Security Now - Security challenges come in many forms


ABTV Application Cloud Endpoint Infrastructure IoT/Embedded Mobile Network Operational Security Management
Sign up for our weekly newsletter! REGISTER NOW

News & Views Kaspersky: Data Breaches Cost Enterprises $1.23M Scott Ferguson Managing Editor, Light Reading, \| 5/25/2018 The clean-up costs for an enterprise that has sustained a data breach has increased nearly 25% between 2017 and 2018, totaling about $1.23 million for each incident, according to new research from Kaspersky Labs. Post a Comment \| READ () GDPR: SecurityNow's Need-to-Know Guide Scott Ferguson Managing Editor, Light Reading, \| 5/25/2018 Today is the day: GDPR is here for good. Post a Comment \| READ (1 Comment) Latest comment: Wow! Thank you for putting all this together. IoT Security Concerns Include Pet Trackers, Kaspersky Finds Jeffrey Burt Freelance Editor & Journ, \| 5/24/2018 The tens of billions of connected devices that make up the Internet of Things (IoT) has become a key concern of security researchers, and now that concern includes smart devices made for pets. Post a Comment \| READ (1 Comment) Latest comment: <Thus, PIN code protection is not implemented in BLE -- authentication depends... GDPR Should Change Your Thinking About Network Firewalls Alan Zeichick Principal Analyst, Camden Associates, \| 5/24/2018 Protecting customer data is now Enterprise Security Job No. 1, thanks to the European Union's General Data Protection Regulation (GDPR). The entire purpose of GDPR is to protect the privacy of European Union residents -- and that affects your business, no matter where you are located, if you have even a single European customer. Post a Comment \| READ () FBI Knocks Out VPNFilter Malware That Infected 500K Routers Larry Loeb Author, \| 5/24/2018 It's been a busy few days for a sophisticated piece of botnet malware dubbed VPNFilter. Post a Comment \| READ (2 comments) Latest comment: @Michelle Well, unless the FBI has been watching you since last August and snatches... Microsoft Offering GDPR-Like Protection for All Customers Scott Ferguson Managing Editor, Light Reading, \| 5/23/2018 Microsoft is expanding privacy protection beyond the borders of the European Union. Post a Comment \| READ (4 comments) Latest comment: I was thinking about this same thing a few days ago. If what Microsoft is doing,... Spectre Number 4 Disclosure Raises Fresh Hardware Alarms Larry Loeb Author, \| 5/23/2018 If you were waiting for the Spectre vulnerabilities to abate, there's a problem -- another variant of the side channel attack is out there. And the patch Intel has let loose for it will decrease CPU performance by around 8%. Post a Comment \| READ (2 comments) Latest comment: @Talmoor The patch is off by default. You have to activate it for the performance... Roaming Mantis Android Malware Expands Its Reach to iOS, Cryptomining Jeffrey Burt Freelance Editor & Journ, \| 5/22/2018 Malware that had been used to steal information from Android devices has evolved rapidly to include new devices and capabilities and to expand globally, according to researchers at Kaspersky Lab. Post a Comment \| READ (3 comments) Latest comment: I think what it suggests is that the malware content has not evolved much. However,... TeenSafe Data Leak Shows Cloud Security Weaknesses Scott Ferguson Managing Editor, Light Reading, \| 5/22/2018 The news that TeenSafe, a service that allows anxious parents to monitor the use of their children's smartphones, has been leaking data of adults and teens alike, seems like a typical data-breach case. Post a Comment \| READ (3 comments) Latest comment: I was wondering about the exact same thing. I also would like to know exactly how... Satori Botnet Plays Hidden Role in Cryptomining Scheme, Researchers Find Larry Loeb Author, \| 5/21/2018 If your network scans have been showing increased attempts to find an open TCP port 3333 -- you're not alone. Post a Comment \| READ (2 comments) Latest comment: @Ariella: Based on the crypto stats I have seen, $200 is a large amount coming form... Check Point: Cryptomining Malware Targeting Vulnerable Servers Jeffrey Burt Freelance Editor & Journ, \| 5/21/2018 Cryptomining in some ways has become the new ransomware, the latest focus for cyber attackers looking to make money by infiltrating users' computers, according to researchers at Check Point Software. Post a Comment \| READ () McAfee Finds More Malware on Google Play Targeting North Korea Dissidents Scott Ferguson Managing Editor, Light Reading, \| 5/18/2018 For the second time this year, researchers at McAfee Labs have found malware hiding in the Google Play store that seems to target North Korean dissidents by attempting to plant spyware on their Android mobile devices. Post a Comment \| READ (3 comments) Latest comment: It would be an interesting plot twist if these things were added to distract from... Load More Articles + All Articles All Video All Slide Shows All Articles discussion board Susan Fourtané , 5/26/2018 4:48:47 AM TeenSafe Data Leak Shows Cloud Security Weaknesses Re: Re: Security 101 I was wondering about the exact same thing. I also would like to know exactly how someone just forgets to protect the serviers with a password. Yes, things can happen and accidents can happen. But, it's like going out and leaving your front... Post Your Reply Susan Fourtané , 5/25/2018 7:17:45 PM GDPR: SecurityNow's Need-to-Know Guide Re: Useful guide Wow! Thank you for putting all this together. Post Your Reply TaimoorZubair, 5/25/2018 2:58:33 AM Satori Botnet Plays Hidden Role in Cryptomining Scheme, Researchers Find Re: Re: amount @Ariella: Based on the crypto stats I have seen, $200 is a large amount coming form one machine even though in dollar terms it does not look that big. Normally, miners have a whole network of machines running which mine the currency and hence... Post Your Reply Susan Fourtané , 5/24/2018 6:32:42 PM Microsoft Offering GDPR-Like Protection for All Customers Re: Re: GDPR I was thinking about this same thing a few days ago. If what Microsoft is doing, which I also believe is more for convenience and simplicity, may as well be done by some other companies that will see the benefit of keeping things simple. Post Your Reply Ariella, 5/24/2018 12:41:12 PM IoT Security Concerns Include Pet Trackers, Kaspersky Finds Re: secruity <Thus, PIN code protection is not implemented in BLE -- authentication depends entirely on the developers of the device, and experience shows that it is often neglected."> Indeed, this is why we really have to start thinking of security... Post Your Reply LarryLoeb, 5/24/2018 9:43:27 AM FBI Knocks Out VPNFilter Malware That Infected 500K Routers Re: Re: malware @Michelle Well, unless the FBI has been watching you since last August and snatches away your emergency backup server.... Clever, but defeatable. Post Your Reply Ariella, 5/24/2018 9:02:18 AM FBI Knocks Out VPNFilter Malware That Infected 500K Routers Re: malware <If a user finds the malware, Cisco found that rebooting will wipe Stage 2 and 3 but not Stage 1. Stage 1 can then reload Stages 2 and 3.> I have to admit, this is really clever. So long as you leave any component in, it can load the... Post Your Reply Ariella, 5/24/2018 8:59:20 AM Microsoft Offering GDPR-Like Protection for All Customers Re: Re: GDPR @TaimoorZubair Exactly, and given that the people who have to have it in place is not so small it only makes sense to adopt the standard for all rather than to introduce the complications of compartmentalization. But your comment reminded me... Post Your Reply LarryLoeb, 5/24/2018 8:07:41 AM Spectre Number 4 Disclosure Raises Fresh Hardware Alarms Re: Re: User Consent @Talmoor The patch is off by default. You have to activate it for the performance hit to happen. Post Your Reply TaimoorZubair, 5/24/2018 5:57:02 AM TeenSafe Data Leak Shows Cloud Security Weaknesses Re: Security 101 "The servers were hosted on Amazon Web Services and were left unprotected and accessible to anyone without a password, according to ZDNet, which first reported the issue on May 20." This is a serious violation of security and something as... Post Your Reply TaimoorZubair, 5/24/2018 5:48:58 AM Roaming Mantis Android Malware Expands Its Reach to iOS, Cryptomining Re: Re: not new I think what it suggests is that the malware content has not evolved much. However, the ways it spreads through and the speed of spreading has evolved. This is because of the use of higher processing power available to increase the reach as... Post Your Reply TaimoorZubair, 5/24/2018 5:38:34 AM Roaming Mantis Android Malware Expands Its Reach to iOS, Cryptomining Re: iOS no longer safe It'd be interesting to see if Apple comes back with a response on this. Apple has taken a lot of pride in the security of iOS and this has been a key selling feature for them. If the security is not as good anymore, it may lead to further consequences... Post Your Reply Next 5 messages + All messages All messages Chat 8/31/2017 3:54:21 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thank you! klogan453 Keeper 8/31/2017 3:51:19 PM Voice of Security Radio: A Security Partnership with Machine Learning: Well, it seems like Steve and I managed to answer everyone's questions in our conversation. So I'll say thanks once again to Steve Grobman, CTO of McAfee, for being such a wonderful guest here on Voice of Security Radio! Curt Franklin Keeper 8/31/2017 3:47:35 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thanks. Sr.Contr61262 Keeper 8/31/2017 3:47:19 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thanks for helping out, Daren! Curt Franklin Keeper 8/31/2017 3:45:59 PM Voice of Security Radio: A Security Partnership with Machine Learning: (On behalf of Steve Grobman) - Data science and computer science expertise is definately in high demand by the cyber security technology industry as well as many other industries that are using similar capabilities daren Keeper 8/31/2017 3:44:38 PM Voice of Security Radio: A Security Partnership with Machine Learning: (On behalf of Steve Grobman) - There is not a formal certificatio process.. most users don't need to understand the nuance of the technology which is generally built by technology product providers daren Keeper 8/31/2017 3:42:40 PM Voice of Security Radio: A Security Partnership with Machine Learning: And how are mainline security pros/machine learning pros certified, i.e. how do you lknow that the person you're hiring to help you knows what they're dcoing? Sr.Contr61262 Keeper 8/31/2017 3:39:20 PM Voice of Security Radio: A Security Partnership with Machine Learning: Steve, one question we didn't get to is that of skilled practitioners. I know that mainline security pros are in short supply and high demand: Is it even worse when it comes to machine learning pros in the security space? Curt Franklin Keeper 8/31/2017 3:37:01 PM Voice of Security Radio: A Security Partnership with Machine Learning: Since I was late - and again - really sorry, I don't even know what to ask. Feel free to ask a question or my behalf. Sr.Contr61262 Keeper 8/31/2017 3:33:59 PM Voice of Security Radio: A Security Partnership with Machine Learning: Well folks, now's the time to ask any questions we didn't get to in the audio interview. Steve will be here in just a moment -- what would you like to know? Curt Franklin Keeper Next 5 chats +		Information Resources • Cisco Umbrella + Cloudlock: Simple, effective cloud security • MSSP Data Sheet • Ransomware for Dummies • Easy Protect Data Sheet • Security Now Special Report - GDPR: Making Sure Your Enterprise Is Prepared & Secure • DDoS Protection Mastery Starts Here • The Cloud Migration Guide • What is Your DDoS Resiliency Score? • Web Application Security Center • The Essential Guide to CDN All resources upcoming Webinars Cloud Access Security Brokers in the Wild Wednesday, May 30, 2018 1:00 p.m. EST / 10:00 a.m. PST More Webinars Webinar Archives Analysts Corner Ovum Resources • Ovum 2018 Trends to Watch: IT & Cybersecurity • Ovum IoT Security: Technology Strategies & Vendor Profiles • Ovum 2018 Trends to Watch: Managed Security Services • Ovum's Mini-Guide to GDPR Analysts Corner archive Flash Poll All polls Video CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ... You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ... Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ... Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ... Facebook has introduced new measures that will enable users to secure access to their accounts using a physical 'key' application. All Videos Sponsored Video Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ... Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ... This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video All Videos Radio Shows ARCHIVED \| August 31, 2017, 3pm EDT Voice of Security Radio: A Security Partnership with Machine Learning An interview with Steve Grobman, CTO of McAfee ARCHIVED SHOWS DOWNLOAD TO CALENDAR Twitter Feed Tweets by Security_Now_ like us on facebook