ERE Information Security Auditors
http://www.ere-security.com/rss.xml
ERE Information Security Auditors RSS Description
en-us
Copyrights © 2007-2008. All rights reserved.
2014-08-18T18:28:59+01:00
ERE RSS Admin
ERE Information Security Auditors RSS
-
August 18, 2014
http://www.baytoday.ca/content/news/national/details.asp?c=65406
Cyber attacks an ongoing threat to business
More than one-third of Canada's IT professionals know — for sure — that they'd had a significant data breach over the previous 12 months that could put their clients or their organizations at risk, a cybersecurity study suggests.
And as startling as that statistic may be, the actual number of breaches could be higher since the same international study found 56 per cent of the 236 Canadian respondents said they believed threats sometimes fall through the cracks.
"Even the best-protected networks have regular security incidents," says Jeff Debrosse, director of security research for Websense, a U.S.-based security company that commissioned the study.
"It's a 24-7 onslaught. It's a barrage of attacks and attempts to penetrate the defences."
Debrosse says it's a real challenge for organizations to understand their vulnerabilities, let alone prevent breaches. Technology is improving, he adds, but it's more important to share information about attacks within and among organizations.
"It's not just about the vendors, it's about creating this ecosystem of threat intelligence. And that's a very important area of focus today," Debrosse says.
A Statistics Canada report in June said that six per cent of the 17,000 private Canadian enterprises it surveyed had experienced an Internet security breach in 2013. About one-quarter of those reporting a breach — representing roughly 260 companies — said client or proprietary information had been corrupted, stolen or accessed without authorization.
-
July 29, 2014
http://www.infoworld.com/d/mobile-technology/blackberry-adds-more-security-the-sensitive-enterprise-247272
BlackBerry adds more security for the sensitive enterprise
BlackBerry says it can offer levels of security that can not be replicated on Apple, Android or other mobile devices
Now that BlackBerry has fallen significantly behind Apple and Google in the race to offer features and third-party apps for its smartphones, the company is concentrating on providing devices that, it claims, have the strongest available security -- its "killer feature" for enterprises that have exceptional security needs.
At a company-sponsored symposium in New York today, BlackBerry executives made the case that the company's devices and services could offer levels of security for enterprises mobile devices that can not be replicated on Apple, Android, or other mobile devices.
-
July 29, 2014
http://www.infosecurity-magazine.com/view/39526/comment-crew-chinese-hackers-blamed-for-stealing-israeli-missile-secrets/
Comment Crew Chinese Hackers Blamed for Stealing Israeli Missile Secrets
Iron Dome missile defense system, says CyberESI.
Infamous Chinese hacking group the Comment Crew has been pegged for another high profile data grabbing operation, this time targeted at Israeli defense firms which built the country’s highly effective Iron Dome missile shield.
The group, which was outed as PLA Unit 61398 by Mandiant last year and blamed for attacks on US defense firms a few months back, exfiltrated large amounts of data from three top tech companies, according to US threat intelligence firm, Cyber Engineering Services Inc. (CyberESI).
They stole IP related to Arrow III missiles, ballistic rockets, drones and other tech from the firms in question - Elisra Group, Israel Aerospace Industries (IAI), and Rafael Advanced Defense Systems.
-
July 29, 2014
http://www.infoworld.com/d/security/how-protect-personal-corporate-information-when-you-travel-247198
How to protect personal, corporate information when you travel
Today's hotels are unfortunately vulnerable to types of attempted fraud. Here's how to keep data safe
Before flying from Rome to Philadelphia earlier this summer, I stopped in the hotel lobby to print my boarding pass. The hotel had one computer dedicated solely to this task. It was the only public computer available to guests. I could access only airline websites and input my name and confirmation number for the ticket. That was it.
I thought this was the hotel's way of trying to squeeze a few more Euros out of me -- but this setup may also stop fraud. It prevents someone from stealing whatever other information I could have typed into the computer, such as an email login and password.
-
July 28, 2014
http://www.darkreading.com/application-security/dhs-funded-swamp-helps-scour-code-for-bugs/d/d-id/1297619?
DHS-Funded 'SWAMP' Helps Scour Code For Bugs
A US Department of Homeland Security-funded online portal that provides government agencies, enterprises, higher education, and independent developers a free platform for testing their code for security holes and vulnerabilities has quietly begun attracting commercial application security providers.
The so-called SWAMP (Software Assurance Marketplace) portal, which was developed under a $23.5 million DHS Science & Technology Directorate project aimed at helping developers more easily test their code for bugs that could be exploited by black-hat hackers, currently offers for free five open-source software assurance testing tools, as well as a cloud-based platform for running the software security scans and tests and aggregating the results. The static analysis testing tools are used to scour source code for bugs.
-
July 28, 2014
http://www.darkreading.com/analytics/security-monitoring/myth-busting-machine-learning-in-security/d/d-id/1297589?
Myth-Busting Machine Learning In Security
Black Hat USA presentation to help quell misconceptions and confusion over machine learning methods in today's security tools.
As increasingly more security tools are touted today as being backed by big data, anomaly detection, behavioral analysis, and algorithmic technology, security practitioners should be wary. According to a talk slated for Black Hat USA next week, the interest has grown among security rank and file to employ machine learning to improve how they solve tough security problems.
But it's mostly the marketing arms of vendors that have caught up to this interest -- not the actual technology.
-
July 28, 2014
https://isc.sans.edu/forums/diary/Management+and+Control+of+Mobile+Device+Security/18449
Management and Control of Mobile Device Security
When we talk about mobile devices, all boundaries are gone. Depending where you work, it is likely that your mobile device (phone or tablet) has access to all the corporate data via wireless, in some case with very little restrictions.
Two points to take in consideration:
- Defining access control: Create one access policy that is applied and control all networks (wireless, VPN, wired)
- Use Mobile Device Management (MDM): Provide the ability to separate data from personal and company-owned assets with approved security controls for any devices whether they are company owned or personal.
These changes should provide greater network visibility allowing your organization to discover devices, measure bandwidth utilization, enforce policies, analyze traffic patterns to monitor for anomalous activity that can drain resources.
-
July 23, 2014
http://www.darkreading.com/attacks-breaches/ram-scraper-malware-why-pci-dss-cant-fix-retail/a/d-id/1297501?
RAM Scraper Malware: Why PCI DSS Can't Fix Retail
There is a gaping hole in the pre-eminent industry security standard aimed at protecting customers, credit card and personal data
Target, Neiman Marcus, Michael’s, and possibly P.F. Chang’s all have one thing in common: They are recent victims of a type of malware called a RAM scraper that infects point of sale (POS) terminals. These data breaches occurred despite some, if not all, of these merchants complying with industry security standards.
In Target’s case, government analysts estimate the total financial impact could reach as high as $12.2 billion. And the fallout continues. Target’s CEO Gregg Steinhafel set a new precedent, marking the first time that the head of a major corporation resigned due to a data breach. Merchants clearly must go beyond merely complying with industry security standards to reduce their risk, especially in relation to POS terminal malware.
-
July 21, 2014
http://www.informationweek.com/mobile/mobile-applications/hidden-ios-services-bypass-security/d/d-id/1297452
Hidden iOS Services Bypass Security
Apple's iPhone and iPad run undisclosed services that allow security features to be bypassed, according to a prominent computer security researcher.
In a presentation at the HOPE/X hacking conference in New York on Friday, forensic researcher Jonathan Zdziarski described several undocumented iOS services that can function backdoors, allowing ostensibly encrypted data to be accessed and subverting user privacy.
-
July 21, 2014
http://www.infoworld.com/d/security/stealthy-critroni-ransomware-uses-tor-could-replace-cryptolocker-246652
Stealthy 'Critroni' ransomware uses Tor, could replace Cryptolocker
Cyber criminals are spreading a new file-encrypting ransomware program that's more powerful and resilient than Cryptolocker, a threat recently shut down by the U.S. Department of Justice.
The new ransomware threat is called CTB-Locker (Curve-Tor-Bitcoin Locker), but Microsoft anti-malware products detect it as Critroni.A. Its creator has been advertising the program to other cybercriminals on Russian-language forums since the middle of June and it seems that he's been trying to fix most of Cryptolocker's faults.
Critroni uses a file encryption algorithm based on elliptic curve cryptography, which its creator claims is significantly faster than encryption schemes used by other ransomware threats. This also makes decrypting the affected files impossible without paying the ransom, if there are no implementation flaws.
Like Cryptolocker, Critroni generates a public and private key pair for every infected system. The public key is stored on the infected computer and given to the victim, who is then asked to pay a ransom in Bitcoin in order to recover the files.
-
July 21, 2014
http://www.scmagazine.com/siemens-industrial-products-impacted-by-four-openssl-vulnerabilities/article/361997/
Siemens industrial products impacted by four OpenSSL vulnerabilities
Several Siemens products used for process and network control and monitoring in critical infrastructure sectors are affected by four vulnerabilities in the company's OpenSSL cryptographic software library.
The vulnerabilities – CVE-2014-0224, CVE-2014-0198, CVE-2010-5298, and CVE-2014-3470 – can be exploited remotely, and fairly easily, to hijack a session as part of a man-in-the-middle attack or to crash the web server of the product, according to a Thursday ICS-CERT post.
Siemens has already issued updates for APE versions prior to version 2.0.2 and WinCC OA (PVSS), but has only issued temporary mitigations for CP1543-1, ROX 1, ROX 2, and S7-1500.
The products are typically used in the chemical, critical manufacturing, energy, food and agriculture, and water and wastewater systems sectors, according to the post.
-
July 18, 2014
http://www.darkreading.com/risk/ceo-report-card-low-grades-for-risk-management/a/d-id/1297416?
CEO Report Card: Low Grades for Risk Management
Dark Reading's latest community poll shows a stunning lack of confidence in chief execs' commitment to cyber security.
Former Target chief executive Greg Steinhafel would be in good company today if the Dark Reading community had a say in his job performance on cyber security risk management.
Steinhafel, as I'm sure you recall, famously resigned from the retailers' top job this past May, following a data breach of 40 million hacked credit and debit card accounts compromising the names, phone numbers, email and mailing addresses from as many as 70 million customers.
-
July 17, 2014
http://www.cnet.com/news/chinese-hackers-take-command-of-tesla-model-s/
Chinese hackers take command of Tesla Model S
The first documented successful hack of a Tesla Model S has come from China, Chinese security giant Qihoo 360 Security Technology announced Thursday.
The hackers were attempting to win $10,000 in prize money at a kick-off event during the SyScan +360 security conference, which is co-sponsored by Qihoo. They were able to gain remote control of the car's door locks, headlights, wipers, sunroof, and horn, Qihoo 360 said on its social networking Sina Weibo account. The security firm declined to reveal details at this point about how the hack was accomplished, although one report indicated that the hackers cracked the six-digit code for the Model S' mobile app.
The Sina Weibo post warned Tesla drivers to "be careful" when driving in the rain, to avoid becoming a "drowned rat" in case the sunroof suddenly opens.
-
July 17, 2014
http://www.businessweek.com/articles/2014-07-17/how-russian-hackers-stole-the-nasdaq
How Russian Hackers Stole the Nasdaq
In October 2010, a Federal Bureau of Investigation system monitoring U.S. Internet traffic picked up an alert. The signal was coming from Nasdaq (NDAQ). It looked like malware had snuck into the company’s central servers. There were indications that the intruder was not a kid somewhere, but the intelligence agency of another country. More troubling still: When the U.S. experts got a better look at the malware, they realized it was attack code, designed to cause damage.