Recent Posts

Security Needs Context in IoT| SC Magazine

SC Magazine has a worthy editorial on IoT and security by John Barco, VP of product management at the firm ForgeRock on how Internet of Things (IoT) technologies requires both security and a better understanding of what Barco calls “context.”   “It’s not just about protecting IoT devices but the entire ecosystem, from the customer to the partner, the web page, mobile device, mobile app, the cloud and everything else in between,” he writes. Organizations that do not grasp the complex interactions between static devices, mobile devices and (of course) the cloud risk leaving sensitive, regulated data or intellectual property at the mercy of malicious actors. Barco’s recommendations? More and better user authentication to support IoT use cases outside the firewall, and future-proofing your IoT deployment by eschewing proprietary platforms and technologies. To quote Barco: “open source gives IT a platform it can build on and customize, while open standards offer the flexibility to adapt to future […]

Continue Reading

Regin Espionage Tool Active since 2008 | Symantec Connect

Symantec on Sunday published research describing a new family of malware that it claims has been circulating, quietly, for close to six years. (Gulp!) According to a post on Symantec’s Security Response blog, Regin infections have been observed as far back as 2008, but the malware went quiet after about 2011, only to resurface in 2013 in attacks on a wide range of targets including private and public entities and research institutes. Symantec also observed the malware used in attacks on telecommunications firms and say it appears the malware was being used “to gain access to calls being routed through their infrastructure.”   In a separate research paper, Symantec describes the malware, dubbed “Backdoor.Regin” as a multi-staged threat that uses encrypted components – installed in a series of stages – to escape detection. The key the malware’s stealth is compartmentalization, Symantec found: “each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible […]

Continue Reading

EFF Backs Detekt: Malware Detection Tool For State Surveillance

The Electronic Frontier Foundation (EFF) is having a big week. First the organization announced “Let’s Encrypt,” a new, free certificate authority (CA) with the goal of moving everyone to adopt encrypted web communications. Then, today, the group announced Detekt, a malware detection tool designed to expose evidence of state surveillance. The tool is intended to help journalists, political activists and others identify malware associated with state-sponsored spying. Developed by security researcher Claudio Guarnieri, Detekt is available on Github and at the site resistsurveillance.com. The tool was written in Python tool  and scans the memory of Windows systems (XP and 32 and 64 bit and Windows 8) for malware. Essentially, its a straight-up malware scanner that focuses on malware associated with spying, namely: DarkComet RATm XtremeRAT, BlackShades RAT, njRAT, FinFisher FinSpy, HackingTeam RCS, ShadowTech RAT and Gh0st RAT. You might also like “Hacker takes on the Worlds spy agencies.” Alas, unlike most anti malware programs (which at least claim to detect the same malware families) […]

Continue Reading

Report: DHS and FBI Briefing Grid Operators on Sophisticated Cyber Attacks

A spate of reports in recent days has put the media’s attention back on the security of the energy sector and critical infrastructure more broadly. Notably: this CNN report that cites NSA director Admiral Mike Rogers telling the audience at a power grid security conference in San Antonio, Texas in October that “power… is one of the segments that concerns me the most.”   What’s changed? For one: the uptick in ICS-specific malware like BlackEnergy. A spate of attacks based on that malware and others have targeted critical infrastructure players in recent months. According to a confidential memo obtained by CNN, the FBI and DHS are now traveling the country to warn utilities and other critical infrastructure owners about targeted attacks on industrial control systems. Some of those attacks are exploiting previously unknown (or “zero day”)  vulnerabilities in ICS systems, CNN reported. The U.S. Government has been warning about the threat of cyber attacks on […]

Continue Reading

Strategies for Securing Agile Development: An Online Conversation

There’s no question that agile development methods, which emphasize collaboration and shorter, iterative development cycles, are ascendant. Many factors contribute to agile’s growing popularity, from constrained budgets to increased user demands for features and accountability. Though traditionally associated with small and nimble software and services startups, agile methodology has been embraced by organizations across industry verticals – many (like John Deere) whose name doesn’t scream “app store” or “Silicon Valley Startup.” But if agile is here to stay, a nagging question is how to pivot to agile’s fast-paced and iterative release schedules without skimping on important areas like code security. After all, the conventional wisdom is that security slows things down: imposing time- and labor intensive code audits and testing on the otherwise results-driven development cycle. Fortunately, agile and secure development aren’t mutually exclusive. Tomorrow (Thursday), the Security Ledger and Veracode will collaborate on a Hangout and discussion of how to build, automate and deliver secure software using the agile […]

Continue Reading
1 291 292 293 294 295 396