Tag: hacks

Don’t Call It A Hack Back: Crowdstrike Unveils Falcon Platform

Lots of aspiring technology start-ups dream of getting their product written up in The New York Times or Wall Street Journal when it launches. For Crowdstrike Inc. a two year-old security start-up based in Laguna Niguel, California, media attention from the papers of record hasn’t been an issue. This reporter counted twelve articles mentioning the company in The Times in the last year, and another two reports in The Journal. Much of that ink has been spilled on stories related to Crowdstrike research on sophisticated attacks, or the company’s all-star executive team, including former McAfee executives George Kurtz (CEO) and Dmitri Alperovitch (CTO), as well as former FBI cybersecurity chief Shawn Henry (Crowdstrike’s head of services), who left the Bureau in April, 2012 to join the company. For much of that time, Crowdstrike has been known mostly as a security services and intelligence firm, but the goal was always to […]

Continue Reading

Fraud Analytics: You’re Doing It Wrong!

One of the most vexing problems in computer security today is distinguishing malicious from legitimate behavior on victim networks. Sophisticated cyber criminals and nation-backed hacking groups make a point of moving low and slow on compromised end points and networks, while victim organizations are (rightly) wary of disrupting legitimate business activity for the sake of spotting a breach. In this Security Ledger Podcast, Paul interviews Jason Sloderbeck, Director of Product Management at RSA, EMC’s security division.  Jason talks about RSA’s Silvertail fraud analytics technology, and the organizational and technology issues that keep victims from spotting attacks. One of the big mistakes organizations make when they investigate attacks, Sloderbeck said, is focusing too narrowly on a point in time during a web session that is felt to be a good indicator of compromise – like when a user authenticates to a service or “checks out” on an e-commerce web site. “There’s a whole […]

Continue Reading

FDA: Medical Device Makers, Hospitals Need To Boost Cyber Security

The U.S. Food and Drug Administration (FDA) has issued guidance to medical device makers and hospitals that use their products to pay more attention to cyber security and the potential for cyber attacks on vulnerable medical instruments.   The FDA released its “Safety Communication for Cybersecurity for Medical Devices and Hospital Networks” on Thursday – the same day that the Department of Homeland Security’s ICS (Industrial Control System) CERT issued a warning about the discovery of hard coded “back door” passwords in some 300 medical devices from 40 separate vendors, including drug infusion pumps, ventilators and patient monitoring systems. The FDA said it expects device makers to “review their cybersecurity practices and policies to assure that appropriate safeguards are in place to prevent unauthorized access or modification to their medical devices or compromise of the security of the hospital network that may be connected to the device. Hospitals were instructed to harden […]

Continue Reading

UN Calls Electronic Surveillance A Threat To Democracy

A new report out from the United Nations’ General Assembly warns that governments’ use of electronic surveillance and monitoring of citizen communications is a violation of human rights and calls for updated laws and guidelines that reflect changes in communications “techniques and technologies.” The growing use and sophistication of digital surveillance has outstripped the ability of societies to legislate their proper use, leading to “ad hoc practices that are beyond the supervision of any independent authority,” and that threaten to stifle free expression, according to the report, issued by the UN General Assembly’s Human Rights Council (PDF). First issued in April, but released to the public this week, the report looks at States’ use of communications surveillance and their impact on what the report calls “human rights to privacy and to freedom of opinion and expression.” It concludes that the growth of online surveillance of electronic communications, including access to stored […]

Continue Reading

Future Will Bring More Drones, More Drone Hacks

Unmanned Aerial Vehicles, or UAVs (aka “drones”) are evolving – and fast. Just within the last five years, drones have morphed from stealthy and secretive military gear used for hunting down terrorists in the hills of Afghanistan and Yemen, to widely available consumer technology. The “consumerization” of UAV technology has  created a lot of opportunities for Cool! – like this video of a UAV flying over (and almost in to) Niagra Falls. But it has also led to some problems. In March, a UAV “quadrcopter” came within a couple hundred feet of striking an Alitalia flight trying to land at JFK Airport in New York. More concerning: the FAA is set to license tens of thousands of drones for use over the U.S., many by law enforcement or private security firms. That has prompted warnings about a huge breach of privacy for U.S. citizens. But one security researcher warns that […]

Continue Reading
1 80 81 82 83 84 90