Apple is bowing to pressure from the Chinese government and storing encryption keys in China. While I would prefer it if it would take a stand against China, I really can't blame it for putting its business model ahead of its desires for customer privacy.
NUREMBERG, Germany, Feb. 27, 2018 (GLOBE NEWSWIRE) — NXP Semiconductors N.V. (NASDAQ:NXPI), a worldwide leader in advanced secure connectivity solutions, today announced that its NXP Layerscape System-on-Chip (SoC) platforms are integrated with Microsoft Azure IoT Edge. The result is that developers can easily create a variety of ready-to-use applications within the rich framework provided by … Continue reading "NXP Integrates Layerscape Family of Arm-based Processors with Microsoft Azure IoT for Secure Edge Computing"
The post NXP Integrates Layerscape Family of Arm-based Processors with Microsoft Azure IoT for Secure Edge Computing appeared first on Trusted Computing Group.
The post NXP Integrates Layerscape Family of Arm-based Processors with Microsoft Azure IoT for Secure Edge Computing appeared first on Security Boulevard.
BEC, or Business Email Compromise, is a contemporary twist on a staple scam. Often in the shadow of the more extravagant, media-friendly super-hacks or ransomware compromises, Business Email Compromise is leading the line on both the number of attack victims AND the direct losses encountered by businesses. Although not as en vogue as other ‘nouveau’ […]… Read More
The post Business Email Compromise: The Secret Billion Dollar Threat appeared first on The State of Security.
The post Business Email Compromise: The Secret Billion Dollar Threat appeared first on Security Boulevard.
In order to distinguish the sizes of merchant companies and appropriately determine the level of testing required, the founding credit card companies created four different brackets ranging from Tier 1 to 4. Each tier is based on the number of transactions processed per year by the merchant and also dictates the testing a merchant must […]… Read More
The post A Guide to PCI DSS Merchant Levels and Penetration Testing appeared first on The State of Security.
The post A Guide to PCI DSS Merchant Levels and Penetration Testing appeared first on Security Boulevard.
Overall, technologies can be pretty straightforward to secure. Teach software not to execute a certain command, block a port, or alert on a set of conditions, and it will abide. Humans, on the other hand are not as easy to harden against attacks. These attacks are frequently delivered through emails, text messages, social media, or […]
The post The user awareness landscape appeared first on Security Boulevard.
Introduction An organization’s incident response plan (IRP) should be their first line of defense against attacks and threats. IRPs are manuals that describe how organizations detect and limit the...
Go on to the site to read the full article
The post How to Create an Effective Incident Response Plan appeared first on Security Boulevard.
Introduction In today’s Cyber security world, the ability to conduct a proper forensics investigation at the scene of a crime is of utmost importance. It takes a highly qualified individual to...
Go on to the site to read the full article
The post Computer Forensics: The Computer Hacking Forensics Investigator (CHFI) Certification appeared first on Security Boulevard.
What was the famous Bill Gates quote? “We always overestimate the change that will occur in the next two years and underestimate the change that will occur in the next ten.” Well, we at Securosis actually can gauge that accurately given this is the TENTH annual RSA Conference Disaster Recovery Breakfast.
I think pretty much everything has changed over the past 10 years. Except that stupid users still click on things they shouldn’t. And auditors still give you a hard time about stuff that doesn’t matter. And breaches still happen. But we aren’t fighting for budget or attention much anymore. If anything, they beat a path to your door. So there’s that. It’s definitely a “be careful what you wish for” situation. We wanted to be taken seriously. But probably not this seriously.
We at Securosis are actually more excited for the next 10 years, and having been front and center on this cloud thing we believe over the next decade the status quo of both security and operations will be fundamentally disrupted. And speaking of disruption, we’ll also be previewing our new company – DisruptOPS at breakfast, if you are interested.
We remain grateful that so many of our friends, clients, and colleagues enjoy a couple hours away from the insanity that is the RSAC. By Thursday it’s very nice to have a place to kick back, have some quiet conversations, and grab a nice breakfast. Or don’t talk to anyone at all and embrace your introvert – we get that too.
The DRB happens only because of the support of CHEN PR, LaunchTech, CyberEdge Group, and our media partner Security Boulevard. Please make sure to say hello and thank them for helping support your recovery.
As always the breakfast will be Thursday morning (April 19) from 8-11 at Jillian’s in the Metreon. It’s an open door – come and leave as you want. We will have food, beverages, and assorted non-prescription recovery items to ease your day. Yes, the bar will be open. You know how Mike likes the hair of the dog.
Please remember what the DR Breakfast is all about. No spin, no magicians (since booth babes were outlawed) and no plastic light sabers (much to Rich’s disappointment) -– it’s just a quiet place to relax and have muddled conversations with folks you know, or maybe even go out on a limb and meet someone new. We are confident you will enjoy the DRB as much as we do.
To help us estimate numbers, please RSVP to rsvp (at) securosis (dot) com.
- Mike Rothman
(0) Comments
Subscribe to our daily email digest
The post The TENTH Annual Disaster Recovery Breakfast: Are you F’ing Kidding Me? appeared first on Security Boulevard.
Introduction Nowadays, the number of security incidents have increased. If an organization’s business is paralyzed by an unwanted or unforeseen event, the business needs to recover and to...
Go on to the site to read the full article
The post More Free/Open Source Computer Forensics Tools appeared first on Security Boulevard.
In the era of Amazon and mainstream e-commerce, every online retailer has to deliver a compelling user experience across their web and mobile channels while protecting customers from cyberattacks and fraud. Recently, Shape collaborated with R-CISC to share attack data and analysis of the most prevalent threats for retailers and best practices on how Top … Continue reading "Key Takeaways: Retail Threat Briefing Webinar with R-CISC"
The post Key Takeaways: Retail Threat Briefing Webinar with R-CISC appeared first on Security Boulevard.
Forbes reports that the Israeli company Cellebrite can probably unlock all iPhone models:
Cellebrite, a Petah Tikva, Israel-based vendor that's become the U.S. government's company of choice when it comes to unlocking mobile devices, is this month telling customers its engineers currently have the ability to get around the security of devices running iOS 11. That includes the iPhone X, a model that Forbes has learned was successfully raided for data by the Department for Homeland Security back in November 2017, most likely with Cellebrite technology.
[...]
It also appears the feds have already tried out Cellebrite tech on the most recent Apple handset, the iPhone X. That's according to a warrant unearthed by Forbes in Michigan, marking the first known government inspection of the bleeding edge smartphone in a criminal investigation. The warrant detailed a probe into Abdulmajid Saidi, a suspect in an arms trafficking case, whose iPhone X was taken from him as he was about to leave America for Beirut, Lebanon, on November 20. The device was sent to a Cellebrite specialist at the DHS Homeland Security Investigations Grand Rapids labs and the data extracted on December 5.
This story is based on some excellent reporting, but leaves a lot of questions unanswered. We don't know exactly what was extracted from any of the phones. Was it metadata or data, and what kind of metadata or data was it.
The story I hear is that Cellebrite hires ex-Apple engineers and moves them to countries where Apple can't prosecute them under the DMCA or its equivalents. There's also a credible rumor that Cellebrite's mechanisms only defeat the mechanism that limits the number of password attempts. It does not allow engineers to move the encrypted data off the phone and run an offline password cracker. If this is true, then strong passwords are still secure.
One debate is about the security of the Cloud and the Cloud provider. Once you decide to go there, the next question is about how to get it done. There are a few key and basic concepts to be followed. First and foremost you need to understand, which responsibilities you are moving with the workload…
The post Securely Moving Workloads to the Cloud appeared first on Security Boulevard.
A company based in Israel has become the go-to entity for unlocking virtually any iDevice sold by Apple running iOS 5 to 11, according to anonymous sources. Apple puts a great deal of effort into locking down its hardware from prying eyes to ensure the privacy of end users. It goes as far as to […]
The post Israeli forensics firm claims it can unlock any iPhone on iOS 5 to iOS 11 appeared first on Security Boulevard.
Government officials have revealed that WannaCry ransomware affected more than 100 computers at a dozen Connecticut state agencies. According to Connecticut’s Department of Administrative Services (DAS), state officials detected the digital attack against 160 computers at 12 state agencies on 23 February. Jeffrey Beckham, a spokesperson for the agency, says that IT personnel worked on […]… Read More
The post A Dozen Connecticut State Agencies Targeted by WannaCry Ransomware appeared first on The State of Security.
The post A Dozen Connecticut State Agencies Targeted by WannaCry Ransomware appeared first on Security Boulevard.
Forbes reports that the Israeli company Cellebrite can probably unlock all iPhone models: Cellebrite, a Petah Tikva, Israel-based vendor that's become the U.S. government's company of choice when it comes to unlocking mobile devices, is this month telling customers its engineers currently have the ability to get around the security of devices running iOS 11. That includes the iPhone X,...
The post Cellebrite Unlocks iPhones for the US Government appeared first on Security Boulevard.
One of the prominent trends in 2017 was an increase in short-burst attacks, which have become more complex, more frequent and longer in duration. Burst tactics are typically used against gaming websites and service providers due to their sensitivity to service availability as well as their inability to sustain such attack maneuvers. Timely or random […]
The post 42% of Organizations Experienced Burst Attacks; The Rest Were Unaware They Were Attacked appeared first on Radware Blog.
The post 42% of Organizations Experienced Burst Attacks; The Rest Were Unaware They Were Attacked appeared first on Security Boulevard.
A new Security for Business Innovation Council (SBIC) report explores both the incremental and transformational skills required for current and future CISO success. Learn which fundamental technology and security capabilities matter most and which unexpected skills CISOs will need to acquire to drive business success.
The post What?s It Take To Be Tomorrow?s CISO? appeared first on Security Boulevard.
At its simplest level, cloud computing means using someone else’s computer. This gives you rapid access to computing power, storage, and network services that can help you scale your operation up or down, depending on your requirements. Cloud is a technology buzzword with many meanings. Dropbox is cloud. Microsoft Office 365 is cloud. Salesforce is…
The post Cloud Computing Basics appeared first on CCSI.
The post Cloud Computing Basics appeared first on Security Boulevard.
At the start of the year, Thales released the findings of its latest annual global Data Threat Report which found...
The post Establishing trust in mobile payments appeared first on Data Security Blog | Thales e-Security.
The post Establishing trust in mobile payments appeared first on Security Boulevard.
The following article, authored by Giovanni Verhaeghe, Director Market and Product Strategy, VASCO, first appeared 2/4/2018 in the Financial IT.net blog. Mobile banking apps and the devices they run on are increasingly at risk for compromise by cybercriminals. New, sophisticated methods of attack have rendered the classic username-password scheme outright obsolete. Even the more secure but still basic two-factor authentication seems insufficient, as hackers have found ways to dupe users... Read more
The post Behavioral Biometrics – A Discreet Layer of Security for Mobile Apps appeared first on VASCO Data Security - Blog.
The post Behavioral Biometrics – A Discreet Layer of Security for Mobile Apps appeared first on Security Boulevard.
It’s hard to believe but the conversation around how security fits in DevOps has been going on for years. It was in 2012 when Gartner analyst Neil MacDonald wrote his blog DevOps Needs to Become DevOpsSec. In this blog MacDonald wrote “DevOps seeks to bridge the development and operations divide through the establishment of a culture of trust and shared interest among individuals in these previously siloed organizations. However, this vision is incomplete without the incorporation of information security, which represents yet another silo in IT.”
The post The Five Attributes Needed to Succeed at DevSecOps appeared first on Security Boulevard.
While working on our research for testing security practices, and also about BAS tools, I’ve noticed that a common question about adding more testing is “why not putting some real effort in doing the basics instead of yet another security test?”. After all, there is no point in looking for holes when you don’t even have a functional vulnerability management program, right?
But the problem is not about not doing the basics. It is about making sure the basics are in place! Doing the basics is ok, but making sure your basics are working is not trivial.
Think about the top 5 of the famous “20 Critical Security controls“:
How do you know your processes to maintain devices and software inventories are working? What about the hardening, vulnerability management and privileged access management processes? How confident are you that they are working properly?
If you think about the volume and frequency of changes in the technology environment of a big organization, it’s easy to see how the basic security controls can fail. Of course, good processes are built with the verification and validation steps to catch exceptions and mistakes, but they still happen. This is a base rate problem: with the complexity and high number of changes in the environment, even the best process out there will leave a few things behind. And when it is about security…the “thing left behind” may be a badly maintained CMS exposed to the Internet, a CVSS 10 vulnerability, unpatched, a credential with excessive privileges and a weak (maybe even DEFAULT!) password.
I’ve seen many pentests where the full compromise was performed by the exploitation of those small mistakes and misconfigurations. The security team gets a report with a list of things to address that were really exceptions of processes that are doing a good job (again, you may argue that they are not doing a good job, but this is the point where I stop saying there’s no such thing as a perfect control). So they clean those things, double check the controls and think “this definitely will never happen again!”, just to be see the next test, one year after, also succeeding by exploiting a similar, but different combination of unnoticed issues.
And that’s one of the main value drivers for BAS. Choosing to deploy a tool like that is to recognize that even the good controls and processes will eventually fail, and put something that will continuously try to find those issues left behind. By doing that in an automated manner you can ensure to cover the entire* environment consistently and very frequently, reducing the time those issues will be exposed to real attackers. Is it another layer of control? Yes, it is. But an automated layer to keep the overhead to a minimum. If your basics are indeed working well the findings should also not be overwhelming to the point of becoming a distraction.
* – You may catch the funny gap in this rationale…you may also end up failing because the BAS tool is not checking the entire environment, due to an issue with inventory management. Or the tests are not working as intended because they are being blocked by a firewall that should have an exception rule for the tool; yes, this using BAS is also a control, so it may fail too!
The post It’s Not (Only) That The Basics Are Hard… appeared first on Augusto Barros.
from Augusto Barros http://ift.tt/2F82kSk
via IFTTT
The post From my Gartner Blog – It’s Not (Only) That The Basics Are Hard… appeared first on Security Boulevard.
In October 2017, KrebsOnSecurity warned that ne'er-do-wells could take advantage of a relatively new service offered by the U.S. Postal Service that provides scanned images of all incoming mail before it is slated to arrive at its destination address. We advised that stalkers or scammers could abuse this service by signing up as anyone in the household, because the USPS wasn't at that point set up to use its own unique communication system -- the U.S. mail -- to alert residents when someone had signed up to receive these scanned images.
The USPS recently told this publication that beginning Feb. 16 it started alerting all households by mail whenever anyone signs up to receive these scanned notifications of mail delivered to that address. The notification program, dubbed "Informed Delivery," includes a scan of the front and back of each envelope or package destined for a specific address.
The post USPS Finally Starts Notifying You by Mail If Someone is Scanning Your Snail Mail Online appeared first on Security Boulevard.
The post BSides Leeds, Mark Carney’s ‘Pentesting Hardware And IoT’ appeared first on Security Boulevard.
Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research website vulnerabilities and who are eager to share with you some tips on how to clean your hacked website.
We are happy to help the community learn the steps they can follow to get rid of a website hack.
You can find all our guides to website security in a section of our website dedicated to providing concise and comprehensive tips on different areas of website security.
Continue reading New Guide on How to Clean a Hacked Website at Sucuri Blog.
The post New Guide on How to Clean a Hacked Website appeared first on Security Boulevard.
The speed and scope of software development today is creating new challenges in ensuring the security of software. But they also create the opportunity to finally get application security right. Both the challenge and the opportunity stem, in part, from the fact that security is “shifting left.” The responsibility for ensuring the stability and security of software through production and customer usage is moving earlier in the cycle to include developers. This shift means security can get baked into code earlier, greatly increasing the chance of producing secure code without costly late-stage fixes.
But it also means a higher level of developer involvement in security, and often some work by the security team to get developers on board with the initiative. To ensure the success of your application security initiative, it’s essential to work closely with your developers so they understand the guidelines, strategies, policies, procedures and security risks involved with application security. What’s more, they must be prepared and equipped to operate securely within their particular development processes. Ryan O’Boyle, product security architect at CA Veracode, recently recorded a quick “chalkboard” video where he outlines our top 5 ways to get developer application security buy-in. Listen to Ryan as he walks you through:
Way No. 1: Timing: Bring in developers early in the planning process.
Way No. 2: Understanding: Learn about developers’ priorities and processes.
Way No. 3: Training: Most developers have no training on secure coding practices.
Way No. 4: Integrating: Work to integrate application security into existing developer tools and processes.
Way No. 5: Automating: Build tests into the pipeline through automation.
Watch Ryan’s short video get all the details on these five tactics, and set yourself up for AppSec success.
The post Top 5 Ways to Get Developer Application Security Buy-In [VIDEO] appeared first on Security Boulevard.
Just recently The Florida Center for Cybersecurity released their 2017 report, The State of Cybersecurity in Florida.
So what IS The Florida Center for Cybersecurity? It's a statewide agency located at USF in Tampa that works with all State University System of Florida institutions, industry, the military, government, and the community to build Florida's cybersecurity workforce.
The report is the first they've done. It looks at the cyber threat environment, workforce supply and demand, education and training opportunities, and research initiatives within the State of Florida.
In particular, here are some of its findings (and my comments):
In regards to the talent shortage:
Even reading further in the report, its not clear the authors know what the average is that people should be paid.
Next, there is an overview of the threats facing Florida businesses:
A look at the steps organizations are taking to mitigate these threats:
80% of organizations surveyed require all personnel to complete security training
87% of organizations surveyed technologically enforce strong passwords
More than 85% of organizations surveyed have disaster recovery and business continuity plans (though only 32% regularly test those plans)
Sadly, this doesn't surprise me. Employee security training is just security awareness training. But how good or effect is it? Again, how good are those BC/DR plans? Since only a third test them, who knows? Scary when you consider we have to worry about hurricanes, and we had Irma last year go thru the whole state.
I hope this will be an annual report. I would like to see a larger group providing information, tho it seems this one was pretty diverse in terms of location and industry.
Check it our yourself.
The post Report: The State of Cybersecurity in Florida appeared first on Security Boulevard.
 |
|
| A roundup of notable news stories from February 19–25, including drive-by download attacks on Chinese websites, Deepfakes programs being paired with cryptominers, and a review of GDPR guidelines.
Categories: Tags: avzhanddosdeepfakesfraudgdprimpersonationKrebsOnSecurityrecapsecuityweekly blog roundup |
The post A week in security (February 19 – February 25) appeared first on Malwarebytes Labs.
The post A week in security (February 19 – February 25) appeared first on Security Boulevard.
Azure is Microsofts cloud computing environment. It offers customers three primary service delivery models including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). Adopting cloud technologies requires a shared responsibility model for security, with Microsoft responsible for certain controls and the customer others, depending on the service
The post Best practices for securely moving workloads to Microsoft Azure appeared first on Security Boulevard.
An organization’s database servers are frequently the prime target of attackers. We recently started a new research project to learn more about database hacking, primarily to understand common database attacks, tools and techniques engaged by attackers. To conduct this research, we set up a honeypot net for popular SQL/NoSQL databases and then monitored access to […]
The post A Deep Dive into Database Attacks [Part II]: Delivery and Execution of Malicious Executables through SQL commands (SQL Server) appeared first on Security Boulevard.
Auto makers have long struggled with the recall issue. A significant portion of recalls are associated now with software updates to our rolling computers, aka cars. These increasingly complex systems of course require the same patches and updates any computing system needs. But in the case of cars, how do auto makers and dealers ensure … Continue reading "TPM Enables Secure Over-the-air Software Updates for Vehicles: It’s Here"
The post TPM Enables Secure Over-the-air Software Updates for Vehicles: It’s Here appeared first on Trusted Computing Group.
The post TPM Enables Secure Over-the-air Software Updates for Vehicles: It’s Here appeared first on Security Boulevard.
This article is part 1 of 3 in the “Insider Enterprise Threats” series, outlining effective policies and practices for combating insider cyber security threats to the modern enterprise. Insider cyber security threats are much more prevalent than most of us realize. IBM estimates that 60% of all cyberattacks are perpetrated by those with insider access; […]… Read More
The post Insider Enterprise Threats: User Activity Monitoring appeared first on The State of Security.
The post Insider Enterprise Threats: User Activity Monitoring appeared first on Security Boulevard.
The Council of Economic Advisers recently released a report that examines the cost of malicious cyber activity to the U.S. economy. The report cites many of the usual findings from the Verizon DBIR and Ponemon reports. Nothing new to those of us who live and breathe cybersecurity. However, the report caught my eye because it […]… Read More
The post New Report Offers Better Cybersecurity Definitions appeared first on The State of Security.
The post New Report Offers Better Cybersecurity Definitions appeared first on Security Boulevard.
In this blog post, we'll have a quick look at fake versions of Steam Desktop Authenticator (SDA), which is a "desktop implementation of Steam's mobile authenticator app".
Lava from SteamRep brought me to the attention of a fake version of SDA floating around, which may be attempting to steal your Steam credentials.
Indeed, there are some fake versions - we'll discuss two of them briefly.
Fake version #1
The first fake version can be found on steamdesktopauthenticator[.]com. Note that the site is live.
 |
| Figure 1 - Fake SDA website |
When downloading the ZIP file from the website, and unzipping it, we notice the exact same structure as you would when fetching the legitimate package - with one difference: the main executable has been modified.
File details:
Name: Steam Desktop Authenticator.exe
MD5 hash: 872abdc5cf5063098c87d30a8fcd8414
File size: 1,4446 KB
Version: v1.0.9.1
Note that the current and real SDA version is 1.0.8.1, and its original file size is 1,444 KB - 2 bytes of difference can mean a lot. Figures 2 and 3 below show the differences.
 |
| Figure 2 - Sending credentials to steamdesktopauthenticator[.]com |
 |
| Figure 3 - Sending credentials to steamdesktop[.]com |
Indeed, it appears it also attempts to upload to another website - while digging a bit further, we can also observe an email address associated with the domains: mark.korolev.1990@bk[.]ru
While I was unable to immediately find a malicious fork with any of these domains, Mark has likely forked the original repository, made the changes - then deleted the fork. Another possibility is that the source was downloaded, and simply modified. However, it is more than likely the former option.
Fake version #2
This fake version was discovered while attempting to locate Mark's fork from the fake version above - here, we have indeed a malicious fork from GitHub, where trades/market actions appear to be intercepted, as shown in Figure 4 below.
 |
| Figure 4 - Malicious SDA fork (click to enhance) |
Currently, when trying to access the malicious site lightalex[.]ru with a bogus token, a simple "OK" is returned - it is currently unknown whether market modifications would be successful.
Interestingly enough, when digging deeper on this particular domain, which is currently hosted on 91.227.16[.]31, it had hosted other SteamStealer malware before, for example cs-strike[.]ru and csgo-knives[.]net.
The malicious fork has been reported to GitHub.
Disinfection
Neither fake SDA versions reported here appear to implement any persistence, in other words; remove the fake version by deleting it, and perform a scan with your current antivirus and a scan with another, online antivirus, or with Malwarebytes for example.
Now, change your password for Steam, and enable Steam Guard if you have not yet done so.
Prevention
Prevention advise is the usual, extended advise is provided in a previous blog post here.
You may also want to take a look at SteamRep's Safe Trading Practices here.
Conclusion
SteamStealer malware is alive and well, as seen from my January blog post. This is again another form of attempting to scam users, and variations will continue to emerge.
Always download any software from the original source - this means the vendor's website, or in this case, the official SDA repository on GitHub:
https://github.com/Jessecar96/SteamDesktopAuthenticator
Follow the prevention tips above or here to stay safe.
Indicators
The post Fake Steam Desktop Authenticator steals account details appeared first on Security Boulevard.
via Cagle.com comes this thought-provoking editorial cartoon entitled 'Russian Troll'by the eponymous Steve Sack.
The post Steve Sack’s ‘Russian Troll’ appeared first on Security Boulevard.
The post BSides Leeds 2018, Phill Kimpton’s ‘Soldier To Cyber’ appeared first on Security Boulevard.
Where does all of that data gathered by car manfacturers while we drive? Perhaps Jonathan M. Gitlin, reporting for everyone's beloved Ars Technica can fulfill that data request in a speedy manner! Shouldn't the driver/owner of the vehicle make that decision? Enjoy.
The post What, Me Worry? Car Data, Where Does It Go… appeared first on Security Boulevard.
When looking to acquire Microsoft’s® Active Directory® product, most IT administrators will initially smile. The cost: “free”. Active Directory and domain control services at large are features that may be...
The post Budgeting for Active Directory®: Identity Federation appeared first on JumpCloud.
The post Budgeting for Active Directory®: Identity Federation appeared first on Security Boulevard.
Not only Russia, I would say… Anatomy of a Russian Information Warfare Campaign
The post Anatomy of a Russian Information Warfare Campaign appeared first on Security Boulevard.
Via Cagle Comes This Superb Jeff Koterba Penned Editorial Cartoon Entitled 'The Torch of Truth'
The post Jeff Koterba’s ‘The Torch of Truth’ appeared first on Security Boulevard.
The post Long Now Foundation’s ‘Clock of the Long Now – Installation Begins’ appeared first on Security Boulevard.
News, of the release of OpenSnitch - the GNU/ Linux port of Object Development's much beloved LittleSnitch - a native macOS Application Firewall. As of the date of this post, OpenSnitch is in an Alpha release state, with the caveat: 'Warning: This is still alpha quality software, don't rely on it (yet) for your computer security.' Additional information is available via the OpenSnitch GitHub Readme. H/T
The post OpenSnitch, The GNU/Linux Port of Application Firewall Little Snitch appeared first on Security Boulevard.
Group Policy for Macs would be a dream come true for IT admins. Group Policy Objects (GPOs) have been a foundational component of system management in Active Directory®. But GPOs...
The post Group Policy for Macs appeared first on JumpCloud.
The post Group Policy for Macs appeared first on Security Boulevard.
This is the story of the Hawaiian bobtail squid and Vibrio fischeri.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Read my blog posting guidelines here.
An update for the popular Npm package manager used by many developers for JavaScript-based projects crashed Linux systems after changing the permissions for critical directories. Linux users who installed npm 5.7.0 released Feb. 21 quickly took to Twitter and GitHub to report that the update broke their filesystems by changing the permissions on critical system..
The post Npm Update Crashes Linux Systems appeared first on Security Boulevard.
This is the story of the Hawaiian bobtail squid and Vibrio fischeri. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here....
The post Friday Squid Blogging: The Symbiotic Relationship Between the Bobtail Squid and a Particular Microbe appeared first on Security Boulevard.
Google has been making a significant push into the modern enterprise. Google isn’t content to be just a search engine provider. Now they also want to be the cloud infrastructure...
The post Google IdP Replacement appeared first on JumpCloud.
The post Google IdP Replacement appeared first on Security Boulevard.
VMware 3; Cisco 0 <== More on this later. Another brilliant move by VMware as it shifts away from competing cloud to cloud with the likes of AWS and Azure and focuses on areas where it has strategic advantage. Well done! Read the VMware blog post: VMware Announces Intent to Acquire Technology and Team from […]
The post VMware Intends to Buy CloudVelox appeared first on Security Boulevard.
It is great to see secure enclaves now listed in the AWS Marketplace. It’s a big step forward for cloud security and early participants are large enterprises creating highly secure cloud environments. This is important because it allows organizations to render the AWS boundary invisible (all within the excellent AWS shared security model) and only […]
The post Secure Enclaves now on AWS Marketplace appeared first on Security Boulevard.
MELTDOWN/SPECTRE – RELATED RESOURCES [23rd February 2018] The Register: Intel didn’t tell CERTS, govs, about Meltdown and Spectre because they couldn’t help fix it – Letters to Congress detail the plan to keep CPU flaws secret [22nd February 2018] Help Net Security: Intel releases Spectre 2 microcode updates for Kaby Lake, Coffee Lake, Skylake CRYPTOCURRENCY/CRYPTO-MINING NEWS AND […]
The post AVIEN resource page updates 23rd February 2018 appeared first on Security Boulevard.
Moving to SHA256 has become an increasingly common topic ever since SHA-1 went through the bad news cycle of being vulnerable faster than brute-force. Even in cases where not relevant, such as authentication mechanisms (SCRAM), it feels like only a short time from now regulators will push a SHA-2 family as minimum requirement. For most […]
The post SHA-1 versus SHA-2 performance tests appeared first on Security Boulevard.
The post NDC Security 2018, Erlend Oftedal’s ‘Beyond the OWASP Top 10 – Modern Web Application Bugs’ appeared first on Security Boulevard.
 |
|
| The Avzhan DDoS bot is back in the wild again, this time being dropped by a Chinese drive-by attack. In this post, we'll take a deep dive into its functionality and compare the sample we captured with the one described in the past.
Categories: Tags: avzhanBotbotnetddosdrive-by attackexploit kitmalware |
The post Avzhan DDoS bot dropped by Chinese drive-by attack appeared first on Malwarebytes Labs.
The post Avzhan DDoS bot dropped by Chinese drive-by attack appeared first on Security Boulevard.
I joined a letter supporting the Secure Elections Act (S. 2261):
The Secure Elections Act strikes a careful balance between state and federal action to secure American voting systems. The measure authorizes appropriation of grants to the states to take important and time-sensitive actions, including:
- Replacing insecure paperless voting systems with new equipment that will process a paper ballot;
- Implementing post-election audits of paper ballots or records to verify electronic tallies;
- Conducting "cyber hygiene" scans and "risk and vulnerability" assessments and supporting state efforts to remediate identified vulnerabilities.
The legislation would also create needed transparency and accountability in elections systems by establishing clear protocols for state and federal officials to communicate regarding security breaches and emerging threats.
We all see a lot of chatter on Artificial Intelligence and the impact on Cyber Defense and anomaly detection. I am not clear yet how far it really takes us. I have great hopes but I do not think that it is the silver bullet. However, there are interesting success to look into like that…
The post Leverage Artificial Intelligence for Cyber Defense appeared first on Security Boulevard.
The Cyber News Rundown brings you the latest happenings in cybersecurity news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst and a guy with a passion for all things...read more
The post Cyber News Rundown: Linux OS Hacked onto Nintendo Switch appeared first on Webroot Threat Blog.
The post Cyber News Rundown: Linux OS Hacked onto Nintendo Switch appeared first on Security Boulevard.
We are less than nine months away from the 2018 national midterm elections and states and local municipalities are still scrambling to understand the threat to their infrastructure and to have in place the most secure voting methodologies. What is known is that the U.S. intelligence apparatus has warned congress that Russian meddling in our..
The post Voting Machines in ‘Murica appeared first on Security Boulevard.
Security breaches are increasingly affecting organizations across various domains as they heavily rely on technologies to reduce the operational costs and improve the work efficiency. The United States is the world leader in data breach incidents. According to a report shared by the Identity Theft Resource Center in 2017, the security breach incidents in the […]… Read More
The post What Is RFID Skimming? appeared first on The State of Security.
The post What Is RFID Skimming? appeared first on Security Boulevard.
A large part of the draw of JumpCloud Directory-as-a-Service® is its wide-ranging functionality, from system/user management to SSO, networking, and our integrations with a variety of platforms. With all of...
The post JumpCloud Tutorial Videos: Using Directory-as-a-Service appeared first on JumpCloud.
The post JumpCloud Tutorial Videos: Using Directory-as-a-Service appeared first on Security Boulevard.
I recently posted the below on the SANS Internet Storm Center.
The Center for Internet Security (CIS) has been working diligently to update the CIS Controls (formerly known as the Critical Security Controls). A compelling feature of the CIS Controls is their regular updates that reflect the current cyber threats that face organizations, both small and large. The CIS Controls are the product of a truly global collaboration effort. “The CIS Controls have always been the product of a global community of adopters, vendors, and supporters, and V7 will be no exception,” said Tony Sager, CIS Senior Vice President and Chief Evangelist for the CIS Controls.
CIS is providing an opportunity to participate in the CIS Controls Version 7 release event that takes place March 19 in Washington, D.C., with options to either attend in-person or remotely via live stream. If you have not yet applied the CIS Controls in your environment, the release event can serve as the catalyst you need to consider them as an integral part of your cyber roadmap!
Russell Eubanks
ISC Handler
SANS Instructor
@russelleubanks
The post SecurityEverAfter 2018-02-22 19:41:00 appeared first on Security Boulevard.
Multiple Chase.com customers have reported logging in to their bank accounts, only to be presented with another customer's bank account details. Chase has acknowledged the incident, saying it was caused by a two an internal "glitch" Wednesday evening that did not involve any kind of hacking attempt or cyber attack.
The post Chase ‘Glitch’ Exposed Customer Accounts appeared first on Security Boulevard.
The post Webinar Q&A: Delta Risk Experts Share Tips for Improving Incident Response Plans appeared first on Delta Risk.
The post Webinar Q&A: Delta Risk Experts Share Tips for Improving Incident Response Plans appeared first on Security Boulevard.
The post XKCD, Self-Driving Issues appeared first on Security Boulevard.
With Microsoft® pushing hard on their new cloud identity management solution Azure® Active Directory®, many IT organizations are in the process of comparing AD and Azure AD. Is Azure AD...
The post Comparing AD and Azure®AD appeared first on JumpCloud.
The post Comparing AD and Azure®AD appeared first on Security Boulevard.
People harassing women by delivering anonymous packages purchased from Amazon.
On the one hand, there is nothing new here. This could have happened decades ago, pre-Internet. But the Internet makes this easier, and the article points out that using prepaid gift cards makes this anonymous. I am curious how much these differences make a difference in kind, and what can be done about it.
 |
|
| This custom made drive-by download attack targets some Chinese websites and their visitors while experimenting with exploits.
Categories: Tags: Chinesecoinhivedrive-byEKexploit kitexploitsFlash PlayerInternet Explorersvchost.exe |
The post Drive-by download campaign targets Chinese websites, experiments with exploits appeared first on Malwarebytes Labs.
The post Drive-by download campaign targets Chinese websites, experiments with exploits appeared first on Security Boulevard.
HIMSS, the health IT conference, is coming up on March 5-9 in Las Vegas, and several of our team members will be in attendance. While we’d love to chat with you, two PhishLabbers will be presenting on why the healthcare industry is such a unique target to cyber criminals.
Chris Bowen, our Senior Security Engineer, will be discussing the topic during a fireside chat hosted by Ryan Clemency, one of our account executives.
The post HIMSS: Why the Healthcare Industry is a Unique Target for Cyber Criminals appeared first on Security Boulevard.
It's that time of year again. Kaspersky's Nadezhda Demidova contributes an exhaustive article on tax scams to the SecureList blog.
The post SecureList article on tax scams appeared first on Security Boulevard.
Last week I met with a very large enterprise in finance that has adopted provisioning on demand. They spin up applications on demand, having virtualized most of their infrastructure and have developed tools to automate the provisioning of applications and servers for customers and internal application developers through self-service applications. Rather than build-out and manage […]
The post Load Balancers and Elastic Licensing appeared first on Radware Blog.
The post Load Balancers and Elastic Licensing appeared first on Security Boulevard.
via Bleeping Computer's Security News Editor Catalin Cimpanu, comes the tale of the Five Eyes accusing the Russian Federation of enabling the NonPetya Attack.
The post Eyes of Five Target Russia appeared first on Security Boulevard.
Avast reports on Fake Facebook profiles luring victims into downloading APT.
The post Avast: Android APT delivered via Facebook appeared first on Security Boulevard.
Avast reports on Fake Facebook profiles luring victims into downloading APT.
The post Avast: Android APT delivered via Facebook appeared first on Security Boulevard.
Attackers and their malware are increasingly relying on a handful of common tools such as Mimikatz, PsExec, and WMI to spread through a network and do damage. Some of these tools are very common and hard to blacklist in a network, and likewise make use of protocols such as NTLM and RPC, which are also historically difficult to control inside of most enterprises. Preempt has delivered industry-first functionality that allows organizations to directly analyze these protocols, detect and challenge abnormal behavior. This allows organizations to control some of the most persistent areas of risk in the network while simultaneously robbing attackers of their favorite tools. You can see it in action in the following video.
The post How to Get Control of Your Risk and Paralyze Malware in the Process appeared first on Security Boulevard.
Security breaches are, quite unfortunately, a common presence in corporate environments. Even companies making effective use of the most recent security solutions such as next generation firewalls,...
Go on to the site to read the full article
The post 5 Ways Hackers Can Breach Your Company Undetected appeared first on Security Boulevard.
Whoever hacked the LA Times' interactive county murder map probably hoped to make a killing mining cryptocurrency - but swift action from a security researcher has put paid to their plans.
The post LA Times homicide website throttles cryptojacking attack appeared first on The State of Security.
The post LA Times homicide website throttles cryptojacking attack appeared first on Security Boulevard.
TOMÁŠ FOLTÝN for ESET: Apple defuses ‘text bomb’ bug
The post Text bomb, text bomb you’re my text bomb… appeared first on Security Boulevard.
via the eponymous Daniel Stori at turnoff.us
The post Daniel Stori’s ‘Python Robots’ appeared first on Security Boulevard.
IT networks are changing dramatically right before our eyes. Perhaps nowhere is that change more visible than in the data center. The migration of infrastructure from on-premises to the cloud...
The post Cloud Directory Feature AWS Server User Management appeared first on JumpCloud.
The post Cloud Directory Feature AWS Server User Management appeared first on Security Boulevard.
In the coming months, the
General Data Protection Regulation (
GDPR
) will officially be enforced on May 25th, 2018, with heavy fines for some organizations—including those in the United States—who are not compliant with these regulations in time. For organizations in the the U.S., these soon-to-be-introduced guidelines will require an individual’s consent before processing any personal data. It also restricts how long companies can store this personal data and requires this data to be erased within 72 hours when necessary.
The post General Data Protection Regulation (GDPR) Definitions to Know appeared first on Security Boulevard.
My car performed an over the air (OTA) update of the infotainment system last week. It was really cool! It was performed when I got home and parked the car. I didn’t have to waste time, sitting in traffic, going to the car dealer. There was nothing to plug in or wirelessly connect to. It … Continue reading "Automobiles using Hardware Root of Trust to Securely Provide Software updates Over The Air"
The post Automobiles using Hardware Root of Trust to Securely Provide Software updates Over The Air appeared first on Trusted Computing Group.
The post Automobiles using Hardware Root of Trust to Securely Provide Software updates Over The Air appeared first on Security Boulevard.
