We don't need more InfoSec analysts: We need analysts to train AI infrastructures to detect attacks

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach. Everyone says there is an information security talent gap. In fact, some sources say the demand for security professionals exceeds the supply by a million jobs. Their argument is basically this: attacks are Read more about We don't need more InfoSec analysts: We need analysts to train AI infrastructures to detect attacks[…]

Share

Android malware that can infiltrate corporate networks is spreading

An Android malware is spreading across app stores, including Google Play, and has the capability of stealing sensitive files from corporate networks. DressCode, a family of Android malware, has been found circulating in at least 3,000 Trojanized apps, security firm Trend Micro said on Friday. DressCode hides itself inside games, user interface themes, and phone optimization Read more about Android malware that can infiltrate corporate networks is spreading[…]

Share

Splunk Intent on Extending Cybersecurity Leadership

I attending the Splunk user conference earlier this week (.Conf2016) and came away pretty impressed.  Since I started watching Splunk years ago, the company climbed from a freemium log management and query tool for IT and security nerds to one of the leading security analytics and operations platform.  Not surprisingly then, security now represents around Read more about Splunk Intent on Extending Cybersecurity Leadership[…]

Share

Firefox blocks websites with vulnerable encryption keys

To protect users from cryptographic attacks that can compromise secure web connections, the popular Firefox browser will block access to HTTPS servers that use weak Diffie-Hellman keys. Diffie-Hellman is a key exchange protocol that is slowly replacing the widely used RSA key agreement for the TLS  (Transport Layer Security) protocol. Unlike RSA, Diffie-Hellman can be Read more about Firefox blocks websites with vulnerable encryption keys[…]

Share

Ransomware spreads through weak remote desktop credentials

Stolen or weak remote desktop credentials are routinely used to infect point-of-sale systems with malware, but recently they’ve also become a common distribution method for file-encrypting ransomware. In March, researchers discovered a ransomware program dubbed Surprise that was being installed through stolen credentials for TeamViewer, a popular remote administration tool. But the trend had started Read more about Ransomware spreads through weak remote desktop credentials[…]

Share

Bounty for iOS jailbreak exploit jumps to $1.5 million

The value for zero-day exploits targeting Apple’s iOS software is jumping. On Thursday, a company called Zerodium began offering as much as US $1.5 million for them. Zerodium is the same company that offered $1 million last year for an exclusive iOS zero-day exploit that can remotely jailbreak a device. However, that bounty was only temporary, Read more about Bounty for iOS jailbreak exploit jumps to $1.5 million[…]

Share

Microsoft opens up its 'million dollar' bug-finder

Microsoft is previewing a cloud-based bug detector, dubbed Project Springfield, that it calls one of its most sophisticated tools for finding potential security vulnerabilities. Project Springfield uses “whitebox fuzzing,” which uncovered one-third of the “million dollar” security bugs during the development of Windows 7. Microsoft has been using a component of the project called SAGE Read more about Microsoft opens up its 'million dollar' bug-finder[…]

Share

IDG Contributor Network: Passwords will be wirelessly transmitted through bodies

Low-frequency transmissions created by off-the-shelf biometric devices, such as fingerprint sensors, can be diverted through the body and can securely transmit password-like authentication. The off-the-shelf biometric sensors, such as touchpads, are “re-purposed to send out information,” says Shyam Gollakota, University of Washington assistant professor of computer science and engineering and senior author on the research Read more about IDG Contributor Network: Passwords will be wirelessly transmitted through bodies[…]

Share

IDG Contributor Network: The future of security: A combination of cyber and physical defense

Our increasingly connected world gives hackers even more ways to exploit technology for malicious purposes. We’re now entering a period when cyber attacks could cause major physical damage. To protect people from these combined cyber and physical threats, information security experts and law enforcement, which traditionally handles physical security, will have to share strategies. + Read more about IDG Contributor Network: The future of security: A combination of cyber and physical defense[…]

Share

FBI reports more attempts to hack voter registration system

The U.S. Federal Bureau of Investigation has found more attempts to hack the voter registration systems of states, ahead of national elections. The agency had reportedly found evidence in August that foreign hackers had breached state election databases in Illinois and Arizona, but it appears that there have been other attempts as well, besides frequent Read more about FBI reports more attempts to hack voter registration system[…]

Share

The Yahoo hackers weren't state-sponsored, a security firm says

Common criminals, not state-sponsored hackers, carried out the massive 2014 data breach that exposed information about millions of Yahoo user accounts, a security firm said Wednesday. Yahoo has blamed state actors for the attack, but it was actually elite hackers-for-hire who did it, according to InfoArmor, which claims to have some of the stolen information. Read more about The Yahoo hackers weren't state-sponsored, a security firm says[…]

Share

Most dangerous cyber celebrities of 2016

Dangerous celebrities Intel has reeled off the 10th annual McAfee Most Dangerous Celebrities list based on likelihood of getting hit with a virus or malware when searching on the celebs’ names. “Consumers today remain fascinated with celebrity culture and go online to find the latest pop culture news,” said Gary Davis, chief consumer security evangelist Read more about Most dangerous cyber celebrities of 2016[…]

Share

Meet Apache Spot, a new open source project for cybersecurity

Hard on the heels of the discovery of the largest known data breach in history, Cloudera and Intel on Wednesday announced that they’ve donated a new open source project to the Apache Software Foundation with a focus on using big data analytics and machine learning for cybersecurity. Originally created by Intel and launched as the Read more about Meet Apache Spot, a new open source project for cybersecurity[…]

Share

Creepy clowns cause sheriff to consult with FBI and Homeland Security

If you are going to be dressing up in a costume for Halloween, then you might want to avoid dressing like a creepy clown, considering the sinister clown hysteria sweeping the nation. You don’t want to wear a clown costume in Kentucky where a sheriff contacted the FBI and Homeland Security over the “creepy clown” Read more about Creepy clowns cause sheriff to consult with FBI and Homeland Security[…]

Share
Share