Security Now - Security challenges come in many forms


ABTV Application Cloud Endpoint Infrastructure IoT/Embedded Mobile Network Operational Security Management
Sign up for our weekly newsletter! REGISTER NOW

News & Views Cloudflare Looks to Take the Pain Out of DNSSEC Protocol Adoption Larry Loeb Author, \| 9/21/2018 Cloudflare is adding a new feature to its hosting and firewall products that the networking company hopes will address the slow uptake of the Domain Name System Security Extensions (DNSSEC) protocol. Post a Comment \| READ () Xbash Malware: Dangerous Mix of Threats Jeffrey Burt Freelance Editor & Journ, \| 9/21/2018 Malware developers are increasingly putting multiple functions into their software to expand the reach of their capabilities and to possibly cover their tracks to hide the real intent of their campaigns. A new malware tool called Xbash is a particularly toxic mix of features that range from mining cryptocurrencies and ransomware to self-propagation and ... Post a Comment \| READ () Ransomware Developers Embrace Politics, Targeting Obama, Trump & Merkel Jeffrey Burt Freelance Editor & Journ, \| 9/20/2018 Politics has taken center stage in many countries around the world as rapid social and economic changes roil almost the entire Western hemisphere, including in the US and Europe. It now seems that the authors of recent ransomware campaigns are also dipping their toes in the political waters, at least in terms of naming those campaigns. Post a Comment \| READ (1 Comment) Latest comment: I think it would be fascinating to compare the stats on these to see which political... Hackers Still Targeting Windows 10, Windows 8 – Survey Scott Ferguson Managing Editor, Light Reading, \| 9/20/2018 Within the last year, nearly half of all hackers found ways to bypass the security features of Microsoft Windows 10 and Windows 8, typically using social engineering techniques to compromise the operating system, according to a recent industry survey. Post a Comment \| READ () Account Takeover Attacks Are on the Rise Scott Ferguson Managing Editor, Light Reading, \| 9/20/2018 Account takeover attacks are steadily increasing, with cybercriminals, and even amateurs, looking to make a quick buck, using these techniques to create much more sophisticated phishing campaigns that are targeting enterprises, a new study finds. Post a Comment \| READ () Data Breach Can Affect Company's Long-Term Stock Price Larry Loeb Author, \| 9/19/2018 Security teams are all too familiar with how a data breach affects the security posture of an organization. The changes that are made post-breach -- both reactive and pro-active -- can greatly affect how the organization conducts itself. Post a Comment \| READ (4 comments) Latest comment: Yes, then it can be recognized as something with ROI. California Looks to Pass Rudimentary IoT Security Legislation Joe Stanganelli Principal, Beacon Hill Law, \| 9/19/2018 A recently passed California bill may begin to set a legislative standard in the US for basic Internet of Things (IoT) security, but it's such a low and vague standard in such a politically unfashionable area that it may not signal much in terms of what's to come. Post a Comment \| READ () House Bill Would Create Federal Standards for Data Breach Notifications Scott Ferguson Managing Editor, Light Reading, \| 9/19/2018 A bill that passed the House Financial Services Committee earlier this month would create new federal standards and rules that would require banks and other financial institutions to notify customers following a data breach. Post a Comment \| READ () PyLocky Ransomware Can Get Around Machine Learning Solutions Jeffrey Burt Freelance Editor & Journ, \| 9/18/2018 Ransomware may not be as high profile as it was last year in the wake of WannaCry and other campaigns, but threat actors continue to improve on the malware. A recent example is PyLocky, a ransomware that is designed to look like the well-known Locky malware and to evade detection by security solutions that employ machine-learning capabilities. Post a Comment \| READ () 'Peekaboo' Zero-Day Exploit Targets Security Camera Scott Ferguson Managing Editor, Light Reading, \| 9/18/2018 A new zero-day exploit, dubbed "Peekaboo," can allow cybercriminals and other attackers to tamper with security cameras and other surveillance equipment by taking advantage of a vulnerability in the software platform that runs these devices. Post a Comment \| READ () Data Breaches Costing More C-Level Executives Their Jobs Scott Ferguson Managing Editor, Light Reading, \| 9/17/2018 As more data breaches make headlines each week, those executives seated in the C-Suite are starting to feel the pinch when it comes to these compromises in security. Specifically, more CIOs, CISOs and even CEOs are being shown the door after an incident, a new industry survey finds. Post a Comment \| READ () Fuji's Electric V-Server Susceptible to Numerous Vulnerabilities Larry Loeb Author, \| 9/17/2018 Fuji's Electric V-Server is in some heap of trouble. Post a Comment \| READ (5 comments) Latest comment: @Larrry and that's why nothign is ever truly hack-proof. Load More Articles + All Articles All Video All Slide Shows All Articles discussion board StephenGiderson, 9/22/2018 1:26:39 AM IoT Security Concerns Include Pet Trackers, Kaspersky Finds Re: Re: secruity I really think that the IoT phenomenon is a little bit to do with OCD people wanting to know where everything is and what they are doing at all times. Sounds like a micro-manager's dream if you ask me. But of course with that level of control... Post Your Reply Ariella, 9/20/2018 1:06:39 PM Fuji's Electric V-Server Susceptible to Numerous Vulnerabilities Re: Re: VPN @Larrry and that's why nothign is ever truly hack-proof. Post Your Reply Ariella, 9/20/2018 1:05:49 PM Data Breach Can Affect Company's Long-Term Stock Price Re: Re: Best secure the data Yes, then it can be recognized as something with ROI. Post Your Reply LarryLoeb, 9/20/2018 12:25:25 PM Fuji's Electric V-Server Susceptible to Numerous Vulnerabilities Re: Re: VPN @Ariella There's no perfect 2FA out there, which is just another way to show a secret I have. Voice can be faked with autotune. Deepfakes will do video. Fingerprints are semi-reliable, and temperature variant. The hardware dongles are made... Post Your Reply LarryLoeb, 9/20/2018 12:21:39 PM Data Breach Can Affect Company's Long-Term Stock Price Re: Re: Best secure the data @Ariella If the businesses see that a lowered stock price costs them value, then security can have a virtual income effect associated with it; not just having to spend money in a budget. Post Your Reply Ariella, 9/20/2018 11:36:55 AM Ransomware Developers Embrace Politics, Targeting Obama, Trump & Merkel Re: politics I think it would be fascinating to compare the stats on these to see which political group is most drawn in. Post Your Reply Ariella, 9/20/2018 11:35:32 AM Fuji's Electric V-Server Susceptible to Numerous Vulnerabilities Re: Re: VPN @Larry given that weak passwords are a part of the problem, would you recommend other forms of verification like voice? Post Your Reply Ariella, 9/20/2018 11:24:13 AM Data Breach Can Affect Company's Long-Term Stock Price Re: Re: Best secure the data @Michelle I actually thought we had reached that point. But I do hope that if companies see the possibility of a long term effect that they will become more proactive about security. Post Your Reply ThomasMaloney, 9/20/2018 6:45:26 AM Bad Rabbit Breeds Ransomware Fears Re: Re: Budget Ransomware That picture of the rabbit made me think for a second there that we were going to have to deal with some physical virus or something - somebody get that bunny to a vet! But in all seriousness, I suppose the makers of Bad Rabbit are trying to... Post Your Reply CameronRobertson, 9/20/2018 4:22:06 AM Intel's SGX Vulnerable to Spectre-Like Flaw Re: Re: In the wild? Well, the fact that we've found a problem to this whole system means that we're on the verge of finding a solution to fix it right? I mean if there's a whole article that's exposing all the trials and difficulties that we're getting with this... Post Your Reply UdyRegan, 9/20/2018 3:35:25 AM Open Door Policy Re: Re: Security Haiku idea I think the culture of that particular country plays an important role. What the citizens need is what is being highly considered by the government there. The security gap is being put in place because apparently that is how the users feel... Post Your Reply Michelle, 9/19/2018 8:29:14 PM Data Breach Can Affect Company's Long-Term Stock Price Re: Best secure the data Intereting findings. I have wondered how a data breach might affect stock price. Might we be approaching a point where a major data breach is just another blip in the news cycle? Post Your Reply Next 5 messages + All messages All messages Chat 8/31/2017 3:54:21 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thank you! klogan453 Keeper 8/31/2017 3:51:19 PM Voice of Security Radio: A Security Partnership with Machine Learning: Well, it seems like Steve and I managed to answer everyone's questions in our conversation. So I'll say thanks once again to Steve Grobman, CTO of McAfee, for being such a wonderful guest here on Voice of Security Radio! Curt Franklin Keeper 8/31/2017 3:47:35 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thanks. Sr.Contr61262 Keeper 8/31/2017 3:47:19 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thanks for helping out, Daren! Curt Franklin Keeper 8/31/2017 3:45:59 PM Voice of Security Radio: A Security Partnership with Machine Learning: (On behalf of Steve Grobman) - Data science and computer science expertise is definately in high demand by the cyber security technology industry as well as many other industries that are using similar capabilities daren Keeper 8/31/2017 3:44:38 PM Voice of Security Radio: A Security Partnership with Machine Learning: (On behalf of Steve Grobman) - There is not a formal certificatio process.. most users don't need to understand the nuance of the technology which is generally built by technology product providers daren Keeper 8/31/2017 3:42:40 PM Voice of Security Radio: A Security Partnership with Machine Learning: And how are mainline security pros/machine learning pros certified, i.e. how do you lknow that the person you're hiring to help you knows what they're dcoing? Sr.Contr61262 Keeper 8/31/2017 3:39:20 PM Voice of Security Radio: A Security Partnership with Machine Learning: Steve, one question we didn't get to is that of skilled practitioners. I know that mainline security pros are in short supply and high demand: Is it even worse when it comes to machine learning pros in the security space? Curt Franklin Keeper 8/31/2017 3:37:01 PM Voice of Security Radio: A Security Partnership with Machine Learning: Since I was late - and again - really sorry, I don't even know what to ask. Feel free to ask a question or my behalf. Sr.Contr61262 Keeper 8/31/2017 3:33:59 PM Voice of Security Radio: A Security Partnership with Machine Learning: Well folks, now's the time to ask any questions we didn't get to in the audio interview. Steve will be here in just a moment -- what would you like to know? Curt Franklin Keeper Next 5 chats +		Information Resources • Security Now Special Report: Endpoint Ecosystems – Collaborating to Conquer Security Threats • You Cannot Secure What You Cannot See: How to make your hybrid cloud environment visible and secure • Security Now Special Report – Security Automation: Risks & Rewards for Your Security Program • Security Now Special Report – Backup & Recovery • Cisco Umbrella + Cloudlock: Simple, effective cloud security • MSSP Data Sheet • Ransomware for Dummies • Easy Protect Data Sheet • Security Now Special Report - GDPR: Making Sure Your Enterprise Is Prepared & Secure • DDoS Protection Mastery Starts Here All resources upcoming Webinars ARCHIVED What You Can Do To Strengthen Security Over Your Clouds Tuesday, June 26, 2018 1:00 p.m New York/ 6:00 p.m. London More Webinars Webinar Archives Analysts Corner Ovum Resources • Ovum 2018 Trends to Watch: IT & Cybersecurity • Ovum IoT Security: Technology Strategies & Vendor Profiles • Ovum 2018 Trends to Watch: Managed Security Services • Ovum's Mini-Guide to GDPR Analysts Corner archive Flash Poll All polls Video CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ... You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ... Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ... Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ... Facebook has introduced new measures that will enable users to secure access to their accounts using a physical 'key' application. All Videos Sponsored Video Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ... Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ... This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video All Videos Radio Shows ARCHIVED \| August 31, 2017, 3pm EDT Voice of Security Radio: A Security Partnership with Machine Learning An interview with Steve Grobman, CTO of McAfee ARCHIVED SHOWS DOWNLOAD TO CALENDAR Twitter Feed Tweets by Security_Now_ like us on facebook