Network Security

 
  • add this feed to my.Alltop

    Network Security Blog

  • Can I use Dropbox?

    netsecpodcast@mckeay.net (Martin McKeay)
    21 Jul 2014 | 11:07 pm
    I know security is coming to the public awareness when I start getting contacted by relatives and friends about the security of products beyond anti-virus.  I think it’s doubly telling when the questions are not about how to secure their home systems but about the security of a product for their business.  Which is exactly what happened this week; I was contacted by a family member who wanted to know if it was safe to use Dropbox for business.  Is it safe, is it secure and will my business files be okay if I use Dropbox to share them between team members? Let’s be honest that…
  • Root my ride

    netsecpodcast@mckeay.net (Martin McKeay)
    17 Jul 2014 | 11:36 pm
    If you’ve never watched the anime Ghost in the Shell(GITS) and you’re in security, you’re doing yourself a great disfavor.  If nothing else, watch the Stand Alone Complex series as a primer of what we might expect from Anonymous in the future.  I know my friend Josh Corman tries to sit down to watch it every year or two in order to refresh his memory and help him understand what might be coming down the pipeline from chaotic actors.  And the authors of the manga/anime have a impressive understanding of what the future of hacking might bring in the long term.  Probably a…
  • Patching my light bulb?

    netsecpodcast@mckeay.net (Martin McKeay)
    16 Jul 2014 | 10:59 pm
    You know things are getting a bit out of hand when you have to patch the light bulbs in your house.  But that’s exactly what the Internet of Things is going to mean in the future.  Everything in the household from the refrigerator to the chairs you sit in to the lights will eventually have an IP address (probably IPv6), will have functions that activate when you walk into the room and will communicate that back out to a database on the Internet.  And every single one of the will have vulnerabilities and problems with their software that will need to be patched.  So patching your…
  • Impostor syndrome

    netsecpodcast@mckeay.net (Martin McKeay)
    13 Jul 2014 | 10:58 pm
    What am I doing here?  When are they going to realize I don’t know what I’m doing?  How long until they fire me for faking it?  I don’t belong with these people, they’ve actually done something, while nothing I’ve done is remarkable or interesting.  I’m not worthy of this role, of being with these people, of even working in this environment.  I’m making it up as I go along and nothing I could do would ever put me on the same level as the people around me.  How did I end up here? I know I’m not the only one who has these thoughts.  It…
  • Illustrating the problem with the CA’s

    netsecpodcast@mckeay.net (Martin McKeay)
    10 Jul 2014 | 11:43 pm
    You’d think that if there was any SSL certificate out there that’d be carefully monitored, it’d be Google’s.  And you’d be right; between the number of users of Chrome and the Google team itself, the certs that correspond to Google properties are under a tremendous amount of scrutiny.  So when an impostor cert is issued anywhere in the world, it’s detected relatively quickly in most cases.  But the real question is, why are Certificate Authorities (CA’s) able to issue false certs in the first place?  Mostly because we have to trust someone in the…
 
 
  • add this feed to my.Alltop

    Techwatch Tech News

  • PMC offers new business calls, lines, and broadband services

    Brian Turner
    10 Jul 2014 | 8:04 am
    PMC Telecom has announced a new package of calls, lines, and broadband services for business, with tariffs claimed to beat BT prices. It means the company becomes the latest ISP for small businesses, now able to offer both lines and … Continue reading →Originally posted here: PMC offers new business calls, lines, and broadband services at Techwatch Tech News - Digital & Satellite TV, 3DTV, HDTV, IPTV, Computers, Mobiles, Gaming, Internet, and Telecoms NEW! Also see the Techwatch Glossary
  • Outsourcing by small businesses increases

    Brian Turner
    10 Jul 2014 | 8:03 am
    A survey of 2200 small businesses in the UK for Freelancer.co.uk reveals that the rate of outsourcing to the developing world by UK small businesses grew by 35% this year. Most jobs were outsourced to India, Pakistan and the Phillippines, … Continue reading →Originally posted here: Outsourcing by small businesses increases at Techwatch Tech News - Digital & Satellite TV, 3DTV, HDTV, IPTV, Computers, Mobiles, Gaming, Internet, and Telecoms NEW! Also see the Techwatch Glossary
  • Sony Xperia Z2 to launch

    Brian Turner
    27 Feb 2014 | 12:40 pm
    Sony are about to launch the Xperia Z2 – the successor to the highly successful Xperia Z1 – less than a month after releasing the Z1 compact. However, if you’re looking for an innovative upgrade you may be disappointed – … Continue reading →Originally posted here: Sony Xperia Z2 to launch at Techwatch Tech News - Digital & Satellite TV, 3DTV, HDTV, IPTV, Computers, Mobiles, Gaming, Internet, and Telecoms NEW! Also see the Techwatch Glossary
  • Amazon offers 20% off all Kindles

    Brian Turner
    27 Feb 2014 | 12:16 pm
    Amazon have announced 20% off all Kindles – including the Kindle Fire HD and HDX editions. This results in the following current new prices for the different Kindle models: Kindle Fire HD: from £95.20 Kindle Fire HDX: from £159.20 Kindle … Continue reading →Originally posted here: Amazon offers 20% off all Kindles at Techwatch Tech News - Digital & Satellite TV, 3DTV, HDTV, IPTV, Computers, Mobiles, Gaming, Internet, and Telecoms NEW! Also see the Techwatch Glossary
  • Xbox 720 and PS4 to go more free-to-play

    Darren Allan
    10 May 2013 | 2:57 am
    Apparently both Microsoft and Sony are going to focus more on free-to-play games, and in-app purchases, with their next-generation consoles due out at the end of the year. In other words, they are moving further towards the tablet/smartphone/casual model of … Continue reading →Originally posted here: Xbox 720 and PS4 to go more free-to-play at Techwatch Tech News - Digital & Satellite TV, 3DTV, HDTV, IPTV, Computers, Mobiles, Gaming, Internet, and Telecoms NEW! Also see the Techwatch Glossary
 
  • add this feed to my.Alltop

    Tenable Network Security Blog

  • Tenable Integrates with AirWatch

    Manish Patel
    21 Jul 2014 | 4:45 pm
    Organizations have adopted mobile devices as essential part of their business and rely on MDM solutions like AirWatch to track and manage them as well as certain applications that run on them.
  • Tenable and Amazon Web Services (AWS) Announce Nessus® Enterprise for AWS

    Manish Patel
    15 Jul 2014 | 7:52 am
    Amazon Web Services (AWS) allows organizations to shift key compute, storage, and network resources from on-premise to the cloud, offering an on-demand delivery of IT resources with pay-as-you-go pricing.   While organizations have deployed vulnerability and security solutions to protect their on-premise assets, they face challenges in monitoring and securing their AWS instances in the cloud.  If you operate your company's business critical applications in the AWS (Amazon Web Services) cloud, you’re likely facing challenges such as:
  • Installing and Using Nessus on Kali Linux

    Paul Asadoorian
    10 Jul 2014 | 8:10 am
    If you are using Nessus for vulnerability scanning activities, consider installing Nessus on Kali Linux. Kali Linux is a fantastic distribution specifically designed for penetration testing.
  • Nessus Now Audits Huawei VRP Configurations

    Paul Asadoorian
    8 Jul 2014 | 10:59 am
    As part of Tenable's Continuous Monitoring Solution, Nessus, Nessus Enterprise and Nessus Enterprise Cloud users can now perform configuration audits against Huawei devices running the Versatile Routing Platform (VRP).
  • Announcing Singapore MAS Technology Risk Management Dashboard

    Dick Bussiere
    1 Jul 2014 | 10:42 am
    Tenable is pleased to announce a dashboard designed to assist our Singapore Financial Services Industry customers to comply with the Monetary Authority of Singapore Technology Risk Management Guidelines. The Monetary Authority of Singapore (MAS) has published a refreshed set of Technology Risk Management (TRM) Guidelines. These TRM Guidelines have a strong regional and global impact, and now affect any organization that can be classified as a Financial Institution (FI), not just banks. Types of organizations impacted include:
 
  • add this feed to my.Alltop

    Spyware news

  • Different approach on internet security: ‘Project Zero’ by Google

    2-spyware.com
    18 Jul 2014 | 2:01 am
    It looks like Google is taking a new approach in order to make internet safer. Project Zero is an initiative that is heading in the right direction. To begin with, Google is recruiting elite security specialists and hackers in order to find various bugs, vulnerabilities, exploits and software flaws all over the web. According to one […]
  • Security industry members collaborate to stop Shylock virus

    2-spyware.com
    11 Jul 2014 | 6:57 am
    Several years ago we warned you about Shylock virus, which was actively used by hackers for stealing people’s banking data and other sensitive information. It is believed that this virus has already affected more than 30.000 computers. Unfortunately, how much money it managed to steal is still unknown… Luckily to all PC users, security experts […]
  • How to stay protected after Microsoft ends support for Windows XP?

    2-spyware.com
    6 Jul 2014 | 4:53 am
    Like it or not, April is just around the corner. It should be especially important for those who are still using Windows XP OS. If you are one of those people who keep relying on this operating system, beware that April 8, 2014 is the date when Microsoft will stop supporting it. That means that […]
  • Facebook: 4 security tips that you may not know

    2-spyware.com
    27 Jun 2014 | 7:14 am
    There is no question that Facebook is the only social network that likes updates so much. If you are confused about its latest modifications, you should definitely dedicate some time on this tutorial. Here we will reveal our top 5 tips for Facebook security. First of all, set up your Login Notifications and get ability […]
  • How cloud computing benefits business on the move

    2-spyware.com
    26 Jun 2014 | 5:24 am
    The conventional office can be a fixed and rather limiting place. Workers must all meet in the same location and start at the same time. A modern office, however, is far more flexible and promotes business on the move. It allows remote staff to work the hours that suit them. All this is achievable thanks to new technologies, […]
  • add this feed to my.Alltop

    Schneier on Security

  • Security Vulnerability in the Tails OS

    schneier
    23 Jul 2014 | 9:58 am
    I'd like more information on this.
  • Securing the Nest Thermostat

    schneier
    22 Jul 2014 | 8:06 am
    A group of hackers are using a vulnerability in the Nest thermostat to secure it against Nest's remote data collection.
  • Fingerprinting Computers By Making Them Draw Images

    schneier
    21 Jul 2014 | 1:34 pm
    Here's a new way to identify individual computers over the Internet. The page instructs the browser to draw an image. Because each computer draws the image slightly differently, this can be used to uniquely identify each computer. This is a big deal, because there's no way to block this right now. Article. Hacker News thread. EDITED TO ADD (7/22): This technique was first described in 2012. And it seems that NoScript blocks this. Privacy Badger probably blocks it, too. EDITED TO ADD (7/23): EFF has a good post on who is using this tracking system -- the White House is -- and how to defend…
  • Friday Squid Blogging: Squid Dissection

    schneier
    18 Jul 2014 | 2:35 pm
    A six-hour video of a giant squid dissection from Auckland University of Technology. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
  • NASDAQ Hack

    schneier
    18 Jul 2014 | 9:26 am
    Long article on a sophisticated hacking of the NASDAQ stock exchange.
  • add this feed to my.Alltop

    Infosec Events

  • Week 29 In Review – 2014

    md
    21 Jul 2014 | 10:55 am
    Resources BGA talk slides – twitter.com Marshall twitted his BGA talk slides on twitter. You can download the pdf from here. Building a Modern Security Engineering Organization – slideshare.net Continuous deployment and the DevOps philosophy have forever changed the ways in which businesses operate. This talk with discuss how security adapts effectively to these changes. Car Hacker’s Handbook – opengarages.org Here you can download the book in several different formats for free! CONFidence 2014 video from our talk on CTFs – gynvael.coldwind.pl The video from j00ru’s…
  • Week 28 In Review – 2014

    md
    15 Jul 2014 | 2:21 am
    Resources Vendor Checklist app / Trust Metric app – archon.thewatchers.net ISECOM (the Institute for Security and Open Methodologies) began with the release of the OSSTMM, the Open Source Security Testing Methodology Manual. It was a move to improve how security was tested and implemented. Dumping Data from Memcached Servers – breenmachine.blogspot.com Memcached servers provide a dynamic, distributed memory object caching system to improve application performance. Stephen breen have developed a python script to dump data from memcached servers. Videos from the 15th Annual CERIAS…
  • Information Security Twitter Lists

    ggee
    31 Dec 1969 | 4:00 pm
    I’m not sure about yourself, but for me I find it hard to consume information from the twitter fire hose which is why they created the lists feature. Looking around there are several lists made for information security only people, but those lists were big and only slightly reduced the noise. Over the weekend I attempted to replicate my sieve / filtering system on rss sites to twitter and came up 20 or so different lists. This is still a work in progress, but already it has helped me consume information, be aware of conversation, etc. You can see the complete set on Infosec Events twitter…
  • Printable Agenda for Black Hat and DEFCON

    ggee
    7 Jul 2014 | 7:08 pm
    With the two big conferences (Black Hat USA and DEFCON 22) coming up, we started to look into what awesome presentations will be occurring, but we noticed that the schedule is not very printer friendly. So we spent some time to replicate the agenda and put it into a format that will print. Black Hat USA 2014 Agenda (Printer Friendly) DEFCON 22 Agenda (Printer Friendly) Note that because there are a ton of tracks at Black Hat, that the agenda will need to be printed on legal paper. All the page lines are setup so it should print fine. The presentation descriptions are also included for…
  • Week 27 In Review – 2014

    md
    7 Jul 2014 | 9:56 am
    Black Hat USA Briefings Giveaway Enter to win an Black Hat USA 2014 Briefings ticket worth $2,2000 from Infosec Events Events Related School on Applications of Open Spectrum and White Spaces Technologies – Schedule – wireless.ictp.it ICTP School on Applications of Open Spectrum and White Spaces Technologies – 2014 workshop schedule is available here. You can download all of the presentations from here. Resources Black Hat USA 2014 – Arsenal Tools Speaker List – www.blackhat.com Returning bigger than ever for 2014, Black Hat is pleased to once again present Arsenal–a…
 
  • add this feed to my.Alltop

    Security Catalyst

  • Monday Motivation – Do what you can

    Michael Santarcangelo
    21 Jul 2014 | 5:19 am
      Something to think about Sometimes in the pursuit of perfection, we wish for more time, more resources, or a different situation. Instead of focusing on perfection (even through a change in constraint), embrace progress. When I discussed this concept with a renowned sculptor, he simply pointed out that ours is to the do the best we can with the time we have. His life experience matched the sage words of Roosevelt. Today, choose progress over perfection. Be present in the moment and embrace whatever opportunity arrives.   The post Monday Motivation – Do what you can appeared…
  • Monday Motivation – Don’t Wait!

    Michael Santarcangelo
    23 Jun 2014 | 5:34 am
      Something to think about I often hear clients (and friends) suggesting they’ll take a different/better course of action… when the time is right. While Napoleon Hill wisely points out there is no “just right” time, it means the time is always right. In life, and in business, now is the perfect time for you. Today is a great day to take action. Use this week to take the first step on a new journey. Or perhaps to recommit to something. Start simple. Smile. Take a deep breath. Thank someone with genuine gratitude. Just be. Embrace the moment and how right it is for…
  • DtR Security Newscast: wifi attacks, APT (evolved), the need for practice and Target’s new CISO

    Michael Santarcangelo
    17 Jun 2014 | 3:13 am
    I invite you to listen to the latest episode of the Down the Rabbithole (DtR) Security Newscast for June 16, 2014 — with Raf Los (@Wh1t3Rabbit), James Jardine (@JardineSoftware), and guest Will Gragido (@wgragido). We record the DtR Newscast every other Monday to engage in spirited discussion about security topics in the news. More than a run-down of the news, it’s our unfiltered (but safe for work) discussion of top stories. We usually inject some passion and and some divergent thinking to fuel your week. This week, we covered: The slippery slope of “jamming”…
  • Monday Motivation: most worries never happen

    Michael Santarcangelo
    16 Jun 2014 | 5:12 am
      Something to think about Worry is an activity that uses a lot of energy. Ultimately, like friction, it erodes value. As pointed out here, often our minds create a more elaborate scheme than reality. When faced with a worrisome situation, take a breath. Focus on today. Do your best, and focus on progress over perfection. Learn to see things as they are, and deal with them in kind. Over time, you’ll worry less and do more. The post Monday Motivation: most worries never happen appeared first on Security Catalyst. Related posts: Monday Motivation: everybody is a genius Monday…
  • Monday Motivation: context is the key to understanding

    Michael Santarcangelo
    9 Jun 2014 | 6:25 am
      Something to think about While we all push for more content, more information — what we really need is more context. Working in a shared context leads to understanding. Place investment in context over content and reap the benefits. The post Monday Motivation: context is the key to understanding appeared first on Security Catalyst. Related posts: Monday Motivation: everybody is a genius (CSO) How security awareness leads to behavior change (CSO) Proper understanding of “awareness” is necessary to improve security awareness
  • add this feed to my.Alltop

    Dr Anton Chuvakin Blog PERSONAL Blog

  • Monthly Blog Round-Up – June 2014

    1 Jul 2014 | 8:15 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Why No Open Source SIEM, EVER?” contains some of my SIEM thinking from 2009. Is it relevant now? Well, you be the judge.  Current emergence of open sources log search tools, BTW, does not break the logic of that post. “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “New SIEM Whitepaper on Use Cases In-Depth…
  • Monthly Blog Round-Up – May 2014

    2 Jun 2014 | 9:45 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list. “Why No Open…
  • Monthly Blog Round-Up – April 2014

    1 May 2014 | 7:55 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) My classic PCI DSS Log Review series is popular as well. The series of 18 posts cover a comprehensive log review approach, useful for building log review processes and procedures, whether regulatory or not. It is also described in more detail in our Log Management book.
  • Monthly Blog Round-Up – March 2014

    1 Apr 2014 | 7:07 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “Why No Open Source SIEM, EVER?” contains some of my SIEM thinking from 2009. Is it relevant now? Well, you be the judge. “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and…
  • Our Team Is Hiring Again: Join Gartner GTP Now!

    19 Mar 2014 | 5:05 am
    It is with great pleasure that I am announcing that our team is HIRING AGAIN! Join Security and Risk Management Strategies (SRMS) team at Gartner for Technical Professionals (GTP)! Excerpts from the job description: Create and maintain high quality, accurate, and in depth documents or architecture positions in information security, application security, infrastructure security, and/or related coverage areas; Prepare for and respond to customer questions (inquiries/dialogues) during scheduled one hour sessions with accurate information and actionable advice, subject to capacity and demand;…
 
  • add this feed to my.Alltop

    Security Blog

  • Modeling Geographic Ambiguity with VERIS

    kevin.thompson
    24 Jul 2014 | 11:17 am
    Often times when we’re modeling an incident with VERIS we get ambiguous information about an actor or a victim. This is most often the case when we are modeling incidents for the VERIS Community Database or when processing contributions from some of our partners. In many cases we will get a report that says “a threat actor from Eastern Europe” was attacking “a victim in South America.” Unfortunately it was really difficult to represent this in VERIS. Recently our team had some internal meetings to propose changes to the VERIS framework. These proposals were opened for public comment…
  • Weekly Intelligence Summary Lead Paragraph: 2014-07-18

    ssimpson
    18 Jul 2014 | 2:37 pm
    Reports on targeted campaigns and malware, both old and new, led the VCIC’s intel collections this week. More reports surfaced on the Pitty Tiger campaign reported in last week’s INTSUM, including intel from McAfee linking an attack on a French company to the Pitty Tiger group. The Havex RAT, and the Energetic Bear group behind it, continued to gain attention this week with reports from RSA, FireEye and Palo Alto Networks. Expect a follow-up to Palo Alto’s report in the coming days. Vulnerability intel collections were dominated by Oracle, which released its July 2014 Critical Path…
  • Weekly Intelligence Summary Lead Paragraph: 2014-07-11

    dkennedy
    18 Jul 2014 | 2:34 pm
    This week’s intelligence spanned an unusually wide range of aspects of InfoSec risk.  Samsung experienced a US$38 million dollar theft of products from their manufacturing facility outside São Paulo.  Attacks on international affairs think tanks, the U.S. government’s Office of Personnel Management and shipping and logistics companies were all attributed to threat actors in the People’s Republic of China.  Someone, probably not Anonymous, launched DDoS attacks on the web sites of several large companies in Norway on Tuesday.  Social investment network eToro also suffered a DoS…
  • How ICS Security can Impact Retail Business

    admin_sec
    17 Jul 2014 | 1:22 pm
    by Rafeeq U Rehman Although it may seem to be the most visible thing given the recent mega breaches, security of credit card data should not be the only concern on the mind of a CISO in the retail and transportation sectors. Big retail and transportation companies rely on very sophisticated and highly automated warehouses to deliver goods to their customers on time. By some estimates, online spending reached $42.8 billion dollars between November 1 and December 22, 2013. Warehouse and transportation automation, which fuels this business, is enabled by Industrial Control Systems (ICS). These…
  • Weekly Intelligence Summary Lead Paragraph: 2014-07-04

    ssimpson
    10 Jul 2014 | 5:18 pm
    Microsoft was the focus of several InfoSec headlines this week, some of which weren’t particularly flattering. It all started when the company announced it was discontinuing its email security notifications due to new anti-spam laws in Canada. Fortunately, they reversed the decision on Monday. Microsoft also announced a takedown of the dynamic domain name services provider used by actors behind the NJrat and NJw0rm malware families. It turns out they also took down some legitimate domains in the process, which caused another uproar. The company closed out the week by pre-announcing six…
  • add this feed to my.Alltop

    symantec.com

  • Fake US Anti-Spam Law Used in Latest Phishing Campaign

    Binny Kuriakose
    23 Jul 2014 | 4:28 pm
    Summary:  Phishers posing as banks are redirecting victims to a fake website then requesting logon credentials in order to compromise bank accounts. Contributor: Mayur Deshpande read more
  • Facebook Scam Leads to Nuclear Exploit Kit

    Ankit Singh
    22 Jul 2014 | 3:25 pm
    Summary:  Attackers have become more aggressive and are now using Facebook scams to lead to exploit kits so they can control a user’s system. Contributor: Himanshu Anand read more
  • Neverquest Evolves Again and Seeks New Targets

    Symantec Security Response
    16 Jul 2014 | 4:01 pm
    Summary:  Trojan.Snifula has continued to evolve and develop new features to steal more confidential online banking information. Despite Japan's isolated adoption of unique and sometimes incompatible technological standards, often described as Galapagosization, the country still seems to be open game when it comes to banking malware. read more
  • Tinder Spam: A Year Later, Spammers Still Flirting with Mobile Dating App

    Satnam Narang
    15 Jul 2014 | 9:12 am
    Summary:  Spammers use bots on dating app to convince users to install games and sign up for adult dating and webcam sites. One year ago, we warned users about one of the first instances of adult webcam spam on the up-and-coming mobile dating application Tinder. We also warned about an impending flood of spam bots once an Android version was released. read more
  • All That Glitters Is No Longer Gold - Shylock Trojan Gang Hit by Takedown

    Symantec Security Response
    10 Jul 2014 | 10:40 am
    Summary:  The gang behind one of the world’s most advanced financial fraud Trojans has experienced a major setback after an international law enforcement operation seized a significant amount of its infrastructure. An international law enforcement operation has struck a major blow against the gang behind Shylock, one of the world’s most dangerous financial Trojans. read more
  • add this feed to my.Alltop

    Optimal Security

  • Infosec Haiku

    Chris Merritt
    21 Jul 2014 | 6:25 am
    Anata no joho sekyuritei konshu no haiku Energetic Bear Attacking ICS Space Havex is Havoc   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if yours is published, I’ll send you a $20 Starbux card. Please DM me at infosec-haiku@lumension.com. Contest Rules: all rulings by the judge (me) are final, blah blah blah.
  • Google’s Project Zero – Targeting Zero-Day Vulnerabilities

    Graham Cluley
    16 Jul 2014 | 1:48 pm
    Google has announced that it is assembling a crack team of researchers, devoted to finding and reporting security holes in widely used software. According to Google security engineer Chris Evans, the group – which has been dubbed “Project Zero” – aims to uncover unpatched security vulnerabilities before they are exploited in targeted internet attacks. “Our objective is to significantly reduce the number of people harmed by targeted attacks. We’re hiring the best practically-minded security researchers and contributing 100% of their time toward improving…
  • July Java Jamboree

    Chris Merritt
    15 Jul 2014 | 9:31 am
    The latest Critical Patch Update (CPU) from Oracle has been released today. Based on the pre-release information, the July 2014 CPU contains 113 new security vulnerability fixes, covering everything from its flagship database and Fusion Middleware to Hyperion and Solaris. [See update below.] Of particular interest to endpoint administrators will be the 20 vulnerabilities in Java SE. These are all remote access vulnerabilities, meaning they can be exploited over the network without needing login credentials. Impacted versions include: Oracle Java SE, versions 5.0u65, 6u75, 7u60, 8u5. According…
  • Java on XP?

    Graham Cluley
    14 Jul 2014 | 11:22 am
    Is it still supported, and what should you do about it? Well done to Oracle, which has successfully managed to confuse everyone about what the situation is regarding whether Java (a development platform with a long history of security holes) will continue to be properly supported on Windows XP (an operating system with a long history of security holes, that Microsoft has recently killed off after many years of trying). As Lumension described last week, Oracle had announced with the demise of Windows XP that support for Java on XP had reached the end of the road: “Users may still continue…
  • Infosec Haiku

    Chris Merritt
    14 Jul 2014 | 8:16 am
    Anata no joho sekyuritei konshu no haiku Shylock Taken Out Financial Trojan Demands For Pound of Flesh Cease   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if yours is published, I’ll send you a $20 Starbux card. Please DM me at infosec-haiku@lumension.com. Contest Rules: all rulings by the judge (me) are final, blah blah blah.
 
  • add this feed to my.Alltop

    TRUSTe Blog

  • TRUSTe Supports Intuit’s Move to Open Source Mobile Privacy Code and Make It Available to Developers

    lgradman
    24 Jul 2014 | 7:18 am
    Intuit and Application Developers Alliance today announced the availability of open source software code for developers to implement short-form privacy notices—simple, easily understandable screens that clearly inform consumers what data the app is collecting and with whom the data is shared.  With this open source code, small app developers can use the same template for their mobile … Continue reading »
  • Bluelock Makes Privacy and Data Security a Top Priority

    lgradman
    23 Jul 2014 | 10:25 am
    By Megan Gish, Bluelock We’re proud to announce that Bluelock has completed self-certification of compliance with the United States – European Union Safe Harbor Framework. This completion of this framework allows customers to use Bluelock’s service with confidence that personal information will be secure. Bluelock undertook several internal audits to comply with the U.S.-EU Safe … Continue reading »
  • Last Chance to Register for Webinar on Privacy Investment Success Stories

    lgradman
    23 Jul 2014 | 8:00 am
    Time is running out! Don’t forget to register for the third and final session of the TRUSTe webinar series with Forrester Research on Thursday, July 24th at 10am PDT, titled “Making the Most of your Data Privacy Management Investment.” Attend to learn about the benefits of privacy investment, what resources are needed for ongoing management … Continue reading »
  • European Cookie Sweep Initiative: Are You Compliant?

    lgradman
    17 Jul 2014 | 1:55 pm
    By Eleanor Treharne-Jones, CIPP/E, Director, Global Communications & EU Marketing, TRUSTe In our data-driven world, it is vital that businesses know how to win and maintain consumer trust online. In the EU this can sometimes seem even more complicated because of the increasing complexity of privacy regulations and the different approaches to implementation across 28 … Continue reading »
  • TRUSTed Assessments Helps Companies Address Global Privacy Compliance Challenges Today

    lgradman
    17 Jul 2014 | 6:00 am
    Data is the vehicle driving today’s enterprises, and while technological innovations are continually feeding the ever-increasing and insatiable appetite for data, the sheer volume of data is creating greater challenges for those tasked with data privacy protection. According to a 2014 IAPP study of 400 privacy professionals, not only is data risk assessment one of … Continue reading »
 
  • add this feed to my.Alltop

    Free IT - Security Magazines and Downloads from alltop.tradepub.com

  • Data Centers in the Crosshairs: Today's Most Dangerous Threats

    24 Jul 2014 | 12:00 am
    Comprising the most valuable assets in your organization – your web, DNS, database, and email servers - data centers have become the number one target of cyber criminals, hacktivists and state-sponsored attackers. This paper analyzes the top five most dangerous threats to your data center. It also describes the impact of these threats and it reveals the latest methods, tools and techniques used by attackers to exploit data center resources.Request Free!
  • The Essentials of Information Security Kit: Includes a Free PC Security Handbook - 2nd Edition eBook

    21 Jul 2014 | 10:50 am
    The Essentials of Information Security brings together the latest in information, coverage of important developments, and expert commentary to help with your Information Security related decisions.The following kit contents will help you get the most out of your Information Security research:Citrix NetScaler: A Powerful Defense against Denial of Service AttacksPC Security Handbook - 2nd EditionVirtual Patching: Lower Security Risks and CostsPractical Guide to Secure File TransfersRequest Free!
  • Data-Leakage, Regulatory Compliance & BYOD

    21 Jul 2014 | 12:00 am
    Enabling employees to BYOD (i.e., use their personal smartphones for work) offers significant benefits to businesses in the form of increased productivity and flexibility. However, enabling BYOD carries increased information security risk, violating regulatory compliance. Traditional security solutions are limited in their ability to solve these problems due to inherent architectural challenges, requiring new technology to meet these needs for today's enterprise.Request Free!
  • SECURITY LEADERSHIP SERIES: Security Strategies for Success

    18 Jul 2014 | 12:00 am
    For IT leaders, these security strategies for success are essential reading.Request Free!
  • Critical Concepts of the 200-120 CCNA Routing and Switching Exam

    18 Jul 2014 | 12:00 am
    In the spring of 2013, Cisco announced major updates to their Cisco Certified Network Associate (CCNA) curricula, including a new version of the CCNA Routing and Switching exam (200-120 CCNA). This paper provides a review of the CCNA Routing and Switching exam's critical concepts, as an aid to students preparing to pass the latest version of the CCNA Routing and Switching exam.Request Free!
  • add this feed to my.Alltop

    IT-Security

  • Medical Devices at Clinical Facilities: A Hacker’s Playground

    Bob Chaput
    24 Jul 2014 | 10:00 am
    A recent Wired article on the vulnerabilities of hospital equipment should be a wake up call to the health care industry. What may be completely obvious to an information security professional may simultaneously stun healthcare executives. The number of new medical devices at clinical facilities connected to or accessible from the clinical network is exploding.  Many aren’t designed to be secure; some were actually designed under the assumption they would never be accessible from the Internet.  However, networks to which these devices are attached often turn out to have one (or more)…
  • From Celebrities to the Ex-Factor, Snooping is a Serious Issue

    Bob Chaput
    24 Jul 2014 | 10:00 am
    Have you cataloged “Snooping” among your risk factors in your Risk Analysis? Humans are curious beings by nature. With a little motivation we can get really nosy …which often leads to very bad outcomes for those tasked with safeguarding protected health information. Snooping, where individuals gain access to PHI as a result of curiosity or malicious intent, is a prevalent problem that can land your organization in serious trouble under HIPAA. The regulators have made it quite clear that a covered entity or business associate is required to conduct a breach risk assessment and notify…
  • Corporate Survival Tips for Young Professionals: Calendars

    Branden Williams
    24 Jul 2014 | 6:56 am
    I can remember the old days when my dad kept a Daily Planner on his desk with his appointments penciled in for the day. He is incredibly efficient and one of the best at following up that I know (to this day). With teams spread across multiple floors, sites, states, or continents, the paper method does not work anymore without an army of assistants to keep it all straight. So instead, we use the calendar functions in our electronic devices to keep our day’s straight. Calendar, by Andreanna Moya Photography Just like with any network-enabled system, there is some etiquette required to…
  • Corporate Survival Tips for Young Professionals: Finding Information

    Branden Williams
    22 Jul 2014 | 6:57 am
    This tip may be less for the newbies, but I’m shocked at how poor people are at using the tools around them to find information. Your first step should be taking a look at how to use Google. Eye Eye, by mrmanc I mean, REALLY how to use Google. Google is great because it can cast both a wide net and be tweaked to surgically deliver a single finding. It incorporates multiple sources (for example, did you know about the treasure trove of information to be found on books.google.com or scholar.google.com?) and allows for all kinds of detailed views and alerts when it finds new things. There…
  • Key Question for Risk Analysis and Risk Management: What Have You Done for Me Lately?

    Bob Chaput
    21 Jul 2014 | 10:00 am
    Let’s talk about maturation of your Risk Analysis and Risk Management Processes Undertaking reasonable and appropriate risk analysis and risk management is an important matter — a process that needs to mature just like any other business process. So while it’s great that your organization has taken critical steps, such as conducting an initial security risk analysis, you can’t stop there. Maturing a business process means making it proactive, adaptable, consistent, predictable, measurable and controlled. You must continually improve processes to leverage proven tools and evolving…
 
  • add this feed to my.Alltop

    AT&T Networking Exchange Blog » Security

  • AT&T is an IDC MarketScape Leader Worldwide

    Paula Waldron
    22 Jul 2014 | 3:45 am
    Leading research and advisory firm, IDC, has published the long awaited IDC MarketScape: Worldwide MSS MarketScape Report, where AT&T was named a “Leader”.  Published in June, the 2014 Vendor Assessment compared 11 organizations that offer managed security services (MSS) worldwide using the IDC MarketScape model. The findings were based on in-depth managed security services provider (MSSP) interviews and more than 20 surveys with providers’ customers. Recognized managed security strengths As noted in the IDC MarketScape report, “the company is investing heavily in cloud…
  • Malicious Email: Think Before You Click

    Paula Waldron
    18 Jul 2014 | 3:45 am
    On your screen, an email with an urgent tone, seemingly from your bank, grabs your attention. Bright red text spills across the screen, in a large font. “We’ve detected unauthorized access. Your account has been frozen. Click now to verify!” The email looks legitimate. All the right logos are in all the right places. Your name is spelled correctly. Should you click the link? That’s a question the AT&T Chief Security Office trains employee to ask themselves. A large volume of emails sent to AT&T each day are either spam or potentially dangerous. Most are caught by existing…
  • Big Worries about Wearables in the Workplace

    10 Jul 2014 | 3:45 am
    Just when IT pros felt like they had control around the tablets and smartphone devices that comprised the “D” in BYOD, employees are introducing a new class of devices to the workplace: wearables. These small devices can include anything from smart watches to fitness-focused wristbands to eyewear such as Google Glass. Wearables have giant computing power and can carry big security risks. Big data meets wearable devices  If wearables have not made their way into your organization, they soon will. If the proper procedures and tools are put into place early, there can be significant…
  • Jailbreaking and Rooting: Two Threats to Your MDM Strategy

    Rajat Swarup
    26 Jun 2014 | 3:45 am
    “Jailbreaking” is the process of altering iOS devices (e.g., iPhones, iPads) to run unsigned code. Apple controls apps on iOS by signing them with it’s private key. This inhibits an attacker’s ability to run unauthorized applications (i.e., applications not authorized by Apple). “Rooting” is the act of attaining root privileges on your Android phone. This can be done by overwriting the phone firmware that provides users with full system access on their Android phones. This includes the capability to run apps expressly forbidden by carriers or by the phone…
  • Performance and Protection in a More Mobile World

    Sam Farraj
    23 Jun 2014 | 6:45 am
    Mobile consumers are the fastest-growing segment of web users, and m-commerce is growing faster than e-commerce overall. We may never want to stop optimizing for the desktop experience, but we must pay more attention to the performance and security implications of having more of our prospects and customers visiting websites on smartphones, tablets, and other emerging devices. At the conference, we will discuss the many tools now available to optimize the mobile experience and to enhance the security of your content, your infrastructure, and your users. We’ll also present details on how…
  • add this feed to my.Alltop

    AT&T Networking Exchange Blog » Security

  • AT&T is an IDC MarketScape Leader Worldwide

    Paula Waldron
    22 Jul 2014 | 3:45 am
    Leading research and advisory firm, IDC, has published the long awaited IDC MarketScape: Worldwide MSS MarketScape Report, where AT&T was named a “Leader”.  Published in June, the 2014 Vendor Assessment compared 11 organizations that offer managed security services (MSS) worldwide using the IDC MarketScape model. The findings were based on in-depth managed security services provider (MSSP) interviews and more than 20 surveys with providers’ customers. Recognized managed security strengths As noted in the IDC MarketScape report, “the company is investing heavily in cloud…
  • Malicious Email: Think Before You Click

    Paula Waldron
    18 Jul 2014 | 3:45 am
    On your screen, an email with an urgent tone, seemingly from your bank, grabs your attention. Bright red text spills across the screen, in a large font. “We’ve detected unauthorized access. Your account has been frozen. Click now to verify!” The email looks legitimate. All the right logos are in all the right places. Your name is spelled correctly. Should you click the link? That’s a question the AT&T Chief Security Office trains employee to ask themselves. A large volume of emails sent to AT&T each day are either spam or potentially dangerous. Most are caught by existing…
  • Big Worries about Wearables in the Workplace

    10 Jul 2014 | 3:45 am
    Just when IT pros felt like they had control around the tablets and smartphone devices that comprised the “D” in BYOD, employees are introducing a new class of devices to the workplace: wearables. These small devices can include anything from smart watches to fitness-focused wristbands to eyewear such as Google Glass. Wearables have giant computing power and can carry big security risks. Big data meets wearable devices  If wearables have not made their way into your organization, they soon will. If the proper procedures and tools are put into place early, there can be significant…
  • Jailbreaking and Rooting: Two Threats to Your MDM Strategy

    Rajat Swarup
    26 Jun 2014 | 3:45 am
    “Jailbreaking” is the process of altering iOS devices (e.g., iPhones, iPads) to run unsigned code. Apple controls apps on iOS by signing them with it’s private key. This inhibits an attacker’s ability to run unauthorized applications (i.e., applications not authorized by Apple). “Rooting” is the act of attaining root privileges on your Android phone. This can be done by overwriting the phone firmware that provides users with full system access on their Android phones. This includes the capability to run apps expressly forbidden by carriers or by the phone…
  • Performance and Protection in a More Mobile World

    Sam Farraj
    23 Jun 2014 | 6:45 am
    Mobile consumers are the fastest-growing segment of web users, and m-commerce is growing faster than e-commerce overall. We may never want to stop optimizing for the desktop experience, but we must pay more attention to the performance and security implications of having more of our prospects and customers visiting websites on smartphones, tablets, and other emerging devices. At the conference, we will discuss the many tools now available to optimize the mobile experience and to enhance the security of your content, your infrastructure, and your users. We’ll also present details on how…
  • add this feed to my.Alltop

    Redspin Security Blog

  • The Risks of a HIPAA Security Risk Analysis

    Dan Berger
    8 Jul 2014 | 2:43 pm
    The risk of a HIPAA risk analysis is in not selecting the right team for the job.
  • BYOD Security – The Next Problem? Data Sprawl

    David Carlino
    20 May 2014 | 5:27 pm
    Submitted by David Carlino Mobile devices are designed to store less data than traditional laptops and desktop workstations. Cloud-based storage continues to enable a steady migration away from local device storage. Due to local storage limits, mobile users are increasingly turning to a wide array of cloud storage options to maintain and access their data. This is very helpful when a device is lost or stolen but there are unintended consequences in complexity, security, and risk... Enabling [ Read More ]
  • Largest HIPAA Compliance Settlement – A Prescription for IT Security Health

    Dan Berger
    11 May 2014 | 8:36 am
    The key to Redspin’s rapid rise as the leader in HIPAA compliance for healthcare providers has been our unyielding focus on IT security. Last week’s news that OCR had reached a $4.8 million settlement agreement with New York-Presbyterian hospital and Columbia University Medical Center relating to HIPAA compliance violations further affirms our position. What started as an investigation of a 6,800 record ePHI breach became a multi-million dollar black-eye for those providers. At the source [ Read More ]
  • OpenSSL Vulnerability Discovered

    Dan Berger
    8 Apr 2014 | 11:35 am
    A two year old vulnerability in OpenSSL--the default cryptographic library used in many software applications (including web servers, operating systems, email, and instant-messaging clients)--has been discovered. This vulnerability could make it possible for external parties to mine server memory for data including private encryption keys, passwords, and other credentials. If you are hosting a web server using a vulnerable version of OpenSSL (including most variants of Linux), it is recommended [ Read More ]
  • Expect a HIPAA Security Audit – But Guess Who Will Conduct It?

    Dan Berger
    25 Mar 2014 | 10:04 am
    The 2009 HITECH Act deputized the Office of Civil Rights (OCR) to conduct HIPAA security audits under the auspices of the Department of Health and Human Services’ (HHS). But as it turns out, OCR is not the only HIPAA enforcer in town. State attorneys general can claim a similar right to audit; in fact several were initially trained by OCR to do so. In the second half of 2013, the Center for Medicare Services (CMS) began conducting audits of eligible hospitals and providers that had received payments [ Read More ]
 
  • add this feed to my.Alltop

    F-Secure Antivirus Research Weblog

  • Diving Deep into Mayhem

    23 Jul 2014 | 9:29 pm
    Malware targeting Linux servers has been increasingly hitting the headlines over the past year. In this post we will present research on an advanced and highly versatile malware operation targeting Linux and FreeBSD servers. We have named the malware family at the heart of this operation GalacticMayhem, as a reference to some of the C&C urls. It is the same family of malware that was written about by a team of researchers from Yandex.OverviewInfection of a server with Mayhem begins with a PHP dropper script. This script is responsible for dropping a malicious ELF shared object file and…
  • BlackEnergy Rootkit, Sort Of

    23 Jul 2014 | 9:29 pm
    A sample of the BlackEnergy family was recently uploaded to VirusTotal from Ukraine. The family is allegedly the same malware used in the cyber attack against Georgia in 2008. The malware provides attackers full access to their infected hosts. Check out SecureWorks' detailed analysis from 2010 for more information about the family.The new sample is not much of a rootkit anymore, in the sense that it no longer hides files, registries, etc. The build is now "0D0B15aaa" according to the embedded XML:Although not used, the sample still has a routine which hides processes. This time it uses DKOM.
  • Trojan:W32/Lecpetex: Bitcoin miner spreading via FB messages

    23 Jul 2014 | 9:29 pm
    In early March this year, while investigating various threats as part of our Facebook malware cleanup effort, we ran across an interesting one that was spreading in zipped files attached to messages.The messages themselves were classic social engineering bait that lead the users to install the executable file in the attachment, which turned out to be a Bitcoin miner, which we identify as Trojan:W32/Lecpetex. Some of the more interesting details of our analysis are presented in our Lecpetex whitepaper.Facebook's own investigation into Lecpetex lead to an operation to take down the botnet. More…
  • Necurs - Rootkit For Hire

    23 Jul 2014 | 9:29 pm
    Necurs is a kernel mode driver best known at the moment for being used by Gameover Zeus (GOZ) to hinder attempts to detect and remove the malware. The technical details of the Necurs driver have already been exhaustively covered in a writeup by Peter Ferrie, but during our analysis we came across some interesting details of Necur's gradual uptake as a "crimeware for sale" module.We saw the earliest version of the Necurs driver as a standalone malware in May 2011; it didn't become associated with another malware until early 2012, when we observed it being dropped by a trojan-downloader, also…
  • Do you take your coffee with "Free" Wi-Fi?

    23 Jul 2014 | 9:29 pm
    Colleagues of ours recently visited a Starbucks in San Francisco and used the Wi-Fi.And while there, they grabbed a copy of AT&T's T&C. It's rather standard stuff, nothing there as surprising as last week's post.Here's the bit about security:"The unsecured nature and ease of connection to public Wi-Fi hotspots increases the risk that unauthorized persons can access your phone, laptop or other device or your communications over the Wi-Fi network. Wi-Fi customers should take precautions to lower the security risks. If you have VPN, AT&T recommends that you connect through it for…
  • add this feed to my.Alltop

    Pcthreat.com

  • Browserwarden Ads

    24 Jul 2014 | 2:49 am
    Browserwarden Ads is an adware application that comes from the Smart Apps family. There are two main types of programs from this group – one type promises that it will help you save money on your online...
  • PC Optimizer Pro

    24 Jul 2014 | 2:49 am
    Despite the best efforts of the online security industry to secure the exact opposite, many of its consumers continue to fall into the trap set by malicious rogue security tools like PC Optimizer Pro. This...
  • Qone8.com

    24 Jul 2014 | 2:49 am
    Qone8.com is a search engine which returns search results from Google Search. The search engine is owned by Taiwan Shui Mu Chih Ching Technology Limited, and it very similar to such browser hijackers as...
  • Crypto Ransomware

    24 Jul 2014 | 2:49 am
    We cannot stress enough how important it is to keep a file backup when the likes of Crypto Ransomware are on the loose. It is a ransomware infection that encrypts almost all of your files and then demands...
  • V9 Redirect Virus

    24 Jul 2014 | 2:49 am
    V9 Redirect Virus is a malicious browser hijacker which infects the system while you are browsing insecure websites or when you download spam email attachments. Once the infection gets in the system, the...
  • add this feed to my.Alltop

    Threatpost - English - Global - threatpost.com

  • More Details of Onion/Critroni Crypto Ransomware Emerge

    Chris Brook
    24 Jul 2014 | 11:37 am
    New ransomware has been dubbed Onion by researchers at Kaspersky Lab as its creators use command and control servers hidden in the Tor Network (a/k/a The Onion Router) to obscure their malicious activity.
  • Mozilla Improves Malware Blocking in Firefox 31

    Dennis Fisher
    24 Jul 2014 | 10:54 am
    Attackers have any number of methods for getting their malware onto users’ machines, but one of the easier and more effective ones is through drive-by downloads. Browser vendors have been adding defenses to mitigate this threat for some time, and the newest version of Mozilla Firefox includes an improved defense against malware downloaded through the […]
  • Phony Googlebots Becoming a Real DDoS Attack Tool

    Michael Mimoso
    24 Jul 2014 | 9:00 am
    Phony Googlebots are being used with greater frequency to launch and carry out application-layer denial-of-service attacks.
  • Research Shows Increase in Internet Filtering and Usage of FireChat App in Iraq

    Dennis Fisher
    24 Jul 2014 | 9:00 am
    Researchers at Citizen Lab have taken a close look at the extent of Internet filtering in Iraq, as well as the security of a popular offline chat app used there, and found an increase in the number of services blocked by the government and identified serious privacy and security problems with the chat app. As tensions […]
  • Bugcrowd Releases Open Source Vulnerability Disclosure Framework

    Dennis Fisher
    24 Jul 2014 | 6:01 am
    The problems that come from doing security research on modern Web applications and other software aren’t just challenging for researchers, but also for the companies on the receiving end of their advisories. Companies unaccustomed to dealing with researchers can find themselves in a difficult position, trying to figure out the clearest path forward. To help […]
 
  • add this feed to my.Alltop

    VRT

  • Apple ID Harvesting, now this is a good phish.

    Joel Esler
    9 Jul 2014 | 8:07 am
    Phishing isn't new.  "So, why are you writing about it?", you ask.I received this one today and it was very well done, so I thought I'd write it up.  Chances are, you've seen these before:If you are familiar with Apple Verification emails, you'll notice the format is almost exactly what Apple uses.  You'll notice that there are hardly any grammar, punctuation or capitalization errors.  Usually, something as simple as the "Dear Customer" would give it away by the insertion of a space between the word "Customer" and ",".  Those of you that look at phish emails all day…
  • Microsoft Update Tuesday July 2014: light month, mostly Internet Explorer

    Yves Younan, PhD
    8 Jul 2014 | 10:15 am
    This month’s Microsoft Update Tuesday is relatively light compared to the major update of last month. We’re getting a total of six bulletins this month, two marked critical, three as important and finally one moderate. These six bulletins cover a total of 29 CVEs, most of which are, as is usual, in Internet Explorer.Let’s start off with the Internet Explorer bulletin, MS14-037. It covers a total of 24 CVEs, 23 of which are memory corruption vulnerabilities that could result remote code execution vulnerabilities and most of those memory corruptions are the result use-after-free…
  • Threat Spotlight: "A String of Paerls", Part 2, Deep Dive

    Joel Esler
    8 Jul 2014 | 7:00 am
    This post has been coauthored by Joel Esler, Craig Williams, Richard Harman, Jaeson Schultz, and Douglas GoddardIn part one of our two part blog series on the “String of Paerls” threat, we showed an attack involving a spearphish message containing an attached malicious Word doc. We also described our methodology in grouping similar samples based on Indicators of Compromise: static and dynamic analysis indicators. In this second part of the blog series we will cover the malicious documents and malicious executables. The Attachment (that your IT department would tell you not to…
  • Exceptional behavior: the Windows 8.1 X64 SEH Implementation

    Andrea Allievi
    26 Jun 2014 | 10:37 am
    In my last post, you may remember how the latest Uroburos rootkit was able to disarm Patchguard on Windows 7. I was recently looking into how Patchguard is implemented in Windows 8.1 and decided to dig into Exception Handling on x64. As a matter of fact, all the new 64-bit Windows operating systems have entirely changed the way they manage error conditions from their state in older 32-bit versions of Windows (C++ exceptions and OS Structured Exception handling). There are a lot of papers available on 64-bit Windows exception handling on the web, but I decided to increase my knowledge on this…
  • Detection for PutterPanda, we got this.

    Joel Esler
    13 Jun 2014 | 12:00 pm
    Recently a post by Crowdstrike was released detailing an attack being used, allegedly, by the Chinese Military "PLA Unit 61486".  The post is a great demonstration of the use of OSINT (Open Source Intelligence) to track an adversary in this increasingly digital world.You can read Crowdstrike's post here:http://www.crowdstrike.com/blog/hat-tribution-pla-unit-61486/index.htmlNaturally, we started receiving questions if we cover one of the malware/tools mentioned in the post:15cae06fe5aa9934f96895739e38ca26(there are others like it)The VRT can confirm that we've had coverage for the…
  • add this feed to my.Alltop

    PC1News.com

  • Surf Safely Removal Guide

    admin
    18 Jul 2014 | 7:45 am
    Surf Safely has been presented as a useful add-on which tries to optimize your Internet security by blocking the potentially unwanted and malicious programs. However, instead of protecting your PC, you will suffer the adverse behavior which will probably cause you some serious problems. Therefore, the best thing you can do is to uninstall Surf Safely from your computer right away. Be aware that the application usually enters your system with other unwanted programs, thus you have to make sure that you have eliminated them along with Surf Safely. A reliable anymalware tool will scan your PC…
  • SaveMass Removal Guide

    admin
    18 Jul 2014 | 7:37 am
    SaveMass is claimed to provide you with the best deals and offers on the web. The application was published by Cyber C.S.G. Soft Ltd, and it is compatible with the major web browsers Internet Explorer, Google Chrome, and Mozilla Firefox. The browser add-on is promoted at its official website savemassit.info, but it could infect your system bundled with other free programs as well. You should be aware that SaveMass can randomize its name, meaning that the name of the program may contain additional letters, for example, SaveeMass, etc. Due to its function to display numerous third-party…
  • Play Now Radio Removal Guide

    admin
    18 Jul 2014 | 7:31 am
    Play Now Radio is a browser extension that computer users usually download from its official website playnowradio.com. The program has been created by Montiera Technologies Ltd, and it is compatible with Google Chrome web browser. Other applications developed by Montiera are Shop-wit, Wizebar and Buenosearch.com, however, none of them have a good reputation, thus they should be removed from your system. You have to uninstall Play Now Radio as well because this browser extension is not as innocent as it's been presented. In fact, malware researchers have investigated and found out several…
  • Complitly Removal Guide

    admin
    18 Jul 2014 | 7:17 am
    Complitly is an adware program whose purpose is not to infect your system with malware. However, the problem is that adware applications usually become malware distributors. Cyber crooks are these who know how to exploit Complitly for their malicious purposes, thus you should not take this risk. The best thing you can do is to remove the adware application in order to protect your PC from any potential threats. In addition, you'd better scan your computer for other exisiting dangerous programs, as adware does not travel alone. Similarly to the other adware applications, Complitly has been…
  • Deeal Removal Guide

    admin
    18 Jul 2014 | 4:26 am
    Deeal is a browser add-on which can be found on its official website deeal.net, however, it certainly should not be trusted at all. The reason for this is the ability of Deeal to set up a Trojan horse on some computers. This browser add-on is considered as adware because it promotes third-party advertisements and installs Optimizer Pro and Bubble Dock on your system, which are classified as potentially unwanted programs and can be erased from your PC by a legitimate malware removal tool. Deeal is a French program built using the BestToolbars engine and published by Kreapixel Inc. The browser…
  • add this feed to my.Alltop

    NSS Labs

  • It’s Time to Expect More from Your Research

    23 Jul 2014 | 12:00 am
    As any enterprise research manager or IT buyer will attest, finding the right information – and at the right time – is difficult at best. Oftentimes, multiple sources are used to answer one particular question – and then additional tools must still be used to validate those initial sources. Market share data, product comparisons, product roadmap implications, and insights into vendor strategy are separate services, and enterprises must sign up for these different services and then aggregate the data themselves, which can be a formidable task. 
  • Data Privacy Concerns Go Mainstream

    15 Jul 2014 | 12:00 am
    While one might expect to hear about security, privacy, and compliance at the security-oriented RSA Conference in San Francisco, these are less likely to be headline topics at the annual consumer electronics show, Cebit, or the eclectic South by SouthWest (SXSW) event in Austin, TX. But this year, privacy and security were hot topics at Cebit and at SXSW.
  • Understanding Risk and Adjusting Premiums

    8 Jul 2014 | 12:00 am
    As the volume and value of customer and corporate data increases, attackers are more determined than ever. This data has value attached to it, which can be insured, much like any asset would be. However, it can be more difficult to assess the value of digital assets, and more importantly, it is much more difficult to assess the risk that the storage and use of digital assets represents to an organization.This uncertainty in risk transfers to the insurance carrier because of the difficulty in calculating.
  • Sharpen Your Machete and Prepare for the Jungle

    17 Jun 2014 | 12:00 am
    Looking back to the end of 2013 and reviewing 2014 thus far, any security professional would wonder if it is possible to navigate the security landscape successfully. Target announced a serious data breach late last year; Neiman Marcus announced its own breach at the start of this year; and eBay just recently announced a password breach issue. Add to this the same data security and privacy concerns that we had at the end of 2013, and security in 2014 is resembling a jungle, complete with hungry tigers, malaria, and poisonous spiders.
  • Don’t Use a Screwdriver to Do a Hammer’s Job

    10 Jun 2014 | 12:00 am
    We have to get smart about how we perform security: sophisticated threats require sophisticated countermeasures. The premise sounds simple enough, but the security market is being turned on its head as the effectiveness of legacy technologies such as antivirus is questioned and as new technologies shift to real-time analysis and behavior-based approaches for malware identification. A review of the tools on the market today reveals two distinct approaches:
 
  • add this feed to my.Alltop

    VRT

  • Apple ID Harvesting, now this is a good phish.

    Joel Esler
    9 Jul 2014 | 8:07 am
    Phishing isn't new.  "So, why are you writing about it?", you ask.I received this one today and it was very well done, so I thought I'd write it up.  Chances are, you've seen these before:If you are familiar with Apple Verification emails, you'll notice the format is almost exactly what Apple uses.  You'll notice that there are hardly any grammar, punctuation or capitalization errors.  Usually, something as simple as the "Dear Customer" would give it away by the insertion of a space between the word "Customer" and ",".  Those of you that look at phish emails all day…
  • Microsoft Update Tuesday July 2014: light month, mostly Internet Explorer

    Yves Younan, PhD
    8 Jul 2014 | 10:15 am
    This month’s Microsoft Update Tuesday is relatively light compared to the major update of last month. We’re getting a total of six bulletins this month, two marked critical, three as important and finally one moderate. These six bulletins cover a total of 29 CVEs, most of which are, as is usual, in Internet Explorer.Let’s start off with the Internet Explorer bulletin, MS14-037. It covers a total of 24 CVEs, 23 of which are memory corruption vulnerabilities that could result remote code execution vulnerabilities and most of those memory corruptions are the result use-after-free…
  • Threat Spotlight: "A String of Paerls", Part 2, Deep Dive

    Joel Esler
    8 Jul 2014 | 7:00 am
    This post has been coauthored by Joel Esler, Craig Williams, Richard Harman, Jaeson Schultz, and Douglas GoddardIn part one of our two part blog series on the “String of Paerls” threat, we showed an attack involving a spearphish message containing an attached malicious Word doc. We also described our methodology in grouping similar samples based on Indicators of Compromise: static and dynamic analysis indicators. In this second part of the blog series we will cover the malicious documents and malicious executables. The Attachment (that your IT department would tell you not to…
  • Exceptional behavior: the Windows 8.1 X64 SEH Implementation

    Andrea Allievi
    26 Jun 2014 | 10:37 am
    In my last post, you may remember how the latest Uroburos rootkit was able to disarm Patchguard on Windows 7. I was recently looking into how Patchguard is implemented in Windows 8.1 and decided to dig into Exception Handling on x64. As a matter of fact, all the new 64-bit Windows operating systems have entirely changed the way they manage error conditions from their state in older 32-bit versions of Windows (C++ exceptions and OS Structured Exception handling). There are a lot of papers available on 64-bit Windows exception handling on the web, but I decided to increase my knowledge on this…
  • Detection for PutterPanda, we got this.

    Joel Esler
    13 Jun 2014 | 12:00 pm
    Recently a post by Crowdstrike was released detailing an attack being used, allegedly, by the Chinese Military "PLA Unit 61486".  The post is a great demonstration of the use of OSINT (Open Source Intelligence) to track an adversary in this increasingly digital world.You can read Crowdstrike's post here:http://www.crowdstrike.com/blog/hat-tribution-pla-unit-61486/index.htmlNaturally, we started receiving questions if we cover one of the malware/tools mentioned in the post:15cae06fe5aa9934f96895739e38ca26(there are others like it)The VRT can confirm that we've had coverage for the…
  • add this feed to my.Alltop

    Private WiFi

  • Wireless Safety Tips for Travelers from PRIVATE WiFi and STOP.THINK.CONNECT.: [INFOGRAPHIC]

    Jillian Ryan
    24 Jul 2014 | 8:32 am
    Warning: There is an invisible security threat that you will encounter on your next vacation. No matter where you are going or when, you will likely encounter WiFi on your journey. While the convenience of such a connection is alluring to any vacationer, understanding the dangers associated with using that wireless hotspot are paramount. Remember that WiFi is just radiowaves and anyone can listen in to anything you send and receive on that connection. So whether you are using WiFi at your hotel, the airport, or a tourist attraction, you can potentially be exposed. If you are checking your…
  • TRUSTe’s Survey Shows That We Are Concerned about Mobile Device Privacy

    Jared Howe
    22 Jul 2014 | 1:36 am
    These days we are using mobile phones and tablets more and more, and this trend away from computers to mobile devices will continue in the years to come, according to a survey about consumer attitudes and mobile device privacy released by TRUSTe, a leading privacy services provider. Our mobile devices present unique risks. For example, did you know you could be tracked by nearly anyone (including the government and businesses) if you leave your WiFi activated? This allows anyone with simple tools to track your location. And of course advertisers track us by installing cookies on our devices…
  • Can Google Glass Steal Your Online Banking Passwords Just By Looking?

    Alok Kapur
    21 Jul 2014 | 1:30 am
    Privacy expectations have been evolving or changing for several years. As younger generations become more comfortable sharing personal information with less expectation that it will remain private, it’s no secret that our online privacy expectations are fading fast. But the shocking claims reported by CNN Money that Google Glass wearers can allegedly steal pretty much everything, including your bank account details, credit card account, or even your Social Security number is reigniting the debate about our collective privacy expectations. CNN pointed out that security researchers at the…
  • Sophos’ Warbiking Campaign Goes to Las Vegas and Sydney

    Jared Howe
    18 Jul 2014 | 1:10 am
    If you remember the article we posted a few months ago about Sophos’ warbiking tour, you’ll recall that Sophos found that only 13% of WiFi users in San Francisco were connecting to the Internet using WPA2 security, the recommended best-practice protocol and the safest security protocol currently available. They also found that 1,500 people connected to a fake public WiFi network they set up, which could have easily been a rogue network, and that only 6% of users were using a VPN to stay safe. Well, Sophos is at it again and this time they’ve visited Las Vegas and Sydney. And perhaps…
  • Zone Alarm Highlights the Risks of Public WiFi

    Jared Howe
    16 Jul 2014 | 1:10 am
    Zone Alarm, an Internet security company, has published a cool graphic which highlights our attitudes toward public WiFi networks, the risks we face when we connect to them, and ways we can protect ourselves while using them. According to a follow-up post on Forbes.com about the Zone Alarm study, there are a variety of ready-made software tools that give hackers a leg up in public WiFi environments. Packet sniffers go for as little as $15, and there are ready-to-go tools that anyone can download, install, and go. “If you’re interested and you want to be a hacker, you can be a hacker in 30…
 
  • add this feed to my.Alltop

    Pivot Point Security

  • Still Think You Don’t Need to Patch Internal Systems?

    Mike
    8 Jul 2014 | 4:00 am
    If Pivot Point Security’s clients are any indication, there are a lot of SMBs out there—even in highly vulnerable and heavily regulated verticals like banking—where patching internal systems is seen as a low priority and rarely happens. This is because “hackers would have to get on our network” to do any damage, so why bother? This attitude reflects a lack of understanding about the true risk associated with running outdated software. Unless you’re locking down access to internal systems using some pretty sophisticated technology, you’re highly vulnerable to rogue entities that…
  • The Rising Cost of ISO 27001 Certification

    John
    1 Jul 2014 | 4:00 am
    As ISO 27001 and related attestation standards have grown in importance and popularity, so too has the cost of getting ISO 27001 certified. In July 2012, I penned a blog post in which I estimated the cost of ISO 27001 certification at that time at $48,000. Based on a quick review of the ISO 27001 projects that Pivot Point Security has done over the last year, the average is now in the $80,0000 range. That is a remarkable change in a very short period of time. Why has the cost of ISO 27001 certification gone up by about 60% in less than two years? As I see it, there are two primary reasons:…
  • TrueCrypt and Security Risks in Your IT Supply Chain

    Mosi
    27 Jun 2014 | 11:29 am
    The announcement that the popular, free disk encryption tool TrueCrypt is no longer secure illustrates the risk every organization faces in its IT supply chain. How do you know whether the commercial or open source software your organization relies on to deliver its information services meets security requirements? Matthew Green, a security researcher from the Johns Hopkins University Information Security Institute, crowdsourced funds for a security audit report of the TrueCrypt bootloader in February, so users had some idea about the security of that part of TrueCrypt since that time. But…
  • The OWASP Application Security Verification Standard (ASVS) 2013—New, Improved and Worth a Look

    Bob
    8 May 2014 | 4:00 am
    The Open Web Application Security Project (OWASP) is no one-trick pony. Already well known for its OWASP Top 10 list of security vulnerabilities, the worldwide nonprofit has been actively working on version 2 of its Application Security Verification Standard (ASVS), now in beta. ASVS 2.0 refocuses and reorganizes the initial version released in 2008, making it much more useful to information security professionals. Here at Pivot Point Security, we plan to leverage the ASVS 2.0 guidance both to inform our methodology for testing against Top 10 vulnerabilities, and to expand our reporting to…
  • ISO 27001 Certification Audits Versus Internal Audits: The Difference is Important

    Mosi
    7 Apr 2014 | 6:37 am
    Many of our clients at Pivot Point Security want to know whether the internal audit of their information security management system (ISMS), as required by the ISO 27001 standard, can be viewed as a “mock certification audit” or “dry run” to make sure they’re ready for a certification audit or surveillance audit. The answer is “yes and no.” Yes, you can use your ISO 27001 internal audit simply to prepare your organization for certification or surveillance audits conducted by a certification body—but this limits its business value, and could potentially compromise the…
  • add this feed to my.Alltop

    HOTforSecurity

  • Thousands of WordPress Sites Compromised through MailPoet Vulnerability

    Alexandra Gheorghe
    24 Jul 2014 | 8:27 am
    Around 50,000 websites have been compromised through a vulnerability in the MailPoet WordPress plugin discovered this month, according to researchers at Sucuri labs. The MailPoet vulnerability allows attackers to upload malicious themes to a WordPress website and plant a backdoor code to get full control of the site. The compromised website can be exploited for malware injections, defacement, spam campaigns and more. Some 3,000 malware attacks per day have been identified in the last 72 hours. “The malware code had some bugs: it was breaking many websites, overwriting good files and…
  • European Central Bank Web Site Breached; 20,000 Email Addresses Stolen

    Lucian Ciolacu
    24 Jul 2014 | 8:23 am
    The European Central Bank’s (ECB) web site has been breached by cybercriminals and the e-mails and contact details of 20,000 people were stolen, according to the IBTimes The ECB says its internal system is physically separate from its contacts database and no other sensitive data was lost. Photo Credit: Huffington Post “The theft came to light after an anonymous email was sent to the ECB seeking financial compensation for the data,” the ECB said in an announcement. The breached database was used for ECB conferences and visits, as it contained events registrations. Most of…
  • Piracy Groups Caught Selling Fake Android Apps

    Alexandra Gheorghe
    23 Jul 2014 | 6:51 am
    Leading members of three piracy groups that target Android, Appbucket, Applanet and SnappzMarket, have been arrested for illegally distributing Android mobile apps, according to the U.S. Department of Justice. “As a result of their criminal efforts to make money by ripping off the hard work and creativity of high-tech innovators, the defendants are charged with illegally distributing copyrighted apps,” said Assistant Attorney General Caldwell. Three members of the SnappzMarket group are accused of selling more than 1 million copies of copyrighted Android mobile apps between May 2011 and…
  • Hacker Finds Undocumented Functions in Apple’s iOS That Could Siphon Data

    Lucian Ciolacu
    22 Jul 2014 | 12:03 pm
    Jonathan “NerveGas” Zdziarski, an iOS researcher and developer, has found several undocumented functions in Apple’s mobile iOS that allegedly siphon data back to Apple, according to a blog post The functions retrieve data, without authentication, from an iOS-based device using wireless or USB connections and have no other purpose other than data retrieval from devices, Zdziarski says. “I have emailed both Tim Cook and Steve Jobs at various times to ask for an explanation about these services, citing them as `back doors,’ and have received no reply,” the…
  • Funny Video Facebook Scam Drops Not so Funny Trojan, Bitdefender Warns

    Bianca Stanescu
    22 Jul 2014 | 7:49 am
    A new “funny” video spreading on Facebook drops a not so hilarious Trojan on users’ computers, according to research by antivirus software provider Bitdefender. The malware can access abundant data from Internet browsers. The hackers might originate from Albania, according to malicious code samples. The story was also featured by The Guardian.  It all starts with what appears to be a funny video of a Facebook friend. Once they click on the video, users are brought to the phony YouTube page, which redirects them to a malicious Flash Player.exe for an Adobe “update”. Scammers created…
  • add this feed to my.Alltop

    Dice News » Security

  • Internet of Things Increases Need for Security Pros

    Susan Hall
    21 Jul 2014 | 8:56 am
    The sheer number of “things” to be secured in the Internet of Things is expected to create a rash of jobs in cybersecurity over the next several years. “You’re going to have to secure the device or the sensor, you need to secure the data, and you’re going to have to secure that across an open network,” Intel’s head of business marketing, Stuart Dommett, told an IoT roundtable in May. “It really is a massive, massive change.” Click here to find cybersecurity jobs. Intel has argued previously that the IoT, which is expected to see 26 billion connected devices by 2020,…
  • Is This New Cyber Forensics Certification Worth the Investment?

    Myra Thomas
    21 Jul 2014 | 8:14 am
    Continued pressure on cybersecurity systems is making professionals with security and forensic experience extremely attractive to employers. Not surprisingly, related certifications are gaining more attention, including one of the newer ones: the CCFP, or Certified Cyber Forensics Professional from the (ISC)². According to (ISC)² Executive Director W. Hord Tipton, the organization saw a need for a certification that was broader than those available for professionals working in and around law enforcement, intelligence, litigation, consulting and computer security. The CCFP’s target…
  • Cyberattacks Focus Employers on Security Certifications

    Myra Thomas
    9 Jul 2014 | 7:13 am
    Continuing cyberattacks like those mounted against Target, eBay and Apple are pressuring companies to emphasize security even more than they have been to date. When it comes to hiring, that’s adding to the importance of certifications in IT audit, security, governance and risk. In many cases, that importance is translating into pay premiums for professionals that hold the credentials. Click here to see security jobs. Among the certifications in greatest demand are those from ISACA, an international association that focuses on IT governance. Indeed, according to the most recent IT Skills and…
  • More Than 300k Servers Still Threatened by Heartbleed

    Nick Kolakowski
    23 Jun 2014 | 8:31 am
    When security researchers unveiled the “Heartbleed” security bug in April, it kicked off a worldwide freak-out. For years, the online world had operated on the assumption that OpenSSL was a secure protocol, trustworthy enough for people to use it for everything from email to financial transactions; thanks to Heartbleed, however, an attacker with a moderate level of programming knowledge could exploit a loophole to grab anything from passwords to encryption keys. Click here for security jobs. Following the announcement, developers around the world rushed to patch their systems. But…
  • Network Concerns Drive Hiring for Security Professionals

    Mark Feffer
    4 Jun 2014 | 7:35 am
      Demand for the skills necessary to secure networks and data continues to drive opportunities for security specialists. During April, job postings for security-related positions rose 20 percent year-on-year, according to business intelligence firm Wanted Analytics. Click here to search security jobs. More than 7,800 security-related postings were available during the month, the company said. The most commonly advertised jobs that included a need for security knowledge were cyber security analyst, software engineer, systems engineer, systems administrator and network engineer.
 
  • add this feed to my.Alltop

    Seculert Blog on Advanced Threats and Cyber Security

  • Extended APT Campaign Targeted US Airports

    Liora R. Herman
    23 Jul 2014 | 3:08 am
    In its 2013 Annual Report, the Center for Internet Security (CIS), a nonprofit group that works closely with state and local governments, has revealed that last year US airports were targeted by an unnamed nation state in a prolonged Advanced Persistent Threat (APT) campaign. The APT campaign, which was designed to spy on sensitive aviation […] The post Extended APT Campaign Targeted US Airports appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Ransomware Trojan Delivered via Fake Dropbox Email

    Liora R. Herman
    21 Jul 2014 | 5:10 am
    Cyber attacks on enterprises via Dropbox aren’t new – in fact, we were warning about them last year. However, bad actors routinely adjust their tactics, and this latest ransomware variation is a doozy. As investigated by PhishMe, bad actors are sending ordinary-looking emails that claim to deliver a fax or invoice. However, when victims click […] The post Ransomware Trojan Delivered via Fake Dropbox Email appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • NY Times Article Ushers in the Era of Cloud Computing

    Liora R. Herman
    9 Jul 2014 | 4:38 am
    According to a new article by New York Times journalist Quentin Hardy, the practice of linking and distributing data across multiple machines, and leveraging their collective power to achieve remarkably cost-effective levels of performance, access, speed, and scalability — or more simply put: cloud computing — has now become so prevalent, that it could be […] The post NY Times Article Ushers in the Era of Cloud Computing appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Analyst Calls for “Adaptive Security Architecture” at Gartner Summit

    Dudi Matot
    8 Jul 2014 | 5:01 am
    As a company founded by network security experts, we have always believed in the competence and accuracy of our vision. However, I will admit that it is particularly satisfying when we come across independent industry analysts who echo our views on an ideal security architecture so completely, that they might have just finished reading one […] The post Analyst Calls for “Adaptive Security Architecture” at Gartner Summit appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Cyber Attack : US Hedge Fund Loses Millions in the “Perfect Crime”

    Liora R. Herman
    3 Jul 2014 | 5:59 am
    UPDATE: BAE Systems now claims that this previously reported cyber incident was actually an “illustrative scenario” used by the cyber experts inside BAE Systems. After several months of silence, security researchers from BAE Systems Applied Intelligence have gone public about a cyber attack that cost its unnamed US hedge fund client millions of dollars. The […] The post Cyber Attack : US Hedge Fund Loses Millions in the “Perfect Crime” appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • add this feed to my.Alltop

    Managed File Transfer and Network Solutions

  • Rotating and Archiving Logs in JSCAPE MFT Server

    John Carl Villanueva
    23 Jul 2014 | 4:15 pm
    Overview Last week, a client wanted to know if there was a more efficient way of archiving and/or deleting old log files to clear up some storage space on their managed file transfer server. They were currently doing things manually and he understandably wanted to adopt some form of automation. Fortunately, JSCAPE MFT Server offers a solution and we'd like to detail the steps here so that anyone else interested may also follow it. Warning We do not recommended you to delete logs. These can be very important for audit purposes, especially for companies who are subject to regulatory compliance.
  • What is an SSL File Transfer?

    John V.
    19 Jul 2014 | 5:50 pm
    Overview SSL file transfer is a term sometimes used in referring to a secure file transfer protocol known as FTPS or FTP-SSL. FTP is a network protocol used for transferring files, while SSL is a protocol for encrypting information sent over a network. This post is meant to help users understand what FTPS is and what it is capable of doing, particularly in terms of enhancing the security of your file transfers. The term "SSL file transfer" is also used to refer to file transfers using HTTPS, another secure network protocol. However, to keep this post concise, we'll just focus on FTPS.
  • What is an AS2 MDN?

    John Carl Villanueva
    17 Jul 2014 | 3:50 pm
    Overview An MDN is an electronic return receipt which a trading partner can optionally request during an AS2 interchange. The use of MDNs help enforce data integrity and non-repudiation in AS2. In this post, we'll talk more about the value of issuing an AS2 MDN, what options you have when using it, and an overview of the usual configurable MDN settings in a managed file transfer server.  Why use an MDN After transmitting an EDI message to a trading partner, we usually want to confirm whether the message - in all its entirety - actually went through. More so if our EDI (Electronic…
  • Active v.s. Passive FTP Simplified

    John V.
    16 Jul 2014 | 2:10 pm
    When a client experiences problems when connecting to your FTP server, one thing you might want to look into is whether you've set your FTP data transfer mode to either active or passive.  Active and passive are two possible modes that an FTP connection can operate on. Taking into consideration the network configurations and security controls in place, you should choose one mode over the other. But before we discuss which mode is best for what scenario, let's first talk about the basics of these two modes, which can best be explained if we start our discussion with the two channels an…
  • How to Reverse Proxy HTTP In 3 Simple Steps

    John Carl Villanueva
    14 Jul 2014 | 8:48 am
    Overview There may be instances when you'd want external users to access HTTP servers located behind your corporate firewall. A secure way of doing that is by allowing access to those servers through a HTTP reverse proxy. In this short tutorial, we'll show you how this can be achieved using JSCAPE MFT Gateway.  To proceed, first you'll need to download and install an instance of JSCAPE MFT Gateway. Second, you'll have to set it up between an HTTP server and your Internet-based users as shown on Figure 1. Once ready, proceed to Step 1    Figure 1  …
  • add this feed to my.Alltop

    Radware Blog

  • REPORT: State of the Union for Ecommerce Page Speed & Web Performance [Summer 2014]

    Tammy Everts
    22 Jul 2014 | 6:37 am
    Here at Radware, our latest research into the performance and page composition of top retail sites finds that the year-over-year trend toward bigger pages that take longer to load has continued. The median top 100 ecommerce page takes 6.2 seconds to render its primary content, 10.7 seconds to fully load, and weighs in at 1677 KB. The result? The median page takes 27% longer to begin rendering than it did just one year ago. Keep reading to find out how to mitigate the impact of “page bloat” and deliver the best possible user experience to online customers. Click to enlarge In…
  • 6 Types of DDoS Protection for Your Business

    David Monahan
    14 Jul 2014 | 7:55 am
    David Monahan is Research Director for Enterprise Management Associates (EMA) and is a featured guest blogger. DDoS attacks have become commonplace these days.  The offending attackers may be hacktivists, cyber-criminals, and nation states or just about anyone else with an Internet grudge and a PayPal or Bitcoin account.  These attacks themselves often require no technical skill.  Someone with a bone to pick can simply purchase the use of any number of nodes on one or more botnets for an hourly fee (long term rate discounts available); use a Graphical User Interface (GUI) to organize the…
  • Cyber Attacks on Oil and Gas

    David Hobbs
    11 Jul 2014 | 9:11 am
    A few weeks ago, news agencies shared reports on the Energetic Bear attack. This cyber-attack, or rather virus, was reportedly introduced by a Russian hacking group and it targeted oil, gas, power, and energy investment companies. The threatening malware had the ability to shut down major power grids, oil pipelines, gas, and energy traders. Analysts speculate that the attack motive was to gain competitive advantage in state-sponsored espionage against global oil and energy producers. This attack started by hacking into the websites of software companies that provide industrial control…
  • Five Burning Security Issues in Cloud Computing

    Bill Lowry
    20 Jun 2014 | 11:29 am
    As companies accelerate their adoption of cloud technologies – like infrastructure as a service (IaaS) or software as a service (SaaS) – the need for solutions that provide secure access and reliable operations in the cloud increase in importance. Since your data will now reside in several different facilities, with different providers or partners, you now have a new “security perimeter” to monitor and defend. As such, the need to closely evaluate how cloud-based data is protected should be part of the overall security strategy. A top area of concern is defending applications from…
  • A 5 Step Plan on How to Protect Yourself from Cybercrime

    Adrian Crawley
    16 Jun 2014 | 7:14 am
    Recently, I wrote an article for Help Net Security to discuss the modus operandi of cybercriminals and how this can lead to different types of cyber attacks.  While we have previously encountered huge distributed denial of service (DDoS) attacks that appear to come from nowhere and flood the victim’s network security, we have begun to see much more stealth and more sophisticated attacks causing just as much, if not more, damage. In the latest report from the Radware Emergency Response Team (ERT), we tracked the rise of these web stealth attacks.  One of the most common is a…
 
  • add this feed to my.Alltop

    pfSense Setup HQ

  • Replay Attacks and Possible Countermeasures

    maximumdx
    23 Jul 2014 | 2:00 pm
    Replay attacks are a variation on the man-in-the-middle theme. In a replay attack an agent is once again placed within the client/server line of communication. In the case of a replay attack, however, the transaction data is recorded for the express purpose of allowing the data to be modified and replayed to the server at a later time for nefarious purposes. An example of a replay attack is an instance where one party wants to prove their identity to a another party. If a third party eavesdrops on the conversation, they can intercept the password. Once the exchange is over, the eavesdropper…
  • Man-in-the-Middle Attacks

    maximumdx
    22 Jul 2014 | 6:00 am
    Man-in-the-middle attacks are perhaps one of the more complex and sophisticated forms of security breaching approaches. As the name implies, such an attack involves the surreptitious placement of a software agent between the client and server ends of a communication. In this scenario, neither end of the communication is aware that the malicious agent is in the line of communication. For the most part, the man in the middle simply relays the data transmissions between client and server as though nothing is happening. What is generally happening in parallel with this process is that the agent…
  • IP Spoofing and Defenses

    maximumdx
    17 Jul 2014 | 6:00 am
    IP address spoofing is the creation of IP packets with a source IP address with the purpose of concealing the identity of the sender or impersonating another computer system. The basis of spoofing involves masquerading as a trusted system in order to gain unauthorized access to a secure environment. IP spoofing involves modifying data to make it appear to originate from the IP address of a system that is trusted by a server or firewall. Using this approach, a host is able to pass through the IP filtering that would otherwise serve to prevent access. The objective of IP spoofing in most, but…
  • Phishing: Common Variations

    maximumdx
    14 Jul 2014 | 6:00 am
    Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details be masquerading as a trustworthy entity in electronic communications. Communications purporting to be from popular social networking sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting people. A phishing attack is most often initiated with a special type of spam containing a link to a misleading domain name, which appears to be a legitimate site. The e-mail tricks the recipient into visiting the spoofed web site, which…
  • Back Door Attacks

    maximumdx
    8 Jul 2014 | 2:00 pm
    Back Orifice in action. Back door attacks utilize programs that provide a mechanism for entering a system without going through the usual authentication process. This can either take the form of hidden access points intentionally put into an application by the original developers to aid in maintaining and debugging the software which were then left in when the software was installed by customers, or a malicious program that is placed on a system via a virus or other method which opens up the system to unauthorized access. Back Door Attacks: Back Orifice, NetBus and Sub7 A number of back door…
  • add this feed to my.Alltop

    Tips4Tech Blog

  • Does Your Business Conduct Regular Security Audits? Here Are 3 Tips

    Allan Pratt
    15 Jul 2014 | 5:36 pm
    Thanks to the numerous security breaches in the news, the C-suite members of your business should be thinking about regular security audits. While size does matter, the more employees you have and the more data you generate, security audits are critical to the long-term stability of your business. And remember, no one is immune to a data breach. Wondering where to start? Check physical security first. Then work your way in. The simplest way to steal data is to steal the device where it’s stored. You would be surprised by the number of businesses that don’t do the easy things. They…
  • Address Books, Webmail and the Cloud

    Allan Pratt
    9 Jul 2014 | 8:17 pm
    To All businesses Who Use Address Books on Webmail: stop and learn why your data may be at risk. Instead of Webmail, use a third-party email client such as Outlook or Thunderbird. Recently, I was hacked. No one is immune – even those of us in the infosecurity field can get hacked. The situation occurred in an email account that I use for professional correspondence outside of my day job. I have a client in the medical profession who uses Gmail for his email correspondence, and recently, the doctor was hacked. He keeps all of his patient email addresses as well as friends and family in the…
  • Does Your Business Fail the Customer Privacy Test?

    Allan Pratt
    27 Jun 2014 | 10:01 pm
    I had a recent experience where my privacy was compromised, and based on the inaction by the company, I wonder how many experiences I encounter that are not as obvious. I visited a local branch of a national financial institution to make a deposit (yes, I still walk into banks every now and then), and after I gave my endorsed check and deposit slip to the teller, he placed them face down into a clear plastic box that was in front of him. The box was in clear view of the customer opposite him (me). If the next customer did not make a deposit, no papers would go into the box to cover my items.
  • 5 Ways to Prepare for Data Breaches – Before It’s Too Late

    Allan Pratt
    2 Jun 2014 | 8:34 pm
    I read a recent post that has stuck with me. The question raised was how do businesses, especially midsize businesses, budget for insider threats: “Midsize firms simply cannot afford data breaches, no matter what the cause. [But] a company that considers insider threats can take preventive steps. Employees may require access to sensitive information to remain productive, but ensuring that appropriate security steps are taken is KEY to keeping a firm running as smoothly as possible.” While applying policies such as “least privilege” or “implicit deny” may help keep the…
  • Want a Competitive Advantage? Then Protect Your Customers’ Privacy

    Allan Pratt
    22 May 2014 | 8:56 pm
    It seems as if we hear about a major data breach every day, whether it’s a government entity, hospital or other medical institution, or a large retail outlet. Whether the breach occurs due to malware or a lack of external protections, companies are getting sloppy with their data. In today’s highly competitive environment, all companies need to be proactive when it comes to protecting their customers’ confidential data. But the reality is, many companies aren’t proactive. They act as if a data breach won’t happen to them. They aren’t willing to spend the money or allocate the…
  • add this feed to my.Alltop

    blackstratus.com

  • Understanding Cloud Security Models

    Rich Murphy
    22 Jul 2014 | 2:00 am
    When speaking about security and cloud computing, it’s important to distinguish among three separate models for service delivery: public, private and hybrid. Each model represents a different approach to software-as-a-service and can have different security implications. The public cloud — Public cloud service is delivered over the Internet, typically on a pay-per-use model, meaning a business is charged only for the storage it needs. Public cloud models are ideal for small- or medium-sized organizations that prioritize collaboration. Because public cloud service providers rely on…
  • How to Implement Server Virtualization in Your Business

    Rich Murphy
    1 Jul 2014 | 3:00 am
    In a business environment where IT managers are constantly being asked to do more with less, server virtualization represents an easy way to maximize your existing resources. Although server virtualization has gained popularity in recent years, there’s still some confusion about how it works, what the benefits are and how to get started. Let’s take a look at some of the best ways to implement server virtualization in a small or medium sized business environment. What Is Server Virtualization? Server virtualization is a process when a physical server is segmented into a number of…
  • Security and Operational Efficiency

    Rich Murphy
    27 Jun 2014 | 11:47 am
    Too often, IT managers think of their job in terms of striking a balance between institutional security and operational efficiency. The truth is, however, that an agile security posture will be easy and cost-effective to maintain while still providing complete protection of your data, applications and other valuable assets. In fact, the key to efficient, effective security is not necessarily to throw money at the problem, but to prioritize how and when resources are deployed. Some areas to focus on include: User training: Many IT managers assume that users will know how to securely access…
  • 17 Best Practices for Maintaining Data Security in a Business Environment

    Rich Murphy
    9 Jun 2014 | 6:57 am
    No matter what business you’re in, protecting your data from threats and accidental compromises is a critical concern. Several recent high-profile incidents have exposed just how vulnerable retailers, educational facilities, government contractors and other organizations are. According to Forbes Magazine, corporate network security is an over $60 billion industry. However, before you invest in the latest expensive technology, it’s important to plan properly. This will help you make the most of your budget without compromising the level of protection your intellectual property,…
  • Peer-to-Peer Communication Challenges in the Cloud

    BlackStratus
    3 Jun 2014 | 3:00 am
    Security practices have changed significantly in the last decade. It used to be sufficient to set up firewall rules to close the intranet off from the internet. Nowadays, companies rely more and more on cloud services, remote access and peer-to-peer communications. This alone makes maintaining company network much more difficult. Especially, the peer-to-peer software applications are posing significant challenge to a network administrator. In order to be able to exchange packets with the hosts outside as directly as possible they use interesting methods to punch holes in firewalls, which…
 
  • add this feed to my.Alltop

    Milton Security

  • Goodwill Investigating Possible Data Breach

    Brett Nava-Coulter
    24 Jul 2014 | 12:19 pm
    Federal investigators  are looking into a possible data breach at Goodwill Industries Inc.  The company announced late Monday night that it had been contacted by a fraud unit who said credit card numbers may have been stolen from Goodwill’s U.S. stores. Currently the company is working with the secret service and fraud investigators to determine whether any data was leaked. Brian Krebs, of Krebsonsecurity.com, is reporting that sources  have identified multiple locations that may have been attacked.  The pattern of fraud on cards recently used at Goodwill locations across 21 states…
  • Wall Street Journal Gets Hacked. Was anything taken?

    Bethany Nolan
    24 Jul 2014 | 10:53 am
    On Tuesday, Dow Jones & Company, an American publishing and financial firm that happens to be the publisher of the Wall Street Journal admitted to a breach of their computer systems that house the news giant’s graphics. Journal officials have said that the affected systems were immediately taken offline in  an attempt to minimize any damage done by the attacker(s).  According to a spokeswoman for the Journal, they “are investigating an incident related to wsj.com’s graphics systems. At this point {they} see no evidence of any impact to Dow Jones customers or customer…
  • Are bots going after nana?

    Brett Nava-Coulter
    23 Jul 2014 | 1:58 pm
    Bad bots want to steal your grandma’s web identity…  at least, for a little while.  The latest hacking scheme ‘borrows’ web traffic from unsuspecting users to make them seem as though they have viewed certain websites or web ads in order to gain revenues from advertisers.   “They’re not going after people with secret military documents,” says Dan Kaminsky, founder of White Ops, “They’re going after grandmothers. They’re going after everyone they can. And we were genuinely curious, why? Why hack Grandma?” Advertisers are desperate to…
  • StubHub hit by other sites’ data breaches!

    Bethany Nolan
    23 Jul 2014 | 11:03 am
    Well, it’s official!  One(or more) site’s lack of concern for security has officially gotten dangerous for others. Over 1,000 StubHub customers’ accounts have been compromised.  Someone ( multiple someones) hacked in and obtained customers’ login information.  But hacked in to where exactly?  Apparently, not in to StubHub.  StubHub themselves have not had a breach of security., according to a spokesperson for the company.   Hackers obtained users’ login information by hacking in to other sites with less security and/or by using key-loggers. Then, using…
  • Beta 2 of OpenSSL 1.0.2 is now available

    Brett Nava-Coulter
    22 Jul 2014 | 11:30 pm
    The OpenSSL project has announced version 1.0.2 is now in beta and available to be tested.  A complete list of changes can be found in here but the major changes between version 1.0.1h and the latest version are: Suite B support for TLS 1.2 and DTLS 1.2 Support for DTLS 1.2 TLS automatic EC curve selection. API to set TLS supported signature algorithms and curves SSL_CONF configuration API. TLS Brainpool support. ALPN support. CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH. The OpenSSL project began in 1998.  Its purpose was to create a set of free encryption tools for Internet…
  • add this feed to my.Alltop

    Cyberoam : Securing You

  • Third Party Payment Processors Getting Popular Among SMBs

    Cyberoam
    24 Jul 2014 | 3:06 am
    Those who have interest in the payment card industry’s history and evolution should watch Luke Wilson starrer 2009 Hollywood movie Middle Men. Though it bombed on the box office, the movie isbased on the real life events of one of the pioneers of e-commerce, Christopher Mallick and gives a very vivid description of early days of e-commerce transactions. The biopic also tells that it was porn industry which really kicked-off the whole business of credit card payments. Since then credit card payments have become mainstay of e-commerce. However, with increase in number of online data thefts,…
  • Those who thought Linux was secure…Call to rethink!

    Cyberoam Threat Research Labs
    23 Jul 2014 | 12:34 am
    New Linux Backdoor found. Even Linux Users Need to be Aware! Often Linux is assumed to be more secure, but the recently found malware target the Linux platform in particular. The malware namely Backdoor.Linux.Kiler.A contacts a remote server, identifies itself, and sends system information. It receives control commands to download a file and execute it, execute shell commands, terminate a process, among others. To survive a system reboot, it creates a startup service. The malware can capture various aspects including keystrokes, screen snapshots and more,based on the backdoor’s…
  • Recently pulled down Gameover Zeus botnet,re-emerges!

    Cyberoam Threat Research Labs
    18 Jul 2014 | 5:03 am
    A new improved version Backdoor.Win32.Zeus.GOis being used by attackers this time. Just a month back the after the GameOver Zeus botnet was taken down by seizing servers and disrupting its operations, collectively by of FBI and Europol[1]. And within a span of this time, security researchers from Malcovery have reported a newer and improved variant of malware exhibiting similar traits of theGameoverZeuSbotnet. The newly found variant has been found compromising users’ computers, forming a massive botnet. What’s new? The new variant is named as Backdoor.Win32.Zeus.GO and has been ranked as…
  • Cosmic Duke – MiniDuke APT Trojan+ Cosmo family information stealing threat

    Cyberoam Threat Research Labs
    17 Jul 2014 | 11:29 pm
    A malware has been reported, first of his kinds that includes code from both the notorious MiniDuke APT trojan and another longstanding threat, the information stealing Cosmu family. Malware analysts were surprised to notice that themalicious executable being decompressed and loadedinto memory was very similar to the Cosmu family ofinformation-stealers, which was seenway back in 2001. Trojan.Win32.CosmicDuke.A is a Trojan that targets the Windows platform. This malware steals various data from the infected computer and sends out to a control server. The stolen data include passwords stored by…
  • Targeted attacks uses both Spear phishing and exploit

    Cyberoam Threat Research Labs
    7 Jul 2014 | 11:26 pm
    A targeted attack exhibiting combined trails of spear phishing and exploit has been reported. The attack combines an old-school Microsoft Word Macro malware attack (Visual Basic Scripting for Applications) with a decidedly new school approach of redirecting victims to exploits stored on Dropbox. The attacks came in as targeted spear phish in the form of an invoice, purchase order, or receipt, written exclusively for the recipient.  The attacks were aimed specifically towards high profile, money-rich industries such as banking, oil, television, and jewellery. Victims were duped into opening…
  • add this feed to my.Alltop

    SenaTechno ~ Give you knowledge more

  • One Thing You Should Consider for Your Account Security

    Nurdin Budi M.
    4 Jul 2014 | 12:32 pm
    When you open an e-mail, social network, internet banking, shopping or other pages that require you to fill out your account password, it is actually all browsers will store information on your computer.Read more »
  • Journey of Life

    Nurdin Budi M.
    4 Jul 2014 | 12:17 pm
    People find that way of life to be passed is long, but the way it will not seem long if we always have a plan in the course of our lives. Tried everything we have planned and always try, even though the failure will happen, then we will always be given the spirit; because the journey of life to something that is both successful plan and plan failure.Read more »
  • Safe Browsing with Chrome Incognito Mode

    Nurdin Budi M.
    4 Jul 2014 | 12:10 pm
    When you browse the internet using someone else's computer, you should be careful; don't forget to sign out of your account, remove cookies or remove website history; because information was left behind can be used by people who are not responsible.Read more »
  • When Social Media is Used Properly

    Nurdin Budi M.
    20 Jun 2014 | 2:52 am
    When something becomes a big thing as social media Facebook, Twitter, Linkedin, Google+, Forsquare and many more, it will be a lot of exposure to negative things that seemed to illustrate that social media not useful for a positive life.Read more »
  • Content is The Best Marketing Ever

    Nurdin Budi M.
    18 Jun 2014 | 10:25 am
    Many ways taken by providers of information on the internet to increase its website traffic; they use all means in order that the desired can be immediately achieved; It doesn't matter whether it's negative or positive ways; and they forget that the essence is actually to be done into oblivion. I also did the same thing and I regret using the wrong way.Read more »
 
Log in