Security Now - Security challenges come in many forms


ABTV Application Cloud Endpoint Infrastructure IoT/Embedded Mobile Network Operational Security Management
Sign up for our weekly newsletter! REGISTER NOW

News & Views BlackBerry Acquiring Security & AI Firm Cylance for $1.4B Scott Ferguson Managing Editor, Light Reading, \| 11/16/2018 BlackBerry is continuing to move away from its legacy as a smartphone vendor with its acquisition this week of Cylance, a firm that specializes in artificial intelligence and cybersecurity, for $1.4 billion. Post a Comment \| READ () Magecart Attacks Proving Persistent Problem for Online Retailers Scott Ferguson Managing Editor, Light Reading, \| 11/16/2018 Over the last several months, the group behind Magecart has proven a tricky problem for online retailers with a number of skimmer operations designed to steal credit card information from customers. Post a Comment \| READ () New Spectre & Meltdown Attacks Show Limits of CPU Vulnerabilities Larry Loeb Author, \| 11/16/2018 The class of CPU side-channel vulnerabilities dubbed Spectre and Meltdown arose suddenly in the early part of this year. These hardware flaws are the result of exception or branch misprediction events that can leave secret-dependent traces in the chip's microarchitectural state. Post a Comment \| READ (5 comments) Latest comment: @Ariella That sounds like a plan to me. Mylobot Botnet & Khalesi Malware Deliver One-Two Security Punch Scott Ferguson Managing Editor, Light Reading, \| 11/15/2018 Mylobot, a recently discovered botnet that can elude antivirus software and sandboxes, is now able to deliver Khalesi information stealer malware on infected machines as part of a secondary attack, according to new research from CenturyLink. Post a Comment \| READ () Kubernetes & Containers Stir Security Concerns in the Cloud Scott Ferguson Managing Editor, Light Reading, \| 11/15/2018 One of the biggest and most innovative developments in the cloud over the last several years has been containers, especially the Google-backed Kubernetes orchestration platform to help manage these ecosystems and to speed up application development. Post a Comment \| READ (1 Comment) Latest comment: Interesting, never take for granted your security tools for containers and Kuber... WannaCry Continues Rampage 18 Months After First Outbreak Scott Ferguson Managing Editor, Light Reading, \| 11/15/2018 Nearly 18 months after it first appeared, WannaCry continues to be a significant security threat to enterprises around the world. In the third quarter of this year, the ransomware targeted more than 74,000 unique users across the globe, a new report finds. Post a Comment \| READ () Sophos: 'Living off the Land' Is the Law of the Land Scott Ferguson Managing Editor, Light Reading, \| 11/14/2018 For cybercriminals, "living off the land," has become the new law of the land when it comes to planning and executing attacks against enterprises. Post a Comment \| READ (1 Comment) Latest comment: I'm fascinated by the choice of tools. The always-new version of Windows is the... Google Data Center Traffic Rerouted to Nigeria, China & Russia Larry Loeb Author, \| 11/14/2018 For 74 minutes on Monday, November 12, traffic from Google's data centers was hijacked, essentially a de facto distributed denial-of-service attack. Post a Comment \| READ (4 comments) Latest comment: @Ariella Hey, I ain't no advanced peristent threat..... Cyber Attacks Becoming Greater Risk for Businesses Worldwide Scott Ferguson Managing Editor, Light Reading, \| 11/13/2018 While issues of unemployment and the stability of nation-states usually dominate business headlines, several of the world's most dynamic economic regions are increasingly viewing cyber attacks, and the fallout that follows an attack, as the greatest risk enterprises face today. Post a Comment \| READ () Cloudflare's 1.1.1.1 DNS Service Lands on Android, iOS Scott Ferguson Managing Editor, Light Reading, \| 11/13/2018 Cloudflare is looking to make its new 1.1.1.1 DNS service mobile. Post a Comment \| READ (1 Comment) Latest comment: Cloudflare is working hard to make the web more secure and faster too. This new... Cryptojacking: Why SMBs Need to Stay on High Alert Dirk Morris Chief Product Officer, Untangle, \| 11/12/2018 Cryptojacking, which is how many people refer to an array of cryptomining malware, continues to make headlines as one of the biggest security attacks happening today. And it's only getting worse. Post a Comment \| READ () Metamorfo Trojan Revamped to Evade Antivirus Protections Larry Loeb Author, \| 11/12/2018 Security efforts can feel like a battle -- full of actions and counteractions that lead to some sort of resolution. It's tempting to see this as the end of the problem, but threat actors do not give up so easily. Post a Comment \| READ (1 Comment) Latest comment: With these rapidly changing approaches to cause harm, I wonder if there is a way... Load More Articles + All Articles All Video All Slide Shows All Articles discussion board LarryLoeb, 11/16/2018 3:42:56 PM New Spectre & Meltdown Attacks Show Limits of CPU Vulnerabilities Re: Re: attacks @Ariella That sounds like a plan to me. Post Your Reply Ariella, 11/16/2018 2:47:32 PM New Spectre & Meltdown Attacks Show Limits of CPU Vulnerabilities Re: Re: attacks @Larry I see. So we should just keep calm and keep vigilant without relaxing our guard. Post Your Reply batye, 11/16/2018 1:40:32 PM New Spectre & Meltdown Attacks Show Limits of CPU Vulnerabilities Re: Re: attacks @Ariella I would say it not yet and not now, but with time time it gonna change and we will have to worry and be avare - the way I see it... Post Your Reply LarryLoeb, 11/16/2018 1:12:43 PM New Spectre & Meltdown Attacks Show Limits of CPU Vulnerabilities Re: Re: attacks @Ariella Oh, someone will figure out new and diferent ones. What we have seen is just cache exploitations. There's more hardware to be exploited. Post Your Reply LarryLoeb, 11/16/2018 1:10:42 PM Google Data Center Traffic Rerouted to Nigeria, China & Russia Re: Re: scary path @Ariella Hey, I ain't no advanced peristent threat..... Post Your Reply Ariella, 11/16/2018 11:56:13 AM Google Data Center Traffic Rerouted to Nigeria, China & Russia Re: Re: scary path @LarryLoeb That's a very apt image that explains it clearly. Post Your Reply Ariella, 11/16/2018 11:52:29 AM New Spectre & Meltdown Attacks Show Limits of CPU Vulnerabilities Re: attacks <Yes, the researchers found seven new kinds of attacks. But that is balanced by the group finding six kinds of attacks that we probably don't have to worry about.< I guess there's some little bit of consolation in that -- so long as you... Post Your Reply Susan Fourtané , 11/15/2018 2:28:50 PM HSBC Data Breach Shows Failure to Protect Passwords & Access Controls Re: Re: Does HSBC have customers left? I also assumed it was a common practice by now. Still very intrigued wanting to know how this affected their customer retention. Post Your Reply Locknload, 11/15/2018 10:12:32 AM Kubernetes & Containers Stir Security Concerns in the Cloud Re: Cloud security Interesting, never take for granted your security tools for containers and Kubernetes. Post Your Reply LarryLoeb, 11/15/2018 7:56:45 AM Google Data Center Traffic Rerouted to Nigeria, China & Russia Re: Re: scary path @Michelle It seems that once the packets hit China Telcom, they were dropped; rather than altered and resent. I dont see how any software upgrade would have affected this situation. It's the roadway that was affected, not the cars on it, Post Your Reply batye, 11/15/2018 1:00:24 AM HSBC Data Breach Shows Failure to Protect Passwords & Access Controls Re: Re: Does HSBC have customers left? @Michelle I do hope soo and use it as example how not to do it... Post Your Reply Michelle, 11/14/2018 9:06:41 PM Google Data Center Traffic Rerouted to Nigeria, China & Russia Re: scary path Did anything nefarious happen with data as it was being served over the wrong routes? I wonder if paying G Suite customers will be getting a bill credit for the lost time. I also wonder if we'll soon see Microsoft pushing Office 360 as a more... Post Your Reply Next 5 messages + All messages All messages Chat 8/31/2017 3:54:21 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thank you! klogan453 Keeper 8/31/2017 3:51:19 PM Voice of Security Radio: A Security Partnership with Machine Learning: Well, it seems like Steve and I managed to answer everyone's questions in our conversation. So I'll say thanks once again to Steve Grobman, CTO of McAfee, for being such a wonderful guest here on Voice of Security Radio! Curt Franklin Keeper 8/31/2017 3:47:35 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thanks. Sr.Contr61262 Keeper 8/31/2017 3:47:19 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thanks for helping out, Daren! Curt Franklin Keeper 8/31/2017 3:45:59 PM Voice of Security Radio: A Security Partnership with Machine Learning: (On behalf of Steve Grobman) - Data science and computer science expertise is definately in high demand by the cyber security technology industry as well as many other industries that are using similar capabilities daren Keeper 8/31/2017 3:44:38 PM Voice of Security Radio: A Security Partnership with Machine Learning: (On behalf of Steve Grobman) - There is not a formal certificatio process.. most users don't need to understand the nuance of the technology which is generally built by technology product providers daren Keeper 8/31/2017 3:42:40 PM Voice of Security Radio: A Security Partnership with Machine Learning: And how are mainline security pros/machine learning pros certified, i.e. how do you lknow that the person you're hiring to help you knows what they're dcoing? Sr.Contr61262 Keeper 8/31/2017 3:39:20 PM Voice of Security Radio: A Security Partnership with Machine Learning: Steve, one question we didn't get to is that of skilled practitioners. I know that mainline security pros are in short supply and high demand: Is it even worse when it comes to machine learning pros in the security space? Curt Franklin Keeper 8/31/2017 3:37:01 PM Voice of Security Radio: A Security Partnership with Machine Learning: Since I was late - and again - really sorry, I don't even know what to ask. Feel free to ask a question or my behalf. Sr.Contr61262 Keeper 8/31/2017 3:33:59 PM Voice of Security Radio: A Security Partnership with Machine Learning: Well folks, now's the time to ask any questions we didn't get to in the audio interview. Steve will be here in just a moment -- what would you like to know? Curt Franklin Keeper Next 5 chats +		Information Resources • SD-WAN Adoption Is Accelerating to Reduce Security Risk: A Global Survey of Network Professionals • Futuriom SD-WAN Growth Report 2018 • Versa Networks Enterprise Solution Brief • Protect Your Branch Office Network from Cyber-Criminals • Top 10 Ransomware • Next Generation Firewall Test Report – NSS Labs • ESG Lab Review - SD-WAN Integration with Amazon Web Services – Versa Networks • Security Now Special Report: Endpoint Ecosystems – Collaborating to Conquer Security Threats • You Cannot Secure What You Cannot See: How to make your hybrid cloud environment visible and secure • Security Now Special Report – Security Automation: Risks & Rewards for Your Security Program All resources upcoming Webinars ARCHIVED SD-WAN Adoption Drives Greater Demand for Integrated Branch Security Thursday, November 8, 2018 12:00 p.m New York / 5:00 p.m London More Webinars Webinar Archives Analysts Corner Ovum Resources • Ovum 2018 Trends to Watch: IT & Cybersecurity • Ovum IoT Security: Technology Strategies & Vendor Profiles • Ovum 2018 Trends to Watch: Managed Security Services • Ovum's Mini-Guide to GDPR Analysts Corner archive Flash Poll All polls Video CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ... You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ... Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ... Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ... Facebook has introduced new measures that will enable users to secure access to their accounts using a physical 'key' application. All Videos Sponsored Video Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ... Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ... This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video All Videos Radio Shows ARCHIVED \| August 31, 2017, 3pm EDT Voice of Security Radio: A Security Partnership with Machine Learning An interview with Steve Grobman, CTO of McAfee ARCHIVED SHOWS DOWNLOAD TO CALENDAR Twitter Feed Tweets by Security_Now_ like us on facebook