is this morning” – Dan Geer at SOURCE Boston Think on that for a while.  If it doesn’t scare you, it should. Update:  Here’s the full text of Dan Geer’s talk at SOURCE Boston

  • Network Security Podcast, Episode 274

    netsecpodcast@mckeay.net (Martin McKeay)
    17 Apr 2012 | 6:36 pm
    The gang is scattered to the wind.  Rich is off at some random Margaritaville and Zach is pretending he has a real life and a new job or something.  So Martin called out the cavalry and is joined tonight by none other than Dave Lewis, aka Gattaca on twitter (I bet many of you didn’t realize he had a ‘normal’ name).  We talk a lot about privacy (go figure), the TSA (big surprise) and the difference between Canadian and Amercian veiwpoints on a few things.  A good time was had by all.  Or at least by Martin, which is what really matters.  And let’s not forget…

  • This is why CISPA scares me

    netsecpodcast@mckeay.net (Martin McKeay)
    12 Apr 2012 | 10:12 pm
    Unlike it’s brethren, SOPA and PIPA, CISPA doesn’t scare me because it’s aimed at shutting down piracy and giving the media companies unheard of powers. CISPA scares me because it is aimed at letting companies share information between each other and with the government in order to stop bad guys, which is a noble cause. Unluckily, CISPA is written in such a way that 1) it tramples on the very basic rights of due process and privacy to combat these threats and b) it includes clauses that name intellectual property and private information as reasons for this sharing. Which…
  • add this feed to my.Alltop

    Post Politics: Breaking Politics News, Political Analysis & More - The Washington Post

  • Mark Zuckerberg: A man of his time

    Bonnie Goldstein
    16 May 2012 | 1:24 pm
    Millennial young adults are the first generation to come of age when their personal self-portraits in some digital form were a matter of semi-public record.  Particularly public – even when he wished it weren’t – has been the life story (so far) of Facebook's high profile founder, Mark Zuckerberg. Through aptitude, chutzpah and, some allege, misappropriation in 2004, the clever child --born in 1986 — created a forum where potentially, every single person on the planet will have the ability to look at the baby pictures of someone they just met.  Read full article >>

  • Herman Cain formally endorses Mitt Romney

    Felicia Sonmez
    16 May 2012 | 1:19 pm
    Businessman Herman Cain formally endorsed Mitt Romney’s presidential bid in an event on Capitol Hill on Wednesday afternoon. The move marks Cain’s third endorsement since suspending his own White House run last December amid multiple allegations of sexual harassment and a 13-year affair. Read full article >>

  • Oliver North, video-game pitchman

    Emily Heil
    16 May 2012 | 1:12 pm
    One might presume that Oliver North, a former Marine who helped broker the sale of weapons to Iran (as in Iran-Contra), might know something about “black ops.” Which explains why he’s now a spokesman for Call of Duty: Black Ops II, the military-themed blow-em-up video game. Much like Wilfred Brimley doing oatmeal commercials, or O.J. Simpson touting rental cars, North has a certain amount of... cachet, and certainly some credibility with the product he’s selling. Read full article >>

  • Scott Walker leads in new Wisconsin recall poll

    Rachel Weiner
    16 May 2012 | 1:08 pm
    Gov. Scott Walker (R) is up six points over Milwaukee Mayor Tom Barrett (D) in a new Wisconsin gubernatorial recall poll from Marquette Law School. Walker leads Barrett 50 to 44 among 600 likely voters in the school’s first survey since the May 8 Democratic primary. Their last poll, released May 2, showed a dead heat. Read full article >>

  • How Deb Fischer pulled an upset in Nebraska

    Rachel Weiner
    16 May 2012 | 12:16 pm
    Attorney General Jon Bruning was supposed to win the Nebraska Republican Senate primary — unless he was upset by state Treasurer Don Stenberg, who had the support of national conservatives. Neither man won. Instead, Nebraska’s GOP nominee this fall will be state Rep. Deb Fischer, who surged in the past few weeks with little money or help. She’ll be the one to take on former senator Bob Kerrey (D). Read full article >>
 
  • add this feed to my.Alltop

    Crave: gorgeous gadgets and other crushworthy stuff. - CNET

  • Lenovo dumps classic keyboard on new ThinkPad laptops

    16 May 2012 | 11:35 am
    No more classic-style keyboard with the new Lenovo T-Series ThinkPads. (Credit: Lenovo) Those of you who loved Lenovo's classic-style laptop keyboards can wave bye-bye to them. With the new 2012 T-series ThinkPads, Lenovo has put the final nail in the coffin of the classic keyboard once made popular by IBM. Lenovo stuck with the classic keyboard for the current T420, T420S, and T520. But the new ThinkPad T430, T430s, and T530 due to launch early next month have been overhauled with the island-style keyboards that seem to be hitting almost every laptop these days. The company had already…

  • Hangers with 'like' counts let Facebook dictate fashion

    16 May 2012 | 11:09 am
    Facebook likes this jacket quite a bit. (Credit: C&A) Why trust your own questionable fashion instincts when you can trust the questionable fashion instincts of everybody on Facebook? Brazilian retailer C&A has special clothes hangers that show how many likes each look has collected from the social-media community. The counters built into each hanger, which are networked, update in real time to reflect the input of C&A's Facebook fans voting with their virtual thumbs on photos of each clothing item. C&A calls the system "Fashion Like." Related stories Paging Mr. Zuckerberg: Pinstripe hoodie…

  • Kodak sticks with consumer printing, unveils ESP 3.2 all-in-one device

    16 May 2012 | 9:56 am
    Kodak ESP 3.2 (Credit: Kodak) The Kodak ESP line is meant for budding photographers and families that need a simple device to output family photos, collages, and personalized photo snapshots. The latest 3.2 all-in-one delivers print, copy, and scan functionality in a compact frame that still gives creatives access to a 2.4-inch color screen that accepts light photo edits. You can set up the ESP 3.2 using a direct-USB connection, but doing it wireless gives you more access to the printer's cloud capabilities by way of Google Cloud Print and Kodak's own e-mail printing service. You'll need a…

  • Microsoft Store trims Xbox 360 price by $50

    16 May 2012 | 8:51 am
    (Credit: Screenshot by Lance Whitney/CNET) Gamers in the market for an Xbox 360 will find a deal waiting for them at the online Microsoft Store. The Xbox 360 250GB console is now on sale for $249.99, a full $50 off the usual price. This console offers 250GB of space on a removable hard drive, the usual wireless controller, a black headset, and a one-month subscription to Xbox Live Gold. Buyers can also add a 12-month Xbox Live Gold membership for $44.99, $15 off the regular price. Those of you willing to cough up more cash can get the Xbox 360 250 GB Kinect Holiday Bundle for $349.99, down…

  • Apple orders 4-inch iPhone screens, says report

    16 May 2012 | 7:06 am
    Is the next iPhone due for a 4-inch screen? (Credit: Apple) Will the next iPhone actually sport a larger screen? A new report from the Wall Street Journal suggests it will. Citing "people familiar with the situation," the Journal said today that Apple has been tapping into its suppliers for screens larger than the ones used in the current iPhone. The new screens are at least 4 inches, compared with the 3.5-inch displays used on the phone since its debut in 2007. Assuming the sources are on the money, production of the screens could rev up next month, the Journal added. The most recent reports…
  • add this feed to my.Alltop

    Techwatch: Tech News

  • Twitter hits 10m UK users

    Adam Smith
    16 May 2012 | 3:51 am
    Twitter has announced that it has hit some 140 million users globally, with 10 million users in the UK. That figure might still be dwarfed by Facebook, which is homing in on the magic one billion mark when it comes … Continue reading →Twitter hits 10m UK users is taken from: Techwatch: Technology News Also see the Techwatch digital TV and satellite forums here: Techwatch forums

  • Sniper Elite V2 still number one

    Darren Allan
    16 May 2012 | 3:24 am
    Sniper Elite V2 might have dropped almost 40 per cent in terms of sales, but it maintained the number one spot in the UK all-format chart (as compiled by Chart Track). EA’s football titles also continue to sell well, with … Continue reading →Sniper Elite V2 still number one is taken from: Techwatch: Technology News Also see the Techwatch digital TV and satellite forums here: Techwatch forums

  • Virgin to allow mobile calls on planes

    Darren Allan
    15 May 2012 | 3:57 am
    Virgin Atlantic has announced that it will allow the use of mobile phones to make calls on its fleet of planes. It’s the first UK airline to offer passengers such a perk, although others already facilitate the sending of text … Continue reading →Virgin to allow mobile calls on planes is taken from: Techwatch: Technology News Also see the Techwatch digital TV and satellite forums here: Techwatch forums

  • Sony and Panasonic team on OLED?

    Adam Smith
    15 May 2012 | 3:19 am
    It would appear that Sony and Panasonic could be set to team up in order to produce large screen OLED TV sets, with a more budget conscious slant. Budget conscious being a relative term when it comes to OLED, mind … Continue reading →Sony and Panasonic team on OLED? is taken from: Techwatch: Technology News Also see the Techwatch digital TV and satellite forums here: Techwatch forums

  • Galaxy S III dual-core leak

    Adam Smith
    14 May 2012 | 11:54 am
    The Samsung Galaxy S III smartphone is out in just over two weeks time. The next big Android handset has a quad-core processor over here in the UK, but rumours have persisted for some time that there would be a … Continue reading →Galaxy S III dual-core leak is taken from: Techwatch: Technology News Also see the Techwatch digital TV and satellite forums here: Techwatch forums
 
  • add this feed to my.Alltop

    Network Security Podcast

  • The Network Security Podcast, Episode 277

    rmogull
    15 May 2012 | 8:52 pm
    So funny story about the show. Zach and I (Rich) were prepping to record when a work thing hit. Since Zach was on a tight timeline due to his own work obligations we announced we were skipping the show. About an hour later a black SUV with a maple leaf sticker on the bumper pulled up in front of my house. A group of heavily armed agents secured a perimeter, rang the doorbell, and left a cooler on my doorstep. Inside was dry ice and a USB drive in the shape of an audio cassette. I haven’t listed to this, but based on the label it seems our friends from Liquidmatrix recorded…

  • The Network Security Podcast, Episode 276

    rmogull
    8 May 2012 | 8:01 pm
    Tonight’s show notes will be short, but the show itself ran a little long at about 45 minutes. This week we dedicated the entire episode to mobile security- from platform security up through carrier security issues. We are joined this week by Nick Selby, a good friend, part-time police officer (in Texas, which is a tad scary), and well known (former) industry analyst and (current) incident responder and risk consultant. Tonight’s show was Nick’s idea, and it aligned really well with Zach’s history of mobile platform research. And, for once, I (Rich) didn’t screw…

  • Network Security Podcast, Episode 275

    quine
    1 May 2012 | 7:57 pm
    By the grace of FSM, schedules synced up this week so we could all get together (despite Martin’s perpetual jet lag). Narrowly avoiding a discussion of CISPA (we’ll save that for later), the gang touches on some vulnerability disclosure gaffes, an “attack back” proposal (what year is this?), and more. Network Security Podcast, Episode 275, May 1, 2012 Time:  34:21 Show notes: RuggedCom Owes its Customers an Explanation Oracle scrambles to contain 0-day SNAFU The history of a -probably- 13 years old Oracle bug: TNS Poison ‘Stand Your Cyberground’ Law: A…

  • Network Security Podcast, Episode 272v2

    martin
    24 Apr 2012 | 6:30 pm
    As a follow up to last week’s episode, Martin was joined last week by Josh Corman to talk to Wade Baker about the 2012 Verizon Data Breach Investigation Report.  Wade talks to us about how the information for the report was gathered, some of the strengths and weaknesses of the analysis and finally how the amazing puzzle that is the front cover was concieved.  The episode is a little longer than normal, but worth the time. When this podcast was first release, it was mistakenly seen by iTunes as the PDF of the DBIR as being the podcast.  Subsequent attempts to upload were similarly…

  • Network Security Podcast, Episode 274

    martin
    17 Apr 2012 | 6:34 pm
    The gang is scattered to the wind.  Rich is off at some random Margaritaville and Zach is pretending he has a real life and a new job or something.  So Martin called out the cavalry and is joined tonight by none other than Dave Lewis, aka Gattaca on twitter (I bet many of you didn’t realize he had a ‘normal’ name).  We talk a lot about privacy (go figure), the TSA (big surprise) and the difference between Canadian and Amercian veiwpoints on a few things.  A good time was had by all.  Or at least by Martin, which is what really matters.  And let’s not forget…
  • add this feed to my.Alltop

    About.com Internet / Network Security

  • How to Booby Trap Your Smartphone

    12 May 2012 | 4:27 pm
    Have you ever had your smartphone snatched by a thief? It's happening more and more in subways and street corners everywhere. Sometimes you get so absorbed in what you're doing on your phone that you ignore your surroundings and fail to see the guy in the hoodie who is about to yank your phone from your hand....Read Full Post

  • The Data on This iPhone Will Self-destruct in 10 Seconds

    29 Apr 2012 | 3:50 pm
    Wouldn't it be great if you could make the data on your iPhone self-destruct should it fall into the wrong hands? While you can't make it physically explode like in the Mission Impossible movies, you can achieve the end result of having your data wiped out so the bad guys can't get it....Read Full Post

  • Is Your Cordless Phone Being Hacked?

    26 Apr 2012 | 6:30 am
    If you still have a landline in your home, then you likely also have a cordless phone connected to it because, let's face it, no one likes tripping over phone cords....Read Full Post

  • Become a Human Lie Detector With F.A.C.E. Training

    21 Apr 2012 | 11:02 am
    Social engineering attacks perpetrated by hackers such as Kevin Mitnik often succeed because many people have trouble detecting deception. Can someone be taught to spot a lie? In this week's featured article, we attempt to answer the question above by reviewing Dr. Paul Ekman's Micro-expression Training Course. The course, named METT Advanced, costs $69 and focuses on teaching how to detect what people are truly feeling by reading their micro-expressions. Check out my review of Dr. Ekman's course in the link above to see if his stuff is for real or just pop-psychology mumbo jumbo....Read Full…

  • Is Your Mac Safe From The Flashback Attack

    12 Apr 2012 | 3:54 pm
    For some reason, a lot of folks believe that Apple Macs are naturally immune to viruses and malware. Many people don't even bother to install anti-virus software on their Macs because they don't feel like the threat level is high enough to warrant it....Read Full Post
 
  • add this feed to my.Alltop

    Tenable Network Security

  • Tenable Network Security Podcast Episode 124 - "OS X Vulnerabilities, Laptop Security at Conferences"

    Paul Asadoorian
    15 May 2012 | 2:40 pm
    Welcome to the Tenable Network Security Podcast Episode 124 Announcements Check out our video channel on YouTube which contains new Nessus and SecurityCenter 4 tutorials. We're hiring! - Visit the Tenable website for more information about open positions. You can subscribe to the Tenable Network Security Podcast on iTunes! Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more! Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts…

  • Plugin Spotlight: RuggedOS Telnet Server Default 'factory' Account Backdoor

    Paul Asadoorian
    14 May 2012 | 11:08 am
    Embedded Device Security Woes Having researched embedded device security for quite some time, it never ceases to amaze me how manufacturers present vulnerabilities in their products. While I do not want to start picking on specific manufacturers (as the development process is not as easy as one might think), RuggedCom's Rugged Operating System (ROS) recently had a vulnerability disclosed. According to their website: "RuggedCom [a Siemens business unit] designs and manufactures rugged communications equipment for harsh environments." They produce a full product suite, from Ethernet switches to…

  • PVS and Facebook Game Detection

    Randal T. Rioux
    9 May 2012 | 10:35 am
    Keeping Your Workforce Productive Companies maintain IT resources and hire employees to further their business. Invariably, employees will take breaks or look to cut corners when they think no one is looking. In today’s networked world, those breaks frequently take the form of web surfing or personal email. Many companies allow such behavior, within reason, as it boosts morale and helps keep employees from burning out. However, at times, lines are crossed and an employee may be using too much time for personal needs. It is important for a company to be able to monitor this in order to…

  • Tenable Network Security Podcast Episode 123 - "Network Management Vulnerabilities, RuggedOS Backdoor"

    Paul Asadoorian
    8 May 2012 | 3:36 pm
    Welcome to the Tenable Network Security Podcast Episode 123 Announcements Check out our video channel on YouTube which contains new Nessus and SecurityCenter 4 tutorials. We're hiring! - Visit the Tenable website for more information about open positions. You can subscribe to the Tenable Network Security Podcast on iTunes! Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more! Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts…

  • Monitoring Internet-facing Servers with SecurityCenter & Nessus

    Paul Asadoorian
    4 May 2012 | 7:00 am
    Covering All Your Bases Internet-facing servers are a popular attack target: They are accessible to everyone on the Internet and can easily be probed for vulnerabilities. Based on exposure alone, Internet-facing servers present a higher risk of becoming compromised. This risk needs to be mitigated if organizations must provide access to services such as web, mail, and VPN connectivity. It is therefore important that these servers are regularly assessed for potential vulnerabilities (and more important that something is done to remediate the vulnerabilities). This blog entry provides guidance…
  • add this feed to my.Alltop

    Team Cymru Internet Security News

  • .Pirate Domains Now Available Through OpenNic

    16 May 2012 | 1:38 pm
    "The internet is built of services. One of the core services, and a major choke-point for control, is domain name resolution. There have been some alternates come and go, but one of the strongest has been OpenNIC, and theyve just launched a new top level domain . pirateDespite the best efforts of Dutch lobby groups, and American entertainment cartels, the internet is a place where barriers dont stay barriers for long...."

  • IP-Address Cant Even Identify a State, BitTorrent Judge Rules

    16 May 2012 | 12:07 pm
    "The mass-BitTorrent lawsuits that are sweeping the United States are in a heap of trouble. After a Florida judge ruled that an IP-address is not a person, a Californian colleague has gone even further in protecting the First Amendment rights of BitTorrent users. The judge in question points out that geolocation tools are far from accurate and that its therefore uncertain that his court has jurisdiction over cases involving alleged BitTorrent pirates...."

  • Beyond CISPA: The cybersecurity bills you need to worry about right now

    16 May 2012 | 10:52 am
    "With CISA pushed to the back burner, the Senate is set to consider two alternative cybersecurity bills, both of which are far more expansive than CISPA and each with many of the same problems, according to privacy advocates. Here is everything you need to know about the Cybersecurity Act of 2012 and the SECURE IT Act before they hit the Senate floor for a vote this month. Weve had a bit of a break from Congress cybersecurity legislative hoopla since the House passed the contentious Cyber Intelligence Sharing and Protection Act (CISPA) late last month...."

  • DHS Warns About Threat Of Mobile Devices In Healthcare

    16 May 2012 | 10:47 am
    "In a bulletin, the Department of Homeland Security (DHS) is warning healthcare organizations about the threat posed by insecure, network attached medical devices and the proliferation of smart phones, tablet PCs and other mobile devices in medical settings. DHS's National Cybersecurity and Communications Integration Center (NCCIC) issued the unclassfied bulletin, "Attack Surface: Healthcare and Public Health Sector" on May 4. In it, DHS warns of a wide range of security risks, including that could expose patient data to malicious attackers, or make hospital networks and first…

  • Online travel most vulnerable to email attacks

    16 May 2012 | 10:30 am
    "Agari released its first TrustIndex, a quarterly measurement that applies Agaris big data insights to score email attack vulnerability and email trust by industry. Similar to a credit score, the TrustIndex is a composite score on a scale of 1, lowest level of security, to 1000, the highest level of security. Criteria include consistency of brand authenticity and adoption of DMARC, an industry standard that defines a security framework for email senders and receivers...."
  • add this feed to my.Alltop

    Computer Internet network security News & Articles

  • PoINT Storage Manager supports EMC storage

    NeonDrum
    10 May 2012 | 5:25 am
    May 10th 2012 – PoINT Software & Systems GmbH has announced today, that the current version of PoINT Storage Manager supports additional storage systems of EMC. Thus for example hard disk – /SSD-based NAS systems manufactured by EMC can seamlessly be integrated in a Tiered Storage Architecture. The support of EMC Atmos for the Capacity [...]

  • Conseal Security Launches Major New Release of Conseal Server

    NeonDrum
    25 Apr 2012 | 4:05 am
    April 25th 2012 – Infosec, Stand K76 – Conseal Security, the provider of solutions to secure data on the move, today announced Conseal Server 2.0, enabling organisations to maintain complete control over their private data when it’s on the move. The increasingly visible headlines publically ‘outing’ data breaches serve as clear indication of the scale of [...]

  • Dirty Disks Raise new Questions about Cloud Security

    NeonDrum
    24 Apr 2012 | 4:20 am
    April 24th 2012 – Research by Context Information Security has identified potentially significant flaws in the implementation of Cloud infrastructure services offered by some providers, which could be putting their clients’ data at risk. By exploiting the vulnerability, which revolves around data separation, Context consultants were able to gain access to some data left on [...]

  • Acuity launches latest STREAM Governance Risk and Compliance (GRC) solution

    NeonDrum
    18 Apr 2012 | 5:09 am
    April 18th 2012 – Acuity Risk Management has announced a new release of STREAM Integrated Risk Manager, its popular free Governance Risk and Compliance (GRC) solution. STREAM Version 2.0 provides users with better visibility and easier access to detailed GRC information, including a personalised Home Page providing summary status information, as well as ’one click’ [...]

  • Context serves up new CANAPE security assessment tool at Black Hat Europe

    NeonDrum
    16 Mar 2012 | 7:07 am
    March 16th 2012 – Context Information Security has been presenting its latest Windows security assessment tool at Black Hat Europe this week in Amsterdam. CANAPE extends the functionality of existing web application testing tools such as CAT, Burp or Fiddler in order to analyse complex network protocols. “Testing and exploiting binary network protocols can be [...]
 
  • add this feed to my.Alltop

    WindowSecurity.com blogs

  • IT security professional failing on risk strategies

    Debra Shinder
    15 May 2012 | 8:58 am
    According to a survey done by HP at a recent InfoSecurity conference in London, European IT security pros have “significant” gaps in enterprise risk strategy, with only about 14 percent being very confident that their current solutions are giving them a complete and concise picture of their security and risk state. 44 percent said they can’t uncover and report vulnerabilities in custom applications, and only 60 percent are doing real-time monitoring of security events. more...

  • APT attackers using booby-trapped RTF docs

    Debra Shinder
    15 May 2012 | 8:54 am
    The Advanced Persistent Threat (APT) is a type of attack that has been in the news a lot lately, but exactly what techniques do APT attackers use to infect systems? Trend Micro researchers report that one of the most common is the use of “booby-trapped” rich text (RTF) documents created with Microsoft Office software (Word). more...

  • Is the Cloud the solution to SMB security woes?

    Debra Shinder
    15 May 2012 | 8:45 am
    Microsoft thinks so – and they have the statistics to back up that opinion.  Once upon a time, there was a lot of distrust of cloud computing, especially among small businesses, but that seems to be changing. more...

  • Antivirus update gone seriously wrong

    Debra Shinder
    15 May 2012 | 8:28 am
    In a demonstration of how serious it can be when antivirus software goes awry, today an update from Avira for its antivirus software is wreaking havoc across the globe as it blocks some of Windows’ most important processes, such as explorer.exe, rundll32.exe and dllhost.exe. The program is falsely detecting these as viruses and killing them, which effectively cripples the OS. But that’s not all – other major programs (Opera, Google Talk, even Microsoft Office) are being blocked. more...

  • Free BlackHat Webinar: Making Life Difficult for Malware

    Debra Shinder
    15 May 2012 | 6:24 am
    It’s a good bet that malware will be with us always – but that doesn’t mean we’re powerless to do anything about it. Just as protecting your home from burglars is all about making it more difficult for them to get in and do their dirty deeds, malware protection is about making it harder for malicious code to infiltrate our systems. Malware is like human bad guys in that it prefers to attack the easy targets. more...
  • add this feed to my.Alltop

    TaoSecurity

  • SEC Guidance Is a Really Big Deal

    14 May 2012 | 4:19 pm
    In November I wrote SEC Guidance Emphasizes Materiality for Cyber Incidents, my thoughts after reading an article by Senator Jay Rockefeller and former DHS Secretary Michael Chertoff. They explained why the CF Disclosure Guidance: Topic No. 2, Cybersecurity issued by the SEC in October is a big deal. Since then I attended a conference on Director's and Officer's insurance in Connecticut, and spoke on a panel about that SEC guidance. During the conference I learned that the SEC guidance isn't a big deal -- it's a really big deal. We're talking a game changer, potentially on three fronts.

  • Clowns Base Key Financial Rate on Feelings, Not Data

    21 Apr 2012 | 1:44 pm
    If you've been reading this blog for a while, you know I don't think very highly of mathematical valuations of "risk." I think even less highly of the clowns in the financial sector who call security professionals "stupid" because we can't match their "five digit accuracy" for risk valuation. We all know how well those "five digit" models worked out. (And as you see from the last link, I was calling their bluff in 2007 before the markets imploded.) Catching up on last week's Economist this morning I found another example of financial buffoonery that boggles the mind. The article is online:…

  • Salvaging Poorly Worded Statistics

    4 Apr 2012 | 7:43 pm
    Today I joined a panel held at FOSE chaired by Mischel Kwon and featuring Amit Yoran. One of the attendees asked the following: At another session I heard that "80% of all breaches are preventable." What do you think about that?My brief answer explained why that statement isn't very useful. In this post I'll explain why. The first problem is the "80%." 80% of what? What is the sample set? Are the victims in the retail and hospitality sectors or the telecommunications and aerospace industries? Speaking in general terms, different sorts of organizations are at different levels of maturity,…

  • Inside a Commission Hearing on the Chinese Threat

    26 Mar 2012 | 7:09 pm
    This morning I testified at the U.S.-China Economic and Security Review Commission at a hearing on Developments in China’s Cyber and Nuclear Capabilities. In the picture taken by Mrs Bejtlich (thanks for attending!) I'm seated at the far right. To my left is Nart Villeneuve. To his left is Jason Healey. As stated on their Web site, the U.S. Congress created the U.S.-China Economic and Security Review Commission in October 2000 with the legislative mandate to monitor, investigate, and submit to Congress an annual report on the national security implications of the bilateral trade and…

  • Impressions: Fuzzing

    14 Mar 2012 | 5:00 am
    Fuzzing by Michael Sutton, Adam Greene and Pedram Amini struck me as a good overview of many types of fuzzing techniques. If you read the Amazon.com reviews, particularly the verdict by Chris Gates, you'll see what I mean. For my purposes, the degree to which the authors covered the material was just right. If you're more in the trenches with this topic, you would probably want more from a book on fuzzing. I liked the following aspects of the book: integration of history, real examples, diversity of approaches, case studies, and examples. I thought the book was easy to read and well…
  • add this feed to my.Alltop

    Roger's Security Blog

  • What Microsoft can teach Apple about security response

    rhalbheer
    9 May 2012 | 9:02 am
    I guess, I do not have to comment this – right? What Microsoft can teach Apple about security response To quote the summary: Microsoft just released seven security updates to fix 23 vulnerabilities in Windows and other products. In February, Apple released a massive update that covered 51 vulnerabilities and also introduced an embarrassing security flaw. The contrast is striking. Roger

  • Windows Defender Offline

    rhalbheer
    27 Apr 2012 | 2:04 am
    A few days ago, Windows Defender Offline was released. This is basically the tool to use, if you are unable to remove malware from a running PC. To quote the website: Sometimes, malicious and other potentially unwanted software, including rootkits, try to install themselves on your PC. This can happen when you connect to the Internet or install some programs from a CD, DVD, or other media. Once on your PC, this software might run immediately, or it might run at unexpected times. Windows Defender Offline can help remove such hard to find malicious and potentially unwanted programs using…

  • Consumerization of IT–How to address this

    rhalbheer
    26 Apr 2012 | 12:36 pm
    Bring Your Own Device or Consumerization of IT are fairly hot themes in a lot of customer organizations. When I talk to customers, there are typically different reactions, once we bring this up. Some tell us, that it is not part of their strategy; some tell us that they plan to do it but that they have a hard time figuring out, how to secure such an environment; very, very few customers tell us that they have this under control. What is it all about? For me, the trend really started to take off with the smartphones. Most companies tried to standardize the models but at the end of the day it…

  • Build your own sniffing kit

    rhalbheer
    24 Apr 2012 | 4:06 am
    When people look at attackers, they always think that they are extremely smart people. There are really smart people building the kits but the ones applying it? Well, you just need the right guidance: Hacker's Tiny Spy Computer Cracks Corporate Networks, Fits In An Altoid Tin Fairly easy, isn’t it? Roger

  • 5 Common Types of Security Professionals

    rhalbheer
    23 Apr 2012 | 10:03 am
    I am following Shoaib’s blog since quite a while – actually due to the beauty of the Internet, we only met virtually so far . He just posted on his blog: 5 Common Types of Security Professionals I really like this post. The way he categorizes them is: The NO-MASTER The By-The-Book Preacher The Dinosaur The Technology-Solves-It-All The paranoid The reason, why I like it so much is that I am deeply convinced that security can only be successful if it is aligned to business needs and not necessarily to policies and to fear. So, thinking about where security can become a business enabler…
 
  • add this feed to my.Alltop

    Spyware news

  • Malicious tweets spread rogue AV infecting Android users

    gabriele
    16 May 2012 | 11:19 am
    Security experts from GFI.com warn about the malicious Tweets that include spammed URLs with the .tk extension. After being clicked, these URLs lead to Russian web page pretending to be an official Anti-Virus page notifying its victims about malware detected on their machines. However, this virus has been found to distribute rogue anti-virus programs similar to the ones that are released by FakeVimes or Winwebsec. It is especially dangerous for Android users but it has also been found to be targeting PC users as well. According to GFI, random Twitter users have been tweeted with the URLs with…

  • Be aware about malware spread via hotel Wi-Fi connections

    gabriele
    15 May 2012 | 7:21 am
    FBI warns about the new type of malware attack that is targeting travelers abroad through the hotel internet WiFi networks. It has been reported to be masquerading as an official software update which is presented for the victim when he/she tries to connect to the internet connection in the hotel room. According to recent analysis from the FBI, this virus is particularly dangerous for business travelers because it may be used to steal corporate or other sensitive information. In order to spread their malware, attackers have been using pop-up windows notifying to update widely-known software…

  • SecureCloud Key Management Systems Released by Trend Micro

    Linas
    10 May 2012 | 8:31 am
    Trend Micro uses Apache CloudStack at the Apache Software Foundation, while they are developing a new product. That gives them a step forward against all those Apache CloudStack users, who searches for an easy way to deploy encryption solutions in the cloud. Trend Micro released a simple plug-in that makes the implementation for CloudStack users very quick, when comparing to the months of investigation and development when they are creating an encryption solutions with their own hands. That’s the new road for innovative cloud encryption service. This new key management system is…

  • Microsoft and Adobe Releases Critical Security Updates. Update Now!

    Linas
    9 May 2012 | 10:33 am
    Microsoft is known to release updates in a fixed day in a week, and that is Tuesday. This day even has a name “Patch Tuesday”. Yesterday was the first tuesday of this month, so the regular Microsoft update patch was ready to go. It bundled of more than 23 vulnerabilities that include fixes for all the exploits that could affect Microsoft Office, Windows, the .NET Framework or Silverlight. The vulnerabilities that may lead the malicious software to run code without user interaction are marked as “Critical”, as these are the worst vulnerabilities for Microsoft. The MS12-034 patch is…

  • Internet Apocalypsis Upcoming – Prepare for DNSChanger Servers Closure

    Linas
    8 May 2012 | 11:08 am
    The date of July 9, 2012 should be marked as the day of Internet apocalypse. It is the deadline, when FBI is planning to shut down those temporary “clean” DNSChanger servers. But the fact is, that if you prepare yourself, you can let your organisation and users go through that day without damage. Not so long ago, FBI stated the shutdown of a huge clickjacking botnet with the cooperation of Estonian authorities and other antimalware organizations. They raided almost 100 servers that were infected by this malicious code. Moreover, seven people were arrested and charged with computer…
  • add this feed to my.Alltop

    Uncommon Sense Security

  • A meandering rant on sexism.

    14 May 2012 | 12:16 pm
    This has been a bad year for technology.  Not necessarily for the business of technology (although it is very hard to discuss the current state of the tech and InfoSec biz without using the word “bubble”), but for the culture and future of tech. I commented on the depressing “booth babe” situation at RSA in this year’s RSA wrap-up blog post, it is an ongoing embarrassment.  As I’ve said before, in the right contexts I have nothing against attractive people, fast cars, or other things normally used to sell cheap beer- I just don’t believe tech and security events are…

  • Context matters

    4 May 2012 | 6:42 pm
    A recurring theme for me lately is explaining the significance of taking things in context.  When discussing vulnerabilities with people (I do this a lot working at Tenable), some folks don’t intuitively grasp that context is critical in translating a finding into usable and valuable information. Let’s shift gears, a few weeks ago I was in Texas for BSidesAustin.  While I was there I picked up a couple of bumperstickers, this one’s my favorite: (For those who don’t know, that’s a stylized flag of my home state of Texas, and Texas is always trying to secede from something).

  • Wait, what? Someone has to look at those logs?

    20 Apr 2012 | 7:12 pm
    Anton Chuvakin has a good post over on the Gartner blog about security monitoring and cloud systems.  Depending on your point of view and/or experience, you may think his comments are thought provoking, or possibly obvious (this will probably depend on where you are on the cloud adoption path).  I agree with the good Dr. Chuvakin, but my recent conversations with people trying to come to grips with monitoring and log analysis have given me some contradictory insights. Anton is correct in his mapping of visibility and coverage, and on the observations of the perspective of CSP-MSSPs…

  • Who put all that travel on my calendar?

    10 Apr 2012 | 3:17 pm
    I did it to myself if I’m honest.  I will grumble about airlines, the TSA, hotels, cabs, etc.- but the great thing is that I get to see old friends, meet folks, and have some engaging (and inane) conversations.  Some of my upcoming adventures are below- if you’ll be at these events or in the general area either find me and say hello, or hide from me, as you feel appropriate. I’ll be at BSides Austin later this week, participating in a cloud computing panel and later giving an update on the stress and burnout research.  And joining in Hackers on a Duck III. Next week I…

  • Filling in some blanks

    1 Apr 2012 | 9:15 pm
    My last post had some incomplete thoughts (this is not unusual), and I decided to address some of them (this is unusual). I mentioned that segmenting your network was advantageous for a variety of scanning and monitoring reasons, but I didn’t didn’t elaborate, let me do that now. There are some great systems for data correlation which can tell you significant things- for example whether that IDS alert was for traffic targeting a host vulnerable to the specific attack detected.  Unfortunately, we don’t all have the resources to have such systems, or the time to tune them.  If,…
  • add this feed to my.Alltop

    Security Bytes

  • Cloud security issues: Provider transparency, data-centric security

    Robert Westervelt
    16 May 2012 | 9:52 am
    At an event last week in San Francisco that covered a variety of cloud security issues, infosec expert Kevin Walker told attendees to be aggressive with cloud service providers and hold them accountable when it comes to security. “The key for us practitioners is to go into this with eyes wide open,” said Walker, who has held senior security positions at Symantec and Cisco, among other global firms. He spoke at the Cloud Security Symposium, which was sponsored by Trend Micro. The traditional focus on building fortresses with firewalls and IPSes won’t translate to the cloud,…

  • Going after the middlemen in the fight against financial cybercrime

    Jane Wright
    10 May 2012 | 8:01 am
    In the world of financial cybercrime, there are three primary groups of fraudsters at work. First up are the developers who write the applications to grab credit card and bank account data. In the middle are the “carders” who sell the ill-gotten data to, if you will, end users. The final group consists of these users or buyers who pay for the hot data and use it to make purchases or move funds to their own accounts. Those fighting the battles have to make tough decisions about where to focus their resources. Should they go after the developers, the carders or the end users of the…

  • Organizations lagging on cloud security training, survey shows

    Marcia Savage
    9 May 2012 | 12:59 pm
    Symantec recently released some interesting findings from a survey the company conducted with the Cloud Security Alliance at the CSA Summit in February. The survey went beyond the usual sorts of basic questions to delve into organizations’ knowledge of cloud security. The results - albeit from a small sample size (128 respondents) — were a bit curious. While 63% rated their cloud security efforts as good, 58% said their staff isn’t well prepared to secure their use of public cloud services. And although 68% said they think cloud security training is important for their…

  • Windows exploits: Data finds Windows Vista infections outpace Windows XP

    Robert Westervelt
    9 May 2012 | 11:48 am
    When Microsoft issued version 12 of its Security Intelligence Report (.pdf) last month, its marketing machine had one message it wanted journalists to communicate to businesses: Conficker worm infections are a serious concern. The messaging about Conficker was extremely strong. Prior to a briefing with a Microsoft executive, reporters were given a slide deck largely void of information except for data about Conficker; Microsoft’s 126-page report had been boiled down to 16 slides. Microsoft proclaimed Conficker as “the No. 1 threat facing businesses over the past 2.5 years.”…

  • Creativity makes information security awareness training stick

    Jane Wright
    3 May 2012 | 7:04 am
    It often seems security pros place great expectations on users, and are amazed when they fall for an obvious security trap or common social engineering attack. But instead of being amazed, the more appropriate response may be to recognize that traditional information security awareness training programs often don’t work. According to Bob Rudis, director of enterprise security at Boston-based Liberty Mutual Group, too many companies rely on the computer-based security training courses that each employee must complete once a year to meet compliance requirements. Speaking at the Source…
 
  • add this feed to my.Alltop

    Schneier on Security

  • Security Vulnerabilities in Airport Full-Body Scanners

    schneier
    16 May 2012 | 6:15 am
    According to a report from the DHS Office of Inspector General: Federal investigators "identified vulnerabilities in the screening process" at domestic airports using so-called "full body scanners," according to a classified internal Department of Homeland Security report. EPIC obtained an unclassified version of the report in a FOIA response. Here's the summary.

  • U.S. Exports Terrorism Fears

    schneier
    15 May 2012 | 6:17 am
    To New Zealand: United States Secretary of Homeland Security Janet Napolitano has warned the New Zealand Government about the latest terrorist threat known as "body bombers." "Do we have specific credible evidence of a [body bomb] threat today? I would not say that we do, however, the importance is that we all lean forward." Why the headline of this article is "NZ warned over 'body bombers,'" and not "Napolitano admits 'no credible evidence' of body bomber threat" is beyond me.

  • The Trouble with Airport Profiling

    schneier
    14 May 2012 | 6:19 am
    Why do otherwise rational people think it's a good idea to profile people at airports? Recently, neuroscientist and best-selling author Sam Harris related a story of an elderly couple being given the twice-over by the TSA, pointed out how these two were obviously not a threat, and recommended that the TSA focus on the actual threat: "Muslims, or anyone who looks like he or she could conceivably be Muslim." This is a bad idea. It doesn’t make us any safer -- and it actually puts us all at risk. The right way to look at security is in terms of cost-benefit trade-offs. If adding profiling to…

  • Friday Squid Blogging: New Book on Squid

    schneier
    11 May 2012 | 4:58 pm
    Kraken: The Curious, Exciting, and Slightly Disturbing Science of Squid. And a review. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
  • add this feed to my.Alltop

    Infosec Events

  • Week 19 in Review – 2012

    Roxanne
    14 May 2012 | 11:48 am
    Resources Research for SharePoint (MOSS) – owasp.org This page contains research notes on Microsoft’s SharePoint MOSS and WSS MS SQL – Useful Stored Procedures for SQL Injection and Ports Info – pentesticles.com The following post lists and describes various useful stored procedures and port information for MS SQL. Portable Executable 101 – a windows executable walkthrough – code.google.com This graphic (PDF JPG) is a walkthrough of a simple windows executable, that shows its dissected structure and explains how it’s loaded by the operating system.

  • Week 18 in Review – 2012

    Roxanne
    7 May 2012 | 10:57 am
    Resources Breaking in to Security – Survey Conclusions, Part 1 – digininja.org To collect the data I created an online survey and sent it out through as many sources as I could, to date I’ve got over 300 results and I’d like to say a huge thanks to everyone who completed it and helped with the advertising. If you want to see the full raw data I’ve published it and intend to try to keep it fairly up-to-date as more people answer the survey. oclHashcat Examples of lots of different hash types – phillips321.co.uk So you’ve got oclHashcat and you want to…

  • Week 17 in Review – 2012

    Roxanne
    30 Apr 2012 | 4:20 am
    Event Related Our CanSecWest 2012 slides on passive DNS and Picviz – picviz.blogspot.fr Alexandre Dulaunoy from CIRCL.LU and Sebastien Tricaud from Picviz Labs have been talking at CanSecWest 2012 in Vancouver, Canada, on how to scrutinize a country using passive DNS and Picviz. SyScan 2012 Singapore slides – www.xchg.info Conference and slides of SyScan 2012 Singapore Resources Big ideas from Daniel Geer on digital security and the role of humans – geer.tinho.net Everything about cyberspace is now in a positive feedback loop or, should I say, the positive feedback loop in…

  • Information Security Events For May

    sheila
    28 Apr 2012 | 10:53 am
    Here are information security events in North America this month:   SANS Security West : May 3 to 12 in San Diego, CA USA     GRC Summit Boston 2012 : May 8 to 10 in Boston, MA USA     TakeDownCon 2012 : May 8 to 9 in Dallas, Texas USA     Secure360 : May 8 to 9 in Saint Paul, MN USA     CarolinaCon 8 : May 11 to 13 in Raleigh, North Carolina USA     BSides Rochester 2012 : May 12 in Rochester, NY USA     IEEE Symposium on Security and Privacy 2012 : May 20 to 23 in San Francisco Bay Area, California USA     CEIC 2012…

  • Week 16 in Review – 2012

    Roxanne
    23 Apr 2012 | 7:40 am
    Event Related Hackito Ergo Sum 2012 TALKS // Hackito Ergo Sum 2012 – 2012.hackitoergosum.org In this presentation we will cover critical aspects of web applications, and how these techniques can be used on real life scenario on big (and highly “secured”) websites. These bugs and methods will be able to assist you in your next bug-hunting in your pentest or (god-forbid) bounty program. We will reveal several vulnerabilities found on real big scale and important websites. Hackito Ergo Sum 2012 – breakingcode.wordpress.com The event took place at the headquarters of the French…
  • add this feed to my.Alltop

    Dr Anton Chuvakin Blog PERSONAL Blog

  • Links for 2012-05-08 [del.icio.us]

    Anton Chuvakin
    9 May 2012 | 2:00 am
    Announcement - McAfee Has Acquired Insightix | McAfee

  • Monthly Blog Round-Up – April 2012

    1 May 2012 | 10:11 pm
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “Why No Open Source SIEM, EVER?” (and this) is next – for some weird reason. I suspect a lot of people still crave a free open source SIEM tool. “On Choosing SIEM” is about the least wrong way of choosing a SIEM tool – as well as why the right way is so unpopular. “Log…

  • Links for 2012-04-30 [del.icio.us]

    Anton Chuvakin
    1 May 2012 | 2:00 am
    Processor Warns of Hacking Trend - BankInfoSecurity

  • Metricon 7 Call for Papers

    30 Apr 2012 | 11:54 am
    This is a Call for Papers (CFP) for Metricon 7. Key stats first: Conference date: August 7, 2012 CFP deadline: May 31, 2012 Conference location: Bellevue, WA Cost to attend: free (but you’d need to add value to discussions) CFP follows below and can be found at SecurityMetrics site. Metricon 7 - Security Metrics: Useful or Bust!! How to define, generate, and communicate security metrics you can use TODAY! This year, Metricon 7.0 is excited to issue a call for participation to the information security community. The event will occur August 7th 2012 collocated with USENIX in Bellevue, WA.

  • Links for 2012-04-22 [del.icio.us]

    Anton Chuvakin
    23 Apr 2012 | 2:00 am
    Absurd "academic publishing racket" is past its sell-by date
 
  • add this feed to my.Alltop

    Infosec Ramblings

  • SecurityTwits Weekly Recap for 5/9/2012 – 5/15/2012

    kriggins
    16 May 2012 | 8:02 am
    View the story "The SecurityTwits Weekly Recap" on Storify

  • The First Annual SIRACon is a Go! May 7th, St. Paul, MN

    kriggins
    14 Mar 2012 | 4:04 pm
    I have been involved with the Society of Information Risk Analysts from almost the very beginning. I think Jay, Chris, and Alex had the idea and I jumped on board a few days later. It is a fantastic organization that has a very active and lively mail list. The home page for SIRA is here. "Membership" is free and mainly consists of signing up for the mail list and requesting an account on the website. Anyhoo. We are having our very first conference. It will be the day before Secure360, i.e. May 7th, and it is going to be a day of awesomeness for those who live and breathe risk analysis and…

  • Backtrack How-to Update: Fixing the Passphrase Silliness and Removing the Splash Screen.

    kriggins
    8 Mar 2012 | 9:25 pm
    For some time, there has been a bug in the cryptroot script that makes it odd when you enter your passphrase. Some, including me, have also found it kind of annoying that you have to press the F8 key to get to the console to enter your passphrase. I have updated the how-to with the fix for the cryptroot bug and with instructions on how to remove the splash screen and boot straight to console mode. Many thanks for James and Greg for figuring out how to so this. Included below are the instructions which were added to the blog post. These steps can also be taken to correct an already built…

  • Guess or Know?

    kriggins
    7 Mar 2012 | 12:00 pm
    Stanford, and other colleges, have started offering some courses online for free. You can see one such portal here. I have started one and a couple others are starting soon. Very good stuff. Anywho, Several of us were talking on Twitter this morning about a couple of them and the following exchange occurred. That got me to thinking a little bit about guessing and keeping quiet. How often in our efforts as security professionals do we guess we know something and don't ask a question? How often do we assume somebody else knows something and don't offer a comment or provide information? I know…

  • Backtrack 5 USB Bootable Drive with Encryption PDF Available

    kriggins
    3 Mar 2012 | 1:41 pm
    Hey folks. Two updates in one day. The PDF of the how-to is now available. You can find it here. -Kevin
  • add this feed to my.Alltop

    Verizon Business Security Blog

  • Ask the Data: Justification for screen timeouts?

    Wade Baker
    16 May 2012 | 10:17 am
    Question: Do you happen to have any metrics on internal breaches caused by employees not locking their screens, or failure to implement an idle/inactivity screen saver lock? We recently devised, communicated, and implemented a 15 minute inactivity screensaver lock, so that users would be required to sign in after their screen saver started. We’re receiving some complaints that this is unwarranted and unneeded. I am hoping you guys could help me shed some light on the security implications of not having this in place. Thanks for your time and the great resource! Answer: Dear Searching…

  • Weekly Intelligence Summary: 2012-05-11

    Dave Kennedy
    11 May 2012 | 3:49 pm
    Apple, Adobe, and Microsoft dominated InfoSec headlines this week by releasing multiple security updates to patch dozens of vulnerabilities. Microsoft led the pack with 7 bulletins for 23 vulnerabilities. Last week’s Adobe Flash Player vulnerability continues to be exploited in targeted attacks. And attacks on last week’s PHP-CGI vulnerability emerged this week. The PHP Group released another patch this week after last week’s patch failed to eliminate the flaw. The U.S. Department of Homeland Security issued warnings of a targeted campaign against gas pipelines in progress since…

  • Weekly Intelligence Summary: 2012-05-04

    Dave Kennedy
    4 May 2012 | 2:25 pm
    InfoSec risk was substantially unchanged this week.  Intell collections generally fell under the categories of “more of the same,” or “vulnerability without a problem.” Ransomware, drive-by-downloads of known Trojans, and Android malware reports were simultaneously new and not new. May’s Microsoft Tuesday forecast is for seven bulletins, Google updated Chrome and OpenX ad platform is serving up malware again.  Oracle released an out of cycle update for TNS Listener but the back-story is just too weird to bother with. There have been no reported attacks on it,…

  • Ask the Data: Log Analysis

    jayjacobs
    3 May 2012 | 4:02 pm
    Hello World. I’m Jay Jacobs and I joined the Verizon RISK Intelligence team in January of this year.  It was good timing because it was right after the (tedious) data collection for 2011 was completed and right before the (fun) data analysis and writing commenced on the 2012 Data Breach Investigations Report (DBIR).  While the VERIS framework has a lot of obvious things to say (see the DBIR), I suspect there are quite a few subtle secrets still hidden in the data just waiting to be discovered, and discussed. To that end I wanted to roll up my sleeves and attempt to shed some light on a…

  • Ask the Data: A New Series

    jayjacobs
    2 May 2012 | 2:10 pm
    Every once in a while we get questions that go above and beyond the information provided in our data breach investigations report.  Usually the questions center around some particular slice or view that the reader would like to see, a specific security control question or queries about a particular vertical market, and when we receive them we answer them as best as we can.  But we’re going to try something new this year, we’re going to kick off a series of blog posts we’re calling “Ask the Data.”  As questions arise and are submitted to us by our readers, we’re going to dig…
 
  • add this feed to my.Alltop

    symantec.com

  • Rise of .in URLs in Spam

    Eric Park
    14 May 2012 | 2:19 pm
    Symantec has observed an increase in spam messages containing URLs using the country code top-level domain (ccTLD) for India. This chart shows percentage of spam containing .in URLs: read more

  • Save the Date: ISTR 17 Twitter Chat

    Symantec Security Response
    9 May 2012 | 2:26 pm
    Join Symantec security experts on Twitter (using the #ISTR hashtag) on Tuesday, May 15, at 10 a.m. PT / 1 p.m. ET to chat about the key trends highlighted in Symantec’s recently released Internet Security Threat Report, Volume 17. read more

  • Microsoft Patch Tuesday - May 2012

    Candid Wueest
    8 May 2012 | 1:14 pm
    Hello, welcome to this month’s blog on the Microsoft patch release. This is a larger month—the vendor is releasing 7 bulletins covering a total of 23 vulnerabilities. Eight of this month's issues are rated ‘Critical’ and they affect Windows, .NET, Office and Silverlight. The remaining issues affect Office and Windows. read more

  • Lizamoon Mass SQL-Injection: Tried and Tested Formula

    Stephen Doherty
    7 May 2012 | 6:30 pm
    Analysis: Kevin Savage read more

  • OSX.FlashBack.K – An Overview and its Inner Workings

    Karthik Selvaraj
    7 May 2012 | 4:31 pm
    In our previous blogs, [1], [2], [3], and
  • add this feed to my.Alltop

    Optimal Security

  • Closing the Antivirus Protection Gap

    Paul Zimski
    16 May 2012 | 9:59 am
    With 50% of IT endpoint operating costs now attributable to malware, is reliance on antivirus as the keystone endpoint security measure the best approach? Instinct tells us no but to be sure, Lumension recently did a comparative analysis on the effectiveness of standalone AV and O/S resident patching solution versus newer technologies, including application whitelisting, and a defense-in-depth approach of layering multiple endpoint security and oeprational technologies together. For the comparative, we defined an Average Corporate Endpoint as a Microsoft® Windows 7 Enterprise machine loaded…

  • DNSChanger Trojan: Not All Doom and Gloom

    Chris Merritt
    9 May 2012 | 3:54 pm
    If your server(s) have been infected by the DNSChanger Trojan and you’ve not done anything about it, time is running out. You have until July 9, 2012 to get your systems fixed, or you’ll lose internet access until you do. This insidious little Trojan – variously known as TDSS, Alureon, TidServ, and TDL4 malware – has been around for many years now. Its basic function is to change your Domain Name System (DNS) settings, allowing cybercriminals to redirect internet users to fraudulent websites and otherwise interfere with their web browsing – all without them knowing about it. It’s…

  • A Bit of May Madness from Microsoft for May 2012 Patch Tuesday

    Paul Henry
    8 May 2012 | 1:23 pm
    The disruptive restarts and the wide range of platforms impacted by May’s bulletins will have IT teams scrambling to accomplish their flaw remediation tasks this month. Combine those with the workload from Oracle and others and many security pros may unfortunately not get a break this Memorial Day. We have 7 bulletins this month; 3 critical and 4 important. Bulletin KB Disclosure Aggregate Severity Exploit Index Max Impact Deployment Priority Notes MS21-034 GDI+/TTF 2681578 Public Critical 1 RCE 1 All updates are required for each affected product. MS12-029 Word 2680352 Private Critical 1…

  • Checkmark Compliance Will Get You Nowhere But Hacked

    C. Edward Brice
    7 May 2012 | 12:05 pm
    It used to be the only thing you could count on was death and taxes. But these days, you can bet on hackers going after your organization’s data too. Motives may differ – consider the hackers who want to make a statement and the cyber criminals who look to make a buck – but in the end, everyone is a target, no matter if your company is big or small. The most recent example, Global Payments, has reportedly not resulted in an increase in fraudulent charges but it’s unlikely there wasn’t a financial motive behind hacking a credit card processing company. There’s still a lot of…

  • Why Go Corporate? Choices in How to Earn The Big Bucks

    Pat Clawson
    3 May 2012 | 1:32 pm
    Hacking, like most things, is cyclical. In its earliest days, it was about proving a point; breaking a system that was said to be unbreakable and awarding bragging rights to the one who could do it. What began as an ego boost then became something much different in the 90s. Once hackers figured out how to make money off security breaches, it became all about theft and profit. For the past year though, we’ve read about the latest security breaches from vigilante groups like Anonymous looking to embarrass those who are out of line with their thinking (Sony, Stratfor, RSA and others). Hacking,…
  • add this feed to my.Alltop

    Naked Security - Sophos

  • Technical paper - Fake anti-virus: The journey from Trojan to a persistent threat

    Anna Brading
    16 May 2012 | 11:44 am
    Fake anti-virus is one of the largest families of malware in recent history. In this technical paper, Jagadeesh Chandraiah takes a look at how scareware has evolved over the last three and a half years into what it is today.

  • Free Sophos Anti-Virus app for your Android

    Carole Theriault
    16 May 2012 | 9:45 am
    To help you better safeguard your Android phone and tablet, Sophos just published Sophos Mobile Security for Android in Google Play. Oh, and it's free!

  • Fake anti-virus disguises used by Android malware

    Graham Cluley
    16 May 2012 | 8:52 am
    The Android malware threat is growing. And it's no surprise to see similar social engineering tricks that have worked on other operating systems in the past also being used on the Android platform.

  • Magic mirror on the wall, what's the best smartphone of all?

    Carole Theriault
    16 May 2012 | 6:13 am
    Until last week, iPhone's Siri would respond to "What is the best smartphone?" with - gulp - iPhone's competitor Nokia Lumia 900. This "bug" has now been fixed by Apple, but Nokia are making sure everyone is aware that Apple is overriding the software.

  • Global Payments breach continues to bewilder, accusations abound

    Chester Wisniewski
    15 May 2012 | 6:20 pm
    The fallout from the breach of payment card processor Global Payments continues to widen, yet more information does not bring more clarity. Banks are uncovering more fraud related to the incident, but information about the theft is not being released by Global Payments.
 
  • add this feed to my.Alltop

    Naked Security - Sophos

  • Technical paper - Fake anti-virus: The journey from Trojan to a persistent threat

    Anna Brading
    16 May 2012 | 11:44 am
    Fake anti-virus is one of the largest families of malware in recent history. In this technical paper, Jagadeesh Chandraiah takes a look at how scareware has evolved over the last three and a half years into what it is today.

  • Free Sophos Anti-Virus app for your Android

    Carole Theriault
    16 May 2012 | 9:45 am
    To help you better safeguard your Android phone and tablet, Sophos just published Sophos Mobile Security for Android in Google Play. Oh, and it's free!

  • Fake anti-virus disguises used by Android malware

    Graham Cluley
    16 May 2012 | 8:52 am
    The Android malware threat is growing. And it's no surprise to see similar social engineering tricks that have worked on other operating systems in the past also being used on the Android platform.

  • Magic mirror on the wall, what's the best smartphone of all?

    Carole Theriault
    16 May 2012 | 6:13 am
    Until last week, iPhone's Siri would respond to "What is the best smartphone?" with - gulp - iPhone's competitor Nokia Lumia 900. This "bug" has now been fixed by Apple, but Nokia are making sure everyone is aware that Apple is overriding the software.

  • Global Payments breach continues to bewilder, accusations abound

    Chester Wisniewski
    15 May 2012 | 6:20 pm
    The fallout from the breach of payment card processor Global Payments continues to widen, yet more information does not bring more clarity. Banks are uncovering more fraud related to the incident, but information about the theft is not being released by Global Payments.
  • add this feed to my.Alltop

    TRUSTe Blog

  • Only 1 top free iPad app has a privacy policy

    John Gamble
    15 May 2012 | 11:23 am
    Tony Berman Sr. Product Manager | TRUSTe @otaat This week I did a quick review of the top 10 free apps for iPad. Besides having two very happy children after discovering some new games on my iPad as part of my review, what I found is quite disturbing and reinforces the push by the FTC and … Continue reading »

  • Flexibility’s Crucial Role in Addressing the EU Cookie Directive

    John Gamble
    10 May 2012 | 11:52 am
    Chris Babel CEO | TRUSTe Image Credit In 15 days, the UK will become the first EU member state scheduled to begin enforcing the “EU Cookie Directive,” which requires a user’s informed consent for companies to store or access information on their devices.  This Directive has generated a great deal of debate over its requirements, the … Continue reading »

  • Apps need to step up their privacy game

    John Gamble
    2 Apr 2012 | 4:20 pm
    John Gamble Marketing Manager | TRUSTe @johnaddison A TRUSTe analysis of the top 50 Android and top 50 iOS mobile apps this past February found that only 1 in 3 had a privacy policy. This transparency deficit not only prevents consumers from making informed choices around their data, it also puts mobile developers in precarious … Continue reading »

  • Announcing the 2011 TRUSTe Transparency Report

    John Gamble
    30 Mar 2012 | 7:28 pm
    John Gamble Marketing Manager | TRUSTe @johnaddison   Today we’re releasing an important document about our company – the 2011 TRUSTe Transparency Report. This is the first time we’ve released such extensive data to the public and we are committed to publishing it on a yearly basis going forward. It provides an overview of our certifications … Continue reading »

  • Initial Thoughts On The FTC’s Privacy Report and 5 Action Items

    John Gamble
    26 Mar 2012 | 3:30 pm
    Saira Nayak Director of Policy @ TRUSTe @sairanayak This morning the FTC held a conference call on their finalized report (released today), “Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers“. We were happy to hear that FTC Chairman Jon Leibowitz mentioned TRUSTe in his opening remarks, citing … Continue reading »
  • add this feed to my.Alltop

    Worst Tech!

  • Deal with Gmail’s New Ugly Look [How to]

    Aisha Mazhar
    23 Apr 2012 | 3:31 am
    So alot of you out there must be a Gmail user (for communicating, chatting or doing other cool stuff offered by the search Giant). You must be aware of the new design rolled out few months back, which I personally found less attractive, so I reverted myself to the previous custom design. By considering the [...]

  • Facebook – CIA / NSA Information Gathering Tool?

    Adil
    23 Mar 2012 | 5:23 am
    Everyone uses Facebook, youngster, a teenager, a kid, a father, a mother, a boss, a subordinate in fact everyone from any profession of the society passes their time here. Discussed social networking website is quite a good place to interact with friends, family members and loved ones. Everyone has been involved in sharing, poking and [...]

  • How Satellite Communication Supports Mobile Internet Revolution

    guestuser
    6 Mar 2012 | 12:28 am
    Internet access through a broadband connection is usually easy to invest in if you happen to live in a city or town. However, the more isolated areas of the world which are sparsely populated are not usually well serviced by fixed-line connections such as ADSL or cable. As a result, residents and businesses are beginning [...]

  • US Attacks Iran and Saudi Arabia – The Begin of World War 3?

    Mansoor Ahmed
    10 Feb 2012 | 12:20 pm
    Just like other scams from Facebook, here is another one but this one is most shocking than any other scam. Yes, hackers are now using political aspect to trick some innocent social networking users. This scam says that US attacks Iran and Saudi Arabia. The begin of World Was 3? By reading this statement every [...]

  • Access Wikipedia During Its 24-Hours Blackout

    Aisha Mazhar
    18 Jan 2012 | 6:27 am
    In protest to the anti-piracy US laws, a lot of popular websites including Wikipedia have planned to stop serving the site for 24 hours. Hoping that the normal users may get to know, and they fight for their right in providing information for free. Accessing Wikipedia from your machine will now be displaying a blackout [...]
 
  • add this feed to my.Alltop

    SecurityWeek RSS Feed

  • PCI Council Releases Mobile Payment Acceptance Guidance

    SecurityWeek News
    16 May 2012 | 12:00 pm
    The PCI Security Standards Council (PCI SSC), the body behind the Payment Card Industry Data Security Standard (PCI DSS), today shared guidance on how merchants can securely accept payments using mobile devices. read more

  • Report Analyzes Concerns, Business Impact of DDoS Attacks

    Steve Ragan
    16 May 2012 | 8:36 am
    Neustar Reports Shows DDoS Attacks Can Cost Retailers More Than $100k Per-hour According to NeuStar, a provider of information, infrastructure and security solutions, the effects a DDoS attack can be devastating to an organization's brand and operations. A majority (three-quarters) of the IT professionals that spoke with NeuStar for a study on the issue said that they fear negative brand impact or customer experiences because of such an attack. read more

  • Black Hole Exploit - A Business Savvy Cyber Gang Driving a Massive Wave of Fraud

    Rod Rasmussen
    16 May 2012 | 8:11 am
    Tucked away in a small town outside Moscow, Russia one of the world’s most prolific and effective cybercriminals works away on the next version of malicious software that will enable the theft of millions of dollars from unsuspecting victims around the world. Going by the online moniker of “Paunch,” he is continuously updating his browser exploit software, called “Black Hole” and it is wreaking havoc daily amongst many of the world’s largest brands and government organizations. read more

  • Users Warned of Malware After Ads Reported on Wikipedia Site

    Steve Ragan
    16 May 2012 | 6:58 am
    Wikimedia, the foundation responsible for information hub Wikipedia, is warning users that if they see ads on the encyclopedia’s webpage, their system might be infected with malware. The ads in question are not the ones asking for donations that show up once a year, but for-profit related adverts. read more

  • Utah's IT Boss Resigns After Massive Data Breach and Policy Failure

    Steve Ragan
    16 May 2012 | 6:44 am
    Stephen Fletcher, the executive director of Utah’s Dept. of Technology Services (DTS), has resigned following the aftermath of a massive data breach earlier this year that exposed nearly one million people, including children. The staffing changes come after preliminary investigations exposed serious flaws within the state’s IT practices, including storing information that shouldn’t have been kept at all. read more
  • add this feed to my.Alltop

    Free IT - Security Magazines and Downloads from alltop.tradepub.com

  • Spotlight on VIPRE Antivirus Business Product Demo

    14 May 2012 | 2:00 am
    By combining high-performance antivirus, anti-spyware, anti-rootkit, USB scanning, anti-phishing and other security technologies, VIPRE Antivirus Business is a tightly-integrated antivirus business solution which delivers fast and efficient network security with low impact on system resources. This 30 minute product demo walks you through the features of this solution as well as explain the differences in the 2 editions available.Download this product demo to learn how this security solution can benefit your organization.Request Free!

  • Antivirus Evaluation Guide

    14 May 2012 | 2:00 am
    IT administrators are now faced with a unique set of challenges keeping their organization as well as their user base and clientele protected against both internal and external security threats. It has become of critical importance to select an antivirus that keeps the company's network free of malware.The key to choosing an antivirus solution that's right for your organization is implementing an easy-to-deploy and easy-to-replicate testing curriculum that enables IT administrators to most accurately assess each solution's capabilities.GFI Sofware has developed the Antivirus Evaluation Guide…

  • Free Trial Download: VIPRE Antivirus Business Software

    14 May 2012 | 2:00 am
    VIPRE Antivirus Business is the cost-effective and easy-to-manage business virus protection for small- and medium-sized businesses. It's easy to set up and use via an intuitive management console. It's the business antivirus built with IT administrators in mind. Try VIPRE free for 30 days to see how this security solution can benefit your organization.Request Free!

  • The Busy IT Manager's Guide to Evaluating Antivirus Solutions

    14 May 2012 | 2:00 am
    When evaluating antivirus solutions for your organization, price does not equal value. Consider the value delivered and the problems the solution will solve for your company. This on-demand webcast discusses:Evaluating antivirus solutions todaySetting up a simple but effective evaluation labPlanning for a systematic, quantitative approachAddressing key administrator usability criteriaPerforming end-user experience testsAssessing performanceRequest Free!

  • The Anatomy of an Effective Nuclear Cyber Security Solution

    11 May 2012 | 2:00 am
    Beyond the time-consuming and expensive initial cyber security assessment it is critical to maintain the controls that have been put in place. This white paper highlights the configuration and change management capabilities required to maintain cyber controls throughout the lifecycle of the nuclear facility. Configuration management and change control are mandated in cyber security guidelines, including NIST, NEI, and critical infrastructure protection. For cyber security tools to comply with the NIST and NEI guidelines proper configuration change control mechanisms must be inherently and…
 
  • add this feed to my.Alltop

    Infosec Communicator

  • InformationWeek Mobile Edition – 9 Tips To Block Hotel Wi-Fi Malware

    Ben Woelk
    11 May 2012 | 7:23 pm
    Wi-Fi Signal logo (Photo credit: Wikipedia) We often take for granted (or don’t even think about) the security of hotel Wi-Fi as we travel. For most of us, the convenience outweighs the risk. There are steps we can take to keep our computers and data safer. The folks at Information Week have published a nifty little article, “9 Tips To Block Hotel Wi-Fi Malware.” Although the article is primarily concerned with travel abroad, we should take precautions anytime we use public WiFi. http://mobile.informationweek.com/80256/show/bb98402bac1b00a55fac7ba9aa41550e/

  • RIT Hosts Annual Spectrum Conference – YNN, Your News Now

    Ben Woelk
    1 May 2012 | 3:02 pm
    RIT Hosts Annual Spectrum Conference – YNN, Your News Now.

  • Naked Security–Dirty Tricks with Android Apps

    Ben Woelk
    26 Apr 2012 | 11:17 am
    http://nakedsecurity.sophos.com/2012/04/26/dirty-tricks-android-apps/?utm_source=facebook&utm_medium=status+message&utm_campaign=naked+security

  • Engage! Creating a Meaningful Security Awareness Program

    Ben Woelk
    26 Apr 2012 | 10:44 am
    This may start quite the discussion, but it’s a viable argument that good Information Security practices are primarily about people, not technology. Do you need help creating a security awareness program? Would you like to use social media to engage your audience?Would you like to integrate video or podcasts? Do you know how to best participate in National Cyber Security Awareness Month or Data Privacy Day? Cherry Delaney (Purdue University) and Ben Woelk (Rochester Institute of Technology) are offering a 3½ hour seminar at the upcoming EDUCAUSE Security Professionals/IT Enterprise…

  • Bullet Proofing Your Career Online, Spectrum 2012

    Ben Woelk
    25 Apr 2012 | 1:38 pm
    The brilliant Hannah Morgan and I presented Bullet Proofing Your Career Online at the STC Rochester Spectrum Conference. We’ll be presenting again at the STC Technical Communications Summit in Rosemont, IL in May. You won’t be able to experience our incredibly witty repartee, but I’ve embedded the slides below.
  • add this feed to my.Alltop

    Infosec Communicator

  • InformationWeek Mobile Edition – 9 Tips To Block Hotel Wi-Fi Malware

    Ben Woelk
    11 May 2012 | 7:23 pm
    Wi-Fi Signal logo (Photo credit: Wikipedia) We often take for granted (or don’t even think about) the security of hotel Wi-Fi as we travel. For most of us, the convenience outweighs the risk. There are steps we can take to keep our computers and data safer. The folks at Information Week have published a nifty little article, “9 Tips To Block Hotel Wi-Fi Malware.” Although the article is primarily concerned with travel abroad, we should take precautions anytime we use public WiFi. http://mobile.informationweek.com/80256/show/bb98402bac1b00a55fac7ba9aa41550e/

  • RIT Hosts Annual Spectrum Conference – YNN, Your News Now

    Ben Woelk
    1 May 2012 | 3:02 pm
    RIT Hosts Annual Spectrum Conference – YNN, Your News Now.

  • Naked Security–Dirty Tricks with Android Apps

    Ben Woelk
    26 Apr 2012 | 11:17 am
    http://nakedsecurity.sophos.com/2012/04/26/dirty-tricks-android-apps/?utm_source=facebook&utm_medium=status+message&utm_campaign=naked+security

  • Engage! Creating a Meaningful Security Awareness Program

    Ben Woelk
    26 Apr 2012 | 10:44 am
    This may start quite the discussion, but it’s a viable argument that good Information Security practices are primarily about people, not technology. Do you need help creating a security awareness program? Would you like to use social media to engage your audience?Would you like to integrate video or podcasts? Do you know how to best participate in National Cyber Security Awareness Month or Data Privacy Day? Cherry Delaney (Purdue University) and Ben Woelk (Rochester Institute of Technology) are offering a 3½ hour seminar at the upcoming EDUCAUSE Security Professionals/IT Enterprise…

  • Bullet Proofing Your Career Online, Spectrum 2012

    Ben Woelk
    25 Apr 2012 | 1:38 pm
    The brilliant Hannah Morgan and I presented Bullet Proofing Your Career Online at the STC Rochester Spectrum Conference. We’ll be presenting again at the STC Technical Communications Summit in Rosemont, IL in May. You won’t be able to experience our incredibly witty repartee, but I’ve embedded the slides below.
  • add this feed to my.Alltop

    Kindsight Blog

  • Mac Infection “Flashback” Jumps to Number One

    kindsight
    13 May 2012 | 11:00 pm
    Show in Security Labs For the first time ever, malware targeting the Macintosh platform is in the number one position on the Kindsight Security Labs home network infections list. Our detection statistics for the month of April show that about 10% of homes with Mac computers were infected with this malware which is an increase from the 7% reported last month. Because of this ongoing high infection rate, we took a closer look on a daily basis at the number of home networks infected. The graph below shows the percentage of homes that have Macs that are still infected over the last 4 weeks. This…

  • Threats in the News for April

    kindsight
    11 May 2012 | 9:16 am
    hide Since the beginning of malware, Windows PCs were clearly the target of hackers. In the last few months, this has clearly changed as both mobile devices and Mac computers have been the targets of some large-scale attacks. In April, more Mac computers continued to be infected with the Flashback malware even though there were some initial reports of a decline. And, on the mobile front, fifteen bad apps were able to sneak by Google Bouncer while Pinterest, Instagram and Angry Birds apps for Android were found to be malware in disguise. read more

  • Kindsight Security Labs Releases Q1 2012 Malware Report

    kindsight
    9 May 2012 | 8:25 am
    Show in Security Labs Today, we released the Kindsight Security Labs Malware Report for Q1 2012. This quarterly report reveals statistics and security trends for malware infections in home networks and mobile devices. Kindsight Security Labs brings a unique perspective to the space because we detect threats in the network by looking for communications from subscribers’ infected devices to cybercriminal servers. read more

  • 1 in 15 households with Macs are infected with Flashback

    kindsight
    19 Apr 2012 | 3:05 pm
    Show in Security Labs On April 4th, Dr Web, a Russian anti-virus vendor, reported that over 550,000 Mac OSX machines were infected with the Flashback bot. The malware is spread via a Java applet that is a fake update for the Adobe Flash Player. This downloads and installs the malware, which then connects to a C&C server to await additional instructions. A couple of days later Kaspersky reported that they used passive OS fingerprinting techniques to verify that over 98% of these infections were from computers running OSX. Kindsight Security Labs has confirmed these findings and…

  • Threats in the News for March

    kindsight
    17 Apr 2012 | 2:20 pm
    hide The ongoing battle against botnets was front and center in the news for March. On one side, Microsoft continued to take a leadership role in the battle, as they were part of another raid to gather evidence and deactivate servers involved in cybercrime. While on the other side, two new botnets were discovered by the security industry. At the same time, the FCC issued its Anti-Bot Code of Conduct and several organizations formed the Industry Botnet Group to pursue the short-term goals outlined by the U.S. Commerce and Homeland Security departments. read more
 
  • add this feed to my.Alltop

    Networking Exchange Blog » Security

  • 4 Key IT Concerns about BYOD

    Ed Amoroso
    9 May 2012 | 9:09 am
    Today, Juniper Networks released the results of its Trusted Mobility Index.  From my perspective as a chief security officer, the most significant insight from the report highlights the concerns of IT managers regarding mobile security.  These individuals are charged with protecting company networks and information in this new mobile environment where perimeter control is becoming more and more difficult. According to Juniper’s report, IT feels pressure from both senior management and other employees to support the Bring Your Own Device (BYOD) trend. However, IT pros reported concerns…

  • 5 Key Dangers to Avoid with Apps

    Mike Klepper
    3 May 2012 | 4:52 am
    It seems like overnight apps have become the driving force behind enterprise communications. More and more, we use apps to transact with vendors, suppliers, and customers in what has become an increasingly complex network of connections. But do you know how safe those apps really are? Because apps have proliferated so rapidly, app-related security measures have been more of an afterthought than a primary concern. I’ve seen firsthand the pressure for application developers to prioritize time to market and functionality over security. This creates a target-rich environment for hackers…

  • There’s an ‘App for That’… EVERYWHERE. On-Prem, On-Demand, On-the-Go

    Bindu Sundaresan
    18 Apr 2012 | 9:17 am
    Applications are ubiquitous. They run on our cars, smart phones, television, traffic lights, smart grids and medical devices. An application is something that we cannot get away from in today’s world. You’d be hard-pressed to find an organization that isn’t managing some element of their business by using  software applications. Applications perform operations on data, based on a user’s request and are a gateway to an organization’s most valuable asset – its data. These critical apps run across enterprise networks, interact with business partners, and touch end customers.

  • Enabling the Promise of Secure Health

    Bindu Sundaresan
    16 Apr 2012 | 4:55 am
    With an unsustainable growth rate that consumes 18% of the U.S. gross domestic product, the healthcare industry is at a “tipping point” for fundamental change. Technology will be the enabler for the next generation of care. However, healthcare faces unique challenges because it is a highly complex and dispersed industry with a vast and fragmented ecosystem. Its diverse professional and patient population requires the ability to share mission-critical health data quickly, accurately and securely. The next generation healthcare retains the priorities of patient safety and quality of…

  • Help, I was Betrayed by my Cloud Enabled Smart Fridge!

    Jim Boxmeyer
    11 Apr 2012 | 4:51 am
    DING DONG! I heard the doorbell ring calling my attention to my weekly grocery delivery. Internet enabled grocery shopping has saved me a ton of time and effort simplifying my life. My new cloud connected smart fridge tracks what is used during the week and places an order to ensure everything is restocked. Life has gotten very convenient with everything connected via the cloud. I open the door to allow the deliveryman to bring the groceries inside and much to my surprise there are several men and a large truck. It seems I had ordered 50 gallons of milk, 10 cases of cereal, 10 cases of…
  • add this feed to my.Alltop

    Email management, storage and security for business email admins

  • Should Active Directory Ugrade Be Required in Exchange 15?

    John P Mello Jr
    16 May 2012 | 9:00 am
    There have been rumblings lately among some members of the Exchange community about whether Microsoft should scrap, as a condition for upgrading to the next version of the software, support for the Windows Server 2003 Active Directory infrastructure. Microsoft hasn’t said anything about such a move, although according to one Exchange watcher, some engineers at the company would be very happy if organizations were required to upgrade their Active Directory forest to the level of Windows Server 2008 functionality before moving to the next version of Exchange, which is expected to be…

  • Emails that Can Get You in Trouble

    Jeff Orloff
    15 May 2012 | 9:00 am
    People often forget that you should never write anything in an email that may embarrass you or your company. When you hit that send button, whatever contents are in that message are no longer under your control. There are a number of scenarios as to what could happen to it. It could be intercepted by someone snooping on your network, it may be forwarded on to people who shouldn’t be reading it, it could be saved as ammunition to be used against you at a later time, it could come up in a records request and damage your company, or it could just make you the butt of the office jokes until…

  • Understanding and Using Certificates in Exchange 2010 – Part Six

    Casper Manes
    14 May 2012 | 9:00 am
    When it comes to using certificates to secure communications protocols, one topic that is sure to generate some heated debate  is the topic of wildcard certificates. Many times, security professionals and email admins will both look at two different options for meeting the same requirement, and while they may have an opinion or a personal preference, are willing to go either way. Not so with wildcard certificates. Admins either love them or hate them, and won’t budge from their position no matter what. If you are not sure what wildcard certificates are, or why they tend to galvanize…

  • Black Hats Have Your HR Department in Their Sights

    John P Mello Jr
    11 May 2012 | 9:00 am
    While spam in general is losing its popularity among denizens of the online underground as a vehicle for distributing malicious mischief, one variant continues to be warmly embraced by them. That variant uses email to create a targeted attack on an organization. Targeted attacks, unlike general spam assaults, focus their email on a narrow set of recipients. It could be C-level executives at a group of defense contractors or the staff at a government research laboratory. Some consider targeted attacks to be the next step in the evolution of social engineering, where advance research is…

  • Pretty as a Picture – Display Photos in Outlook

    Casper Manes
    10 May 2012 | 9:00 am
    Email can be a very impersonal medium for communications, but one of the great features of Outlook 2010 that brings a personal touch to email is called Display Photos. For your company’s internal email, Outlook can display photos for users to help “put the face to the name” and make help users become more familiar with their coworkers. It’s a feature that many admins think is silly until they actually see it, then it is something most admins and users won’t ever want to go without. Getting images to display in Outlook 2010 takes a little doing though, so in this post we’re going…
  • add this feed to my.Alltop

    Anti spam and general email security in a business environment

  • OpenID Exploited by New Spam Campaign

    Sue Walsh
    16 May 2012 | 9:00 am
    A new spam campaign is exploiting the OpenID security protocol. The messages look like legit emails from local real estate companies and invite the recipient to view properties for sale in their area using the logo of well-known realtors like Remax, and some of them arrive looking like UPS delivery notifications. UPS is one of the most commonly brandjacked companies along with the IRS and Paypal. If the link in the message is clicked, the user is brought to a malicious webpage that displays the logos of AOL, Gmail, Yahoo, and other popular websites that use the OpenID protocol. Clicking on…

  • Let’s Talk About Spam – FUD

    Casper Manes
    15 May 2012 | 9:00 am
    Welcome back to another in our series of articles on talking about spam. I have to apologize for this one, since in the title I broke one of the cardinal rules I set for this series; I used a technical term. I used a term that most in IT are familiar with, and almost no one outside of IT is, but it is a term, or rather an acronym, that distinctly and succinctly sums up one of the most insidious weapons spammers and phishers use against their targets. Knowing what the term means might not win you Final Jeopardy, but it will help you to understand and recognize attacks for what they are. FUD is…

  • Spammers Love Newt Gingrich

    Sue Walsh
    14 May 2012 | 9:00 am
      Newt 2012, the organization behind the now defunct presidential campaign of former House Speaker Newt Gingrich, is showing a truly ugly side of itself. It’s no secret that presidential campaigns require a lot of money, and Gingrich’s was no exception. Even before he pulled out there were claims that it was struggling for money and seriously in debt. Those claims have been confirmed – they owe over $4 million. Now that the campaign is over, guess how they’ve decided to make some fast cash? By selling their email list to spammers. The list, which contains the names and…

  • Let’s Talk About Spam – The Worst Offenders

    Casper Manes
    11 May 2012 | 9:00 am
    In today’s post, we’re going to take a look at some actual spam messages to help you get a feel for what spam looks like. We’ll point out some of the obvious characteristics, as well as some of the more subtle traits that tend to be common amongst spam, to help you get more familiar with identifying it yourself. Once you know what to look for, spotting spam becomes less like “Where’s Waldo” and more like spotting the wolf amongst the sheep. Once you know what to look for, it’s hard to believe you ever missed it. Who is that? Unless you make it a habit of giving out your email to…

  • Cybercriminals Leaving Email Spam Behind

    Sue Walsh
    10 May 2012 | 9:00 am
    The Register shared a new report which revealed that cybercriminals are continuing to abandon traditional email spam for easier and more lucrative methods.  While at one time spamming through email was so prolific that a full 98% of all emails send worldwide was spam, improved spam filtering technology and increased success with botnet take downs, combined with the shut down of several major affiliate networks, have decimated the playing field. Spammers are now looking at new targets to help them replace that lost income. Along with increasing efforts on social networks, which they’ve…
 
  • add this feed to my.Alltop

    Networking Exchange Blog » Security

  • 4 Key IT Concerns about BYOD

    Ed Amoroso
    9 May 2012 | 9:09 am
    Today, Juniper Networks released the results of its Trusted Mobility Index.  From my perspective as a chief security officer, the most significant insight from the report highlights the concerns of IT managers regarding mobile security.  These individuals are charged with protecting company networks and information in this new mobile environment where perimeter control is becoming more and more difficult. According to Juniper’s report, IT feels pressure from both senior management and other employees to support the Bring Your Own Device (BYOD) trend. However, IT pros reported concerns…

  • 5 Key Dangers to Avoid with Apps

    Mike Klepper
    3 May 2012 | 4:52 am
    It seems like overnight apps have become the driving force behind enterprise communications. More and more, we use apps to transact with vendors, suppliers, and customers in what has become an increasingly complex network of connections. But do you know how safe those apps really are? Because apps have proliferated so rapidly, app-related security measures have been more of an afterthought than a primary concern. I’ve seen firsthand the pressure for application developers to prioritize time to market and functionality over security. This creates a target-rich environment for hackers…

  • There’s an ‘App for That’… EVERYWHERE. On-Prem, On-Demand, On-the-Go

    Bindu Sundaresan
    18 Apr 2012 | 9:17 am
    Applications are ubiquitous. They run on our cars, smart phones, television, traffic lights, smart grids and medical devices. An application is something that we cannot get away from in today’s world. You’d be hard-pressed to find an organization that isn’t managing some element of their business by using  software applications. Applications perform operations on data, based on a user’s request and are a gateway to an organization’s most valuable asset – its data. These critical apps run across enterprise networks, interact with business partners, and touch end customers.

  • Enabling the Promise of Secure Health

    Bindu Sundaresan
    16 Apr 2012 | 4:55 am
    With an unsustainable growth rate that consumes 18% of the U.S. gross domestic product, the healthcare industry is at a “tipping point” for fundamental change. Technology will be the enabler for the next generation of care. However, healthcare faces unique challenges because it is a highly complex and dispersed industry with a vast and fragmented ecosystem. Its diverse professional and patient population requires the ability to share mission-critical health data quickly, accurately and securely. The next generation healthcare retains the priorities of patient safety and quality of…

  • Help, I was Betrayed by my Cloud Enabled Smart Fridge!

    Jim Boxmeyer
    11 Apr 2012 | 4:51 am
    DING DONG! I heard the doorbell ring calling my attention to my weekly grocery delivery. Internet enabled grocery shopping has saved me a ton of time and effort simplifying my life. My new cloud connected smart fridge tracks what is used during the week and places an order to ensure everything is restocked. Life has gotten very convenient with everything connected via the cloud. I open the door to allow the deliveryman to bring the groceries inside and much to my surprise there are several men and a large truck. It seems I had ordered 50 gallons of milk, 10 cases of cereal, 10 cases of…
  • add this feed to my.Alltop

    Redspin Security Blog

  • Redspin Provides Public Comments on Proposed Stage 2 Meaningful Use (NPRM)

    Dan Berger
    7 May 2012 | 4:57 pm
    Redspin has provided security risk analysis (SRA) services to dozens of hospitals, helping them meet Core Measure 14 of the Stage 1 Meaningful Use EHR Incentive Program. As one of the leading experts in IT security, we take a comprehensive approach to these engagements. As such, our primary focus is to help our clients truly safeguard PHI from data breach by expanding beyond a strict interpretation of the Stage 1 Rule. It is from that vantage point that we are providing our comments on the Proposed Rule for Stage 2 of this program. We are encouraged that CMS is shining a spotlight on the…

  • Stage 2 Meaningful Use: The Next Step in Security Risk Analysis

    Dan Berger
    2 May 2012 | 11:24 am
    At first read, the security risk analysis (SRA) provisions of the proposed Stage 2 “meaningful use” regulations appear to have changed only slightly from those in Stage 1. The language in the draft rule is nearly identical to Stage 1, with one notable addition highlighted below: “Conduct or review a security risk analysis in accordance with the requirements under 45 CFR 164.308(a)(1), including addressing the encryption/security of data at rest in accordance with requirements under 45 CFR 164.312(a)(2)(iv) and 45 CFR 164.306(d)(3), and implement security updates as necessary and…

  • A Blue Note: Looking Deeper at the 2009 PHI Breach at BlueCross BlueShield Tennessee

    Dan Berger
    17 Mar 2012 | 9:23 pm
    The cost of a significant data breach of protected health information (PHI) has been a popular topic in the news recently. The new ANSI publication“The Financial Impact of Breached Protected Health Information – A Business Case for Enhanced PHI Security” debuted with much fanfare in D.C. earlier this month. White House Cybersecurity Czar Howard Schultz kicked off a March 5th press conference where the release of the report was announced. His participation helped elevate the issue to a national audience. The following day, many of the companies who helped ANSI produce the study revved…

  • The Financial Impact of Breached Protected Health Information – A Business Case for Enhanced PHI Security

    Dan Berger
    8 Mar 2012 | 3:01 pm
    On Monday, March 5th, I was invited to a press conference in Washington, D.C. announcing the release of “The Financial Impact of Breached Protected Health Information – A Business Case for Enhanced PHI Security,” published by the American National Standards Institute (ANSI). The honorable Howard A. Schmidt, White House Cybersecurity Czar, kicked off the event. Mr. Schmidt commented that “in the continuum of the cybersecurity issues we look at, (healthcare security) is obviously critical as this is one that affects everyone.” It was great to see the White House advocating the…

  • Stage 2 Meaningful Use – Addressing Encryption/Security

    Dan Berger
    25 Feb 2012 | 9:36 pm
    Last week, Health and Human Services Secretary Kathleen Sebelius reported that the number of  hospitals using electronic health records (EHR) has more than doubled in the last two years from 16 to 35 percent.  She also said that 85 percent of all hospitals now report that by 2015 they intend to participate in The Centers for Medicare and Medicaid Services’ (CMS) EHR incentive program. Also last week, CMS released the proposed Stage 2 Meaningful Use requirements for public comment.  The draft rule gives eligible hospitals and providers a good indication of where to focus their efforts as…
  • add this feed to my.Alltop

    F-Secure Antivirus Research Weblog

  • Repost: Webinar: Making Life Difficult for Malware

    16 May 2012 | 5:05 am
    Jarno Niemela, a Senior Researcher here at F-Secure Labs, will be taking part in a Black Hat Webcast on Thursday, May 17, 2012.The subject is "Making Life Difficult for Malware" and will focus on system modifications that can be used to prevent malware from functioning properly in the event that your system is compromised.More information can be found from the webinar's registration page.Over 1,000 people have registered thus far! On 16/05/12 At 12:59 PM

  • Oxford Muses on Mac Flashback: Worst Outbreak Since Blaster

    16 May 2012 | 5:05 am
    So how bad was last month's Mac Flashback outbreak and who suffered the most? Our guess: it was bad, and university IT help desks. And it looks like our guess might not be far off the mark.Oxford University Computing Services' network security team (aka OxCERT) has written that they dealt "with what is probably the biggest outbreak since Blaster struck the Windows world all the way back in the summer of 2003."OxCERT dealt with around 1000 incidents for Blaster. They've seen several hundred Flashback incidents… "and they keep on coming."Other institutions, such as The University of…

  • Recommended Listening: Danger In The Download

    16 May 2012 | 5:05 am
    The Documentary, a BBC World Service program (or programme) recently aired a 3-part series called Danger In The Download.It's definitely worth a listen. All of the episodes are now available online.Episode 1 — The growing threats in cyberspace from hackers and cyber weapons.Episode 2 — Is the net's architecture and governance is still fit for purpose?Episode 3 — What governments can do to protect the Internet.If you prefer your audio in the form of a podcast, we also recommend PRI's The World: Technology Podcast which is also offering Episode 1 for download. On 15/05/12 At…

  • Yet Another SQL Injection Attack

    16 May 2012 | 5:05 am
    Somehow these SQL Injections targeting ASP/ASP.net sites just never seem to abate.First there was Lizamoon… surprising us with the millions of websites that got injected.Then came a few others with the recent ones being nikjju.com and hgbyju.com.Now came njukol…Although the name is no longer as catchy as Lizamoon, the idea remains the same.This njukol.com is still pretty fresh out of the oven. The domain was registered last April 28. The funny thing is, the registrant of the domain is still the same with all those previous ones. On 03/05/12 At 04:31 PM

  • Download: Mobile Threat Report, Q1 2012

    16 May 2012 | 5:05 am
    It's time to publicly release our latest Mobile Threat Report, covering the 1st quarter of 2012.Our Q4 2011 report was quite popular and this new one for Q1 is even better. More content (and pages) for your reading pleasure.Mobile Threats Motivated by Profit Per Quarter:You can download it here: Mobile Threat Report, Q1 2012 [PDF] On 14/05/12 At 03:49 PM
 
  • add this feed to my.Alltop

    Pcthreat.com

  • Trojan.Necurs.A

    15 May 2012 | 7:46 pm
    Trojan.Necurs.A is a Trojan infection that has a lot of functions including those of a rootkit, malware dropper and a backdoor. Since it uses techniques common for rootkits, it means that upon the installation...

  • Smart Fortress 2012

    15 May 2012 | 7:46 pm
    Rogue.SecurityTool family has produced such popular fake antispywares as Smart Protection 2012 and Security Sphere 2012. Smart Fortress 2012 is the newest production, which can enter your Windows system...

  • Smart HDD

    15 May 2012 | 7:46 pm
    Other than rogue antispyware and antivirus applications to be on the lookout for, users need to be weary of fake system optimizers feigning the workings of a genuine optimizer, as in the case of dexterous...

  • Windows Secure Surfer

    15 May 2012 | 7:46 pm
    Windows Secure Surfer is an evil program which tricks the PCs’ users and aims to steal their money. This bogus application will run imaginary scans and inform you about “threats” which can be removed...

  • Security Shield

    15 May 2012 | 7:46 pm
    Rogue antispyware Security Shield cannot be trusted! This rogueware hails from the same insidious family as Security Tool. Its effects on a PC can be devastating and permanent, and unless you don’t value the...
  • add this feed to my.Alltop

    threatpost - The First Stop for Security News

  • Apple Patches Quicktime, Fixes 17 Vulnerabilities

    Christopher Brook
    16 May 2012 | 10:29 am
    Apple continued its recent parade of patches by releasing an update for Quicktime yesterday, fixing 17 different security vulnerabilities, several which could lead to remote code execution. Apple continued its recent parade of patches by releasing an update for Quicktime yesterday, fixing 17 different security vulnerabilities, several which could lead to remote code execution. read more

  • Like Those Wikipedia Ads? They Mean You're Infected With Malware!

    Paul Roberts
    16 May 2012 | 10:07 am
    The Wikimedia Foundation is warning its millions of visitors that if they're seeing ads appearing on any of the Foundation's Web sites, then their computer is probably infected with malware.  The Wikimedia Foundation is warning its millions of visitors that if they're seeing ads appearing on any of the Foundation's Web sites, then their computer is probably infected with malware.  read more

  • Microsoft's SDL Expands Beyond Redmond

    Dennis Fisher
    16 May 2012 | 8:14 am
    It's been more than 10 years now since Microsoft began the initiative that would eventually become Trustworthy Computing, and while the effects it's had inside the company have been well documented, the utility and adoption of the Security Development Lifecycle by outside organizations and customers is less well-known. Several large organizations have adopted the SDL, either in whole or in part, and Microsoft executives say that the effects on these organizations are going to be just as important as they were for Microsoft.read more

  • DHS Warns About Threat Of Mobile Devices In Healthcare

    Paul Roberts
    16 May 2012 | 8:03 am
    In a bulletin, the Department of Homeland Security (DHS) is warning healthcare organizations about the threat posed by insecure, network attached medical devices and the proliferation of smart phones, tablet PCs and other mobile devices in medical settings. In a bulletin, the Department of Homeland Security (DHS) is warning healthcare organizations about the threat posed by insecure, network attached medical devices and the proliferation of smart phones, tablet PCs and other mobile devices in medical settings. read more

  • Another Cybersecurity Bill Runs Into Trouble on Capitol Hill

    Anne Saita
    15 May 2012 | 8:53 pm
    A U.S. Senator's bill to broaden cybersecurity intelligence gathering is in trouble after other legislators question whether proposed protections comes at the expense of citizens' privacy.read more
 
  • add this feed to my.Alltop

    VRT

  • Resurgence of Virut?

    Alain Zidouemba
    16 May 2012 | 12:43 pm
    It seems like the infamous virus Virut is making a comeback. Over the past 10 days, one of our most popular ClamAV signatures has been HTML.Iframe-63:Virut is a file infector that has been around for over 5 years. It typically connects to its C&C servers at brenz.pl or trenz.pl. It also adds an iFrame script to HTML files on your machine that looks like this:This iFrame will redirect anyone who opens that HTML page in a web browsers to brenz.pl/rc .Do not navigate to that website.  Historically, it has been used to distribute malware. As of 5/16/2012, Google Safe Browsing…

  • PHP-CGI vulnerability - exploits in the wild and Snort coverage

    Alex Kirk
    8 May 2012 | 2:44 pm
    You've probably heard about the PHP-CGI command-line parameter vulnerability (CVE-2012-1823) released last Thursday, especially if you're defending a PHP-based web application environment. While it makes use of a non-default configuration for exploitation, for users who choose to run PHP through a CGI wrapper, the implications are very important, including potential source code disclosure and remote code execution.Since this bug is now being actively exploited in the wild, and has had a Metasploit module developed to exploit it, it's worth a note to Snort users explaining the nature…

  • ClamAV and Snort coverage for Flashback and Sabpub

    Joel Esler
    7 May 2012 | 8:45 am
    Being the resident VRT Apple fanboy that I am, I frequently am assigned every piece of Apple malware and Apple-related vulnerability research that comes through the office.  Luckily that's not very much.  (Fanboy jabs with his right!)However, lately, the variants of Flashback (some AV vendors are calling it Flashfake) and "Sabpub" have kept me busy.While Sabpub got a lot of press, there were only 3 variants of it; ClamAV detected all of them with one name (OSX.Subpub).  Flashback had many more variants to it; officially we are up to Flashback.K (11 variants). Most of the…

  • Razorback 0.5.0 released

    Tom Judge
    1 May 2012 | 9:16 am
    The Razorback team has released version 0.5.0. You can find the new version of Razorback here:  http://sfi.re/JlWZ0U.  We have also updated the virtual machine, which you can get here: http://sfi.re/IAW1oa.This release adds support for running inspection nuggets on Windows. At this time we have tested on Windows 7, but XP support should be coming in the future. You can download the Windows installers here: http://sfi.re/JZ3MEI.   Along with the Windows support we have created a number of new nuggets that use it. Here are all of the nuggets that we currently…

  • ClamAV vs. Content IQ Test, part 3

    Alain Zidouemba
    26 Apr 2012 | 9:30 am
    This is the third post in a series of blog posts about the Content IQ Test. Please see ClamAV vs. Content IQ Test, part 1 and ClamAV vs. Content IQ Test, part 2.Today we look at how ClamAV would handle detecting the target string when embedded in polymorphic files. If you were to compute the MD5 checksum of these test files, you'd see that not two are the same.Test file 17 contains the target string in text file contained in a polymorphic zip file. azidouemba@ubuntu:~/Downloads$ clamscan -d test.ndb Test_File_17_Polymorphic_Zip_File.zipTest_File_17_Polymorphic_Zip_File.zip:…
  • add this feed to my.Alltop

    VRT

  • Resurgence of Virut?

    Alain Zidouemba
    16 May 2012 | 12:43 pm
    It seems like the infamous virus Virut is making a comeback. Over the past 10 days, one of our most popular ClamAV signatures has been HTML.Iframe-63:Virut is a file infector that has been around for over 5 years. It typically connects to its C&C servers at brenz.pl or trenz.pl. It also adds an iFrame script to HTML files on your machine that looks like this:This iFrame will redirect anyone who opens that HTML page in a web browsers to brenz.pl/rc .Do not navigate to that website.  Historically, it has been used to distribute malware. As of 5/16/2012, Google Safe Browsing…

  • PHP-CGI vulnerability - exploits in the wild and Snort coverage

    Alex Kirk
    8 May 2012 | 2:44 pm
    You've probably heard about the PHP-CGI command-line parameter vulnerability (CVE-2012-1823) released last Thursday, especially if you're defending a PHP-based web application environment. While it makes use of a non-default configuration for exploitation, for users who choose to run PHP through a CGI wrapper, the implications are very important, including potential source code disclosure and remote code execution.Since this bug is now being actively exploited in the wild, and has had a Metasploit module developed to exploit it, it's worth a note to Snort users explaining the nature…

  • ClamAV and Snort coverage for Flashback and Sabpub

    Joel Esler
    7 May 2012 | 8:45 am
    Being the resident VRT Apple fanboy that I am, I frequently am assigned every piece of Apple malware and Apple-related vulnerability research that comes through the office.  Luckily that's not very much.  (Fanboy jabs with his right!)However, lately, the variants of Flashback (some AV vendors are calling it Flashfake) and "Sabpub" have kept me busy.While Sabpub got a lot of press, there were only 3 variants of it; ClamAV detected all of them with one name (OSX.Subpub).  Flashback had many more variants to it; officially we are up to Flashback.K (11 variants). Most of the…

  • Razorback 0.5.0 released

    Tom Judge
    1 May 2012 | 9:16 am
    The Razorback team has released version 0.5.0. You can find the new version of Razorback here:  http://sfi.re/JlWZ0U.  We have also updated the virtual machine, which you can get here: http://sfi.re/IAW1oa.This release adds support for running inspection nuggets on Windows. At this time we have tested on Windows 7, but XP support should be coming in the future. You can download the Windows installers here: http://sfi.re/JZ3MEI.   Along with the Windows support we have created a number of new nuggets that use it. Here are all of the nuggets that we currently…

  • ClamAV vs. Content IQ Test, part 3

    Alain Zidouemba
    26 Apr 2012 | 9:30 am
    This is the third post in a series of blog posts about the Content IQ Test. Please see ClamAV vs. Content IQ Test, part 1 and ClamAV vs. Content IQ Test, part 2.Today we look at how ClamAV would handle detecting the target string when embedded in polymorphic files. If you were to compute the MD5 checksum of these test files, you'd see that not two are the same.Test file 17 contains the target string in text file contained in a polymorphic zip file. azidouemba@ubuntu:~/Downloads$ clamscan -d test.ndb Test_File_17_Polymorphic_Zip_File.zipTest_File_17_Polymorphic_Zip_File.zip:…
  • add this feed to my.Alltop

    Cheap SSL: RapidSSL Thawte Symantec GeoTrust Wildcard SSL

  • Enable Web Security with Trusted SSL Certificates

    Mellisa Smith
    8 May 2012 | 1:55 am
    Secure Web is made possible by the SSL-protected sites, as seen with the transition from Facebook to require SSL for all applications and the default transition of all Google searches saved https. You may wonder what exactly SSL security certificate is? Well, SSL stands for Secure Socket Layer. This protocol is a standardized method (i.e., scramble), the transmission line to quantify. A secure site uses SSL or encryption algorithm to encrypt and decrypt data. SSL is composed of two individual keys, which are called the private key and public key. Usually the…

  • Increase security and selling on your online store

    Mellisa Smith
    23 Apr 2012 | 7:45 am
    Make an online store with secure SSL site honors the trust and increases sales conversions to visitors. Keep your online store selling models constant matrix with the appropriate certificates SSL security. Many people still have the buying process in conventional ways to go to a brick and mortar shop for the needs of large and small. Running a small shop, customers can get, but it is often easier for people to use the Internet, so online companies moving at a rapid pace. The Internet has revolutionized human life, growing demand for online retailers, and sales worldwide. Of course,…

  • GeoTrust Anti Malware Scan

    Mellisa Smith
    30 Nov 2011 | 2:37 am
    SSLMatrix.com - Global reseller of major trusted SSL Certificate Authorities has announced the availability of GeoTrust Anti Malware scanner on https://www.sslmatrix.comNow it is very easy to protect your site from hackers with daily anti-malware scan from GeoTrust that can identify both well know malware and brand new malware strains. Clean up your site fast with instant alert that clearly identify and locate malicious code. These alerts enable you to eliminate malware quickly, stay off search engine blacklists and keep search traffic flowing to you web site. Let your customers know…

  • Apache 2:- Thawte ssl 123 Certificate

    Mellisa Smith
    9 Sep 2011 | 1:29 am
    Here is a short tutorial how to set up a Thawte SSL123 SSL certificate (a domain-only validation SSL Certificate). In a nutshell, it takes two steps: First, you need to create your private key and the certificate signing request to request the certificate. In a second step you need to configure your web server to use the certificate.1. Create private key and certificate signing requestTo create your private key and the certificate signing request use the following command:# sudo openssl req -newkey rsa:2048 -nodes -keyout www.your-domain.com.pem -out www.your-domain.com.csr.pem# chmod 600…

  • Proper Management of SSL Certificates: Why it is Critical to Your Organization - Part I

    Mellisa Smith
    6 Sep 2011 | 2:13 am
    On August 17th eWeek ran an article that described how improper SSL implementations can leave websites vulnerable to various cyber attacks.  While this story is spot-on, what is equally important to consider is the propermanagement of SSL Certificates. The mismanagement of SSL Certificates can lead to financial loss and lack of credibility for your organization.One particular challenge that enterprises face can be having hundreds of SSL Certificates and no proper SSL Certificate management tool. The status of each certificate is usually tracked manually on a spreadsheet or…
 
  • add this feed to my.Alltop

    Private WiFi

  • Head to Facebook for 50% off Private WiFi and an iPad Giveaway

    Jillian Ryan
    15 May 2012 | 10:20 pm
    PRIVATE WiFi  is proud to announce a 50% off deal and iPad giveaway on its Facebook Page. From now until June 13, PRIVATE WiFi is offering a 50% off deal on Facebook. Entrants can get a 6-month subscription for half-off; just $24.95. In order for the deal to tip, 50 users must sign up. Fans are encouraged to share the deal with their friends; by working together they can unlock the savings. Additionally, PRIVATE WiFi will give away a new iPad if 100 people use the deal after they sign up. If the contest is unlock, the pool of candidates will be from the new customers who used their 50% off…

  • Head’s Up, Mac Users: Apple Patches Major OS X Security Errors

    Elaine Rigoli
    15 May 2012 | 1:33 am
    Well, that was close. It seems that Apple — after scrambling to patch 36 major security vulnerabilities in Mac OS X — fixed big leaks that revealed passwords used to encrypt folders with an older version of File Vault. Apple’s latest update to Mac OS X Lion allegedly contained an error that revealed the passwords for material stored in the first version of File Vault, the company’s encryption technology. What this means is that File Vault users who updated their Mac to OS X Lion version 10.7.3 switched on a debug log file — and exposed in unencrypted text the…

  • The Shady World of Data Brokers: How to Remove Your Sensitive Information From Their Databases

    Kent Lawson
    14 May 2012 | 1:13 am
    Did you know that there is an entire industry devoted to buying and selling your personal information? This includes your current and past addresses, your age, the names of your neighbors, and your purchase history, among other things. The companies that compile and sell this information are called data brokers. It is a huge industry, but most people don’t even know that it exists. And data brokers would like to keep it that way. Data brokers gather information about you from both public and private sources, such as home purchases, change of address forms, credit card activity, and even…

  • Hacked at a Hotspot in Less Than 600 Seconds

    Jan Legnitto
    11 May 2012 | 7:05 am
    It was a typical day online for Erika. In April, the 25-year-old nurse from upstate New York decided to use her new iPhone to sell an old phone and an old BlackBerry on eBay.  For convenience, the Wifi veteran had her iPhone set to automatically connect to whatever Wifi networks were in range. But in less than 10 minutes on public Wifi, Erika’s plan to make a little extra money online turned into a money losing proposition. When she logged into Paypal, Erica was shocked to see that two fraudulent charges in women’s names – one for $184 and $174 – had been deducted from her account.

  • FBI: Beware Of Malware Installed Via Hotel Networks

    Elaine Rigoli
    11 May 2012 | 1:00 am
    Forbes featured an in-depth article this week about the risks inherent in hotel wireless networks. It highlights the importance of using a personal virtual private network (VPN). The article includes new warnings from the FBI’s Internet Crime Complaint Center — for example, tips such as “download software updates direct from the vendor’s website” — but the Forbes writer opines further and offers the following words of advice: In addition to this, I would recommend that all important information — including, but not limited to, emails, documents, IMs and web…
  • add this feed to my.Alltop

    BullGuard’s Corner – The Straightforward Security Blog

  • How to Plan Your Vacation Safely Online

    Emma Ban
    4 May 2012 | 7:34 am
    Summer’s almost here! You can feel it in the air. As it gets warmer and warmer your mind starts wandering through all the exotic places you’d like to visit. Maybe you can’t visit them all at once, but you can take them one by one and escape the urban jungle, if only for a few days at a time. With the internet at your fingertips never has it been so easy to plan a memorable vacation. Customize it to your liking and oh, to that restraining budget! Now, looking for vacation offers on the internet is just the first step. Booking cheap flights and accommodation is next in line, closely…

  • 5 Vital Steps to Take Control of Your Online Reputation

    Emma Ban
    26 Apr 2012 | 3:38 am
    Every social media interaction and every piece of information about yourself in the online world – likes, tweets, +1s, comments, blog posts, a photo tag or video of yourself shared on social media – can influence people’s perception about you. Yes, your online reputation precedes you. It’s at anyone’s mercy (especially yours!), and it can have negative consequences for you in the real world. Picture this: You’re being interviewed for your dream job. You’ve successfully passed the first stages and now it’s time for a chat with the big boss. You’re still a bit dizzy from last…

  • 10 Dirty Little Secrets about your Pinterest Account

    Alexandra Gheorghe
    12 Apr 2012 | 9:16 am
    You’ve probably heard of it by now: Pinterest is social media’s newest sweetheart. Adored by ladies all over the world, the platform has drawn the attention of a whopping crowd: 11 million active members, among which an impressive 87% are women, put their interests, wish lists, achievements and indulgences on virtual display for the sake of …well, who knows, fame and noble-mindedness? At first glance, Pinterest is flawless: visually attractive, diverse, sleek and easy-to-use, it enables you to collect all your favourite web items and arrange them into beautifully crafted pin boards:…

  • 6 steps for a good computer spring cleaning

    Andreea Ursu
    26 Mar 2012 | 9:23 am
    This spring, don’t forget about your computer! Do a thorough cleaning to get the best out of your system this year. With the sun shining and the fresh air coming through the windows, you’re bound to feel the irresistible need to clean everything you’ve neglected during the cold winter months. So you move around the furniture, clean the windows until they squeak, and put away all those dreary winter hats and coats. But what about your PC, doesn’t it deserve some attention, too? Unused programs, temporary internet and operating system files, and a disorganized hard drive take their toll…

  • Why a Security Product Fails a Test. And Why It Is Redeemed.

    Katrine Palsby
    16 Mar 2012 | 10:44 am
    You might think that testing security software is an exercise in scientific, unbiased objectivity - a study of mathematical precision. This might lead you to think that such test results are The Truth, and that there is no room for discussion. If that’s what you think, you’re wrong. Partly wrong, at least. The test results drew headlines in tech media around the world, with Neil Rubenking of PC Mag taking the lead in reporting that, basically, most security products for Android phones failed the test miserably. As a result, the smartphone owners using the products would be at risk…
 
  • add this feed to my.Alltop

    David Lacey

  • What's the point of a management system?

    DavidLacey
    25 Apr 2012 | 3:55 am
    My blog posting on OODA loops prompted a response from Andrew Yeomans, pointing out that Deming loops and Boyd loops are not mutually exclusive, i.e. you can have a slow moving management system supporting a fast-moving operational cycle. Would that this were true. Andrew is technically correct. The problem is that you cannot easily divorce the security management system from the countermeasures themselves. ISO 27000 entwines them in a seamless programme of activities, requirements and countermeasures. One or two operational measures operate in real time. Modern measures such as secure…

  • Meeting the demands of the contemporary security market

    DavidLacey
    11 Apr 2012 | 8:11 am
    It's been a long time since I last blogged. It's been due to excessive commitments. Freelance work has been thick and fast since the beginning of the year, reflecting an increasingly a robust market for security research and consultancy. I'm also reluctant to turn down new projects because you never know whether a downturn is around the corner.  One of the major factors behind the growth in demand for security advice is the rapid take of information security practices by small and medium size companies. This would be a fine thing if established standards catered for smaller…

  • Who influences security?

    DavidLacey
    4 Apr 2012 | 5:44 am
    I was contacted last week by a company that specialises in harnessing influence. They claimed to be working for a top IT security solutions vendor and had identified me as a key "influencer" in the UK. They wanted me to answer a set of questions but refused to say who the client was and offered no references or incentives. Not surprisingly I turned them down - another case of the Cobbler's Children, where the influence peddlers are themselves lacking in influence. But it set me thinking about who actually sets the agenda for security in Today's world. It's an interesting…

  • Trust and Society

    DavidLacey
    27 Mar 2012 | 8:44 am
      I used to think that Bruce Schneier  was out of touch with industry CISOs, but now I think that they are out of touch with him. He's come on tremendously in recent years. I saw him present to the United Nations last year and he was awesome, reflecting a lot of research and deep thinking about important issues such as trust, risk, surveillance and cyber warfare.   I shall be ordering a copy of his new book "Liars and Outliers ". It's about trust, a subject I find both relevant and fascinating. Trust is a phenomenon that few security researchers seem to…

  • Our only hope lies with Academia

    DavidLacey
    15 Mar 2012 | 7:22 am
    Lately I've been spending more time lecturing to universities (Oxford and Surrey this week, Portsmouth the week after next). At each session I set out to present what's wrong with Information Security management today: just about everything, including the priorities, standards, methodologies, technologies and skills.At the end of each talk I ask: "Do you agree?" The response is generally a refreshing "Yes". Of course it might be my compelling rhetoric rather than the content that sways the audience. It's certainly hard to drum up any passion for today's…
  • add this feed to my.Alltop

    Pivot Point Security

  • Making Log Management Simple

    Scott
    8 May 2012 | 8:00 am
    In a previous article, we wrote about how simple OSCAR makes identifying anomalous activity in logs.  However, what you don’t know is that in developing OSCAR, we use our findings to add new features to the product. Looking back to the original anomaly alert email, we can see that the count is much higher than all comparisons: Like Day, Like Hour Like Day,  Same Hour Same Day, Same Hour The email also contains the port information, what action took place and the difference in deviation from the comparisons.  After spending a few minutes identifying the source of the alert, we…

  • Identifying Abnormal Log Events Using OSCAR’s Query Tool

    Scott
    1 May 2012 | 8:00 am
    We received an alert informing of anomalous activity from OSCAR.  In this article you will see how we identified what caused the alert.  Thankfully OSCAR makes identifying anomalous activity extremely simple. By looking at the alert email, we knew that the occurrence was between 9:00 and 10:00 am on a Monday morning.  We also knew which firewall logged the event, and the total number of events that occurred in that timeframe.  This happens to be a fairly large deviation from what is normal.  The count was 24,589 events when the Same Day / Same Hour event is 5,124. With one click we were…

  • “Routine” Information Security – The “Truth” Can Set You Free

    John
    30 Apr 2012 | 8:00 am
    Odd the connections that our minds make. As I was reading an email from Verne Harnish the author of “Mastering the Rockefeller Habits”, a quote by a very successful business owner who uses the system really struck me on multiple levels (including running an Information Security Management System),  “Routine sets you free …” For some reason I tend to view the definition of many, many words as their connotation (subjective cultural or emotional meaning) rather than their denotation (literal meaning).  I have spent the vast majority of my adolescent and adult life looking to shun the…

  • Raising The Bar For IT Security Priorities

    Scott
    27 Apr 2012 | 8:00 am
    These Technology IT Security links are part of a weekly series, Ethical Hacker Roundup, featuring the information security and cyber security related articles that we’ve read over and thought worth sharing from the past week. These articles have were emailed to us, shared on Twitter @pivotpointsec, Google Plus and read in RSS subscriptions this week. Calling All Call Centers – Become ISO 27001 Certified Currently there is no specific standard for IT Security at call centers.  However, in the article on EzineMark, the author wrote how call centers should become ISO 27001 certified…

  • “Operationalize” Critical Vendor Risk Management (Before You Regret Not Doing So)

    John
    24 Apr 2012 | 8:00 am
    Most organizations are reliant upon hundreds or thousands of third-parties for products or services that are integral to their operation.  Unfortunately most organizations do not do a good enough job of differentiating reliant versus RELIANT. Let’s put it in perspective: If the cafeteria doesn’t get its shipment of ketchup in time for lunch – we may have some angry tater tot loving employees (until someone can run to ShopRite). While the lack of ketchup is a “risk”, perhaps even a probable risk, the impact to the business is low, and compensating for the risk or recovering from…
 
Log in