Tag: reports

Wearable Cameras Birth A New Biometric

  Wearable technology is a burgeoning category, and products like Google Glass and smart watches are just the beginning. As with mobile phones, on-board cameras are sure to be de rigueur. But, as this article over at The Verge notes, those cameras will present new challenges (for privacy) and new opportunities (for security). Specifically: cameras coupled with your body seem to create new kinds of opportunities to uniquely identify you. One example: gait biometrics. The Verge notes recent research published by Professor Shmuel Peleg and Yedid Hoshen of the Hebrew University of Jerusalem. Those researchers created a way to identify first-person filmmakers based on the signature wobble of their cameras. The identity of the user can be determined “quite reliably from a few seconds of video,” the researchers write in their paper. [Interested in biometrics and wearables? Check out our article “Are Wearables the Future of Authentication?“] “The idea of distinguishing one person from […]

Continue Reading

Research Exposes Attacks on Military, Diplomats, Executives

Researchers from Blue Coat Systems said on Wednesday that they have identified an online attack framework that is being used in highly targeted attacks on executives in industries like oil, finance and engineering as well as military officers, diplomats and government officials. The attacks are designed to steal sensitive information and Blue Coat, in a report, said that the attackers went to extreme lengths to cover their tracks: routing all communications between the hackers and the compromised systems they controlled through a “convoluted network of router proxies and rented hosts” in countries like South Korea. The framework, dubbed “Inception” is global in scope, but appears to have started out targeting individuals in Russia. Attacks spread via phishing e-mail messages that contained malicious attachments, including key logging tools and remote access Trojan horse programs, BlueCoat said. The company has released a full report on the incident, which can be found here. (PDF) [Read more Security Ledger coverage […]

Continue Reading

IT meets OT as Belden buys TripWire for $710m

In a move that heralded the growing convergence of information security and IT operations, Belden, a maker of industrial networking equipment, said it is acquiring Tripwire, an IT security services firm for $710 in cash. The announcement, on Tuesday, underscores the degree to which traditional IT security focused on securing enterprise networks is becoming part and parcel of the services that industrial firms wish to offer to their customers in heavy industries and critical infrastructure. [Read more Security Ledger reporting on Internet of Things and IT-OT convergence.] In a published statement, Belden said that, together, the companies will “work to deliver the next generation of cybersecurity solutions that can be deployed across enterprise, industrial, and broadcast markets.” John Stroup, President and CEO of Belden, said TripWire will extend his company’s capabilities. The two companies had previously worked together to improve critical infrastructure cybersecurity in manufacturing organizations, tailoring cyber security solutions for specific customer […]

Continue Reading

FBI: Destructive Malware Used Korean Language Packs

In a first, the F.B.I has issued a warning to U.S. businesses to be on the lookout for destructive malware that was used in an attack last week on Sony Pictures Entertainment. The FBI issued a five-page “FLASH” warning to security professionals at U.S. companies to warn them of the new malware. A copy of the warning viewed by The Security Ledger revealed that the malware deployed a number of malicious modules, including a version of a commercial disk wiping tool on target systems. Samples of the malware obtained by the FBI contained configuration files created on systems using Korean language packs. The use of Korean could suggest a link to North Korea, though it is hardly conclusive. It does appear that the attack was targeted at a specific organization. The malware analyzed by the FBI contained a hard coded list of IP addresses and computer host names. Media reports have linked the malware to the […]

Continue Reading

Internet of Things Demands Visibility-Driven Security

In an earlier blog, I discussed essentials for visibility-driven security and the importance of having both visibility and correlation to quickly assess events in real-time. In this post, we will examine the different dimensions of visibility across the attack continuum and how crucial it is to have these dimensions in place in order to defend against known and emerging threats. Visibility-driven capabilities are critical if cybersecurity professionals are to do their job effectively. In order to accurately see what’s really happening across dynamic, changing, environments and provide a full understanding of malicious incidents, visibility must provide an accurate picture of users, devices, data, threats, and the relationships between them. And it must do so in near real-time and across  a wide range of infrastructures to support new business models related to mobility, cloud, and the Internet of Things (IoT). For many security breaches, the gap between the time of compromise and the […]

Continue Reading
1 88 89 90 91 92 124