Network Security

  • Most Topular Stories

  • The 'Backoff' malware linked to data breaches is spreading

    Techworld.com security
    24 Oct 2014 | 3:02 am
    The number of computers in North America infected by the Backoff malware, which is blamed for a string of payment card breaches, has risen sharply, according to research from network security company Damballa.
  • Addressing the New Threat Landscape with Continuous Network Monitoring

    Tenable Network Security Blog
    Gavin Millard
    24 Oct 2014 | 7:00 am
    Since the creation of tools like Nessus, the pioneering technology written by Renaud Deraison back in 1996, vulnerability management tools have helped users gain an incredible amount of insight into the inner workings of their environments.
  • WindowSecureScanner

    Pcthreat.com
    24 Oct 2014 | 7:43 pm
    WindowSecureScanner is another advertising-supported application based on Crossrider engine. The program is very similar as previously published applications; thus, if you have ever heard about...
  • What’s the best tool for the job?

    Uncommon Sense Security
    23 Jun 2014 | 7:54 am
    This year I’ve been thinking about fundamentals a lot.  That includes  patch management, and in preparing a presentation on the topic I pondered the question: “What is the best patch management tool?” I thought back to my favorite patch and systems management tools from past jobs when I ran mixed (but mostly Windows) networks for small businesses.  That reminded me of a lesson about tools I learned many years ago. What is the best [insert category here]?  I believe there are two answers: The one you have The one you know Note that these may not necessarily True, but…
  • US Military Officials, Defense Firms Targeted In 'Operation Pawn Storm'

    Dark Reading:
    Kelly Jackson Higgins
    23 Oct 2014 | 4:30 pm
    Cyber espionage attackers "did their homework" in an attack campaign that has intensified in the wake of US-Russian tensions.
  • add this feed to my.Alltop

    Network Security Blog

  • Posting other places

    netsecpodcast@mckeay.net (Martin McKeay)
    21 Oct 2014 | 9:49 am
    I’ve been blogging for some other sources lately.  It’s interesting to be creating articles for someone other than myself, because I put more thought into it and spend more time trying to organize my thoughts and outline the article before I put virtual pen to paper.  I’m writing for IBM’s Security Intelligence blog (they’re an Akamai partner) and InfoSecurity Magazine regularly and contributing to other venues as opportunity comes up and time allows.  Blog post, articles, webinars, presentations, or just shooting the breeze about security, I do it all.
  • Wake up to a POODLE puddle

    netsecpodcast@mckeay.net (Martin McKeay)
    14 Oct 2014 | 11:20 pm
    TL:DR – Disable SSL immediately. As of this morning SSL appears to be dead or at least dying.  The POODLE vulnerability in SSL was released last night, basically revealing a vulnerability in the way that SSL v3 uses ciphers and allows an attacker to make a plain-text attack against the encrypted traffic.  This makes the third major vulnerability released on the Internet this year and is another warning that this level of vulnerability discovery may be the new shape of things to come. I’m not going to try to explain POODLE in detail, or give you a nice logo for it.  Instead…
  • Understanding Apple’s new encryption model

    netsecpodcast@mckeay.net (Martin McKeay)
    5 Oct 2014 | 10:44 pm
    I understand enough about encryption to get myself in trouble, but not much more.  I can talk about it intelligently in most cases, but when we get down to the nitty gritty, bit by bit discussion of how encryption works, I want to have someone who’s really an expert explain it to me.  Which is why I’m glad that Matthew Green sat down to explain Apple’s claims of new encryption that they can’t open for law enforcement in great detail. The Too Long; Didn’t Read (I often forget what tl;dr means) version of it is that there is a unique ID that’s hidden deep…
  • “All we need to do is …. redo everything”

    netsecpodcast@mckeay.net (Martin McKeay)
    25 Sep 2014 | 11:04 pm
    I love listening to idealists.  In fact, I’d be one if it wasn’t for the crushing despair and cynicism that working in the security profession has instilled in me.  Or maybe I work in this field because the crushing despair and cynicism already existed.  In either case, I’ve lost the ability to even think “we could just fix all of our security problems if we just …”.  And when I see others saying the same thing, I have to shake my head in amusement at their naivete.  But it really makes me wonder when I see someone who’s been in security even…
  • Limiting online time

    netsecpodcast@mckeay.net (Martin McKeay)
    14 Sep 2014 | 10:55 pm
    I limit online time.  Not for me, for my children.  Apparently I’m among a fairly prestigious group of people who do so, since many of the C-level execs in Silicon Valley also limit their children’s time with tech.  Though it looks like many of them are even stricter than I am about how much time the children get to interact with their computers. We’ve always limited the amount of time our children can spend on the computer.  We found from an early age, they’d spend every waking moment playing games and surfing the internet if they could.  I wonder who…
 
 
 
  • add this feed to my.Alltop

    Tenable Network Security Blog

  • Addressing the New Threat Landscape with Continuous Network Monitoring

    Gavin Millard
    24 Oct 2014 | 7:00 am
    Since the creation of tools like Nessus, the pioneering technology written by Renaud Deraison back in 1996, vulnerability management tools have helped users gain an incredible amount of insight into the inner workings of their environments.
  • Black Hat Europe 2014

    Eileen Bator
    21 Oct 2014 | 11:52 am
    Black Hat Europe 2014, a premiere conference on information security, convened in Amsterdam this October. The Tenable EMEA team was there in full force, meeting customers and conversing with other security specialists.
  • Bashing Big Data

    Ron Gula
    13 Oct 2014 | 11:41 am
    Big data is everywhere. So is Bash, a command line interface found on most Linux and Unix machines. New Bash bugs are still being uncovered, with new patches coming out regularly. But hackers in the wild continue to look for and find ways to exploit Bash weaknesses.
  • Threat and Vulnerability Management: The Podcast

    Ron Gula
    13 Oct 2014 | 7:05 am
    In this October 13, 2014 podcast with Down the Security Rabbithole, Tenable CEO Ron Gula is interviewed by cohosts Rafal Los, James Jardine and Michael Santarcangelo on the subject of Threat and Vulnerability Management.
  • Strategies for Security Governance

    Craig Shumard
    8 Oct 2014 | 8:01 am
    In my last post, I gave some reasons why your board of directors and senior management need to be involved in your security efforts.
 
  • add this feed to my.Alltop

    Spyware news

  • Critical Windows vulnerability is used to spread Sandworm malware

    16 Oct 2014 | 6:23 am
    One day it’s Shellshock, the other day it’s Sandworm. What should you know about this malware that was announced with fanfare several days ago? ISIGHT, the company that discovered this virus, says that Sandworm relies on a Windows zero-day vulnerability that is known as CVE-2014-4114. Fortunately, Microsoft patched this vulnerability in October, 2014. It has also been […]
  • What should I know about Shellshock?

    1 Oct 2014 | 5:56 am
    Everyone is now talking about Shellshock. What is that and what can you do about it? Here’s what you should remember: Shellshock is a software bug, which affects the Bash – the common command-line shell that is actively used in Linux/UNIX OS and Apple Mac OS X for controlling different programs and their features. It […]
  • Hackers relaunch multi-name rogues to steal people’s money!

    8 Sep 2014 | 11:52 pm
    Just imagine: you start your computer one day and see a window showing how Win 7 Antivirus 2014 scans your PC system. After performing it, this program informs you about a long list of viruses, including trojans, adware and other threats. Naturally, it offers you to remove these threats from your computer in exchange for […]
  • Good news from Google Chrome! We will be warned about deceptive downloads!

    22 Aug 2014 | 6:02 am
    Annoyed by adwares, browser hijackers and similar potentially unwanted programs? It seems that soon we will be capable of getting more power against infiltration of these programs. Of course, under one condition – we will have to choose Google Chrome web browser for doing our browsing on the Internet. We say so because of the […]
  • Got an email from Bank of America? It might be infected with Cryptowall virus!

    6 Aug 2014 | 5:25 am
    If you are interested in viruses, you must have heard about Cryptowall virus. This is a serious ransomware that has ability to encrypt specific files and then display a warning message asking people to pay a ransom for their decryption. At the moment of writing, this virus has ability to affect only those computers that […]
  • add this feed to my.Alltop

    Uncommon Sense Security

  • Introducing the Shoulders of InfoSec Project

    13 Oct 2014 | 12:19 pm
    "If I have seen further it is by standing on the shoulders of giants" Most famously attributed to Sir Isaac Newton, this quote reflects the sentiment of a new project.  In InfoSec we all stand on the shoulders of giants. It was just supposed to be a talk at DerbyCon, but as I dug into the topic I realized it needed to be more than just one talk. Another relevant quote is George Santayana’s oft-misquoted: “Those who cannot remember the past are condemned to repeat it.” In information security we have a very bad habit of ignoring the past; many times it isn’t even a…
  • What’s the best tool for the job?

    23 Jun 2014 | 7:54 am
    This year I’ve been thinking about fundamentals a lot.  That includes  patch management, and in preparing a presentation on the topic I pondered the question: “What is the best patch management tool?” I thought back to my favorite patch and systems management tools from past jobs when I ran mixed (but mostly Windows) networks for small businesses.  That reminded me of a lesson about tools I learned many years ago. What is the best [insert category here]?  I believe there are two answers: The one you have The one you know Note that these may not necessarily True, but…
  • Is OWASP broken?

    17 Jun 2014 | 11:00 am
    That’s a silly question.  I wasn’t going to comment on the current struggles of the Board of Directors for fear of adding to the Pointless InfoSec Drama, but I need to say a few things about it.  I am not an OWASP insider, but I do support their mission. OWASP has done a lot of great things, and continues to do so today.  As I said, I’m not an insider, but there appear to be some struggles at the global Board level and possibly organizationally at the national and international level.  And I don’t really care- I hope it gets sorted out soon, but the power of OWASP…
  • A small rant on presenting at conferences

    22 Apr 2014 | 9:31 am
    The more conferences I run the more sympathy I have for other conference organizers, even the big commercial ones, and the more inclined I am to follow their rules and requests- but I expect the conferences to have a clue about what’s involved in delivering a good presentation and facilitate that, not hinder it. If there are glitches at a BSides or other smaller, volunteer-run, or new events I’m OK with that.  It happens.  What I can’t stand are conferences which try to manage the speakers in ways that prevent delivering quality presentations. First and foremost, I hate having…
  • Threat Modeling, by Adam Shostack

    11 Apr 2014 | 5:57 pm
    Adam has a new book out, Threat Modeling: Designing for Security, and it is a great resource for anyone in security.  As with New School of Information Security, this is one to grab, read, and keep on the shelf (e-shelf?). The layout is great, after a short introduction Adam takes you into an easy, but informative practice exercise.  After the exercise there is a more in-depth introduction, which builds on what you learn in the exercise- and also answers some questions which inevitably come up during the exercise.  From the first couple of chapters the book gets progressively…
  • add this feed to my.Alltop

    cissp CISSP training Certified Information Systems Security Professional

  • MY FRIEND SHON HARRIS PASSED AWAY

    Posted by boss
    14 Oct 2014 | 11:09 pm
    March 27th, 1968  ~  October 8th, 2014OUCH! A shockwave just hit me this morning.What a devastating news I hear this morning.  My long term friend passed away.  She was so young and such an inspiration to others.  It is a very sad day for sure.On the 16 of September we were trading emails and she did not let her sickness transpire and she did not ever complain once or even mention it.  She was dynamic in her response and she soldier on as long as she could.  I was aware she was very sick but never taught it was progressing that fast.Shon was a lot more to…
  • The Holistic CISSP CBT Tutorial for the BCP and DRP domain of the CBK

    Posted by boss
    8 Aug 2014 | 12:01 pm
    Dear members, The CCCure Learning Portal  is our new Learning Portal and it will eventually replaced CCCure.org.   The CCCure.Org has lots of legacy, it has some spammer posting within articles, and it is due for retirement.   Over the next months we will migrate the relevant content of CCCure.Org to CCCure.Training.  So far I have developed 38 Hours of thorough Computer Based Tutorial on our new portal and I will continue over the next week as well. You can visit the new site at:  The CCCure Learning Portal Good day to all, I have never read as many NIST…
  • The CCCure Holistic Computer Based Tutorials (CBT) for the CISSP Exam

    Posted by
    29 Jul 2014 | 3:57 am
    Good day to all, I am pleased to say that I have just uploaded Part 3 of my Telecommunication and Network Security CBT tutorial to our Learning portal at https://cccure.training/index.php a few minutes ago.   I am now working on the 4th and last portion and it should be ready soon. That's a total of 24 hours of tutorial developed by CCCure/Clement for the CISSP CBK alone. The tutorials are available to Gold and Siver members at: https://cccure.training//m/articles/browse/category/CISSP+Online+CBT The MP3 files were uploaded as well and you can download them to listen while mobile on…
  • Prevent Your Network Getting Hacked with a Free Acunetix Security Scan

    Posted by cdupuis
    18 Jun 2014 | 2:21 pm
    Acunetix Free Scan will identify network security issues including the feared Heartbleed to allow businesses to fix them in time London, UK - 17th June 2014 – The recent Heartbleed vulnerability has highlighted the urgent need for more network level security scanning. In view of this, Acunetix has announced that it will be offering 10,000 Free Network Security scans with Acunetix Online Vulnerability Scanner (OVS) in a bid to make it easier for businesses to take control of their network security. Acunetix Online Vulnerability Scanner is a hosted security scanner that will scan a…
  • Secure Coding and Advanced Android and IOS exploitation

    Posted by
    17 Jun 2014 | 8:03 am
    VIEW THIS MAIL IN BROWSER -- CLICK HERE NOW -->  --> NotSoSecure Trainings Secure Coding for Web Developers What can you expect from this class? Covers latest industry standards such as OWASP Top 10 (2013). Insight into latest security vulnerabilities like the heartbleed bug. Thorough guidance on security best practices. References to real world analogy. Hands-on labs. Taught by the Industry's leading expert and Black Hat Trainer. --> Advanced Android and iOS Exploitation What can you expect from this class? Learn advanced techniques to audit mobile apps for security…
 
  • add this feed to my.Alltop

    Schneier on Security

  • Friday Squid Blogging: 1,057 Squid T-Shirts

    schneier
    17 Oct 2014 | 3:17 pm
    That's a lot. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Commenting has been broken for the past few days. We hope to get it fixed on Monday.
  • Hacking a Video Poker Machine

    schneier
    17 Oct 2014 | 4:35 am
    Kevin Poulsen has written an interesting story about two people who successfully exploited a bug in a popular video poker machine.
  • NSA Classification ECI = Exceptionally Controlled Information

    schneier
    16 Oct 2014 | 4:22 am
    ECI is a classification above Top Secret. It's for things that are so sensitive they're basically not written down, like the names of companies whose cryptography has been deliberately weakened by the NSA, or the names of agents who have infiltrated foreign IT companies. As part of the Intercept story on the NSA's using agents to infiltrate foreign companies and networks, it published a list of ECI compartments. It's just a list of code names and three-letter abbreviations, along with the group inside the NSA that is responsible for them. The descriptions of what they all mean would never be…
  • DEA Sets Up Fake Facebook Page in Woman's Name

    schneier
    15 Oct 2014 | 5:06 am
    This is a creepy story. A woman has her phone seized by the Drug Enforcement Agency and gives them permission to look at her phone. Without her knowledge or consent, they steal photos off of the phone (the article says they were "racy") and use it to set up a fake Facebook page in her name. The woman sued the government over this. Extra creepy was the government's defense in court: "Defendants admit that Plaintiff did not give express permission for the use of photographs contained on her phone on an undercover Facebook page, but state the Plaintiff implicitly consented by granting access to…
  • FOXACID Operations Manual

    schneier
    15 Oct 2014 | 4:29 am
    A few days ago, I saw this tweet: "Just a reminder that it is now *a full year* since Schneier cited it, and the FOXACID ops manual remains unpublished." It's true. The citation is this: According to a top-secret operational procedures manual provided by Edward Snowden, an exploit named Validator might be the default, but the NSA has a variety of options. The documentation mentions United Rake, Peddle Cheap, Packet Wrench, and Beach Head-­all delivered from a FOXACID subsystem called Ferret Cannon. Back when I broke the QUANTUM and FOXACID programs, I talked with the Guardian editors about…
  • add this feed to my.Alltop

    Infosec Events

  • Week 42 In Review – 2014

    md
    20 Oct 2014 | 2:58 pm
    Events Related BlackHat Europe 2014 Wrap-Up Day #1 – blog.rootshell.be BlackHat is back in Amsterdam and here is Xavier’s wrap-up for the first day. The day started with the Adi Shamir’s keynote and some crypto. BlackHat Europe 2014 Wrap-Up Day #2 – blog.rootshell.be Here is Xavier’s small wrap-up for the second BlackHat day. His first choice was to attend a talk about IPv6. Resources SIM Card Forensics – 0xicf.wordpress.com The SIM (subscriber identity module) is a fundamental component of cellular phones. It’s also known as an integrated circuit card (ICC), which is…
  • Week 41 In Review – 2014

    md
    13 Oct 2014 | 1:33 pm
    Resources nullcon Goa 2014: Pentesting Proprietary RF Communications by Justin Searle – youtube.com This talk will demonstrate practical techniques to identify, assess, and exploit a subclass of control systems found in your companies that use proprietary RF communications, such as fire alarms, proximity cards, automotive security gates, car alarms, conference rooms, and building automation systems. The Best DerbyCon 2014 Talks for Red Teams – blog.cobaltstrike.com DerbyCon is one of Raphael Mudge’s favorite conferences. Here is a list of talks from DerbyCon by Raphael that are…
  • Week 40 In Review – 2014

    md
    8 Oct 2014 | 2:00 am
    Resources SLouisville Infosec 2014 Videos – irongeek.com Here are the videos from the Louisville Infosec 2014 conference. You can download the videos from here. Derbycon 2014 Videos – irongeek.com These are the videos of the presentations from Derbycon 2014. You can watch and download the videos from here. Shellshocker! – Episode 029a – in-security.org You might have head something about Shellshock as the details unravel so InSecurityShow are trying to give you some insight into what you might be hearing in this important message from your friendly computer information security…
  • Information Security Events For October

    sheila
    3 Oct 2014 | 3:16 am
    Here are information security events in North America this month: Louisville Metro InfoSec Conference 2014 : October 2 in Shepherdsville, KY, USA     Rochester Security Summit 2014 : October 7 to 8 in Rochester NY, USA   MIRcon 2014 : October 7 to 8 in Washington, DC, USA     SIRACon 2014 : October 9 to 10 in Minneapolis, MN, USA     Microsoft BlueHat 2014 : October 9 to 10 in Seattle, WA, USA   Root66 Information Security Conference 2014 : October 9 in Oklahoma City, OK, USA     Learning from Authoritative Security Experiment Results (LASER)…
  • Week 39 In Review – 2014

    md
    1 Oct 2014 | 2:28 pm
    Resources (IN)Secure Magazine issue 43 (September 2014) available – net-security.org (IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics. You can download it now. A Guide to Gary McGraw’s AppsecUSA Keynote – cigital.com Here is a quick guide to the key ideas in the talk. Hope you find this little guide helpful. Hacking Apple TouchID on the iPhone 6 – youtube.com Using a fake fingerprint to bypass Apple’s TouchID fingerprint reader on the iPhone 6. latest grok-DerbyCon2014-final.pdf –…
  • add this feed to my.Alltop

    Dr Anton Chuvakin Blog PERSONAL Blog

  • Links for 2014-10-06 [del.icio.us]

    Anton Chuvakin
    7 Oct 2014 | 12:00 am
    How a bank knows it has been hacked | Marketplace.org
  • Monthly Blog Round-Up – September 2014

    1 Oct 2014 | 8:20 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list. “Top 10…
  • Links for 2014-09-26 [del.icio.us]

    Anton Chuvakin
    27 Sep 2014 | 12:00 am
    Chip and PIN: No panacea, but worth the effort – and the cost | CSO Online
  • Monthly Blog Round-Up – August 2014

    2 Sep 2014 | 10:46 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list. My classic PCI…
  • Monthly Blog Round-Up – July 2014

    1 Aug 2014 | 8:10 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list. My classic PCI…
 
  • add this feed to my.Alltop

    Security Blog

  • Shellshock and Ebola: or How I learned to seek actionable intel and ignore the FUD

    Marc Spitler
    21 Oct 2014 | 8:32 am
    The information security community was thrown into a bit of a tizzy recently with the disclosure of the bash vulnerabilities grouped together under the catchy name “Shellshock”. Days later the first instance of the Ebola virus was diagnosed on American soil. Both announcements received (and continue to receive) a significant amount of news coverage and not without reason. Both also provide an opportunity to take a collective deep breath and filter out the actionable information from the hype.  Let’s start with the question “Are we vulnerable?” For both risks,…
  • Weekly Intelligence Summary Lead Paragraph: 2014-10-17

    ssimpson
    20 Oct 2014 | 9:05 am
    Vulnerabilities, vulnerabilities and more vulnerabilities. Almost all of which are patched, but some of which are being exploited in the wild. That’s the key takeaway from this week’s intelligence collections. iSight Partners released a report on a group known as Sandworm (or Quedagh according to F-Secure), which was exploiting a previously undiscovered vulnerability in Windows OLE (CVE-2014-4114) to spread BlackEnergy malware. CrowdStrike reported on a threat group it calls Hurricane Panda that was exploiting a zero day vulnerability in Windows Kernel-Mode driver (CVE-2014-4113). to…
  • The Importance of Data

    Gabe Bassett
    16 Oct 2014 | 7:35 am
    Recently in information security defense, there has been a large push towards the data.  This post will try to explain why. First, what is our goal?  What is winning?  Winning is actually very simple.  Information security confrontations only end in one of three ways: The attacker accomplishes their goals, usually at the expense of the defender’s organization. The attacker is ‘priced out of the market’.  This can mean one of two things.  They may no longer have the resources to accomplish their goals.  (Not enough time, money, or technical expertise.)…
  • Healthcare Data Breaches: Using VCDB and Mongo to Find Answers (Part 2)

    Suzanne Widup
    13 Oct 2014 | 10:28 am
    Back in July, we looked at working with the VERIS Community Database (VCDB) data to see some basic information about security incidents in the Healthcare industry. Since that time, we’ve completed another update to the dataset, so there are more incidents for us to explore. To begin, you’ll want to drop the existing data from your database and import the new dataset to ensure you have no duplications. I didn’t cover dropping a database in the prior article, so lets go over that now. First, you’ll have your mongo database already running and you will have told mongo to use the database…
  • Weekly Intelligence Summary Lead Paragraph: 2014-10-10

    dkennedy
    10 Oct 2014 | 4:18 pm
    Different facets of DDoS risk were part of this week’s intelligence collections.  Arbor’s quarterly report noted a 42% increase in SSDP reflection attacks.  Cloudmark reported flooding attacks on DNS servers using FQDN requests prepended with randomized sub-domains.  Radware describes “Tsunami SYN Flood Attacks” with 1000 byte SYN packets that are about 20x those in normal network traffic.  And CNet has “Interview with a DDoS troll,” an exercise in rationalization concluding with: “Why would I want to stop?” ESET assesses the Sednit espionage threat actor is using a…
  • add this feed to my.Alltop

    symantec.com

  • Attackers circumvent patch for Windows Sandworm vulnerability

    Symantec Security Response
    22 Oct 2014 | 10:15 am
    Summary:  Attackers continue to take advantage of the Sandworm vulnerability by using an exploit that bypasses its patch to send compromised PowerPoint documents as email attachments. At least two groups of attackers are continuing to take advantage of the recently discovered Sandworm vulnerability in Windows by using an exploit that bypasses the patch. read more
  • Denial-of-service attacks—short but strong

    Candid Wueest
    21 Oct 2014 | 5:07 am
    DDoS amplification attacks continue to increase as attackers experiment with new protocols. Summary:  DDoS amplification attacks continue to increase as attackers experiment with new protocols. read more
  • PDF invoices may cost more than you expect

    Bhaskar Krishna
    20 Oct 2014 | 9:45 am
    Misspelled invoice email claims to be looking for payment but steals confidential information instead. Summary:  Misspelled invoice email claims to be looking for payment but steals confidential information instead. Contributor: Joseph Graziano PDF invoices sent over email have become increasingly common in today’s business world. However, that doesn’t mean that there are no complications with the file format. Addressing these invoices without requiring verification from the recipient can lead to a compromised computer with the user’s confidential data in jeopardy. read more
  • Dropbox users targeted by phishing scam hosted on Dropbox

    Nick Johnston
    17 Oct 2014 | 1:01 pm
    Fake Dropbox login page attempts to steal credentials for popular email services. Summary:  Fake Dropbox login page attempts to steal credentials for popular email services. In March 2014, we blogged about how Google Docs and Google Drive users were being targeted by a sophisticated phishing scam. In this scam, messages included links to a fake Google Docs login page hosted on Google itself. read more
  • Poodle: Vulnerability in old version of SSL represents new threat

    Symantec Security Response
    16 Oct 2014 | 12:41 pm
    New vulnerability in SSL 3.0 can allow attackers to extract data from supposedly secure connections. Summary:  New vulnerability in SSL 3.0 can allow attackers to extract data from supposedly secure connections. read more
 
  • add this feed to my.Alltop

    Optimal Security

  • Hackers exploit Windows zero-day flaw in targeted PowerPoint attacks

    Graham Cluley
    22 Oct 2014 | 6:19 pm
    Be on your guard. Another zero-day vulnerability has been uncovered that affects almost all supported versions of Windows, and it is being actively exploited by hackers in targeted attacks. Microsoft has issued a security advisory about a critical remote code execution flaw in all versions of Windows apart from Windows Server 2003. That would be bad enough. But what makes things worse is that malicious hackers are aware of the as-yet-unpatched security hole and are actively exploiting it in what Microsoft calls “limited, targeted attacks” through Microsoft PowerPoint. Fortunately,…
  • Infosec Haiku

    Chris Merritt
    18 Oct 2014 | 3:25 pm
    Anata no joho sekyuritei konshu no haiku Huge Month for Patches —   and Much More Time to Patch It Up   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if yours is published, I’ll send you a $20 Starbux card. Please DM me at infosec-haiku@lumension.com. Contest Rules: all rulings by the judge (me) are final, blah blah blah.
  • Infosec Haiku

    Chris Merritt
    18 Oct 2014 | 3:24 pm
    Anata no joho sekyuritei konshu no haiku Vulns Galore This Week Oh So Many CERT Alerts Time to Patch It Up   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if yours is published, I’ll send you a $20 Starbux card. Please DM me at infosec-haiku@lumension.com. Contest Rules: all rulings by the judge (me) are final, blah blah blah.
  • Malicious ads run next to popular YouTube videos, laced with the Sweet Orange exploit kit

    Graham Cluley
    17 Oct 2014 | 8:47 am
    If you want to watch a video, you go to YouTube.  It’s as simple as that. Although other sites exist which host videos, Google-owned YouTube is the Goliath in the market – and gets the overwhelming bulk of the net’s video-watching traffic. And, of course, that enormous success and high traffic brings with it unwanted attention – from online criminals who are trying to find effective ways of infecting the computers of internet users. Researchers at Trend Micro have discovered a criminal campaign exploiting the YouTube platform, where some of the site’s most…
  • BadUSB Update

    Chris Merritt
    16 Oct 2014 | 9:34 am
    I have received several inquiries regarding the latest news about the so-called BadUSB vulnerability, so I thought I’d write a quick post on what we know at the moment. What is BadUSB? BadUSB is a vulnerability – not malware – in the design and implementation of firmware used on USB devices which allows it to be updated without being vetted. The “as designed” feature being exploited is the ability to update / change the firmware without being signed (no certificate) nor checked by the OS of the host system to verify that it has not been altered. This means that “bad guy code”…
  • add this feed to my.Alltop

    Naked Security - Sophos

  • POODLEs, Sandworms and getting safe online - 60 Sec Security [VIDEO]

    Paul Ducklin
    25 Oct 2014 | 1:12 am
    The week's security news, turned into an entertaining lesson, turned into a 1-minute video. Enjoy...
  • Hackers who threaten national security could face life sentences

    Lee Munson
    24 Oct 2014 | 7:17 am
    Where damage to human welfare or national security is deemed serious enough, the proposed amendment to the UK's Computer Misuse Act 1990 could mean life in jail for hackers, and some experts believe the changes could be used to target whistleblowers.
  • Has the "Sandworm" zero-day exploit burrowed back to the surface?

    Paul Ducklin
    24 Oct 2014 | 5:53 am
    You may have noticed that Microsoft recently published a Security Advisory that sounds a lot like the "Sandworm" vulnerability all over again. Paul Ducklin explains...
  • Twitter invites us to say goodbye to passwords, use Digits instead

    Lisa Vaas
    24 Oct 2014 | 3:46 am
    Twitter's new credentials handling scheme is called Digits, and it's hoping that mobile app developers use it to enable their users to sign in with their phone numbers as identifiers, along with one-time passwords SMSed to the phones.
  • How to kill a troll

    Lisa Vaas
    24 Oct 2014 | 3:33 am
    A new Pew study confirms what we already know: online harassment is a widespread disease afflicting the internet. Ignoring trolls and hoping they'll go away is actually quite effective, survey respondents said. Then again, how about fighting back, instead? Change is possible, be it enabled by troll-blocking software, societal shift that sees trolling evolve into a stigma, or, if all else fails, calling their mothers.
  • add this feed to my.Alltop

    Naked Security - Sophos

  • POODLEs, Sandworms and getting safe online - 60 Sec Security [VIDEO]

    Paul Ducklin
    25 Oct 2014 | 1:12 am
    The week's security news, turned into an entertaining lesson, turned into a 1-minute video. Enjoy...
  • Hackers who threaten national security could face life sentences

    Lee Munson
    24 Oct 2014 | 7:17 am
    Where damage to human welfare or national security is deemed serious enough, the proposed amendment to the UK's Computer Misuse Act 1990 could mean life in jail for hackers, and some experts believe the changes could be used to target whistleblowers.
  • Has the "Sandworm" zero-day exploit burrowed back to the surface?

    Paul Ducklin
    24 Oct 2014 | 5:53 am
    You may have noticed that Microsoft recently published a Security Advisory that sounds a lot like the "Sandworm" vulnerability all over again. Paul Ducklin explains...
  • Twitter invites us to say goodbye to passwords, use Digits instead

    Lisa Vaas
    24 Oct 2014 | 3:46 am
    Twitter's new credentials handling scheme is called Digits, and it's hoping that mobile app developers use it to enable their users to sign in with their phone numbers as identifiers, along with one-time passwords SMSed to the phones.
  • How to kill a troll

    Lisa Vaas
    24 Oct 2014 | 3:33 am
    A new Pew study confirms what we already know: online harassment is a widespread disease afflicting the internet. Ignoring trolls and hoping they'll go away is actually quite effective, survey respondents said. Then again, how about fighting back, instead? Change is possible, be it enabled by troll-blocking software, societal shift that sees trolling evolve into a stigma, or, if all else fails, calling their mothers.
 
  • add this feed to my.Alltop

    TRUSTe Blog

  • Women in Privacy Leadership Roles: Interview with Joanne McNabb

    lgradman
    24 Oct 2014 | 8:00 am
    Guest Post: Alexandra Ross, The Privacy Guru interviews Joanne McNabb, Director of Privacy Education and Policy, California Attorney General Privacy is high-profile right now. From major retail and financial sector breaches to revelations over mobile device tracking and intrusive surveillance technologies, the question of whether or not we’ll submit to living in a “post-privacy” society is … Continue reading »
  • The Power of the Privacy Impact Assessment

    lgradman
    17 Oct 2014 | 8:59 am
    As technology has evolved, companies have realized that the data collection practices they deploy can often make the difference between success and failure. Depending on how this information is leveraged, the use of big data can push a company ahead of the competition through new data-driven strategies, uncovering numerous benefits. But the use of data … Continue reading »
  • CNIL comments on first findings from Cookie Sweep

    lgradman
    15 Oct 2014 | 1:19 pm
    Speaking at the Compliance Week Europe Conference in Brussels yesterday Sophie Narbonne, Deputy Director of Legal Affairs at the CNIL was one of the first to comment publicly following the recent European Cookie Sweep. Clarifying that they are still working on the results she said “It is clear that there is now a first layer … Continue reading »
  • October Monthly Spotlight – TRUSTe at DMA 2014 & Webinars

    lgradman
    6 Oct 2014 | 9:00 am
    October 13-14 Compliance Week Europe Brussels, Belgium Kevin Trilli, VP Product, TRUSTe will lead a workshop which looks at how compliance and privacy functions should be structured and work together and how global companies can navigate different privacy expectations between Europe and the United States. The session will include a demonstration of the TRUSTe DPM … Continue reading »
  • Top 5 Qualities in a Great Chief Privacy Officer (CPO)

    lgradman
    29 Sep 2014 | 7:00 am
    By Alexandra Ross, The Privacy Guru (@sharemindfully) Guest Blog Whenever a new position emerges at the C-suite level, you can be certain substantial debate about exactly what the role encompasses and which skills are crucial for meeting an organization’s needs will follow. It’s understandable, as a new executive role is often a response to massive … Continue reading »
  • add this feed to my.Alltop

    iViZ Blog

  • Shellshock Bug: A Quick Primer

    Nilanjan De
    30 Sep 2014 | 5:27 am
    What is ShellShock Bug?  Shellshock is a security vulnerability(CVE-2014-6271) in the widely used Unix Bash Shell which was discovered by Stéphane Chazelas on 12 September 2014 and disclosed on 24 September 2014. Subsequently, various researchers have discovered multiple other vulnerabilities in bash. What is the Vulnerability? The Unix Bash Shell stores exported function definitions in environment variables. When a new instance of bash is launched, it reads these specially crafted environment variables, and interprets them as function definitions. Unfortunately, due to insufficient…
  • Anatomy of Heartbleed Bug

    Nilanjan De
    30 Apr 2014 | 5:46 am
    There has been a lot of buzz about Heartbleed[1] in the news recently. In this blog post, we have tried to put together the important things that one should know about Heartbleed. What is Heartbleed? Heartbleed is the popular name given to the recently found vulnerability(CVE-2014-0160) inOpenSSL - an open-source encryption library. More specifically, this is a bug in the OpenSSL Heartbeat protocol which results in a vulnerable server to leak or bleed confidential content in its memory space (and hence the name ‘Heartbleed’).  What’s Heartbleed bug? OpenSSL is the most popular…
  • Penetration Testing E-commerce Applications

    jitendra.chauhan
    25 Apr 2014 | 3:46 am
    Over the past decade, E-Commerce applications have grown both in terms of numbers and complexity. Currently, E-Commerce application are going forward becoming more personalized, more mobile friendly and rich in functionality. Complicated recommendation algorithms are constantly running at the back end to make content searching as personalized as possible. Why a conventional application penetration testing is not enough for E-commerce Applications? E-Commerce applications are growing in complexity, as a result conventional application penetration is simply not enough. Conventional application…
  • How effective is your SIEM Implementation?

    jitendra.chauhan
    16 Apr 2014 | 4:10 am
    During the last few penetration testing conducted for certain organizations, we have discovered a surprising fact that almost all the SIEM implementation had gaps on the implementation levels. For example, in certain cases, SIEM did not even detect at all when the internal network was conducted with rigorous penetration testing. I am not saying that all the SIEM implements are as bad as stated; however, it is mandatory to find out if your SIEM implementation is actually as effective as you perceive it. (Read More:  Is STORM Better Than HADOOP For Real Time Security Big Data Analytics?) How…
  • 10 questions to ask before you start your Bug Bounty program…

    Bikash Barai
    11 Apr 2014 | 12:49 am
    Bug bounty programs are quite common these days with several of the biggest names in the industry have launched various avatars of the program. I have been asked by a few security managers and managements about should they launch a bug bounty program. Definitely bug bounty program has the advantage of crowd sourcing. However an organization should be mature and prepared enough to launch such a program. Here are some questions which shall tell you if you are prepared or not. You are ready only if all the answers to the questions are “Yes”. You are ready if you can... The post 10 questions…
 
  • add this feed to my.Alltop

    SecurityWeek RSS Feed

  • Hackers Target Ukraine's Election Website

    AFP
    25 Oct 2014 | 8:49 am
    KIEV - Hackers attacked Ukraine's election commission website Saturday on the eve of parliamentary polls, officials said, but they denied Russian reports that the vote counting system itself had been put out of action. read more
  • ISSA Launches Cybersecurity Career Lifecycle Program

    Eduard Kovacs
    24 Oct 2014 | 1:06 pm
    In an effort to address the global cybersecurity workforce gap, the Information Systems Security Association (ISSA) has launched a professional development framework. read more
  • Ultra Electronics, 3eTI Expands Security Solutions for Industrial Networks

    Fahmida Y. Rashid
    24 Oct 2014 | 9:58 am
    ATLANTA – 2014 ICS Cyber Security Conference - Ultra Electronics, 3eTI, a maker of cyber-technology solutions designed to secure critical infrastructure and improve operational efficiency, expanded its CyberFence product lineup with new devices that push encryption, port authentication, and firewall technologies onto non-traditional endpoints. read more
  • Adobe Updates Digital Editions Following Privacy Controversy

    Eduard Kovacs
    24 Oct 2014 | 9:03 am
    In response to accusations that it's spying on users of the e-book reader application Adobe Digital Editions, Adobe Systems has released a new version of the software that addresses some of the reported issues. read more
  • Keep Moving, Stay Alive: Your Cyber Strategy is Either Dynamic or It's (Un)Dead

    Jason Polancich
    24 Oct 2014 | 7:23 am
    I’m proud to say my wife is a zombiephile. She’s a huge fan of the whole zombie genre. For many years, she’s read the books, watched all the movies, filled the DVR with the TV shows and dressed our kids up for Halloween as, among other characters, Shaun, from Shaun of the Dead. She’s also a devoutly religious fan of the AMC television series, The Walking Dead. read more
  • add this feed to my.Alltop

    Free IT - Security Magazines and Downloads from alltop.tradepub.com

  • The 10 Reasons Guide: Choosing a File Sync and Share Solution

    24 Oct 2014 | 12:00 am
    Workers want access to business files from anywhere, on any device, and at any time. This presents a new range of corporate security and data leakage risk challenges to today’s IT organizations.Download the white paper that explores 10 reasons why each of Accellion, Anchor/eFolder, Box, Dropbox, Egnyte, Citrix ShareFile, Google Drive and Microsoft OneDrive are not for your business. Plus, one solution that is.Request Free!
  • Securing Your Future in the Cloud

    21 Oct 2014 | 12:00 am
    To help your organization be the one that does things right, here are 10 questions to consider asking potential cloud vendors, as well as what to look for in their answers. Asking these questions should be part of the due diligence process in evaluating the security practice of a cloud provider. Getting satisfactory answers will help in the decision-making process of selecting the best provider for you.Request Free!
  • 5 Essential Steps to Sustainable PCI DSS Compliance

    21 Oct 2014 | 12:00 am
    For many companies, Payment Card Industry Data Security Standard (PCI DSS) compliance seems so daunting and complex that they only follow the letter of the regulations, without focusing on the subtle areas that provide the most protection. This eBook describes the five “must-do” steps that help assure the effectiveness of a company's PCI DSS compliance program.Request Free!
  • The FDA are Taking Cybersecurity in Medical Devices Seriously and So Should You

    17 Oct 2014 | 12:00 am
    Medical devices are undergoing a technical transformation in terms of software, interconnectivity and interoperability. This increase of function comes with an increase in risk from cybersecurity threats which puts not only the patients with medical devices potentially at risk, but has wider implications for connected digital infrastructure too. The safety, security and privacy of patients must be protected and the providers of software for medical devices must work with regulators and the wider industry to ensure this.Request Free!
  • SANS Report - Breaches Happen: Be Prepared

    16 Oct 2014 | 12:00 am
    This paper describes how to start with improved malware reporting and gateway monitoring and how to combine this output with security intelligence from both internal and external resources. Forward thinking organizations use these and other techniques promoted by frameworks such as the Critical Security Controls. The key is to—as quickly as possible—detect hostile activity, identify and locate affected systems and devices, and respond appropriately.Request Free!
  • add this feed to my.Alltop

    IT-Security

  • HIPAA-HITECH Blue Ribbon Panel Addresses Growing Complexity of Privacy and Security Enforcement

    Bob Chaput
    24 Oct 2014 | 10:00 am
    Risk Analysis, Risk Management, Balanced Approaches are Key in 2014 as Growing Number of Federal and State Regulators Step Up to Police Protected Health Information Industry leaders discussed how to respond to the growing complexity of preparing for privacy and security enforcement actions in the wake of a new crop of federal and state enforcers, during the most recent monthly HIPAA-HITECH Blue Ribbon Panel™, hosted by Clearwater Compliance. A wide range of entities, including the Federal Trade Commission and the Securities and Exchange Commission, have joined the Office for Civil Rights to…
  • There Are No Unicorns

    Branden Williams
    23 Oct 2014 | 10:03 am
    Those of you in the DevOps community know exactly who I am talking about when I use the term Unicorn. Amazon, Netflix, and Disney all come to mind. After two days here at the DevOps Enterprise Summit, we shouldn’t be using the term unicorn at all to describe these high-performing IT organizations. If we have to choose  four-legged animal, they are more like a thoroughbred than a unicorn. Here’s why. Security Unicorn from RSA Conference When trying to strategically position a firm in the marketplace, scholars like to use Resource-Based Theory (sometimes called the…
  • Apple Pay is Here, First Notes

    Branden Williams
    20 Oct 2014 | 1:07 pm
    Apple Pay via Touch ID 12:01 hits and I hit my Software Update menu item to see if I can snag me some Apple Pay, and BAM! There it is! 20 minutes later, I am ready to go with iOS 8.1. Here are a few notes for those of you who may be using it as well. Apple Pay is a part of Passbook, and acts like any other Passbook integration. You can open Passbook and add ONE card, but any additional cards must be added under Settings -> Passbook & Apple Pay. For each card that is enrolled, you may be asked to validate your identity. Make sure that your banks have current email addresses and phone…
  • Facelift Friday!

    Branden Williams
    17 Oct 2014 | 8:07 am
    I’m so flat now! For those of you who have not noticed yet, the website has gotten a much needed update! For those of you who have been around here for a while, you will remember that the last time I did something was in 2009, right before the 2nd edition of the book published (4th edition coming soon!). Quite a bit has happened since then, including new design styles and ways to present information. I contacted Spellbrand to help put a fresh look on things! All of the old information is still here, it’s just presented a bit differently. You will also notice that I will be…
  • Enable 2-Factor Everywhere

    Branden Williams
    16 Oct 2014 | 8:25 am
    Dropbox is the latest victim to announce that a third party (Snapchat was last week) integration caused a ton of their usernames and passwords to be leaked on Pastebin. At this point, most of our super-useful cloud services (Evernote, Twitter, Facebook, Google, and Dropbox to name a few) all have the ability to turn on some kind of stepped-up authentication. Some of these use Google Authenticator, which couldn’t be any easier to use than it already is (probably). by Chipmonkey So after you go change your Dropbox password (to something unique, not used on any other website), take a few…
 
  • add this feed to my.Alltop

    Infosec Communicator »

  • Shockproofing Your Use of Social Media eBook available!

    bwadmin
    17 Oct 2014 | 8:25 am
    My Shockproofing Your Use of Social Media: 10 Things You Should Know eBook is now available on Kindle! For those of you who have attended one of my Lightning Talks about Internet Safety, this book fleshes out my recommendations for … Continue reading →
  • The Secure Communicator

    bwadmin
    17 Aug 2014 | 1:39 pm
    I had the pleasure of discussing information security best practices for technical communicators through an STC webinar. Here’s the presentation: … Continue reading →
  • Updated Shock-proofing your Use of Social Media Presentation

    bwadmin
    15 Aug 2014 | 11:08 am
    I’ve updated my Shock-proofing your Use of Social Media presentation for the Fall 2014 New Student Orientation program at the Rochester Institute of Technology. I’ve changed the passphrase example, added a new cartoon, and generally worked to make the presentation … Continue reading →
  • A Techcomm Bestiary, Summit14 edition

    bwadmin
    7 May 2014 | 12:23 pm
    I’ve changed out one slide from the Spectrum14 presentation. Looking forward to presenting this to a crowd at the STC Summit in Phoenix. … Continue reading →
  • A Techcomm Bestiary, Spectrum 2014

    bwadmin
    21 Apr 2014 | 2:38 pm
    I thought this came together pretty well and I had a great time presenting my first revision of A Techcomm Bestiary at STC Rochester’s Spectrum 2014. I may make a couple of slide changes before the STC Summit, but this … Continue reading →
  • add this feed to my.Alltop

    Infosec Communicator »

  • Shockproofing Your Use of Social Media eBook available!

    bwadmin
    17 Oct 2014 | 8:25 am
    My Shockproofing Your Use of Social Media: 10 Things You Should Know eBook is now available on Kindle! For those of you who have attended one of my Lightning Talks about Internet Safety, this book fleshes out my recommendations for … Continue reading →
  • The Secure Communicator

    bwadmin
    17 Aug 2014 | 1:39 pm
    I had the pleasure of discussing information security best practices for technical communicators through an STC webinar. Here’s the presentation: … Continue reading →
  • Updated Shock-proofing your Use of Social Media Presentation

    bwadmin
    15 Aug 2014 | 11:08 am
    I’ve updated my Shock-proofing your Use of Social Media presentation for the Fall 2014 New Student Orientation program at the Rochester Institute of Technology. I’ve changed the passphrase example, added a new cartoon, and generally worked to make the presentation … Continue reading →
  • A Techcomm Bestiary, Summit14 edition

    bwadmin
    7 May 2014 | 12:23 pm
    I’ve changed out one slide from the Spectrum14 presentation. Looking forward to presenting this to a crowd at the STC Summit in Phoenix. … Continue reading →
  • A Techcomm Bestiary, Spectrum 2014

    bwadmin
    21 Apr 2014 | 2:38 pm
    I thought this came together pretty well and I had a great time presenting my first revision of A Techcomm Bestiary at STC Rochester’s Spectrum 2014. I may make a couple of slide changes before the STC Summit, but this … Continue reading →
  • add this feed to my.Alltop

    AT&T Networking Exchange Blog » Security

  • With HID cards, a swipe is more than a swipe

    Rajat Swarup
    24 Oct 2014 | 3:45 am
    At AT&T Security Consulting, we get to do the coolest things! A few weeks ago, we were performing a social engineering test authorized by a client. In this test, user susceptibility to individually targeted threats — and how those threats impact the physical security of the organization — were evaluated. Typically after such a test, a social engineering awareness training is done for the client’s employees to educate them about the newest threats and how they can protect against such attacks. Testing threat protection AT&T Security Consulting has some very sharp…
  • Security audit and testing: Is your network secure?

    Jennia Hizver
    21 Oct 2014 | 3:45 am
    The media regularly features stories about hackers breaking into enterprise servers to steal sensitive data. One common scenario begins when an employee receives a phishing email that looks like a legitimate business email urging the recipient to click on a link or to open an attachment. A doorway for cyber criminals These emails are sent by attackers and typically contain a malicious program designed to attack a popular corporate desktop software. Once the program is executed, it allows the attacker to take control of the employee’s desktop, using it as a gateway into the enterprise. The…
  • The “Ice Bucket Challenge” and Cyber Security

    Jeff Huegel
    13 Oct 2014 | 3:45 am
    This summer’s The Ice Bucket Challenge took the world by storm with celebrities, executives, captains of industry, politicians, and everyday folks drenching themselves and calling out friends and colleagues to do the same to support ALS research. While this particular challenge targets a worthy cause and has raised over $100 million dollars for ALS research, “me-too-isms” in the field of security and risk management can be dangerous. Take compliance for example. We in the Security field often discuss the inappropriateness of thinking compliance is security. Some of the…
  • Proactive threat intelligence: The key to successful cybersecurity

    10 Oct 2014 | 6:45 am
    When most people think about data breaches, they think of the high-profile incidents that make international headlines. However, smaller data breaches happen every day. While these may not make headlines, they can still have a big impact on the bottom line. With so much at stake, and new advanced threats emerging daily, what can businesses do to become more proactive in their security efforts? Register for this live webinar on October 14 at 12 noon EDT to hear from Dr. Larry Ponemon, founder of the Ponemon Institute and one of the world’s most influential thinkers on data security. He’ll…
  • Threat intelligence tops the new cybersecurity agenda

    Bindu Sundaresan
    9 Oct 2014 | 3:45 am
    Security intelligence is the component missing from many organizations’ defensive arsenals. Intelligence places IT security threats in context, adding information about “who” and “why” to the technical details of “how.” Applied intelligence reinforces an organization’s security posture and directs its response in productive ways. It provides a framework for aggregation, correlation, and prediction of threats and outcomes, giving organizations an earlier warning and a guide to implementing countermeasures. Security intelligence delivers business value only when it is timely and…
 
  • add this feed to my.Alltop

    AT&T Networking Exchange Blog » Security

  • With HID cards, a swipe is more than a swipe

    Rajat Swarup
    24 Oct 2014 | 3:45 am
    At AT&T Security Consulting, we get to do the coolest things! A few weeks ago, we were performing a social engineering test authorized by a client. In this test, user susceptibility to individually targeted threats — and how those threats impact the physical security of the organization — were evaluated. Typically after such a test, a social engineering awareness training is done for the client’s employees to educate them about the newest threats and how they can protect against such attacks. Testing threat protection AT&T Security Consulting has some very sharp…
  • Security audit and testing: Is your network secure?

    Jennia Hizver
    21 Oct 2014 | 3:45 am
    The media regularly features stories about hackers breaking into enterprise servers to steal sensitive data. One common scenario begins when an employee receives a phishing email that looks like a legitimate business email urging the recipient to click on a link or to open an attachment. A doorway for cyber criminals These emails are sent by attackers and typically contain a malicious program designed to attack a popular corporate desktop software. Once the program is executed, it allows the attacker to take control of the employee’s desktop, using it as a gateway into the enterprise. The…
  • The “Ice Bucket Challenge” and Cyber Security

    Jeff Huegel
    13 Oct 2014 | 3:45 am
    This summer’s The Ice Bucket Challenge took the world by storm with celebrities, executives, captains of industry, politicians, and everyday folks drenching themselves and calling out friends and colleagues to do the same to support ALS research. While this particular challenge targets a worthy cause and has raised over $100 million dollars for ALS research, “me-too-isms” in the field of security and risk management can be dangerous. Take compliance for example. We in the Security field often discuss the inappropriateness of thinking compliance is security. Some of the…
  • Proactive threat intelligence: The key to successful cybersecurity

    10 Oct 2014 | 6:45 am
    When most people think about data breaches, they think of the high-profile incidents that make international headlines. However, smaller data breaches happen every day. While these may not make headlines, they can still have a big impact on the bottom line. With so much at stake, and new advanced threats emerging daily, what can businesses do to become more proactive in their security efforts? Register for this live webinar on October 14 at 12 noon EDT to hear from Dr. Larry Ponemon, founder of the Ponemon Institute and one of the world’s most influential thinkers on data security. He’ll…
  • Threat intelligence tops the new cybersecurity agenda

    Bindu Sundaresan
    9 Oct 2014 | 3:45 am
    Security intelligence is the component missing from many organizations’ defensive arsenals. Intelligence places IT security threats in context, adding information about “who” and “why” to the technical details of “how.” Applied intelligence reinforces an organization’s security posture and directs its response in productive ways. It provides a framework for aggregation, correlation, and prediction of threats and outcomes, giving organizations an earlier warning and a guide to implementing countermeasures. Security intelligence delivers business value only when it is timely and…
  • add this feed to my.Alltop

    The Redspin Report

  • Helpful Reminders About HIPAA Security Risk Analysis

    mmak
    21 Oct 2014 | 1:20 pm
    If protecting the integrity of patient health care information were not already sufficient incentive to improve IT security, being HIPAA compliant comes with even more perks for most providers. Medicare and Medicaid Electronic Health Care Record (EHR) Incentive Programs have been implemented to provide financial incentives to eligible medical professionals and hospitals that demonstrate they have satisfied the requirements of the HIPAA Security Rule. The core objective of “Protect Electronic [ Read More ]
  • All Roads in the Digital Future Lead Through Security Says Gartner

    Dan Berger
    20 Oct 2014 | 11:09 am
    Gartner recently released their Top 10 Strategic Technology Trends for 2015. These aren't your run-of-the-mill trends mind you. These are the disruptive (and often distressing) realities that appear to be just 'round the corner and will require organizations and individuals to adapt and invest or risk being left in the evolutionary dust. While some trends have been percolating along quite nicely such as cloud computing and software-defined infrastructures and applications, I don't think the real [ Read More ]
  • 4 Things You Should Know About Social Engineering

    mmak
    16 Oct 2014 | 11:03 am
    No matter how many firewalls are put up or how complex passwords may be, if your employees are unknowingly giving out their credentials to strangers, your information security will never be immune to breach. A recent flash poll conducted on security professionals by Dark Reading found that the biggest social engineering threat to organizations is not a specific type of scam, but a general lack of employee awareness. Social engineering is a tactic by which intruders use psychological manipulation [ Read More ]
  • Redspin Events in September

    mmak
    29 Aug 2014 | 1:43 pm
    Redspin will be participating in several great healthcare and security conferences this September. Make sure you tune in to get useful information about IT security, policy compliance, and penetration testing! Stanford Medicine X  (Palo Alto, CA) "Practical Information and Security Risk Management for ePatients" by Redspin VP Chris Campbell September 6 @ 9:20am HIMSS Privacy and Security Forum (Boston, MA) Look for Redspin's co-exhibition with EMC September 8-9 The Summit of the Southeast [ Read More ]
  • OIG Finds NASA Web Application Security Lacking. Is it Time to Assess Yours?

    Dan Berger
    26 Jul 2014 | 5:24 am
    We may be able to send a man to the moon but we still have a long way to go before all of our web applications are sufficiently protected from hackers. [ Read More ]
  • add this feed to my.Alltop

    F-Secure Antivirus Research Weblog

  • A Tale of Two Powerpoint Vulnerabilities

    24 Oct 2014 | 3:26 am
    It's been already a week after the announcement of the CVE-2014-4114 vulnerability, and the tally of the exploiters have only increased.There are even files where the metadata has remained the same, which clearly shows that they have been copied from the original as in the case of Mirtec and Cueisfry (a trojan linked to Japanese-related APT attacks). Authors behind these malware copied the PowerPoint Document originally used by BlackEnergy and just replaced the payload and the content with legitimate material found online.BlackEnergy, Mirtec, Cueisfry document metadata, respectivelyWell, if…
  • Notice: Freedome v2.0.1 Issue on iOS 8

    24 Oct 2014 | 3:26 am
    If you (like me) have an Apple device running iOS 8 and use F-Secure Freedome, please avoid updating to version 2.0.1.If you (like me) have already updated, you may see this after opening the app:Do not "Remove Old VPN configurations" — just close the app. Version 2.0.1 should work with its existing configurations.If you need to toggle Freedome on/off…Use: Settings, General, VPN. Click the info button for your configuration and toggle "Connect On Demand".You'll be limited to only the locations that you currently have installed. But the ones that you have should work based on my…
  • Wanted: Testers For The Greatest Android App Ever

    24 Oct 2014 | 3:26 am
    Okay… so the greatest Android app "ever" is a bit of friendly hyperbole. But still, it's a really is a great app. What app? Well, F-Secure Freedome of course (currently available for Android and iOS).The Freedome team (along with a Labs team) is developing a new Android feature — cloud-based reputation scanning. And we need numerous testers for the beta app. (You?)Here's a preview:"See it in action"The function is entirely cloud-based, i.e., no database updates to download. So it's very light.People wanting to exercise their freedom of speech are increasingly turning to VPN…
  • Are malware authors targeting people via marketing services?

    24 Oct 2014 | 3:26 am
    We spotted an interesting case of a person complaining about e-mail malware with social engineering content which hits home almost too well, and decided to investigate a bit.The person had been talking to his friend about possibly booking tickets to San Francisco in near future. And 6 hours after the phone call he got an e-mail about an electronic plane ticket to San Francisco with an attachment. The person was cautious enough not to touch the attachment, which was a good decision, as in our analysis it was identified as a variant of Trojan.Krypt.AU.This may be just a case of mass spammed…
  • RATs threatening democracy activists in Hong Kong

    24 Oct 2014 | 3:26 am
    Hong Kong has been in the headlines lately thanks to the Occupy central campaign (#occupycentral, #OccupyHK) and the umbrella revolution (#umbrellarevolution, #UmbrellaMovement). DPHK, Democratic Party Hong Kong and Alliance for True Democracy (ATD) are central players in this movement. Recent development has turned this into more than a fight for democracy. The sites of these organizations were infected with malware, and that turned it into a fight for #digitalfreedom as well. Volexity has the story with all the technical details. It seems to be RATs (Remote Access Trojans) that could be…
 
  • add this feed to my.Alltop

    Pcthreat.com

  • WindowSecureScanner

    24 Oct 2014 | 7:43 pm
    WindowSecureScanner is another advertising-supported application based on Crossrider engine. The program is very similar as previously published applications; thus, if you have ever heard about...
  • PC Optimizer Pro

    24 Oct 2014 | 7:43 pm
    Despite the best efforts of the online security industry to secure the exact opposite, many of its consumers continue to fall into the trap set by malicious rogue security tools like PC Optimizer Pro. This...
  • Qone8.com

    24 Oct 2014 | 7:43 pm
    Qone8.com is a search engine which returns search results from Google Search. The search engine is owned by Taiwan Shui Mu Chih Ching Technology Limited, and it very similar to such browser hijackers as...
  • BoBrowser

    24 Oct 2014 | 7:43 pm
    BoBrowser is an application you should not keep on your computer. It is not a malicious infection, but there are particular suspicious aspects you cannot ignore. It is a potentially unwanted application that...
  • V9 Redirect Virus

    24 Oct 2014 | 7:43 pm
    V9 Redirect Virus is a malicious browser hijacker which infects the system while you are browsing insecure websites or when you download spam email attachments. Once the infection gets in the system, the...
  • add this feed to my.Alltop

    NSS Labs

  • Add a Dash of Cloud for a More Robust Security Infrastructure

    14 Oct 2014 | 12:00 am
    As the hype around cloud computing settles, and as organizations begin to evaluate solutions, the ability of security as a service (SaaS) solutions to improve security infrastructure becomes apparent.
  • All’s Well That Ends Well

    9 Oct 2014 | 12:00 am
    In my previous blog about the Palo Alto Networks results in our recent NGFW test I expressed the hope that “Palo Alto Network executives will take this issue seriously and move quickly to protect their customers."
  • Seriously?

    1 Oct 2014 | 12:00 am
    We don’t follow up every NSS Labs test with a blog response to a vendor, but after the fun and games following our recent BDS test, we find ourselves in a similar position. This time it is Palo Alto Networks blogging about our NGFW group test, the results of which were published last week and can be found here.
  • Web Application Firewalls: Not just for PCI anymore

    30 Sep 2014 | 12:00 am
    Unlike most security technologies that attempt to identify a broad range of bad traffic by means of traditional detection methods, a web application firewall (WAF) is like a finely honed sword designed for a singular purpose: monitoring HTTP traffic between clients and web-servers. The payment card industry (PCI) accelerated the development of the WAF market since it provided a tangibly financial application of this technology. This made WAF a must-have in the arsenal of weapons for many of today’s security administrators.
  • Some systems getting BASHed, but the sky isn’t falling

    29 Sep 2014 | 12:00 am
    It has been barely 6 months since the Heartbleed vulnerability was revealed, but just as the global security community has recovered from this vulnerability, one that is more prevalent – and potentially far more damaging – has emerged. The Shellshock vulnerability exploits a weakness in the Bourne Again SHell (BASH) that is native to (and often the default for) many Unix derivatives across the globe. While the extent of the damage has yet to be determined, it is highly likely that any services running on a Unix distribution are exposed.
 
  • add this feed to my.Alltop

    Private WiFi

  • ITRC Victim Impact Survey Findings LIVE Event

    Cristy Koebler
    23 Oct 2014 | 2:00 am
    The emotional impact of identity theft is far-reaching and extends well beyond the initial discovery and subsequent process of clearing the theft. The Identity Theft Resource Center routinely conducts focused surveys on identity theft, asking victims who have reached out for support from the organization to participate in the voluntary research to help the industry better understand the root causes, illicit methods, and recovery experience from this type of crime. The survey results are then compiled into a report that the ITRC shares with a wide variety of industry stakeholders to help…
  • Q&A: Founder of ‘Savvy Cyber Kids’ on Cybersecurity Best Practices

    Elaine Rigoli
    21 Oct 2014 | 1:55 am
    Technology is a part of our lives but it should not take over our lives – or ever compromise our children’s online safety. Because October is National Cyber Security Awareness Month (NCSAM), and in part to raise public awareness of the dangers of identity theft, we recently chatted with author and technology guru Ben Halpert. Although his day job is in the security and privacy fields, several years ago he launched Savvy Cyber Kids, a nonprofit to help keep children safer online. Last year Savvy Cyber Kids joined the U.S. Department of Homeland Security’s STOP.THINK.CONNECT.. campaign's…
  • WiFi Footprint: Personal VPNs Endorsed as WiFi Hotspots and Autoconnect Functionality Proliferate

    Alok Kapur
    14 Oct 2014 | 2:53 am
    "WiFi footprint" is a simple term for a complex issue: the exploding pace of WiFi hotspot creation is not abating and soon a roamable, global alternative network will become our reality. According to Marcio Avillez, vice president of network services at a company called iPass, organizations ranging from platform players to independent coffee shops see opportunities in making WiFi available, while major telecoms operators are investing heavily in WiFi rollouts. "The proliferation of devices, especially tablets, the majority of which are WiFi only, has increased users' appetites for WiFi. These…
  • University of Maryland Professors to Study WiFi Hotspot Behavior

    Jared Howe
    13 Oct 2014 | 1:00 am
    Two University of Maryland professors, David Maimon, an expert in online criminal behavior, and Jonathan Katz, the Maryland Cybersecurity Center director, recently received a $200,000 grant from the National Science Foundation to study how people access and use public WiFi hotspots. The duo plans on visiting more than 100 locations that offer public WiFi hotspots, from coffee shops to libraries, and then study user behavior at each location, such as what websites users are visiting and what data they are exposing over the network. Other study variables include the time of day users tend to…
  • Experian Survey: We Understand WiFi Dangers but Don’t Protect Ourselves from Identity Theft

    Jared Howe
    6 Oct 2014 | 10:43 am
    October is National Cyber Security Awareness Month, and in part to raise public awareness of the dangers of identity theft, Experian, a global information services company, has published a new survey regarding U.S. attitudes toward this serious problem. The survey results demonstrate that while many of us are concerned about identity theft and other issues related to unsecure public WiFi hotspots, few of us are taking steps to actually protect ourselves. What the Survey Revealed Experian’s survey revealed some interesting facts regarding our attitudes to protecting ourselves from online…
  • add this feed to my.Alltop

    Pivot Point Security

  • Recommended Reading – Threat Modeling: Designing for Security by Microsoft’s Adam Shostack

    Kelly Player
    23 Oct 2014 | 4:00 am
    For anyone charged with assessing information security risk—from newly-appointed project manager to veteran security geek— check out Adam Shostack’s recent book, Threat Modeling: Designing for Security. Though oriented towards software development, it’s one of the few books I’ve seen on this subject that offers useful tips and guidance to practitioners at all levels. Whether for audit, compliance, or certification (e.g., ISO 27001) purposes, the more proficient our clients are at risk assessment in their own environments, the easier the process and the better the outcome. In…
  • Here’s Why Using Information Security Policy Templates for ISO 27001 Certification Isn’t A Good Idea

    Mosi
    22 Oct 2014 | 4:00 am
    Clients often ask me whether they can make their lives easier by using information security policy templates to document compliance with the ISO 27001 standard for certification purposes. My answer is uniformly “No.” Here’s why. The ISO 27001 standard has over 50 requirements in clauses 4 through 10, and 114 controls in Annex A. None of those requirements mandates or even recommends the use of templates for security policies and procedures. So why do organizations seeking certification often want to use templates to document compliance with ISO 27001? Usually it’s because they’re…
  • Are Your Calls Being Intercepted? More on Rogue Cell Phone Towers

    Robert Oliver
    21 Oct 2014 | 4:00 am
    Recently we blogged about rogue cell towers (also called IMSI catchers, stingrays or GSM interceptors) and the potential risk they pose of intercepting cell phone calls. An ongoing investigation into the proliferation of these devices has found rogue cell phone towers all over the Washington, DC area—including near the White House, the US Capitol and the Supreme Court. Researchers and information security specialists are concerned that the towers discovered so far might be only the tip of the iceberg. The systems are designed to be portable and can be operated from a vehicle or moved around…
  • Include Domain Name Ransom or Cybersquatting in Your ISO 27001 Risk Assessment

    John
    14 Oct 2014 | 4:00 am
    ISO 27001 works great—assuming that you are great at risk assessment.  If you miss a risk, you may be vulnerable, and unfortunately some risks are often not fully considered. One such risk is Domain Name Ransom, aka cybersquatting. This topic is on my mind because I had an interesting call today with a potential client who reached out to us because his organization was being held “ransom” over a like domain name. It’s one of those risks that too few organizations consider. For illustrative purposes, say we’re talking about a professional services firm named “Platt & Verry”…
  • Has Your Business Correctly Assessed Its Information Security Risks?

    Andrew Shumate
    9 Oct 2014 | 4:00 am
    Risk is all about perception. We often make decisions about how to stay safe based on the perception of risk rather than on the actual risk. For example, people perceive far more risk around earthquakes than they do around slipping on the bathroom floor, although in most places on earth you’re hundreds of times more likely to die from the latter cause. When it comes to information security risk assessment, this aspect of human nature can lead to a false sense of confidence. That is, the perceived effectiveness of information security investments often differs from the actual security they…
 
  • add this feed to my.Alltop

    HOTforSecurity

  • Ouch! Security expert writes book about hackers, then has his publisher hacked

    Graham Cluley
    25 Oct 2014 | 2:33 am
    Award-winning investigative reporter Brian Krebs has a book coming out next month called “Spam Nation”, exploring the underbelly of the cybercrime world. It’s bound to be a brilliant book because, well.. frankly, everything Krebs does is brilliant.   But if you’re one of the eager followers of Krebs’ blog who has pre-ordered his book, or other products, from his publisher Sourcebooks then you may want to keep a close eye on your credit card statements. Because, in a twist of immense irony, Brian Krebs’s publisher has been hacked. Ouch! Details of the…
  • New Facebook App Encourages Anonymous Sharing

    Alexandra Gheorghe
    24 Oct 2014 | 5:39 am
    Facebook’s new mobile app, Rooms, allows people to create groups and share their interests under pseudonyms, Facebook announced. “A room is a feed of photos, videos, and text — not too different from the one you have on Instagram or Facebook — with a topic determined by whoever created the room,” Facebook says. The app does not require users to reveal their real name, own a Facebook account or an email address to sign up. It uses a QR-code invite system to grow in popularity- people take a photo of the app’s QR-code to gain access. “In Rooms you can be “Wonder Woman”…
  • Apple Drops SSL 3.0 for Push Notifications due to Poodle Flaw

    Lucian Ciolacu
    23 Oct 2014 | 4:04 am
    Apple is going to drop SSL 3.0 support for their push notification service due to the recently discovered POODLE vulnerability in the SSL protocol, according to Apple’s announcement. The company is pulling the plug for SSL 3.0 support on Wednesday, October 29, in favor of the newer and more secure Transport Layer Security (TLS) protocol. “Providers using only SSL 3.0 will need to support TLS as soon as possible to ensure the Apple Push Notification service continues to perform as expected,” the announcement said. “To check for compatibility, we have already disabled…
  • Google Strengthens Accounts with USB Security Key

    Alexandra Gheorghe
    22 Oct 2014 | 8:22 am
    Google users are now able to secure their accounts with a physical USB security key acting as a second factor in the authentication process, according to a Google blog post. Google has been exploring the possibilities of hardware authentication since 2012, however the official announcement came a day ago. “Today we’re adding even stronger protection for particularly security-sensitive individuals,” Nishit Shah, Product Manager at Google Security said. The Security Key first verifies the authenticity of the Google login page. After entering the account credentials, the key needs to be…
  • Mac OS X Yosemite Leaks User Location and Search Results to Apple

    Alexandra Gheorghe
    22 Oct 2014 | 8:15 am
    Spotlight, the search tool embedded in Apple’s latest desktop operating system, is collecting search and location data by default, according to news reports. Users started complaining about the issue on Twitter. The company confirmed that anyone who uses Spotlight or iOS8 will have his data sent back to Apple servers in real time. “When you use Spotlight, your search queries, the Spotlight Suggestions you select, and related usage data will be sent to Apple,” the post reads. “If you have Location Services on your device turned on, when you make a search query to Spotlight…
  • add this feed to my.Alltop

    Video Surveillance

  • Another Unique Application for Video Surveillance: Counting Pedestrians

    17 Oct 2014 | 8:37 am
    New York City is leveraging its existing security camera system to the fullest by counting the number of footsteps of pedestrians in areas with the highest number of commuters. The city believes that the data, recorded by the surveillance cameras already installed in strategic locations, will give law enforcement and government officials valuable information to help curtail urban problems Some of these problems, among others, include public safety and trash collection. Watch the video below to learn more about the new citywide project:
  • Learn About Frame Rate and Shutter Speed with Axis

    16 Oct 2014 | 1:14 pm
    Do you know what the difference is between a camera's frame rate and its shutter speed? These settings are important to getting clear, steady videos and Axis is here to help you learn! Frame rate is the number of frames, or images, a camera captures per second. Shutter speed determines how much, or how little, light is let into the camera. Watch this 60-second video from Axis to learn more:
  • Suspects Accused of Stealing Valuable Office Equipment from Three Businesses

    9 Oct 2014 | 9:20 am
    It doesn't matter if you own or operate a retail business; regular office buildings and suites are also prime targets for thieves. According to a recent news report by ABC7news.com, three businesses in Fremont, California (Black Magic Design, Mac House Productions, and Core Microsystems) had hundreds of thousands of dollars of office equipment stolen by a group of suspects. Law enforcement claims that these were savvy thieves with experience in this type of theft by acting fast and knowledgeable in what they were doing. The good news is that Mac Productions' video surveillance cameras…
  • Learn About the Long-Distance Power of Wireless Surveillance

    1 Oct 2014 | 5:21 pm
    Whether you're securing a large college campus on need to keep an eye on remote buildings on your property, wireless surveillance systems make it easy to connect cameras over long distances. Using a system of wireless antennas and base stations, your system will send and receive data for up to 10 miles. To help you better understand this powerful technology and its uses, VideoSurveillance.com has released a new guide to wireless video surveillance. This guide covers how the systems work, what surveillance situations are ideal candidates for wireless systems, and how your business can benefit.
  • New HD Onboard Surveillance

    10 Sep 2014 | 4:26 pm
    Onboard recording is becoming a popular security measure by recording video evidence of altercations between passengers on public transportation, driver misconduct, and even police activity when pulling over cars. When it comes to onboard surveillance, there are a few key features to look for: HD quality, a protective housing, and audio recording. With 720p HD resolution, the Axis P3904-R M12 camera can record clear, detailed surveillance video. Ideal for use on city busses, subway trains, and cars, this camera comes with a rugged M12 connector to ensure that the bumps and shocks of driving…
  • add this feed to my.Alltop

    Infosec Communicator »

  • Shockproofing Your Use of Social Media eBook available!

    bwadmin
    17 Oct 2014 | 8:25 am
    My Shockproofing Your Use of Social Media: 10 Things You Should Know eBook is now available on Kindle! For those of you who have attended one of my Lightning Talks about Internet Safety, this book fleshes out my recommendations for … Continue reading →
  • The Secure Communicator

    bwadmin
    17 Aug 2014 | 1:39 pm
    I had the pleasure of discussing information security best practices for technical communicators through an STC webinar. Here’s the presentation: … Continue reading →
  • Updated Shock-proofing your Use of Social Media Presentation

    bwadmin
    15 Aug 2014 | 11:08 am
    I’ve updated my Shock-proofing your Use of Social Media presentation for the Fall 2014 New Student Orientation program at the Rochester Institute of Technology. I’ve changed the passphrase example, added a new cartoon, and generally worked to make the presentation … Continue reading →
  • A Techcomm Bestiary, Summit14 edition

    bwadmin
    7 May 2014 | 12:23 pm
    I’ve changed out one slide from the Spectrum14 presentation. Looking forward to presenting this to a crowd at the STC Summit in Phoenix. … Continue reading →
  • A Techcomm Bestiary, Spectrum 2014

    bwadmin
    21 Apr 2014 | 2:38 pm
    I thought this came together pretty well and I had a great time presenting my first revision of A Techcomm Bestiary at STC Rochester’s Spectrum 2014. I may make a couple of slide changes before the STC Summit, but this … Continue reading →
 
  • add this feed to my.Alltop

    Seculert Blog on Advanced Threats and Cyber Security

  • Home Depot Hackers Already Draining Victims’ Accounts

    Liora R. Herman
    14 Oct 2014 | 11:00 pm
    The Wall Street Journal has reported that the hackers who’ve gotten their digital hands on payment card data from as many as 56 million Home Depot customers in the United States and Canada have already started draining the victims’ bank accounts, and purchasing electronics, prepaid cards (a.k.a. gift cards), and even groceries with their stolen […] The post Home Depot Hackers Already Draining Victims’ Accounts appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Backoff PoS Malware Victim Count Could Far Exceed 1000

    Liora R. Herman
    14 Oct 2014 | 5:02 am
    Kaspersky Labs is reporting that the number of victims infected by the notorious Backoff PoS malware could far exceed the approximately 1,000 estimated by officials from the US Department of Homeland Security and Secret Service. The revised damage projection is based on an analysis of intercepted traffic between infected systems and two Backoff command and […] The post Backoff PoS Malware Victim Count Could Far Exceed 1000 appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Goodwill Industries’ Security Breach- Undetected for 18 Months

    Liora R. Herman
    13 Oct 2014 | 5:00 am
    We previously wrote about a possible security breach affecting Goodwill Industries’ credit and debit card customers in 21 States; a breach that the company later confirmed and blamed on an unnamed third-party PoS vendor. Now, after obtaining some internal documents (ironically) meant to help individual Goodwill stores handle media inquiries, Brian Krebs – who broke […] The post Goodwill Industries’ Security Breach- Undetected for 18 Months appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Remotely Exploitable Vulnerability on the Loose

    Liora R. Herman
    8 Oct 2014 | 4:26 am
    A remotely exploitable vulnerability in GNU Bash dubbed “Shellshock” is on the loose, and targeting Debian and Linux distributions. Key details for CVE-2014-6271 uncovered by Akamai include: The vulnerability has existed for some time The vulnerability is exposed in SSH to authenticated sessions Key attack vectors identified so far include HTTP requests and CGI scripts, […] The post Remotely Exploitable Vulnerability on the Loose appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Malware Abuses Virtual Machines

    Liora R. Herman
    24 Sep 2014 | 1:31 am
    As reported by Jeremy Kirk of IDG News Service, Symantec researchers have identified a rather unexpected – yet effective — new tactic that bad actors are using to avoid detection when infecting virtual machines with malware: shutting up. In the past, malware that found itself in a virtual machine operational environment typically fled for the […] The post Malware Abuses Virtual Machines appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • add this feed to my.Alltop

    Managed File Transfer and Network Solutions

  • Poodle vulnerability (CVE-2014-3566) patched in JSCAPE MFT Server

    Van Glass
    24 Oct 2014 | 7:55 am
    The Poodle vulnerability (CVE-2014-3566) has been patched in the latest version of JSCAPE MFT Server (9.0.7.126) by disabling the SSLv3 protocol.  Customers using previous versions of JSCAPE MFT Server are encouraged to upgrade to the latest version.  For instructions on disabling SSLv3 or additional assistance please contact the Help Desk for a prompt reply. A patch for JSCAPE MFT Gateway will be made available shortly.    
  • Setting Up an SFTP Server

    John Carl Villanueva
    22 Oct 2014 | 11:39 pm
    Overview I've been going over our posts lately and just realised that, while we've managed to put together a decent collection of information regarding SFTP file transfers, we actually don't have an article that teaches how to set up an SFTP server. I'm sure some of you have been resourceful enough to go through the documentation and sift through all the relevant pages in there. But for those who just want one place for it all, this is the article for you. For this tutorial, I'll be using JSCAPE MFT Server, our managed file transfer server that supports SFTP as well as a number of other…
  • What Is An SFTP Key?

    John Carl Villanueva
    22 Oct 2014 | 12:08 am
    Overview What good is an encrypted data transfer if the information it protects still falls into the wrong hands in the end? SFTP is best known for its ability to encrypt data while in transit. But while data-in-motion encryption can secure confidential information as it traverses the network, encryption can't prevent an impostor from carrying out the download himself. For that purpose, you'll want your users to authenticate with the right password and the right SFTP key.     In this post, we'll talk about the role of SFTP keys (a.k.a. private keys) in the overall security…
  • Securing Trading Partner File Transfers w/ Auto PGP Encryption & FTPS

    John Carl Villanueva
    18 Oct 2014 | 8:50 am
    Overview PGP encryption can add another layer of protection to a trading partner file transfer already secured by FTPS. It can also provide data-at-rest encryption as soon as the file arrives at the other end. In this post, we'll show you how to set up a fully automated file transfer secured by OpenPGP and FTPS using JSCAPE MFT Server triggers.   What we'd like to do     Does that look like something you could use? Here are the steps to achieve that.   1. Import your trading partner's PGP public key   Before you can PGP encrypt a file which your trading…
  • How To Set Up A HTTPS File Transfer

    John Carl Villanueva
    8 Oct 2014 | 12:26 pm
    Overview In this post, you'll learn how to set up a HTTPS file transfer. We'll begin with a "quickstart", where you'll use the default settings in order to get a HTTPS file transfer service up and running with just a few clicks. After that, we'll tackle some of the more advanced settings so you can choose your desired set of SSL/TLS cipher suites and server key. Your choice of cipher suites and keys will have an effect on the security of your HTTPS service and its compatibility with your users' web browsers.  Note: The HTTPS or HTTP Secure protocol is defined in RFC 2818, so if you…
  • add this feed to my.Alltop

    Radware Blog

  • Les Assises 2014 Conference Takeaways, Building a Yellow Brick Road in France

    Carl Herberger
    20 Oct 2014 | 9:18 am
    Recently, I had the good fortune to be invited to present the keynote speech at the 2014 Les Assises Security Conference held in the beautiful city state of Monaco. Les Assises is the largest information-security gathering in France and year-in and year-out it proves to be not only a huge information sharing opportunity, but also a time of self-reflection and strategy affirmation for the thousands of security executives that attend. The conference was brimming with a bursting-at-the-seams attendance and a full dance-card of top notch speakers and engaging topics to review.  I learned a lot…
  • CVE 2014-3566 POODLE: A New Vulnerability

    radware
    16 Oct 2014 | 7:33 am
    Radware’s Emergency Response Team (ERT) is reporting a new vulnerability published under CVE 2014-3566 named POODLE (Padding Oracle on Downgraded Legacy Encryption). This SSLv3 POODLE vulnerability can force a client to negotiate SSLv3 instead of TLS and then carry out BEAST (Browser Exploit Against SSL/TLS) attacks to obtain information from an encrypted stream. What Have We Learned? Unlike previous vulnerabilities we’ve seen this past year that allowed a hacker to access a server (Heartbleed and Shellshock), this new vulnerability targets clients. POODLE affects SSLv3, which…
  • REPORT: State of the Union for Ecommerce Page Speed & Web Performance [Fall 2014]

    Tammy Everts
    14 Oct 2014 | 4:08 am
    Cyber Monday is just around the corner, and early predictions point to holiday ecommerce sales hitting an all-time record of $72 billion. But retailers know that competition for this ecommerce spend will also be at an all-time high. Many will leverage aggressive strategies, ranging from rich visuals to geo-targeting campaigns, to earn their share of the holiday retail pie. These strategies, however, can come with a significant performance price tags, making pages slow to render — and ultimately driving away consumers. Today at Radware, we’ve released our latest research into the…
  • REPORT: 2014 State of the Union for Mobile Ecommerce Performance

    Tammy Everts
    14 Oct 2014 | 4:07 am
    Mobile used to take the backseat to desktop, but in 2014 this is no longer the case. One out of four people worldwide own a smartphone, and at least 55% of all time spent on retail sites takes place on mobile devices. These numbers are why we’ve decided to release our annual state of the union for mobile web performance on the same day as our quarterly desktop state of the union. In this post, I’ll walk through a high-level summary of our key findings, including statistics around mobile load times, website fragmentation across devices, and mobile performance challenges. Today, 90%…
  • Tsunami SYN Flood Attack – A New Trend in DDoS Attacks?

    radware
    8 Oct 2014 | 7:36 am
    Over the past week Radware’s Emergency Response Team (ERT) detected a new type of SYN flood which is believed to be specially designed to overcome most of today’s security defenses with a TCP-based volume attack. Within a 48-hour period two different targets in two different continents were targeted with this new technique and have experienced very high attack volumes. As a background, a normal SYN packet is characterized with about 40-60 bytes per packet.  The new attack type departs from the typical make up of a SYN packet by transmitting very large packet sizes which…
 
  • add this feed to my.Alltop

    pfSense Setup HQ

  • Bandwidth Monitoring with BandwidthD

    maximumdx
    20 Oct 2014 | 2:00 pm
    Configuring BandwithD in pfSense 2.1.5. BandwidthD tracks usage of TCP/IP subnets and builds HTML files with graphs to display utilization. Charts are built for individual IP addresses, and by default display utilization over 2 day, 8 day, 40 day, and 400 day periods. Furthermore, each IP address’s utilization can be logged at intervals of 3.3 minutes, 10 minutes, 1 hour or 12 hours in CDF format, or to a backend database server. HTTP, TCP, UDP, ICMP, VPN, and P2P traffic are color-coded. BandwidthD can produce output in two ways. The first is as a standalone application that produces…
  • Data Link Layer Advertising with ladvd

    maximumdx
    14 Oct 2014 | 2:00 pm
    Configuring ladvd under pfSense 2.1.5. ladvd sends LLDP (Link Layer Discovery Protocol) advertisements on all available interfaces. This makes connected hosts visible on managed switches. By default, it will run as a privilege-separated daemon. In addition to LLDP, ladvd also supports the following protocols: Cisco Discovery Protocol (CDP): This is a proprietary Data Link Layer protocol developed by Cisco Systems. It is used to share information about other directly connected Cisco equipment, such as the operating system version and IP address. It can also be used for On-Demand Routing, which…
  • ModSecurity: Part Two

    maximumdx
    11 Oct 2014 | 4:00 pm
    Configuring site proxies in ModSecurity under pfSense 2.1.5. In the previous article, we covered installation of ModSecurity and began configuration. In this article, we continue our look at configuration. We had covered the first five settings on the “Proxy Server Settings” tab. The next setting, the “Use mod_mem_cache” checkbox, enables mod_mem_cache, which stores cached documents in memory. In the next edit box, “mod_mem_cache memory usage”, you can set the memory usage in megabytes. The next setting, the “Use mod_disk_cache” checkbox,…
  • ModSecurity: Part One

    maximumdx
    6 Oct 2014 | 2:00 pm
    Configuring settings in ModSecurity under pfSense 2.1.5. ModSecurity is a open source toolkit for real-time web application monitoring, logging, and access control. It supplies an array of request filtering and other security features to the Apache HTTP Server, IIS, and NGINX. Its capabilities, among other things, include the following: ModSecurity gives you access to the HTTP traffic stream, in real-time, along with the ability to inspect it. This allows you to do real-time security monitoring. ModSecurity also enables you to track system elements over time and perform event correlation.
  • September 2014 Amazon Affiliate Purchases

    admin
    6 Oct 2014 | 9:00 am
    Here are some of the products readers purchased through my Amazon affiliate links during the month of September 2014: EnGenius Technologies Long-Range Wireless-N Indoor AP/Bridge (ECB300) Mikrotik RB951-2N Wireless Router 802.11b/g/n NZXT Technologies Sentry 3 5.4-Inch Touch Screen Fan Controller Cooling AC-SEN-3-B1 Oriental Furniture Modern Furniture, 6-Feet Helsinki Fabric Japanese Privacy Screen Room Divider, 4 Panel Honey Disney Infinity Power Disc Complete Series 1 Set of 20 Your purchases through this site’s Amazon affiliate links help keep the lights on at pfsensesetup.com. And…
  • add this feed to my.Alltop

    Tips4Tech Blog

  • Top 10 Tips to Share with Employees During Cyber Security Awareness Month (#NCSAM)

    Allan Pratt
    9 Oct 2014 | 7:28 pm
    There is no dispute that data breaches are becoming more common, and as a result, online safety and the protection of personally identifiable information (PII) are hot topics in the mainstream media. Therefore, the month of October presents an excellent opportunity for all businesses, especially midsize businesses, to remind employees about their responsibilities when it comes to protecting corporate data. Here are my top ten tips to share with employees during Cyber Security Awareness Month: [1] Complex Passwords All passwords should be at least 10 characters and include lower and upper case…
  • Are You Integrating Security into Your Celebration of #CXDay?

    Allan Pratt
    1 Oct 2014 | 7:47 pm
    Is the first Tuesday of October marked as a special date on your calendar? If not, the significance around social channels will alert you to this hashtag. The second Tuesday in October is #CXDay, and according to Annette Franz (@CXJourney on Twitter), “It’s a celebration of customer experience professionals, those folks who work tirelessly to design and deliver a great customer experience to their customers. The day is meant to continue to raise awareness of the importance of the customer experience.” My grad school studies were in marketing, so while my professional focus…
  • Don’t Forget Security When It Comes to E-Waste

    Allan Pratt
    24 Sep 2014 | 7:43 pm
    With school back in session and Halloween just around the corner, the December holidays will soon be here. And with December holidays quickly approaching, it’s time to start dreaming about all the new technology purchases on your holiday shopping list. But as you dream, what will you do with all your current devices? As you wonder where you’ll take your outdated smartphones, tablets, and desktops, either conduct a Google search for your nearest e-waste drop-off location or use a convenient app on your smartphone to find a location. But, whatever you do, take security precautions.
  • Don’t Forget Security When Developing Corporate Mobile Apps

    Allan Pratt
    9 Sep 2014 | 8:28 pm
    With the rise in mobile device usage, bring your own devices to work (BYOD), the Internet of Things (IoT), combined with the decline of personal computers, many corporate leaders believe that their businesses should develop a mobile application, or in tech lingo, an app. An Appcelerator survey of enterprise leaders released in January 2013 reported that 73% of enterprises built fewer than five applications, and 39% built none or just one. (1) (2) But does your business really need an app to be competitive, or do you simply want to be able to SAY you have one? Will an app fill a critical hole…
  • Privacy, Security and Voice Search: Does Your Company Know What It’s Getting Into?

    Allan Pratt
    22 Aug 2014 | 7:09 pm
    These days, everyone is using the voice search function across all platforms on all devices. Look no further than an iPhone to an Android phone to the Windows tablet, and you’ll see most people speaking questions instead of typing them. Without a doubt, it’s much easier to speak a request or question rather than typing it on a small keyboard. But do you know the reason that your device gets more accurate? The reason is because all of your voice commands are stored on servers that are owned by Microsoft, Apple or Google. As you speak, those servers are accessed and an algorithm is used…
  • add this feed to my.Alltop

    Milton Security

  • Microsoft Discloses Zero-Day Attacks Using PowerPoint

    Milton Security Group
    22 Oct 2014 | 9:28 am
    You may remember that Microsoft patched three zero-day vulnerabilities in the last Update Tuesday that were being exploited by hackers. It turns out they’ll be patching yet another. This time the zero-day vulnerability uses malicious PowerPoint documents. A security advisory from Microsoft warns that the newly discovered flaw, which resides in the operating system’s code, is present in all supported versions of Windows with the exception of Windows Server 2003. They also added that they’ve already seen some targeted attacks attempting to exploit the flaw. “The vulnerability could…
  • Staples Investigating Potential Breach

    Milton Security Group
    21 Oct 2014 | 9:24 am
    Staples, a popular office supply chain, announced Monday afternoon that it would join the hoards of companies that would be accepting Apple Pay. Unfortunately, they had to follow that up mere hours later with the announcement that they are investigating a potential data breach involving customer credit card data. Has Staples gone the way of Target, Home Depot, and Kmart? It certainly sounds that way. Security reporter, Brian Krebs, wrote that multiple banks had been reporting signs of credit card fraud, and that those signs were pointing to a Staples breach. According to Krebs, the customer…
  • Patch Released for Drupal SQL Injection Vulnerability

    Bethany Nolan
    16 Oct 2014 | 9:36 am
    Are you running Drupal version 7? If so, it is time to upgrade! Sektion Eins, a German PHP security firm has discovered a SQL injection flaw in Drupal, an open source content management system, version 7.   SQL, or Structured Query Language, is a programming language designed for requesting data in a relational database management system, or a relational data stream management system. A SQL injection is a malicious attack that involves inserting SQL queries in to an entry field for execution, giving the attacker the ability to pull any information out of a database that they wish to. A SQL…
  • Details of new SSL 3.0 Vulnerability, POODLE, Released

    Milton Security Group
    14 Oct 2014 | 4:20 pm
    The long rumored SSL vulnerability has finally been made public. For weeks, we’ve been hearing about the possibility that there may be another bug like Heartbleed. The question has always been, “How bad?” Then yesterday rumors swirled that it was so bad that it was being kept under wraps until a patch could be released. Today, Google published the details of a vulnerability, dubbed “The POODLE Bug” (Padding Oracle On Downgraded Legacy Encryption), that they found in the Secure Sockets Layer (SSL) version 3.0 web encryption protocol. The vulnerability may be 15 years old, but it is…
  • Oregon’s Employment Department Discovers Security Vulnerability

    Bethany Nolan
    14 Oct 2014 | 9:59 am
    The Oregon Employment Department(OED) has announced that a security vulnerability on the agency’s website may have exposed information on over 850,000 individuals who registered for job search help and other services. The Employment Department identified and stopped the security vulnerability found in the WorkSource Oregon Management Information System(WOMIS), on October 6th. The WOMIS was shut down while the security vulnerability, a lack of encryption on an older system, was addressed in order to eliminate any possibility of retrieving more social security information. The system was…
 
  • add this feed to my.Alltop

    Cyberoam : Securing You

  • Vulnerability Alert: Remote Code Execution via Windows OLE Packager

    Cyberoam Threat Research Labs
    15 Oct 2014 | 11:55 pm
    A remote code execution vulnerability has been reported in Microsoft Windows OLE (Object Linking and Embedding) Packager. OLE allows embedding and linking to documents and other objects and is proprietary technology developed by Microsoft. The vulnerability is due to insufficient validation of certain files which can cause the OLE packager to download and execute arbitrary code. CVE ID: CVE-2014-4114 CVSS Scoring CVSS Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSS Temporal Score: 5.8 (E:U/RL:U/RC:C) Affected Software Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows…
  • Vulnerability Alert: SSL v3.0 Making Browsers Prone to Hacking

    Cyberoam Threat Research Labs
    15 Oct 2014 | 6:25 am
    Threat Description A major security flaw has been discovered in what is now recognised as an outdated Web Encryption Standard – SSL v3.0. Though, the protocol has been replaced by its succeeding TLS implementations, the backward compatibility feature still makes them vulnerable to the flaws of SSL v3.0. Google has termed the vulnerability in this 15 year old protocol as POODLE (Padding Oracle On Downgraded Legacy Encryption). This flaw can make encrypted data visible to a hacker with access to the network. POODLE has been identified as a major issue as it affects both websites as well as…
  • LimitLess KeyLogger – New Malware

    Anurag Singh
    15 Oct 2014 | 2:33 am
    A new malware was discovered by a Greek Researcher on the 20th last month, which uses a combination of AutoIT software programs[1] and a commercial keyboard logger called ‘Limitless Keylogger’. As soon as the malware infects a victim host, the keylogger records every input typed from the keyboard and sends it to a specified email address of the attacker. It can include email addresses, passwords, and confidential documents. It can lead to financial fraud, identity theft and data breach etc. This malicious software depends on AutoIT to stay undetected from end point AV. For the…
  • Payment Card Info Data Breach of World’s Largest Travel Site – TripAdvisor

    Anurag Singh
    14 Oct 2014 | 4:55 am
    On 19th September 2014, a recently acquired unit Viator of one of the largest travel site – TripAdvisor posted a Press release on their website confirming data breach of approximately 1.4 million customers, who had some form of information potentially affected by the compromise. Excerpts from the official Press Release by Viator According to the official press release by Viator, “On September 2, we were informed by our payment card service provider that unauthorized charges occurred on a number of our customers’ credit cards. We have hired forensic experts, notified law…
  • 5 Million+ Gmail and Yandex Accounts Compromised

    Anurag Singh
    8 Oct 2014 | 10:42 pm
    Around 10th September someone posted a link pointing to log-in credentials of millions of Gmail users on a Reddit webpage. The archive file containing nearly 5 million Gmail email addresses and plain text passwords was posted on Russian Bitcoin security forum known as btcsec.com on 9th September by someone who uses ‘tvskit’ alias/name on that website[1]. He said that almost 4.93 million accounts allegedly belong to Spanish, English and Russian users and claimed that over 60 percent of accounts are active. Along with Gmail, thousands of log-in credentials for Russia’s largest search…
Log in