Tag: hacking

Video: The Internet of Things and Enterprise Risk

The Security Ledger recently hosted our inaugural event: The Security of Things Forum (SECOT). This was a high-energy, day long conference in Cambridge, Massachusetts, that brought together subject experts, executives and thought leaders from disparate areas like high tech, finance and industrial systems to talk about the tsunami of change that is the Internet of Things. One of the big questions hovering over the event: how will IoT technologies and services change the security paradigm that we’ve all be operating under- but especially in enterprises. In fact, IoT and enterprise was the topic of our very first discussion of the day: a panel chaired by Chris Rezendes of INEX Advisors, a leading consultancy focusing on IoT. SECoT Forum 2014 – Democratized Data, IOT and Enterprise Risk from Exhibitor Media Group on Vimeo It’s a really big and messy problem. As panelist Ken Pfeil of Pioneer Investments pointed out: the hack of […]

Continue Reading

iPhone and iPad Hijacking: What You Need To Know

The past 24 hours has seen a spate of stories warning about a spate of ‘ransomware’ attacks on iPhones and iPads – especially in the the UK and Australia. According to the reports, compromised devices are locked and owners are instructed to email a ransom (variously: $100, $50, €100) to one “Oleg Pliss” to have their devices unlocked. These attacks aren’t really news. In fact, the Oleg Pliss scam appears to have been circulating for close to six months. However, it’s worthwhile reviewing what we do (and don’t) know about these latest attacks on mobile devices. Accordingly, Security Ledger has put together a short FAQ that tells you what you need to know about the latest mobile scam, and to dispel some of the rumors floating around in the Internet ether. What’s Going On? According to news reports and complaints on Apple Support forums, owners of iPhones and iPads are having their devices locked. […]

Continue Reading

China Hacking Indictments Day 2: Now For The Blowback

The big news yesterday was about the U.S. Justice Department announcing the first-ever criminal charges against a foreign country for cyberspying. The news today may well be about China (and other countries) taking retaliatory actions, including similar legal steps against individuals in this country, working on behalf of the NSA, CIA or other government agencies. The Justice Department on Monday announced that a grand jury in the Western District of Pennsylvania indicted five Chinese citizens (PDF) for charges that include computer hacking and economic espionage directed at six American companies in the nuclear power, metals and solar products industries. The indictment alleges that the five defendants conspired to hack into American companies on behalf of competitors in China, including state-owned enterprises.  The stolen information included intellectual property that would allow the Chinese firms to better compete with their American competitors. The hackers also stole confidential information regarding business negotiations and other deals that would aid the Chinese […]

Continue Reading

GE Opens Purse To Boost IoT Security

One of the big questions looming over Internet of Things with regard to cyber security is how well legacy security products will adjust to the IoT context. I think its safe to say that many of the tools and technologies that populate traditional IT environments (think: antivirus) aren’t well suited to use with Internet of Things devices which are often power and resource-constrained. IoT is a “ten-years-from-now” problem for enterprises. But for manufacturers like GE, it’s a “today” problem. That’s why GE is already investing in technology that it thinks is well suited to securing IoT and industrial environments. Last week, the company announced one such deal: acquiring the firm WurldTech of Vancouver Canada. The deal, announced on May 9th, will add Wurldtech’s technology and professional services to GE’s portfolio, with GE saying that Wurldtech products and services will “help to enhance the reliability of Industrial Internet operations.” Wurldtech makes security […]

Continue Reading

FireEye Report: Iranian Hacker Group Becoming More Sophisticated

A report from the security firm FireEye claims that hacking crews based in Iran have become more sophisticated in recent years. They are now linked to malicious software campaigns targeting western corporations and domestic actors who attempt to circumvent Internet filters put in place by the ruling regime.   The report, dubbed “Operation Saffron Rose,”(PDF)  was released on Tuesday. In a blog post accompanying the research, FireEye researchers say that it has identified a group of hackers it is calling the “Ajax Security Team” that appears to have emerged out of Iranian hacker forums such as Ashiyane and Shabgard. Once limited to website defacements, the Ajax team has graduated to malware-based espionage and other techniques associated with “advanced persistent threat” (APT) style actors, FireEye said. The researchers claim that the group has been observed using social engineering techniques to implant custom malware on victims’ computers. The group’s objectives seem to align with those […]

Continue Reading
1 83 84 85 86 87 114