Security Now - Security challenges come in many forms


ABTV Application Cloud Endpoint Infrastructure IoT/Embedded Mobile Network Operational Security Management
Sign up for our weekly newsletter! REGISTER NOW

News & Views Tesla Lawsuit Claims Insider Breached Company Security Scott Ferguson Managing Editor, Light Reading, \| 6/22/2018 These are trying times for Tesla. Post a Comment \| READ (2 comments) Latest comment: I dunno. Given Musk's flippancy and penchant for self-promotion, combined with my... Google, Roku, Sonus Rush Out Patches for DNS Vulnerability Larry Loeb Author, \| 6/22/2018 Local networks are familiar and fuzzy to users, and because of that familiarity, most assume that they are secure. But, that might not be true. Post a Comment \| READ () Satori Botnet Targeting D-Link Routers in Latest Attack Scott Ferguson Managing Editor, Light Reading, \| 6/21/2018 Satori, the widespread botnet that has been linked to distributed denial of service (DDoS) attacks as well as cryptomining schemes, has resurfaced and is currently targeting certain D-Link routers in an effort to expand its network, according to a new analysis. Post a Comment \| READ () Containers in the Cloud Are Great, but Are They Secure? Alan Zeichick Principal Analyst, Camden Associates, \| 6/21/2018 Ever since they burst onto the scene, containers have been legitimately hailed as a very efficient means to deploy applications onto servers. Containers, such as those based on the Docker open-source standards, consume fewer resources than virtual machines, and containers are easier to design and faster to instantiate and provision. Post a Comment \| READ (3 comments) Latest comment: @mhh: Indeed. The NSA too.Expect far less probing national-security and intelligence-community... Olympic Destroyer Returns With Attacks in Europe Jeffrey Burt Freelance Editor & Journ, \| 6/20/2018 The hacking group behind the Olympic Destroyer malware that hit the opening of the Winter Olympics in South Korea earlier this year has resurfaced in a campaign that is targeting organizations in Europe connected to efforts to protect against chemical and biological threats. Post a Comment \| READ () Cyber Criminals Using Hidden Tunnels to Attack Banks, Financial Institutions Scott Ferguson Managing Editor, Light Reading, \| 6/20/2018 Cyber criminals are increasingly building a network of hidden tunnels to carry out sophisticated command and control (C&C) attacks against banks and other financial institutions in order to steal a wealth of personal data, according to a new industry study. Post a Comment \| READ (1 Comment) Latest comment: I recently read that a survey found that 50 percent of security professionals are... Betabot Trojan Reborn in New Sophisticated Form Larry Loeb Author, \| 6/20/2018 In malware, everything old becomes new again. An exploit may work for a time and then be mitigated, but that doesn't stop threat actors from later trying it again in a different form. Post a Comment \| READ () Blockchain & Cryptocurrency Becoming Greater Security Concerns Scott Ferguson Managing Editor, Light Reading, \| 6/19/2018 Over the first six months of this year, cybercrimes involving cryptocurrency have overtaken ransomware as the biggest current threat facing enterprise security professionals, whether it's attackers planting malware on devices to mine the virtual currency or any number of cryptojacking schemes. Post a Comment \| READ (1 Comment) Latest comment: "As enterprises develop new ways to use blockchain technologies, Povolny notes that... World Cup Penalty: Phishing Campaign Targets Soccer Fans Scott Ferguson Managing Editor, Light Reading, \| 6/19/2018 Check Point is giving a red card to cybercriminals conducting a phishing campaign against World Cup soccer fans. Post a Comment \| READ (1 Comment) Latest comment: When it comes to hacking and malware attacks, I think Russians are pretty notorious... Is Florida Really Such a Cybersecurity Risk? Joe Stanganelli Principal, Beacon Hill Law, \| 6/18/2018 Poking fun at Florida is a popular journalist pastime, but coverage of a recent cybersecurity-risk report may be neglecting a more reliable and more consequential story in favor of potentially unfair Sunshine State-bashing. Post a Comment \| READ () Decades-Old Vulnerability Allows Spoofing of Encryption Tools Larry Loeb Author, \| 6/18/2018 Marcus Brinkmann, a security researcher, has announced that many of the most widely used email encryption tools have been vulnerable to signature spoofing since they were first used. Post a Comment \| READ (4 comments) Latest comment: @Ariella Social engineering will always be a classic approach. Of course, it will... Over 300K Cybersecurity Jobs Remain Open in the US, Study Finds Scott Ferguson Managing Editor, Light Reading, \| 6/15/2018 Looking for work? There are over 300,000 cybersecurity jobs open within the US, which includes more than 13,000 positions within state and federal agencies, according to an industry study released earlier this month. Post a Comment \| READ (3 comments) Latest comment: Michelle - There are several possible reasons for this. While other countries attract... Load More Articles + All Articles All Video All Slide Shows All Articles discussion board Joe Stanganelli, 6/22/2018 6:18:53 PM Containers in the Cloud Are Great, but Are They Secure? Re: Re: CIA in Amazon's cloud... @mhh: Indeed. The NSA too.Expect far less probing national-security and intelligence-community coverage by WaPo. Post Your Reply Joe Stanganelli, 6/22/2018 6:17:49 PM Containers in the Cloud Are Great, but Are They Secure? Re: But GOOG? > which is why cloud hosting companies use VMs, not containers, to isolate customers' software and data.FWIW, at least as of a few years ago, Google reported that it used containers on customer data and internal data alike on the same se... Post Your Reply Joe Stanganelli, 6/22/2018 6:16:24 PM Tesla Lawsuit Claims Insider Breached Company Security Re: Leading by example? I dunno. Given Musk's flippancy and penchant for self-promotion, combined with my own conversations with people who have worked at/with Tesla, I tend to wonder if this is fundamentally more of a culture issue. Insider threats tend to be nurtured,... Post Your Reply Susan Fourtané , 6/22/2018 4:35:13 PM Tesla Lawsuit Claims Insider Breached Company Security Re: Trust Is any other company ever going to trust Martin Tripp? Post Your Reply Susan Fourtané , 6/22/2018 4:24:26 PM GDPR Is Driving Businesses to Revamp Privacy & Security Policies Re: Re: step 1 Yes, it's true. It would have been useful. And even now, have you noticed that every time you are on a site there is a privacy policy thingy popping up and you have to agree to continue? Post Your Reply mhhfive, 6/21/2018 7:59:14 PM Containers in the Cloud Are Great, but Are They Secure? Re: CIA in Amazon's cloud... If the CIA trusts Amazon... what could go wrong? Post Your Reply Susan Fourtané , 6/20/2018 10:28:28 PM Cyber Criminals Using Hidden Tunnels to Attack Banks, Financial Institutions Re: Meanwhile, security pros ... I recently read that a survey found that 50 percent of security professionals are not very familiar or not at all familiar with Command & Control (C&C) communications techniques, which was pretty alarming. Now this. Alarming may not be a strong... Post Your Reply TaimoorZubair, 6/20/2018 5:43:15 PM World Cup Penalty: Phishing Campaign Targets Soccer Fans Re: Involve hackers and attackers When it comes to hacking and malware attacks, I think Russians are pretty notorious for it. There have been several attacks in the past which have orignated from Russia. Given that a smooth execution of the world cup is in the national interest... Post Your Reply TaimoorZubair, 6/20/2018 5:35:20 PM Blockchain & Cryptocurrency Becoming Greater Security Concerns Re: Block Chain vulnerabilities "As enterprises develop new ways to use blockchain technologies, Povolny notes that the industry should take note of the cybersecurity lessons the cryptocurrency markets have started to learn over the last several months." I think that's a... Post Your Reply Ariella, 6/20/2018 9:58:26 AM Intel Chips' 'Lazy FP' Vulnerability Could Leak Secure Data Re: Re: Intel @batye I agree that by relying on others you risk being let down. I know that often happens from my own experience! However, you can't really build a major business without partnering with others. The best thing to do is remember the... Post Your Reply batye, 6/20/2018 9:55:34 AM Intel Chips' 'Lazy FP' Vulnerability Could Leak Secure Data Re: Re: Intel @Ariella could not agree more - like everything else in life you get back what you put out ... in my case I only rely on myself :) it better this way... Post Your Reply LarryLoeb, 6/20/2018 9:12:36 AM Decades-Old Vulnerability Allows Spoofing of Encryption Tools Re: Re: verbose @Ariella Social engineering will always be a classic approach. Of course, it will get trickier as the threat actor will make some insider a threat and they wont even know what threat they are causing. Spooks call it a "hybrid" op. Post Your Reply Next 5 messages + All messages All messages Chat 8/31/2017 3:54:21 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thank you! klogan453 Keeper 8/31/2017 3:51:19 PM Voice of Security Radio: A Security Partnership with Machine Learning: Well, it seems like Steve and I managed to answer everyone's questions in our conversation. So I'll say thanks once again to Steve Grobman, CTO of McAfee, for being such a wonderful guest here on Voice of Security Radio! Curt Franklin Keeper 8/31/2017 3:47:35 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thanks. Sr.Contr61262 Keeper 8/31/2017 3:47:19 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thanks for helping out, Daren! Curt Franklin Keeper 8/31/2017 3:45:59 PM Voice of Security Radio: A Security Partnership with Machine Learning: (On behalf of Steve Grobman) - Data science and computer science expertise is definately in high demand by the cyber security technology industry as well as many other industries that are using similar capabilities daren Keeper 8/31/2017 3:44:38 PM Voice of Security Radio: A Security Partnership with Machine Learning: (On behalf of Steve Grobman) - There is not a formal certificatio process.. most users don't need to understand the nuance of the technology which is generally built by technology product providers daren Keeper 8/31/2017 3:42:40 PM Voice of Security Radio: A Security Partnership with Machine Learning: And how are mainline security pros/machine learning pros certified, i.e. how do you lknow that the person you're hiring to help you knows what they're dcoing? Sr.Contr61262 Keeper 8/31/2017 3:39:20 PM Voice of Security Radio: A Security Partnership with Machine Learning: Steve, one question we didn't get to is that of skilled practitioners. I know that mainline security pros are in short supply and high demand: Is it even worse when it comes to machine learning pros in the security space? Curt Franklin Keeper 8/31/2017 3:37:01 PM Voice of Security Radio: A Security Partnership with Machine Learning: Since I was late - and again - really sorry, I don't even know what to ask. Feel free to ask a question or my behalf. Sr.Contr61262 Keeper 8/31/2017 3:33:59 PM Voice of Security Radio: A Security Partnership with Machine Learning: Well folks, now's the time to ask any questions we didn't get to in the audio interview. Steve will be here in just a moment -- what would you like to know? Curt Franklin Keeper Next 5 chats +		Information Resources • Security Now Special Report – Backup & Recovery • Cisco Umbrella + Cloudlock: Simple, effective cloud security • MSSP Data Sheet • Ransomware for Dummies • Easy Protect Data Sheet • Security Now Special Report - GDPR: Making Sure Your Enterprise Is Prepared & Secure • DDoS Protection Mastery Starts Here • The Cloud Migration Guide • What is Your DDoS Resiliency Score? • Web Application Security Center All resources upcoming Webinars What You Can Do To Strengthen Security Over Your Clouds Tuesday, June 26, 2018 1:00 p.m New York/ 6:00 p.m. London More Webinars Webinar Archives Analysts Corner Ovum Resources • Ovum 2018 Trends to Watch: IT & Cybersecurity • Ovum IoT Security: Technology Strategies & Vendor Profiles • Ovum 2018 Trends to Watch: Managed Security Services • Ovum's Mini-Guide to GDPR Analysts Corner archive Flash Poll All polls Video CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ... You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ... Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ... Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ... Facebook has introduced new measures that will enable users to secure access to their accounts using a physical 'key' application. All Videos Sponsored Video Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ... Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ... This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video All Videos Radio Shows ARCHIVED \| August 31, 2017, 3pm EDT Voice of Security Radio: A Security Partnership with Machine Learning An interview with Steve Grobman, CTO of McAfee ARCHIVED SHOWS DOWNLOAD TO CALENDAR Twitter Feed Tweets by Security_Now_ like us on facebook