Sections of USA Patriot Act hours away from expiration

With the June 1 midnight deadline fast approaching, the US Senate is yet to act on the expiration of sections of the Patriot Act, the measures contained in which are expected to be renewed later in the week.








from Latest topics for ZDNet in Security http://ift.tt/1PY1uHz

日本語によるワンクリック詐欺が、新しい手口で再登場

新しい手口は途中のステップでアプリを利用し、被害者に最大 30 万円を要求します。

Read More

from Symantec Connect - Security - Blog Entries http://ift.tt/1Fk6ACI

The increasing cyberattack surface

Technology is always growing, particularly within the workplace. This is a good thing: It means progress is happening, and for businesses that adopt technological developments, it usually spells progress. However, the problem of cybercrime complicates matters somewhat. Just as organizational tech solutions are evolving, so too are the hackers who are always looking to carry out malicious intrusions. It’s not a pretty picture. The fact is that cyberattacks will only grow more common in the coming years – and not only that, but they’ll also rise in sophistication and scale. It’s a problem that no company can decide to ignore.

The first part of the problem: Businesses
Interestingly, the primary contributing factor to the elevating attack surface involves what businesses are doing – or, more accurately, what they aren’t doing. As Jon Oltsik highlighted in an op-ed for Network World, businesses are increasingly ill-equipped to deal with the many threats that can possibly pervade enterprise networks. The main issue is that while cybercrime has advanced, company approaches to defending against it haven’t. These are some of the ways organizations typically set themselves up for attack as far as hackers are concerned:

• Not educating staff in best cybersecurity practices: A business’ cybersecurity plan cannot begin and end with its IT department. That’s not realistic in an age when employees are accessing the company network all the time. Enterprises make a huge mistake in assuming that staffers have a baseline level of cybersecurity knowledge, when in fact this is almost never the case. As a result, many corporate breaches happen due to a single weak link – an employee who leaves his or her company-connected smartphone on the subway, or another who inadvertently downloads a phishing scheme.
• Using outdated endpoint security measures: Endpoint security, like the threats it guards against, is something that evolves. After all, yesterday’s computer security solutions weren’t built to handle next year’s threats. One common issue with businesses that secure their infrastructures is that they don’t take the proactive step of updating those security solutions. Thus, they’re left with a set of tools that may have been viable in years past, but which are no longer equipped to handle the malware sphere.
• Assuming that you won’t be the next victim: All too often companies operate with a stunning presumptuousness when it comes to cybertattacks. The prevailing feeling among many businesses is, “We haven’t been attacked yet, so we must be good.” This is such misguided thinking, and yet it’s present at organizations spanning industries. This problematic line of thought all but ensures that in fact you will be the next victim. After all, the most complacent businesses are never the ones with the cyber security software required to keep attackers at bay.

​The second part of the problem: Actual threats increasing
Even for the most prepared organization out there, the cyberattack surface is getting harder to handle. That’s because strains of malware are growing in complexity as hackers devise new and more innovative tools for carrying out their dirty work. Here are a few of the ways the malicious sphere is expanding these days:

• Evolution of targeted attacks: Targeted attacks are becoming the new norm. Whereas in the past such intrusions were mainly manifested through spear-phishing emails and options like that, social media presents a lucrative point of infection for future incidents. Imagine an employee sitting at his or her desk and looking at Facebook. Not a hard situation to visualize, since the social media network represents the number one distraction for workers. Now imagine that simply by being on Facebook an employee could unwittingly allow a targeted attack into the business network. That’s the kind of disaster situation that’s going to become increasingly common, and it will call for more advanced means of cyber protection.
• Susceptibility of IoT devices to data theft: Smart technology is beginning to crowd the workplace. With mobile devices already commonplace in enterprise networks, there are new devices always being added to the fold, like the smartwatches that are now being introduced into the market. The growth of such connected devices, while promising innovation, also present threats and inherently open up vulnerabilities for businesses that choose to leverage them. Criminals are likely to experiment with many different ways of attacking these devices, but some of the methods that are likely to happen are denial-of-service attacks and man-in-the-middle attacks.
• Bigger and worse attacks: First, 2013 looked like a bad year for cybersecurity. Then 2014 blew it out of the water. That’s the trend with cybercrime: Each previous year pales in comparison to the next. In 2013, the Target hack was without precedent. It was devastating. Then 2014 rolled around and the Home Depot hack surpassed Target in terms of the biggest breach victim. The problem companies face these days is that potential attacks come from all angles. There are the ones carried out by cybercriminals – and these are the ones that get the most media exposure. But then there are attacks that arise from insider threats, which actually occur in greater numbers.
• Cybercriminals continuing to evade the law: The thing about cybercriminals that places them at an advantage over other criminals is that their malicious work takes place virtually, making them exceedingly hard to trace. The task of pinning down hackers and holding them accountable is something governments around the world are taking up with energy, but don’t hold your breath for that to pan out anytime soon. The reality is that due to their remote nature and aptitude at evading justice, malicious actors have the definite upper hand in the battle with law enforcement.

With issues like these facing all businesses, the need has never been greater for organizations to do everything possible to combat the cybercriminal threat. This means taking protective measures like implementing network security, mobile security and being cognizant of the threat posed by targeted attacks. The businesses that ignore the risks are the first ones that will get attacked, while those that prepare stand a much better chance of steering clear of cybercrime.

from Trend Micro Simply Security http://ift.tt/1AB8hQJ
via IFTTT

Vuln: WordPress ReFlex Gallery Plugin 'php.php' Arbitrary File Upload Vulnerability

WordPress ReFlex Gallery Plugin 'php.php' Arbitrary File Upload Vulnerability

from SecurityFocus Vulnerabilities http://ift.tt/1BwKOe9

How to Fix iPhone Crash Text Message Bug

We reported you about a new bug in the core component of iOS and OS X that causes the device's Messages app to crash and iPhones to reboot if it receives a certain string of characters, Arabic characters, via text message. Many have since fallen victims to this specially crafted sequence of Unicode bug. It is believed that when this malicious string of characters is sent in a text message,

from The Hacker News http://ift.tt/1J9OdHI

Silk Road Mastermind Ross Ulbricht Sentenced To Life In Prison

Ross Ulbricht, the alleged founder and mastermind of the infamous online black marketplace Silk Road, has been sentenced to life in prison after being found guilty of narcotics conspiracy, money laundering and other criminal charges. This means the 31-year-old San Francisco man will die behind bars. With all the seven charges stemming from the creation and operation of the once the

from The Hacker News http://ift.tt/1BvPO2L

IBM Security Bulletin: Vulnerability in RC4 stream cipher affects IBM XIV Storage System Gen2 (CVE-2015-2808)

The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM XIV Storage System Gen2. CVE(s):   CVE-2015-2808 Affected product(s) and affected version(s): IBM XIV Storage System Gen2 Refer...

from IBM Product Security Incident Response Team http://ift.tt/1HBuUS5

IBM Security Bulletin: Vulnerability in RC4 stream cipher affects IBM XIV Storage System Gen3 (CVE-2015-2808)

The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM XIV Storage System Gen3 CVE(s):   CVE-2015-2808 Affected product(s) and affected version(s): IBM XIV Storage System Gen3 Refer...

from IBM Product Security Incident Response Team http://ift.tt/1HBuRWm

IBM Security Bulletin: Vulnerability in SSLv3 affects IBM XIV Storage System Gen 3.0 (CVE-2014-3566)

SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled in IBM XIV Storage System Gen 3.0 CVE(s):   CVE-2014-3566 Affected product(s)...

from IBM Product Security Incident Response Team http://ift.tt/1HBuRWk

Angler Exploit Kit Loads Up CryptoWall 3.0, Flash Flaw

CVE-2015-3090 for Flash by Adobe in the middle of May, so users should upgrade as soon as possible.

from http://ift.tt/1PTxFrv

Facebook Rolls Out Security Check

Users can change their password, turn on login alerts and clean up login sessions.

from http://ift.tt/1G9iPIN

NSA Snooping Faces Shutdown as Senate Convenes Sunday

If the Senate can't compromise in an emergency meeting on Sunday, the bulk telephone data program will be shut down.

from http://ift.tt/1Rwo5bA

Japanese one-click fraudsters give old trick a second chance

New campaign uses an app as part of the scam and asks victims for up to US$2,400.

Read More

from Symantec Connect - Security - Blog Entries http://ift.tt/1KCMOKq

How the EMV shift could impact online retailers

In every country that has migrated to chip-embedded EMV cards, instances of fraud shifted to the online channel, which holds considerably weaker authentication protocols.








from Latest topics for ZDNet in Security http://ift.tt/1J8j2fU

Protect Your Net: Shared Security Responsibility in the Cloud

It’s no secret why businesses small and large continue to move workloads to the cloud. The agility and flexibility it provides, combined with the ability to focus on their business versus running a data center means companies are now asking, “what can’t I move to the cloud” versus, “what can I?”

And now that you’re moving to the cloud – leveraging the secure cloud offerings from AWS or Azure and others – it’s imperative to understand how the security model changes.

Much like soccer, cloud security is a team sport. In soccer, each player on the team has her role, and in cloud security, you and your cloud provider each have specific security responsibilities.

Specifically, your cloud service provider, such as AWS or Microsoft Azure, is responsible for securing the cloud infrastructure up to the hypervisor layer, including:

• Physical infrastructure
• Network infrastructure
• Virtualization layer

 

While you, as the user of the cloud service, are responsible for securing everything you put in the cloud, including:

• Applications
• Data
• Operating systems/ platform

 

But how do you approach security now that you’re in the open field of the cloud, without physical perimeters on which to put your controls?

Trend Micro Deep Security has been built from the ground up to protect cloud workloads – without getting in the way. It helps you meet most of your shared security responsibilities, including:

• Preventing exploitation of vulnerabilities like Shellshock
• Protecting networks from attack
• Keeping malware off your workloads
• Providing actionable insight into system activity
• Augmenting AWS controls to help speed PCI-DSS compliance

 

Click here to learn more about how Deep Security can help secure your cloud environment. To dive into specific security information for the leading cloud service providers, visit:

• Amazon Web Services (AWS) – Security Centerhttp://ift.tt/TEHk7x
• Microsoft Azure – Trust Centre http://ift.tt/1iN78d3

from Trend Micro Simply Security http://ift.tt/1FRMkgn
via IFTTT

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.

Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!

 

The IRS Hack: What it means and what it means for you

The IRS announced that more than 100,000 U.S. taxpayers’ information was illegally accessed through the “Get Transcript” web application. 

Trend Micro Gives Insight to USA TODAY on IRS Hack

The hackers who got access to over 100,000 personal records through the Internal Revenue Service’s Get Transcript site need lots of information to break in? Experts discuss.

Insider Data Breach at Medical Billing Company Hits Patients at Several Hospitals

A call center employee at billing company Medical Management, LLC stole thousands of patients’ names, birthdates and Social Security numbers.

Internet of Things: Whose data is it, anyway?

The Internet of Things can be a venue for innovation and new possibilities, but it can also be used to break basic notions of privacy and confidentiality.

Cyber Bank Heist has been tied to Russian Government IP Address

Researchers have tied a worldwide cyber bank heist to an IP address linked to the Russian Federal Security Service (FSB).

U.S. Government Proposes to Classify Cybersecurity or Hacking Tools as Weapons of War

The BIS, an agency of the U.S. Department of Commerce that deals with issues involving national security and high technology, has proposed tighter export rules for computer security tools.

UK Kids Set for Cybersecurity Computing Exams

The UK’s Oxford, Cambridge and RSA (OCR) exam board has drafted a new GCSE Computer Science course with a major focus on cybersecurity.

The Solo Cybercriminal has been Profiled

Are the one-man cybercrime operators in the shadowy online crime underground the evolved version of the petty thief?

Mr. CISO: Tear Down These Legacy Cybersecurity Walls!

CEOs, CIOs, and CISOs should aggressively identify areas where the organizational status quo is getting in the way of strong cybersecurity hygiene and tear down these legacy walls as soon as possible.

Please add your thoughts in the comments below or follow me on Twitter; @GavinDonovan.

 

from Trend Micro Simply Security http://ift.tt/1Ktl8nV
via IFTTT

Bugtraq: [security bulletin] HPSBMU03223 rev.1 - HP Insight Control server provisioning running SSLv3, Remote Denial of Service (DoS), Disclosure of Information

[security bulletin] HPSBMU03223 rev.1 - HP Insight Control server provisioning running SSLv3, Remote Denial of Service (DoS), Disclosure of Information

from SecurityFocus Vulnerabilities http://ift.tt/1HAqOtp

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM System Networking Switch Center (CVE-2014-3566, CVE-2014-6512, CVE-2014-6457 CVE-2015-0410, CVE-2015-6593)

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 that is used by IBM System Networking Switch Center. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption (POODLE) SSLv3 vulnerability...

from IBM Product Security Incident Response Team http://ift.tt/1Bu3Jq7

IBM Security Bulletin: Ceilometer database access unrestricted in PowerVC (CVE-2015-1937)

IBM PowerVC is using a ceilometer database that does not have authentication enabled. CVE(s):   CVE-2015-1937 Affected product(s) and affected version(s): PowerVC Express Edition 1.2.0.0 through 1.2.0.4...

from IBM Product Security Incident Response Team http://ift.tt/1d3sIe3

IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM SPSS Analytic Server (CVE-2015-0488, CVE-2015-0478, CVE-2015-2808)

There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 1.6, that is used by IBM SPSS Analytic Server 1.0.1. These issues were disclosed as part of the IBM Java SDK updates in April 2015. CVE(s):...

from IBM Product Security Incident Response Team http://ift.tt/1HRG9Lp

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Asset and Service Management

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 5, 6, 7, and 8** that are used by Maximo Asset Management, Maximo Asset Management Essentials, Maximo Asset Management for Energy Optimization, Maximo Industry...

from IBM Product Security Incident Response Team http://ift.tt/1KtcPbH

IBM Security Bulletin: Vulnerability in javax.management API affects IBM License Metric Tool and IBM Tivoli Asset Discovery for Distributed (CVE-2015-1920)

A vulnerability in javax.management API allows for remote code execution on IBM License Metric Tool and IBM Tivoli Asset Discovery for Distributed servers. CVE(s):   CVE-2015-1920 Affected product(s) and affected version(s):...

from IBM Product Security Incident Response Team http://ift.tt/1KCt1dT

Zero Day Weekly: IRS blames Russia, a loose Moose, Megaupload malware

A collection of notable security news items for the week ending May 29, 2015. Covers enterprise, controversies, application and mobile security, malware, reports and more.








from Latest topics for ZDNet in Security http://ift.tt/1d3ntuP

IBM Security Bulletin: Cross-site scripting vulnerabilities in IBM Business Process Manager (BPM) and WebSphere Lombardi Edition (WLE) error handling (CVE-2015-0193)

IBM Business Proccess Manager is vulnerable to cross-site scripting, caused by improper neutralization of user-supplied input in some error situations. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a...

from IBM Product Security Incident Response Team http://ift.tt/1KCt1dP

Security Bulletin: Vulnerabilities in OpenSSL affect Integrated Management Module II (IMM2) (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206)

OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes "FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by Integrated Management Module II (IMM2). IMM2 has...

from IBM Product Security Incident Response Team http://ift.tt/1KCt0Xx

Bugtraq: [security bulletin] HPSBMU03261 rev.2 - HP Systems Insight Manager running OpenSSL on Linux and Windows, Remote Disclosure of Information

[security bulletin] HPSBMU03261 rev.2 - HP Systems Insight Manager running OpenSSL on Linux and Windows, Remote Disclosure of Information

from SecurityFocus Vulnerabilities http://ift.tt/1PSkI1e

Bugtraq: [security bulletin] HPSBMU03263 rev.3 - HP Insight Control running OpenSSL, Remote Disclosure of Information

[security bulletin] HPSBMU03263 rev.3 - HP Insight Control running OpenSSL, Remote Disclosure of Information

from SecurityFocus Vulnerabilities http://ift.tt/1EDOxXx

Bugtraq: [security bulletin] HPSBMU03267 rev.2 - HP Matrix Operating Environment and HP CloudSystem Matrix running OpenSSL, Remote Disclosure of Information

[security bulletin] HPSBMU03267 rev.2 - HP Matrix Operating Environment and HP CloudSystem Matrix running OpenSSL, Remote Disclosure of Information

from SecurityFocus Vulnerabilities http://ift.tt/1PSkFT8

Bugtraq: [security bulletin] HPSBGN03332 rev.1 - HP Operations Analytics running SSLv3, Remote Denial of Service (DoS), Disclosure of Information

[security bulletin] HPSBGN03332 rev.1 - HP Operations Analytics running SSLv3, Remote Denial of Service (DoS), Disclosure of Information

from SecurityFocus Vulnerabilities http://ift.tt/1EDOw5M

IBM Security Bulletin: Users are not logged out of the Requirements Management (RM) application after the LTPA timeout period is reached (CVE-2015-0121)

For certain configurations of IBM Rational DOORS Next Generation® or IBM Rational Requirements Composer®, it is possible to obtain a configuration where users are not logged out after the IBM WebSphere® LTPA timeout period expires. ...

from IBM Product Security Incident Response Team http://ift.tt/1LNMxlF

Security Bulletin: Multiple vulnerabilities in OpenSSL affect MegaRAID Storage Manager (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3567)

There are multiple vulnerabilities in OpenSSL that is used by MegaRAID Storage Manager. OpenSSL vulnerabilities along with SSL 3 Fallback protection (TLS_FALLBACK_SCSV) were disclosed on October 15, 2014 and on August 6, 2014 by the OpenSSL Project. ...

from IBM Product Security Incident Response Team http://ift.tt/1LNMupS

Bugtraq: JSPMyAdmin SQL Injection, CSRF & XSS Vulnerabilities

JSPMyAdmin SQL Injection, CSRF & XSS Vulnerabilities

from SecurityFocus Vulnerabilities http://ift.tt/1LNE2GY

Bugtraq: [SECURITY] [DSA 3274-1] virtualbox security update

[SECURITY] [DSA 3274-1] virtualbox security update

from SecurityFocus Vulnerabilities http://ift.tt/1PSfxyd

Hola — A widely popular Free VPN service used as a Giant Botnet

The bandwidth of Millions of users of a popular free VPN service is being sold without their knowledge in an attempt to cover the cost of its free service, which could result in a vast botnet-for-sale network. "Hola," a free virtual private network, is designed to help people abroad watch region restricted shows like American Netflix, and other streaming United States media. Hola is

from The Hacker News http://ift.tt/1FHzzDO

'Tox' Offers Free build-your-own Ransomware Malware Toolkit

"Ransomware" threat is on the rise, but the bad news is that Ransomware campaigns are easier to run, and now a Ransomware kit is being offered by hackers for free for anyone to download and distribute the threat. Ransomware is a type of computer virus that infects a target computer, encrypts their sensitive documents and files, and locks the out until the victim pays a ransom amount, most

from The Hacker News http://ift.tt/1d3e0ng

Volatile Cedar — Global Cyber Espionage Campaign Discovered

Security firm Check Point has uncovered what seems to be a successful, and long-running, cyber-surveillance campaign called “Volatile Cedar.” Check Point found that targets of the attack included, but were not limited to, defense contractors, media companies, telecommunications, and educational institutions. The attack is said to have originated in Lebanon and possibly has political ties

from The Hacker News http://ift.tt/1GJ7qOL

Iran Blames US for Cyber-Attack on Oil Ministry

Police chief claims his team foiled plot

from http://ift.tt/1FHrhM6

Apple issues temporary workaround for iPhone crashing Messages bug

The company is working on a fix, but in the meantime, there are steps you can take to mitigate the problem.








from Latest topics for ZDNet in Security http://ift.tt/1FRuIRN

Hola: A free VPN with a side of botnet

The free Hola package operates by reselling the bandwidth of millions of Hola users -- resulting in a millions-strong botnet for sale.








from Latest topics for ZDNet in Security http://ift.tt/1cmXAp2

Indian Music Site Gaana ‘Hacked’ by Researcher

Pakistani white hat gets job offer for his efforts

from http://ift.tt/1LQfrRk

Leeds the UK Capital of Smartphone Theft

Swansea and Newcastle are the safest citites

from http://ift.tt/1ED6nK9

Grabit Spy Campaign Nabs 10,000 SMB Files

Grabit shows that any business, whether it possesses money, information or political influence, is of potential interest.

from http://ift.tt/1HzD1OU

パスワードの使い回しは危険: スターバックス利用者が口座から資金を盗まれる恐れ

サイバー犯罪者が顧客のアカウントにアクセスし、他のクレジットカードやギフトカードに資金を転送しています。

Read More

from Symantec Connect - Security - Blog Entries http://ift.tt/1HQpIiz

パッチ未適用のホストシステムで仮想マシンを危険にさらす VENOM 脆弱性

VENOM 脆弱性（CVE-2015-3456）は、VM に対する不正アクセスとデータ窃盗を許す可能性があります。ただし、「Heartbleed より重大」とはかぎりません。

Read More

from Symantec Connect - Security - Blog Entries http://ift.tt/1LMSJKv

China Preps 5-Year Cybersecurity Plan

The goal is to prevent foreign spying on government departments, state-owned enterprises and financial institutions.

from http://ift.tt/1FjPgi5

Companies Buy Good Security, But Fail to Deploy It Properly

Data remains at risk because IT teams don’t have the expertise or time to deploy complicated IT security products.

from http://ift.tt/1SFi2CZ

CSA Establishes Quantum-Safe Security Working Group and Releases What is Quantum-Safe Security Position Paper

By Frank Guanco, Research Analyst, CSA Consider this scenario: A CIO at a Fortune 500 company receives a call from a reporter asking how the company is responding to the announcement of the new commercially available quantum computer that can “break” RSA and Elliptic Curve Cryptography (ECC). This CIO has no plan, so he politely offers a […]

The post CSA Establishes Quantum-Safe Security Working Group and Releases What is Quantum-Safe Security Position Paper appeared first on Cloud Security Alliance Blog.

from Cloud Security Alliance Blog http://ift.tt/1JXJjwE

New Email Security Release Adds Graymail Protection, Performance Monitoring Enhancements, and More

Each day more than 100 billion corporate email messages are exchanged1. Who doesn’t need to do a little housekeeping and eliminate unwanted emails? But you need to think twice before you click on “unsubscribe.” As you likely read in the 2015  Cisco Annual Security Report , attackers are using applications users inherently trust or view as benign, like web browser add-ons, to distribute malware. One of the latest phishing techniques is graymail – directing the “unsubscribe” link at the bottom of a seemingly innocuous [...]

from Cisco Blog » Security http://ift.tt/1QdtkKM

NSA testing gesture recognition as password replacement

Technology developed by Lockheed Martin recognizes everything from swipes to formal writing to authenticate an end-user








from Latest topics for ZDNet in Security http://ift.tt/1GH9LcV