Search results for: zero trust

UK agents detain Greenwald’s partner, destroy The Guardian’s hard drives

It has been an eventful weekend for The Guardian newspaper, its reporter Glenn Greenwald and his partner David Miranda, as the British police held the latter and questioned him at Heathrow for nine hours, and two security experts of the Government Communications Headquarters (GCHQ) came to The Guardian’s headquarters and supervised the destruction of several hard drives that supposedly contained documents leaked by NSA whistleblower Edward Snowden. I must confess that this lede is one … More

Lucrative business: cybercrime-as-a-service

With news of the struggling high street becoming a regular occurrence, it is not surprising that increasingly small businesses are seeking opportunities online. However legitimate SMEs are not alone in realising the benefits of the internet for business success. Cybercriminals are business owners in their own right, operating on a highly professional level. What’s more, many are relying on the vulnerabilities of small business websites to run their illegal trade. With the rise of cloud … More

Bit9 Introduces enterprise Mac security

Business users are driving demand for Macs across the enterprise. Until now, the few enterprise security products available for the Mac were dependent on malware signatures and behavioral patterns, which makes them ineffective against today’s advanced threats and targeted attacks. Organizations and analysts are concerned that Macs now represent a growing vulnerability in the enterprise. Bit9 announced its Security Platform for OS X, which delivers the following: Continuously monitors and records all activity on Mac … More

Solution for Active Directory-based single sign-on

Centrify announced Centrify for Office 365, a solution for Active Directory-based single sign-on, user provisioning and mobile management for Office 365. The Azure-based service, delivers full support for Office 365, simplifying the deployment of federated identity, providing a rich catalog of pre-integrated SaaS apps, and delivering “Zero Sign-On” (ZSO) for mobile clients that require access to Office 365. Centrify for Office 365 delivers seamless integration with Active Directory in minutes — without the hassle of … More

Week in review: Scanner that identifies malware strains, Twitter offers 2FA

Here’s an overview of some of last week’s most interesting news, reviews and articles: The CSO perspective on healthcare security and compliance Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips. Cyber espionage campaign uses professionally-made malware Trend Micro researchers have discovered a new, massive cyber espionage campaign that has been hitting as many … More

Week in review: Human sensors, IT security jobs, and hacking car charge stations

Here’s an overview of some of last week’s most interesting news, videos, reviews and articles: Police unable to decrypt iPhones, asks Apple to do it Court documents from a drug trial in Kentucky have revealed that the U.S. federal Bureau of Alcohol, Tobacco, Firearms and Explosives nor any other U.S. local, state, or federal law enforcement agency are able to break the hardware encryption on an iPhone 4S device or higher, so they have resorted … More

Week in review: Hijacking airplanes with an Android phone, and a call to arms for infosec professionals

Here’s an overview of some of last week’s most interesting news, articles and videos: Spear-phishing emails targeting energy companies Information over-sharing can lead to cleverly executed and dangerous spear-phishing campaigns, warns the US Department of Homeland Security and the ICS-CERT. WordPress.com adds 2-factor authentication option To set it up, users must access the Security tab in their WordPress.com account settings, where they will be offered a setup wizard. Anonymous and affiliates attack Israeli websites By … More

BirdStep updates SafeMove mobile VPN solution

Birdstep Technology released SafeMove Mobile VPN 7.0 (MVPN), which introduces several features, including performance, manageability and user experience improvements. Windows 8 support SafeMove has inbuilt support for Windows 8, enabling use of virtual smartcards using the TPM chip (Trusted Platform Module). IPcomp IP payload compression SafeMove 7 incorporates the IPcomp IP payload compression protocol for IPsec. When both client and gateway support IPcomp the payload of data packets will be compressed before encryption. For compressible … More

F-Secure rebuilds free Online Scanner

F-Secure’s free Online Scanner tool has been completely rebuilt to be faster, lighter and more powerful than before, and now even cleans up advanced rootkits, the most difficult-to-remove malware. The tool, downsized to a slim 5MB, is easy to use with just a couple of clicks. It cleans without actually installing itself to the PC – so consumers can run it and then forget about it. 44 percent of consumers confess to being insecure when … More

Becoming a malware analyst

There are few jobs in this industry that seem as appealing and interesting to me as that of a malware analyst. In my mind, these professionals were waking up each day to continue a complex game not unlike the Glass Bead Game from the eponymous novel by Herman Hesse – a pure pursuit of the mind that makes connections where there are seemingly none, all for the sake of solving intricate puzzles in order to … More

Week in review: Bit9 hack, malicious applications of augmented reality, and Adobe 0-day mitigation

Here’s an overview of some of last week’s most interesting news, videos, reviews and articles: Bit9 hacked, its certificates stolen and used to sign malware Bit9, a security firm that provides software reputation, application control and whitelisting services to companies in the financial, technology, government and other sectors, has announced that it has suffered a breach that resulted in three of its customers to be infected with malware. Myanmar journalists targeted with state-sponsored Gmail attacks … More

Highlights from 450 global data breach investigations

Trustwave released details form a report that highlights details and trends from 450 global data breach investigations, 2,500 penetration tests, nine million Web application attacks, two million network and vulnerability scans, five million malicious websites, 20 billion e-mails as well as research and analysis of zero-day security threats. For the first time, the retail industry made up 45 percent of Trustwave data breach investigations (a 15 percent increase from 2011) with e-commerce attacks emerging as … More