Security Now - Security challenges come in many forms


ABTV Application Cloud Endpoint Infrastructure IoT/Embedded Mobile Network Operational Security Management
Sign up for our weekly newsletter! REGISTER NOW

News & Views Mylobot Botnet & Khalesi Malware Deliver One-Two Security Punch Scott Ferguson Managing Editor, Light Reading, \| 11/15/2018 Mylobot, a recently discovered botnet that can elude antivirus software and sandboxes, is now able to deliver Khalesi information stealer malware on infected machines as part of a secondary attack, according to new research from CenturyLink. Post a Comment \| READ () Kubernetes & Containers Stir Security Concerns in the Cloud Scott Ferguson Managing Editor, Light Reading, \| 11/15/2018 One of the biggest and most innovative developments in the cloud over the last several years has been containers, especially the Google-backed Kubernetes orchestration platform to help manage these ecosystems and to speed up application development. Post a Comment \| READ (1 Comment) Latest comment: Interesting, never take for granted your security tools for containers and Kuber... WannaCry Continues Rampage 18 Months After First Outbreak Scott Ferguson Managing Editor, Light Reading, \| 11/15/2018 Nearly 18 months after it first appeared, WannaCry continues to be a significant security threat to enterprises around the world. In the third quarter of this year, the ransomware targeted more than 74,000 unique users across the globe, a new report finds. Post a Comment \| READ () Sophos: 'Living off the Land' Is the Law of the Land Scott Ferguson Managing Editor, Light Reading, \| 11/14/2018 For cybercriminals, "living off the land," has become the new law of the land when it comes to planning and executing attacks against enterprises. Post a Comment \| READ (1 Comment) Latest comment: I'm fascinated by the choice of tools. The always-new version of Windows is the... Google Data Center Traffic Rerouted to Nigeria, China & Russia Larry Loeb Author, \| 11/14/2018 For 74 minutes on Monday, November 12, traffic from Google's data centers was hijacked, essentially a de facto distributed denial-of-service attack. Post a Comment \| READ (2 comments) Latest comment: @Michelle It seems that once the packets hit China Telcom, they were dropped; rather... Cyber Attacks Becoming Greater Risk for Businesses Worldwide Scott Ferguson Managing Editor, Light Reading, \| 11/13/2018 While issues of unemployment and the stability of nation-states usually dominate business headlines, several of the world's most dynamic economic regions are increasingly viewing cyber attacks, and the fallout that follows an attack, as the greatest risk enterprises face today. Post a Comment \| READ () Cloudflare's 1.1.1.1 DNS Service Lands on Android, iOS Scott Ferguson Managing Editor, Light Reading, \| 11/13/2018 Cloudflare is looking to make its new 1.1.1.1 DNS service mobile. Post a Comment \| READ (1 Comment) Latest comment: Cloudflare is working hard to make the web more secure and faster too. This new... Cryptojacking: Why SMBs Need to Stay on High Alert Dirk Morris Chief Product Officer, Untangle, \| 11/12/2018 Cryptojacking, which is how many people refer to an array of cryptomining malware, continues to make headlines as one of the biggest security attacks happening today. And it's only getting worse. Post a Comment \| READ () Metamorfo Trojan Revamped to Evade Antivirus Protections Larry Loeb Author, \| 11/12/2018 Security efforts can feel like a battle -- full of actions and counteractions that lead to some sort of resolution. It's tempting to see this as the end of the problem, but threat actors do not give up so easily. Post a Comment \| READ (1 Comment) Latest comment: With these rapidly changing approaches to cause harm, I wonder if there is a way... Symantec Offers New Details of North Korean-Backed 'FASTCash' Attack Scott Ferguson Managing Editor, Light Reading, \| 11/9/2018 In October, the US government issued a warning about a North Korean-backed cyber attack called "FASTCash," which targeted ATMs around the world. Now, Symantec has additional details about how the scheme worked and what tools the attackers used. Post a Comment \| READ (2 comments) Latest comment: I am wondering if the FASTCash attack is also linked to the North Korean computer... DJI Drones Buzzed Over Security Flaw in Company's User Forum Larry Loeb Author, \| 11/9/2018 Over the past several years, DJI has established itself as a leader in the civilian drone and aerial imaging technology industry. The company has also captured a significant share of the enterprise market, which includes critical infrastructure, manufacturing, agricultural, construction and the emergency-management markets. Post a Comment \| READ (3 comments) Latest comment: Yes, but cases like this should serve as example of how bad think could be if those... HSBC Data Breach Shows Failure to Protect Passwords & Access Controls Scott Ferguson Managing Editor, Light Reading, \| 11/8/2018 Global banking giant HSBC disclosed this week that the company's networks appeared to have been breached in October, with large amounts of customer data possible exposed and stolen. Post a Comment \| READ (6 comments) Latest comment: I also assumed it was a common practice by now. Still very intrigued wanting... Load More Articles + All Articles All Video All Slide Shows All Articles discussion board Susan Fourtané , 11/15/2018 2:28:50 PM HSBC Data Breach Shows Failure to Protect Passwords & Access Controls Re: Re: Does HSBC have customers left? I also assumed it was a common practice by now. Still very intrigued wanting to know how this affected their customer retention. Post Your Reply Locknload, 11/15/2018 10:12:32 AM Kubernetes & Containers Stir Security Concerns in the Cloud Re: Cloud security Interesting, never take for granted your security tools for containers and Kubernetes. Post Your Reply LarryLoeb, 11/15/2018 7:56:45 AM Google Data Center Traffic Rerouted to Nigeria, China & Russia Re: Re: scary path @Michelle It seems that once the packets hit China Telcom, they were dropped; rather than altered and resent. I dont see how any software upgrade would have affected this situation. It's the roadway that was affected, not the cars on it, Post Your Reply batye, 11/15/2018 1:00:24 AM HSBC Data Breach Shows Failure to Protect Passwords & Access Controls Re: Re: Does HSBC have customers left? @Michelle I do hope soo and use it as example how not to do it... Post Your Reply Michelle, 11/14/2018 9:06:41 PM Google Data Center Traffic Rerouted to Nigeria, China & Russia Re: scary path Did anything nefarious happen with data as it was being served over the wrong routes? I wonder if paying G Suite customers will be getting a bill credit for the lost time. I also wonder if we'll soon see Microsoft pushing Office 360 as a more... Post Your Reply Michelle, 11/14/2018 8:59:17 PM Sophos: 'Living off the Land' Is the Law of the Land Re: New targets I'm fascinated by the choice of tools. The always-new version of Windows is the target now. I supposed old Windows is still vulnerable too, but the promise is that new Windows is more secure. I wonder if these sorts of attacks will bring more... Post Your Reply Michelle, 11/14/2018 8:50:31 PM HSBC Data Breach Shows Failure to Protect Passwords & Access Controls Re: Re: Does HSBC have customers left? It's so unfortunate. It's a lot of work to properly secure data. I hope other institutions learn from HSBC's super big mistake! Post Your Reply batye, 11/14/2018 6:54:12 PM HSBC Data Breach Shows Failure to Protect Passwords & Access Controls Re: Re: Does HSBC have customers left? @Michelle I would say we are seeing end results where Co. offering lip security service and keep hidding dirt under the carpet... as end result customers lost trust... Post Your Reply Michelle, 11/13/2018 11:00:48 PM Cloudflare's 1.1.1.1 DNS Service Lands on Android, iOS Re: New market for security Cloudflare is working hard to make the web more secure and faster too. This new offering looks exciting. I plan to give it a try. Post Your Reply Michelle, 11/13/2018 10:55:32 PM HSBC Data Breach Shows Failure to Protect Passwords & Access Controls Re: Re: Does HSBC have customers left? That's crazy. I assumed most banking institutions are using 2FA. I suppose I assumed verrry wrong. Post Your Reply Susan Fourtané , 11/13/2018 2:08:46 PM DJI Drones Buzzed Over Security Flaw in Company's User Forum Re: Re: Hacking drones and air taxis Yes, but cases like this should serve as example of how bad think could be if those vulnerabilities are not avoided from the start. Post Your Reply Ariella, 11/12/2018 9:56:19 AM Metamorfo Trojan Revamped to Evade Antivirus Protections Re: changing With these rapidly changing approaches to cause harm, I wonder if there is a way to come up with a solution planner that uses AI to predict possible different approaches for the same end and apply them in real time. I doubt we're there yet... Post Your Reply Next 5 messages + All messages All messages Chat 8/31/2017 3:54:21 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thank you! klogan453 Keeper 8/31/2017 3:51:19 PM Voice of Security Radio: A Security Partnership with Machine Learning: Well, it seems like Steve and I managed to answer everyone's questions in our conversation. So I'll say thanks once again to Steve Grobman, CTO of McAfee, for being such a wonderful guest here on Voice of Security Radio! Curt Franklin Keeper 8/31/2017 3:47:35 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thanks. Sr.Contr61262 Keeper 8/31/2017 3:47:19 PM Voice of Security Radio: A Security Partnership with Machine Learning: Thanks for helping out, Daren! Curt Franklin Keeper 8/31/2017 3:45:59 PM Voice of Security Radio: A Security Partnership with Machine Learning: (On behalf of Steve Grobman) - Data science and computer science expertise is definately in high demand by the cyber security technology industry as well as many other industries that are using similar capabilities daren Keeper 8/31/2017 3:44:38 PM Voice of Security Radio: A Security Partnership with Machine Learning: (On behalf of Steve Grobman) - There is not a formal certificatio process.. most users don't need to understand the nuance of the technology which is generally built by technology product providers daren Keeper 8/31/2017 3:42:40 PM Voice of Security Radio: A Security Partnership with Machine Learning: And how are mainline security pros/machine learning pros certified, i.e. how do you lknow that the person you're hiring to help you knows what they're dcoing? Sr.Contr61262 Keeper 8/31/2017 3:39:20 PM Voice of Security Radio: A Security Partnership with Machine Learning: Steve, one question we didn't get to is that of skilled practitioners. I know that mainline security pros are in short supply and high demand: Is it even worse when it comes to machine learning pros in the security space? Curt Franklin Keeper 8/31/2017 3:37:01 PM Voice of Security Radio: A Security Partnership with Machine Learning: Since I was late - and again - really sorry, I don't even know what to ask. Feel free to ask a question or my behalf. Sr.Contr61262 Keeper 8/31/2017 3:33:59 PM Voice of Security Radio: A Security Partnership with Machine Learning: Well folks, now's the time to ask any questions we didn't get to in the audio interview. Steve will be here in just a moment -- what would you like to know? Curt Franklin Keeper Next 5 chats +		Information Resources • SD-WAN Adoption Is Accelerating to Reduce Security Risk: A Global Survey of Network Professionals • Futuriom SD-WAN Growth Report 2018 • Versa Networks Enterprise Solution Brief • Protect Your Branch Office Network from Cyber-Criminals • Top 10 Ransomware • Next Generation Firewall Test Report – NSS Labs • ESG Lab Review - SD-WAN Integration with Amazon Web Services – Versa Networks • Security Now Special Report: Endpoint Ecosystems – Collaborating to Conquer Security Threats • You Cannot Secure What You Cannot See: How to make your hybrid cloud environment visible and secure • Security Now Special Report – Security Automation: Risks & Rewards for Your Security Program All resources upcoming Webinars ARCHIVED SD-WAN Adoption Drives Greater Demand for Integrated Branch Security Thursday, November 8, 2018 12:00 p.m New York / 5:00 p.m London More Webinars Webinar Archives Analysts Corner Ovum Resources • Ovum 2018 Trends to Watch: IT & Cybersecurity • Ovum IoT Security: Technology Strategies & Vendor Profiles • Ovum 2018 Trends to Watch: Managed Security Services • Ovum's Mini-Guide to GDPR Analysts Corner archive Flash Poll All polls Video CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ... You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ... Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ... Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ... Facebook has introduced new measures that will enable users to secure access to their accounts using a physical 'key' application. All Videos Sponsored Video Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ... Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ... This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video All Videos Radio Shows ARCHIVED \| August 31, 2017, 3pm EDT Voice of Security Radio: A Security Partnership with Machine Learning An interview with Steve Grobman, CTO of McAfee ARCHIVED SHOWS DOWNLOAD TO CALENDAR Twitter Feed Tweets by Security_Now_ like us on facebook