Security Now - Security challenges come in many forms


ABTV Application Cloud Endpoint Infrastructure IoT/Embedded Mobile Network Operational Security Management
Sign up for our weekly newsletter! REGISTER NOW

News & Views Cybercrime: More Like Facebook's Model Than Traditional Criminal Enterprise Larry Loeb Author, \| 4/23/2018 Cybercrime discussions have historically focused on how it happens. Specifically, what the technical parts of it are composed of and how does it work. Malware types, security holes and the prevention of attacks are concrete and can be described and understood. Post a Comment \| READ () It's the People: 5 Reasons Why SOC Can't Scale Alan Zeichick Principal Analyst, Camden Associates, \| 4/23/2018 SAN FRANCISCO -- Blame people for the SOC scalability challenge. On the other hand, don't blame your people. It's not their fault. Post a Comment \| READ () At-Risk Routers & Russian Hacking Plans Stir Talk at RSA Scott Ferguson Editor, Enterprise Cloud, \| 4/23/2018 If you haven't been thinking about the security of your unpatched or misconfigured routers, now's a good a time to start. Post a Comment \| READ () Login With Facebook & Watch Your Personal Data Leak Larry Loeb Author, \| 4/20/2018 It's now common for websites to use a "Login with Facebook" button on their sites as a convenience for users. However, security researchers from Princeton University have discovered that some advertising and analytics services are siphoning user data from these pages when such a button is present. Post a Comment \| READ (2 comments) Latest comment: @Taimoor The problem here isn't so much with Facebook per se; its with how JavaScript... Cyberattacks Have Doubled, but Security Is Getting Better at Blocking Them Jeffrey Burt Freelance Editor & Journ, \| 4/20/2018 Cybersecurity so far this year is offering a mix of good news, bad news and warnings, according to a report released this week by professional services company Accenture. Post a Comment \| READ (1 Comment) Latest comment: Apart from the development of more sophisticated tools and AI based techniques,... Firewall Fail: IT Can't Identify All Network Traffic Scott Ferguson Editor, Enterprise Cloud, \| 4/19/2018 SAN FRANCISCO -- There's a dirty secret lying right behind the corporate firewall: The IT department can't identify the traffic coming into the enterprise network. Post a Comment \| READ (1 Comment) Latest comment: I think the approach that now makes more sense is the AI-based approach where the... Microsoft Security Is Channeling the Terminator Alan Zeichick Principal Analyst, Camden Associates, \| 4/19/2018 SAN FRANCISO - Got Skynet? Microsoft is putting artificial intelligence in charge of automatically responding to detected threats, with a forthcoming update to Windows Defender ATP. Post a Comment \| READ (1 Comment) Latest comment: "Soon, customers will be able to allow the AI to respond to some incidents automatically... In Wake of Spectre & Meltdown, Intel Shifts Memory Scanning to GPU Jeffrey Burt Freelance Editor & Journ, \| 4/19/2018 The Spectre and Meltdown side-channel security flaws that became public in January and shook the processor industry put a bullseye on Intel more than other chipmakers and forced the company to take the lead in addressing the need for greater security measures at the silicon level. Post a Comment \| READ (1 Comment) Latest comment: "The analyst also applauded Intel's response to the Spectre and Meltdown vulnerabilities,... DHS Secretary Kirstjen Nielsen: Cybercrime Will Reach $6 Trillion Annually Scott Ferguson Editor, Enterprise Cloud, \| 4/18/2018 SAN FRANCISCO - Cybercrime is expected to soar to a $6 trillion annual enterprise in the next three years -- that's the equivalent of about 10% of the world's economy -- the secretary of the US Department of Homeland Security, Kirstjen Nielsen, told this week's RSA Conference during an opening keynote. Post a Comment \| READ (1 Comment) Latest comment: > "Cybercrime is expected to soar to a $6 trillion annual enterprise in the next... Alert Warns Russian Actors Are Targeted Unsecured Network Devices Larry Loeb Author, \| 4/18/2018 The US Department of Homeland Security (DHS), FBI and the United Kingdom's National Cyber Security Centre (NCSC) have issued a joint alert that should make anyone interested in computer security sit up and take notice. Post a Comment \| READ () Microsoft's Brad Smith: 2017 Was a Cybersecurity Wake-Up Call Scott Ferguson Editor, Enterprise Cloud, \| 4/18/2018 SAN FRANCISO -- With the WannaCry and NotPetya attacks still fresh in the minds of the security community, Brad Smith, Microsoft president and chief legal officer, believes 2017 needs to serve as a wake-up call for businesses and enterprises of all sizes, as well as those vendors looking to protect customers. Post a Comment \| READ () Endpoint Security: 3 Big Obstacles to Overcome Joe Stanganelli Principal, Beacon Hill Law, \| 4/17/2018 In a report released last month on "next-generation endpoint security," Enterprise Security Group (ESG) analyst Jon Oltsik observed that enterprises and antivirus vendors alike find keeping up with endpoint security difficult because of the sophisticated nature, prolific volume, and exponentiating complexity of attacks. Post a Comment \| READ () Load More Articles + All Articles All Video All Slide Shows All Articles discussion board Ariella, 4/21/2018 11:36:53 PM Beyond Bitcoin: How Blockchain Can Benefit IoT Security Re: Re: Concrete use cases still need to worked on beyond the Pilot Phase Hi, Ashish, Your input is always valuable!Sure it will take time, but I do think that it will prove effective. Post Your Reply [email protected], 4/21/2018 4:17:47 PM As Public Cloud Use Increases, So Does Data Theft Re: HUGE NEW DATA THEFT CONSPIRACY Verizon's Oath—a consortium of 451 corporations makes Mark Zuckerberg look like a Vienna Choir Boy. https://tinyurl.com/ydhlrnwu Post Your Reply TaimoorZubair, 4/21/2018 3:08:59 AM In Wake of Spectre & Meltdown, Intel Shifts Memory Scanning to GPU Re: OS security? "The analyst also applauded Intel's response to the Spectre and Meltdown vulnerabilities, particularly given that it was Intel that was first linked to the security flaws, even though they impacted competitors as well. Essentially, by exploiting... Post Your Reply TaimoorZubair, 4/21/2018 2:59:29 AM Microsoft Security Is Channeling the Terminator Re: Future "Soon, customers will be able to allow the AI to respond to some incidents automatically -- which Redmond claims will cut time-to-remediation down to minutes." I think that's really where the future stands. The attacks are getting smarter... Post Your Reply TaimoorZubair, 4/21/2018 2:48:51 AM Firewall Fail: IT Can't Identify All Network Traffic Re: AI based detection I think the approach that now makes more sense is the AI-based approach where the network administrators look to find patterns in the traffic which may identify malicious activity. Yes, it's becoming difficult to pinpoint which apps are driving... Post Your Reply TaimoorZubair, 4/21/2018 2:44:42 AM Cyberattacks Have Doubled, but Security Is Getting Better at Blocking Them Re: Reason Apart from the development of more sophisticated tools and AI based techniques, I think one of the major reasons behind this change is an overall awareness about cyber security and realization even from non-technical users that it's a valid... Post Your Reply Susan Fourtané , 4/20/2018 6:57:58 PM Beyond Bitcoin: How Blockchain Can Benefit IoT Security Re: Re: Concrete use cases still need to worked on beyond the Pilot Phase Hi, Ashish - This looks like a great resource to look into blockchain and IoT security. Thanks for the link. I am centainly downloading it. Post Your Reply Susan Fourtané , 4/20/2018 6:52:24 PM Beyond Bitcoin: How Blockchain Can Benefit IoT Security Re: Re: Blockchain and IoT security Ariella - Exactly the same happens to me. Even though it's really nice to know what all those startups are doing with blockchain and to stay informed, it's a pity that I can't get the stories out there. I got one with a woman involved about... Post Your Reply LarryLoeb, 4/20/2018 5:53:44 PM Login With Facebook & Watch Your Personal Data Leak Re: Re: Facebook's response? @Taimoor The problem here isn't so much with Facebook per se; its with how JavaScript gets used. FB may tighten up how other information may be gotten with a scoped ID, but the fact that ANY JS on a page gets treated with the same authority... Post Your Reply TaimoorZubair, 4/20/2018 5:39:04 PM Login With Facebook & Watch Your Personal Data Leak Re: Facebook's response? Any idea if Facebook has made any changes in response to the discovery of this threat which can lead to data leak? Given that Facebook has been under intense limelight lately, anything that can lead to a data leak and eventually harming their... Post Your Reply batye, 4/19/2018 8:20:32 PM Android Crypto Mining Attacks Go for Monero Re: Re: Android malware detection? @MHHFIVE, thanks for the share interesting reading... yes it does seems that way... but how well do they work ??? would be the question! Post Your Reply LarryLoeb, 4/18/2018 6:36:40 PM 'PowerHammer' Exploit Can Steal Computer Data Across Electrical Lines Re: Re: Nothing is safe @mhhfive Even if it's labeled "hot sexy nood pics of Stormy Daniels"? Drat. Post Your Reply Next 5 messages + All messages All messages Chat 8/31/2017 3:54:21 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thank you! klogan453 Keeper 8/31/2017 3:51:19 PM Voice of Security Radio: A Security Partnership with Machine Learning: Well, it seems like Steve and I managed to answer everyone's questions in our conversation. So I'll say thanks once again to Steve Grobman, CTO of McAfee, for being such a wonderful guest here on Voice of Security Radio! Curt Franklin Keeper 8/31/2017 3:47:35 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thanks. Sr.Contr61262 Keeper 8/31/2017 3:47:19 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thanks for helping out, Daren! Curt Franklin Keeper 8/31/2017 3:45:59 PM Voice of Security Radio: A Security Partnership with Machine Learning: (On behalf of Steve Grobman) - Data science and computer science expertise is definately in high demand by the cyber security technology industry as well as many other industries that are using similar capabilities daren Keeper 8/31/2017 3:44:38 PM Voice of Security Radio: A Security Partnership with Machine Learning: (On behalf of Steve Grobman) - There is not a formal certificatio process.. most users don't need to understand the nuance of the technology which is generally built by technology product providers daren Keeper 8/31/2017 3:42:40 PM Voice of Security Radio: A Security Partnership with Machine Learning: And how are mainline security pros/machine learning pros certified, i.e. how do you lknow that the person you're hiring to help you knows what they're dcoing? Sr.Contr61262 Keeper 8/31/2017 3:39:20 PM Voice of Security Radio: A Security Partnership with Machine Learning: Steve, one question we didn't get to is that of skilled practitioners. I know that mainline security pros are in short supply and high demand: Is it even worse when it comes to machine learning pros in the security space? Curt Franklin Keeper 8/31/2017 3:37:01 PM Voice of Security Radio: A Security Partnership with Machine Learning: Since I was late - and again - really sorry, I don't even know what to ask. Feel free to ask a question or my behalf. Sr.Contr61262 Keeper 8/31/2017 3:33:59 PM Voice of Security Radio: A Security Partnership with Machine Learning: Well folks, now's the time to ask any questions we didn't get to in the audio interview. Steve will be here in just a moment -- what would you like to know? Curt Franklin Keeper Next 5 chats +		Information Resources • DDoS Protection Mastery Starts Here • The Cloud Migration Guide • What is Your DDoS Resiliency Score? • Web Application Security Center • The Essential Guide to CDN • GDPR: An Enterprise Security Survival Guide – 8 steps you need to take now • Ovum 2018 Trends to Watch: IT & Cybersecurity • Ovum IoT Security: Technology Strategies & Vendor Profiles • A new DDoS architecture for volumetric attacks • Deploy cloud-scale visibility, analytics and automation in real time All resources upcoming Webinars Making the Case for a DevSecOps Transformation Thursday, April 26, 2018 12 p.m. New York / 5 p.m. London Cloud Access Security Brokers in the Wild Wednesday, May 30, 2018 1:00 p.m. EST / 10:00 a.m. PST More Webinars Webinar Archives Flash Poll All polls Infographics archive Video CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ... You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ... Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ... Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ... Facebook has introduced new measures that will enable users to secure access to their accounts using a physical 'key' application. All Videos Sponsored Video This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video All Videos Radio Shows ARCHIVED \| August 31, 2017, 3pm EDT Voice of Security Radio: A Security Partnership with Machine Learning An interview with Steve Grobman, CTO of McAfee ARCHIVED SHOWS DOWNLOAD TO CALENDAR Twitter Feed Tweets by Security_Now_ like us on facebook