Technology

Cisco Eyes Security Services For Connected Cars

Connected vehicles are a big new area of investment. We saw evidence of that at the recent Consumer Electronics Show (CES) and we’re  hearing a lot more about it this week, as carmakers strut their stuff at the North American International Auto Show.   Security isn’t generally part of the conversation, but as we’ve noted here on more than one occasion: connected vehicles introduce a myriad of challenging security problems, from authentication to communications and system integrity, not to mention data privacy. [Read more Security Ledger coverage of connected vehicles here.] Now networking giant Cisco says that it sees a role for its technology in protecting vehicle area networks (VANs), just as the company’s networking equipment enabled and protected local and wide area networks (LANs and WANs) over the last two decades. In a blog post, Cisco said it is rolling out “a range of products and services” that it […]

Continue Reading

When The Internet of Things Attacks! Parsing The IoT Botnet Story

I spent most of last week at a conference in Florida going deep on the security of critical infrastructure – you know: the software that runs power plants and manufacturing lines. (More to come on that!) While there, the security firm Proofpoint released a statement saying that it had evidence that a spam botnet was using “Internet of Things” devices. The company said on January 16 that a spam campaign totaling 750,000 malicious emails originated with a botnet made up of “more than 100,000 everyday consumer gadgets” including home networking routers, multi media centers, televisions and at least one refrigerator.” Proofpoint claims it is the “first time the industry has reported actual proof of such a cyber attack involving common appliances.” [Read: “Missing in action at Black Hat: the PC.”] Heady stuff – but is it true? It’s hard to know for sure. As with all these reports, it’s important […]

Continue Reading

Experts: Despite Warnings, Slow Progress Securing Industrial Systems

Despite increased media attention to the security of industrial control systems and critical infrastructure, progress in securing those devices has been slow, experts say. Despite progress in some areas, critical infrastructure – including energy and transportation networks- remains vulnerable to attacks leveled at known security holes for months or years because of a lack of vendor response or customers who lack the incentive or know-how to patch vulnerable systems. That according to some of the world’s top experts in cyber security and industrial systems, who are gathering this week at an industry conference in Miami. The S4 Conference, sponsored by the firm DigitalBond, is one of the premiere conferences for cyber security as it pertains to industrial control systems and often coincides with disclosures from industrial system vendors about serious security holes in their products. The security of industrial control systems has been a top concern of IT security experts and government […]

Continue Reading

Cisco Survey: 100% of Fortune 500 Hosting Malware?

If you’re working in IT at a Fortune 500 firm, Cisco Systems has some unwelcome news: you have a malware problem. According to the 2013 Annual Security Report from the networking giant, 100 percent of 30 Fortune 500 firms it surveyed sent traffic to Web sites that host malware. Ninety-six percent of those networks communicated with hijacked servers operated by cyber criminals or other malicious actors and 92 percent transmitted traffic to Web pages without content, which typically host malicious activity. “It was surprising that it was 100 percent, but we know that it’s not if you’re going to be compromised, but when,” said Levi Gundert, a technical lead in Cisco’s Threat Research, Analysis and Communications (TRAC) group in an interview with The Security Ledger. Among the high points (or low points) in Cisco’s Report: Cisco observed the highest number of vulnerabilities and threats on its Intellishield alert service in the 13 years […]

Continue Reading

With $8m In Funding, Confer Taps Cloud, Crowd To Secure Endpoints

A new endpoint security startup, Confer, pulled the covers off its technology on Wednesday, announcing a new services-based endpoint protection product that it claims will provide better protection against malicious software and advanced attacks. Based in Waltham, Massachusetts, Confer has been in existence for just over a year and has received $8 million in venture funding from North Bridge Capital and Matrix Partners. The company’s cloud- and endpoint-based software enables organizations to collaborate to stop sophisticated attacks by sharing attack and malware anonymously with other Confer customers. The company said its technology will appeal to enterprise customers who have grown weary of malware infections that manage to bypass or elude traditional anti virus software. Confer is just the latest company to see dollar signs in corporations’ waning enthusiasm for anti malware software. Modern anti malware products are still focused on securing Windows endpoints. They are geared for use in the […]

Continue Reading
1 48 49 50 51 52 64