FreshRSS

🔒
❌ About FreshRSS
There are new available articles, click to refresh the page.
Yesterday — February 16th 2019Your RSS feeds

The Risks of Public Wi-Fi and How to Close the Security Gap

By Toni Birdsong

public wi-fi risksAs I write this blog post, I’m digitally exposed, and I know it. For the past week, I’ve had to log on to a hospital’s public Wi-Fi each day to work while a loved one recuperates.

What seems like a routine, casual connection to the hospital’s Wi-Fi isn’t. Using public Wi-Fi is a daily choice loaded with risk. Sure, I’m conducting business and knocking out my to-do list like a rock star but at what cost to my security?

The Risks

By using public Wi-Fi, I’ve opened my online activity and personal data (via my laptop) up to a variety of threats including eavesdropping, malware distribution, and bitcoin mining. There’s even a chance I could have logged on to a malicious hotspot that looked like the hospital network.

Like many public Wi-Fi spots, the hospital’s network could lack encryption, which is a security measure that scrambles the information sent from my computer to the hospital’s router so other people can’t read it. Minus encryption, whatever I send over the hospital’s network could potentially be intercepted and used maliciously by cybercriminals.

Because logging on to public Wi-Fi is often a necessity — like my situation this week — security isn’t always the first thing on our minds. But over the past year, a new normal is emerging. A lot of us are thinking twice. With data breaches, privacy concerns, the increase in the market for stolen credentials, and increasingly sophisticated online scams making the headlines every day, the risks of using public Wi-Fi are front and center.

Rising Star: VPNpublic wi-fi risks

The solution to risky public Wi-Fi? A Virtual Private Network (VPN). A VPN allows users to securely access a private network and share data remotely through public networks. Much like a firewall protects the data on your computer, a VPN protects your online activity by encrypting your data when you connect to the internet from a remote or public location. A VPN also conceals your location, IP address, and online activity.

Using a VPN helps protect you from potential hackers using public Wi-Fi, which is one of their favorite easy-to-access security loopholes.

Who Needs a VPN?

If you (or your family members) travel and love to shop online, access your bank account, watch movies, and do everyday business via your phone or laptop, a VPN would allow you to connect safely and encrypt your data no matter where you are.

A VPN can mask, or scramble, your physical location, banking account credentials, and credit card information.

Also, if you have a family data plan you’ve likely encouraged your kids to save data by connecting to public Wi-Fi whenever possible. Using a VPN, this habit would be secured from criminal sniffers and snoopers.

A VPN allows you to connect to a proxy server that will access online sites on your behalf and enables a secure connection most anywhere you go. A VPN also allows hides your IP address and allows you to browse anonymously from any location.

How VPNs work

To use a VPN you subscribe to VPN service, download the app onto your desktop or phone, set up your account, and then log onto a VPN server to conduct your online activity privately.

If you are still logging on to public Wi-Fi, here are a few tips to keep you safe until VPNs become as popular as Wi-Fi.

Stay Safe on Public Wi-Fi 

Verify your connection. Fake networks that mine your data abound. If you are logging on to Wi-Fi in a coffee shop, hotel, airport, or library, verify the exact name of the network with an employee. Also, only use Wi-Fi that requires a password to log on.public wi-fi risks

Don’t get distracted. For adults, as well as kids, it’s easy to get distracted and absorbed with our screens — this is risky when on public Wi-Fi, according to Diana Graber, author of Raising Humans in a Digital World. “Knowing how to guard their personal information online is one of the most important skills parents need to equip their young kids with today,” says Graber. “Lots of young people visit public spaces, like a local coffee shop or library, and use public Wi-Fi to do homework, for example. It’s not uncommon for them to get distracted by something else online or even tempted to buy something, without realizing their personal information (or yours!) might be at risk.”

Disable auto Wi-Fi connect. If your phone automatically joins surrounding networks, you can disable this function in your settings. Avoid linking to unknown or unrecognized networks.

Turn off Wi-Fi when done. Your computer or phone can still transmit data even when you are not using it. Be sure to disable your Wi-Fi from the network when you are finished using it.

Avoid financial transactions. If you must use public Wi-Fi, don’t conduct a sensitive transaction such as banking, shopping, or any kind of activity that requires your social security or credit card numbers or password use. Wait until you get to a secured home network to conduct personal business.

Look for the HTTPS. Fake or unsecured websites will not have the HTTPS in their address. Also, look for the little lock icon in the address bar to confirm a secure connection.

Secure your devices. Use a personal VPN as an extra layer of security against hackers and malware.

The post The Risks of Public Wi-Fi and How to Close the Security Gap appeared first on McAfee Blogs.

VMware Security Advisory 2019-0001

VMware Security Advisory 2019-0001 - VMware product updates resolve a mishandled file descriptor vulnerability in the runc container runtime.
  • February 16th 2019 at 14:51

Chinese Surveillance, Facebook Tracking, and More Security News This Week

By Emily Dreyfuss
3-D printed rifles, Iran missile hacking, and more of the week's top security news.

Flat Earth - Paul's Security Weekly #594

By paul@securityweekly.com

This week, we welcome Harry Sverdlove, Chief Technology Officer of Edgewise for an interview, to talk about The Future of Firewalls! In the Technical Segment, we discuss some Enterprise-ish Network Security hardware and software that we've incorporated here in our Security Weekly Studio! In the Security News, why it's way too easy to sell counterfeit goods on Amazon, how to defend against the runC container vulnerability, creating a dream team for the new age of cyber security, how you can get a Windows 95 emulator for Windows 10, Linux, or MAC, DEF CON goes to Washington, and InfoSec institutes top podcasts that take your computer skills to the next level!

 

Full Show Notes: https://wiki.securityweekly.com/Episode594

To learn more about Edgewise, visit: https://www.edgewise.net/security-weekly

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

  • February 16th 2019 at 10:00

Weekly Update 126

By Troy Hunt
Weekly Update 126

Another week, another conference. This time it was Microsoft Ignite in Sydney and as tends to happen at these events, many casual meetups, chats, beers, selfies, delivery of HIBP stickers and an all-round good time, albeit an exhausting one. That's why I'm a day late this week having finally arrived home late last night.

Moving on though, I've got a bunch of other events coming up particularly in conjunctions with the folks at NDC. Brisbane in a couple of weeks, Gold Coast in April then Minnesota in May. Oh - plus Oslo in June and stretching out beyond that, Sydney in October. The link in the references below about how conferences can help keep speakers happy (or piss them off, as it may be), explains why I keep doing these events. All that plus more data breach news and my thoughts on the subsequent lists of credential stuffing data.

Weekly Update 126
Weekly Update 126
Weekly Update 126

References

  1. I'm doing a free user group in Brisbane for NDC on Thursday 28 Feb (this will be a really casual presentation, Q&A and fun night out)
  2. Speaking of NDC, the show will be on in my home town of the Gold Coast in late April (that's a dedicated security event which Scott Helme will be down for too)
  3. Speaking of NDC, I'll also be at NDC Minnesota in May (Hack Yourself First workshop and a shiny keynote)
  4. The reason I keep doing NDC events is because they don't do any of these things! (that's the 10 things conferences do to upset their speakers)
  5. A heap of new data was leaked earlier on in the week (EyeEm has since been loaded into HIBP)
  6. And then even more data breaches were announced a couple of days ago (I'll obviously be keeping an eye out for those too)
  7. All these new data breaches are already starting to make the debate around credential stuffing collections a memory (but as I explain in that post, I think we're past hyping every single one of them up)

Where’s the Equifax Data? Does It Matter?

By Tara Seals
Threat-hunters say the breached data from the massive Equifax incident is nowhere to be found, indicating a spy job.

Threat Roundup for Feb. 8 to Feb. 15

By Talos Group
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 8 and Feb. 15. As with previous roundups, this post isn't meant to be an...

Hacks, Nudes, and Breaches: It's Been a Rough Month for Dating Apps

By Lily Hay Newman
Trouble at OKCupid, Coffee Meets Bagel, and Jack'd have made February a bad stretch for romantics online.

Trump Declared an Emergency Based on Data That Doesn’t Exist

By Issie Lapowsky
As he declared a national emergency Friday, President Trump repeatedly dismissed statistics and reports produced by his own government.

Staffing Shortage Makes Vulnerabilities Worse

By Dark Reading Staff
Businesses don't have sufficient staff to find vulnerabilities or protect against their exploit, according to a new report by Ponemon Institute.

  • February 15th 2019 at 21:00

Where’s the Equifax Data? Does It Matter?

By Tara Seals
Threat-hunters say the breached data from the massive Equifax incident is nowhere to be found, indicating a spy job.
Before yesterdayYour RSS feeds

Hackers Found Phishing for Facebook Credentials

By Dark Reading Staff
A "very realistic-looking" login prompt is designed to capture users' Facebook credentials, researchers report.

  • February 15th 2019 at 21:00

ICS/SCADA Attackers Up Their Game

By Kelly Jackson Higgins Executive Editor at Dark Reading
With attackers operating more aggressively and stealthily, some industrial network operators are working to get a jump on the threats.

  • February 15th 2019 at 18:30

Post-Quantum Crypto Standards Aren't All About the Math

By Ericka Chickowski Contributing Writer, Dark Reading
The industry needs to keep in mind the realities of hardware limits and transitional growing pains, according to Microsoft, Utimaco researchers.

  • February 15th 2019 at 17:45

Well Holby damned! We've caught a virus: Brit medical soap operas team up for 'cyber' episode

WannaCry? You will do

BBC "sister" medical drama shows Holby City and the venerable Casualty from which it sprang have announced that they are teaming up for a two-part "cyberattack special". NHS techies, stop sniggering at the back!…

  • February 15th 2019 at 16:16

White-Hat Bug Bounty Programs Draw Inspiration from the Old West

By Michelle Moore Academic Director and Adjunct Professor, University of San Diego
These programs are now an essential strategy in keeping the digital desperados at bay.

  • February 15th 2019 at 15:30

Slackware Security Advisory - mozilla-thunderbird Updates

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.
  • February 15th 2019 at 15:09

Debian Security Advisory 4391-1

Debian Linux Security Advisory 4391-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
  • February 15th 2019 at 15:09

This Week in Security News: Cloud Risks and Container Vulnerability

By Jon Clay (Global Threat Communications)

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about this year’s current uses and emerging risks of the cloud. Also, find out what new vulnerability was found in containers.

Read on: 

Attacking Containers and runC

This week a new vulnerability was published that highlights the biggest security weakness of containers: they are loosely isolated sharing the same host operating system.  

 

Doomsday Docker Security Hole Uncovered

A security vulnerability has been disclosed for a flaw in RunC, Docker and Kubernetes’ container runtime, which can be used to attack any host system running containers.

The Cloud in 2019: Current Uses and Emerging Risks

While the power of the cloud and benefits like flexibility and productivity are continuing to grow, there are some risks to be aware of. 

Cyber threats to utilities on the rise, firm warns

Cybersecurity risks to utilities’ systems increased in 2018, with more intrusions into those networks and malware that infected those systems, according to a new report from a threat assessment firm released Thursday.

Most Companies Anticipate a Critical Breach in 2019, CISOs Need to Prioritize Threats

80 percent of IT business leaders anticipate a critical breach or successful cyberattack over the coming year, according to Trend Micro’s Cyber Risk Index (CRI).

Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners

While conducting a routine log check, Trend Micro noticed an interesting script from one of our honeypots downloading a binary connected to a domain.  

Credential Stuffing Attacks–Yet Another Security Concern for Consumers

In a credential stuffing data breach, hackers automatically feed thousands or millions of username and password combinations obtained from other breaches into a website in order to fraudulently gain access to user accounts. 

Coffee Meets Bagel Announces a Data Breach on Valentine’s Day

Dating app Coffee Meets Bagel announced that an unauthorized party gained access to an undisclosed amount of user data, but didn’t make off with any sensitive information like credit card numbers or passwords.

Windows App Runs on Mac, Downloads Info Stealer and Adware

Trend Micro found EXE files in the wild delivering a malicious payload that overrides Mac’s built-in protection mechanisms such as Gatekeeper.

Cybersecurity Workers Scramble to Fix a Post-Shutdown Mess

Two weeks out from the longest government shutdown in United States history, government employees are still scrambling to mitigate impacts on federal cybersecurity defenses. 

Banks Under Attack: Tactics and Techniques Used to Target Financial Organizations

Trend Micro dives into the cybercriminal underground to see how the tactics and techniques used to attack financial organizations have changed over the years. 

The Great Equifax Mystery: 17 Months Later Experts Are Starting to Suspect a Spy Scheme

The location of data that disappeared during the Equifax breach in 2017 has remained a mystery, and the prevailing theory today is that the data was stolen by a nation-state for spying purposes, not by criminals looking to cash in on stolen identities.

Are you surprised that a nation-state is theorized responsible for the Equifax breach? Why or why not? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

The post This Week in Security News: Cloud Risks and Container Vulnerability appeared first on .

PACE – People, Alignment, Culture, and Execution

By Ken McCray

McAfee was founded in 1987, and at 32 years old, we’re moving faster than ever before with more precision, agility, and innovation. With McAfee’s expected growth in 2019 as the device-to-cloud cybersecurity company, we recognize the need to ensure that the Americas Channel Team is sharply focused. As I’ve met with members of my team, both individually and in planning sessions, we are already hitting the ground running. This year, the stage is set for our PACE—our pace within the company, and our People, Alignment, Culture, and Execution.

The first focus area, Our People, not only encompasses our team, but also our partners and customers. I truly believe if you take care of the people, the people will take care of you. As a Channel Organization, we ensure that both our partners’ and customers’ needs are met. Through tightly aligned cross-functional organizations internally, we are creating powerful unity as we serve customers together.

Our Alignment concentrates on making sure we’re moving in the same direction at the same time.

Within Our Culture, we have a primary and secondary culture. Our primary culture is centered around our pledge that each McAfee employee signs, declaring dedication to keeping the world safe from cyberthreats. However, the Channel Organization has also cultivated a secondary culture, which is supported by our corporate value surrounding candor and transparency. We aim for both cultures to be evident in everything we do.

With Our Execution, we believe that if we commit to something, we must execute it. Accountability is a priority for our team. Our Execution is currently centered around our MVISION portfolio family, which includes MVISION Endpoint, ePO, Cloud, Mobile, and EDR (coming soon). Designed to encompass our overall brand through a simple approach, MVISION is an integrated, open system from device to cloud that offers consolidated visibility, comprehension, and control across a digital landscape. If you’re not up to speed on MVISION, please take some time to research and get familiar. Our mutual customers are going to love it.

This year, we are excited to be working on our PACE. We are committed to maintaining a healthy PACE for the betterment of our customers, partners, and team. We hope the PACE we set this year will serve all who interact with McAfee.

The post PACE – People, Alignment, Culture, and Execution appeared first on McAfee Blogs.

Malta’s leading bank resumes operations after cyberheist-induced shutdown

By Tomáš Foltýn

Bank of Valetta, which went dark for a day after the fraudulent transfers of €13 million, is now looking to get the money back

The post Malta’s leading bank resumes operations after cyberheist-induced shutdown appeared first on WeLiveSecurity

Apple fighting pirate app developers, will insist on 2FA for coders

By Paul Ducklin
Are you an Apple developer? Care about security? Using 2FA? You will be soon...

Judge won’t unseal legal docs in fight to break Messenger encryption

By Lisa Vaas
The Feds tried—and failed—to force Facebook to break its encryption so investigators could listen in on suspected MS-13 gang conversations.

shutterstock_673564912-compressor

A Call to Structure

When building a threat Intelligence team you will face a range of challenges and problems. One of the most significant ones is about how to best take on the ever-growing amount of Threat Intel. It might sound like a luxurious problem to have: The more intel the better! But if you take a closer look at what the available Threat Intelligence supply looks like, or rather, the way it is packaged, the problem becomes apparent. Ideally, you would want to take this ever-growing field of Threat Intelligence supply and work to converge on a central data model – specifically, STIX (Structured Threat Information eXpression). STIX is an open standard language supported by the OASIS open standards body, designed to represent structured information about cyber threats

This isn’t a solo effort, so first the intelligence team needs to align properly with the open standards bodies. I was thrilled to deliver our theories around STIX data modeling to the OASIS and FIRST communities at the Borderless Cyber Conference in Prague in 2017. (The slides from this are available for download here.) Our team took this to the next level as we started to include not just standard data structures in our work, but standardized libraries, including MITRE’s ATT&CK (Adversarial Tactics, Techniques & Common Knowledge) framework that now forms a core part of our TTP (and, to some extent, Threat Actor) mapping across our knowledge base. We couldn’t have done it without the awesome folk at OASIS and MITRE. Those communities are still our cultural home.

So far, so good… but largely academic. The one thing I always say to teams who start planning their CTI journeys is: “Deploy your theory to practice ASAP – because it will change.” CTI suppliers know this all too well. In the ensuing months of our threat intel team, we faced the challenge of merging these supplier sources in to a centralized knowledge base. We’re currently up to 38 unique source organizations (with 50+ unique feeds across those suppliers), around a third of those being top-flight commercial suppliers. And, of course, even in this age of STIX, and MISP, we still see the full spectrum of implementations from those suppliers. Don’t get me wrong – universal STIX adoption is a utopia (this is my version of ‘memento mori’ that I should get my team to say to me every time I go on my evangelism sprees). And we should not expect all suppliers to ‘conform’ in some totalitarian way. But here is my question to you: Who designs your data model? I would love to meet them.

Now here’s the thing: If you’re anything like my boss, you probably don’t care how the data model is implemented – so long as the customer can get the data fields they need from your feed, what does it matter? REST + JSON everywhere, right? But the future doesn’t look like that. The one thing that the STIX standard is teaching people better than most other structured languages is the importance of decentralization. I should be able to use the STIX model to build intelligence in one location and have it be semantically equivalent (though not necessarily the same) as the equivalent built by a different analyst in another location. The two outputs should be logically similar – recognizably so, by some form of automated interpretation that doesn’t require polymorphism or a cryptomining rig to calculate – but different enough to capture the unique artistry of the analysts who created them. Those automatically discernible differences are the pinnacle of a shared, structured-intelligence knowledge base that will keep our data relevant, allow for automated cross-referencing and take the industry to the next level.

There is a downside, of course. The cost of implementation is the first hurdle – it may mean reengineering a data model and maybe even complete rebuilds of knowledge repositories. With any luck, it can just be a semantic modelling (similar to what I presented at Borderless Cyber, but instead of STIX 1.2 à STIX 2.1, just à STIX 2.1) that you can describe with some simple mapping and retain your retcon. But perhaps the biggest elephant in the room is that aligning all suppliers to a common data model means leaving people open to de-duplication and cross-referencing. As we start to unify our data models, that “super-secret source” that was actually just a re-package of some low-profile, open source feed is going to get doxed. We think this is a good thing – data quality, uniqueness and provenance will speak for themselves, and those suppliers who vend noise will lose business. This should be an opportunity rather than a threat, and hopefully it will reinforce supplier business models to provide truly valuable intelligence to customers.

About the author: Chris O'Brien is the Director Intelligence Operations at EclecticIQ. Prior to his current role, Chris held the post of Deputy Technical Director at NCSC UK specialising in technical knowledge management to support rapid response to cyber incidents.

Copyright 2010 Respective Author at Infosec Island
  • February 15th 2019 at 11:15

Chinese facial recognition database exposes 2.5m people

By Danny Bradbury
A company operating a facial recognition system in China has exposed millions of residents’ personal information online.

facial-recognition

Photography site 500px resets 14.8 million passwords after data breach

By John E Dunn
Photography website 500px has become the latest site to admit suffering a serious data breach.

shutterstock_304955831-compressor

Closing the Cyber Skills Gap — CyberSpeak Podcast

By Jeff Peters

On this episode of the CyberSpeak with InfoSec Institute podcast, Kathleen Hyde, chair of cybersecurity programs at Champlain College online, discusses a topic that’s a big part of InfoSec Institute’s initiative for the coming years — finding new and innovative ways of closing the cyber skills gap. In the podcast, Hyde and host Chris Sienko […]

The post Closing the Cyber Skills Gap — CyberSpeak Podcast appeared first on InfoSec Resources.


Closing the Cyber Skills Gap — CyberSpeak Podcast was first posted on February 15, 2019 at 3:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Vuln: Mozilla Firefox and Firefox ESR CVE-2019-5785 Integer Overflow Vulnerability

Mozilla Firefox and Firefox ESR CVE-2019-5785 Integer Overflow Vulnerability
  • February 15th 2019 at 00:00

Week in security with Tony Anscombe

By Shane Curtis

ESET malware researcher Lukáš Štefanko sits down with us to discuss Android banking malware, the topic of his latest white paper. An attack on an email provider wipes out almost two decades' worth of data. Plus an interesting article from Jake Moore on the possible dangers that may come from providing your name at your local coffee shop.

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

  • February 15th 2019 at 11:45

WARNING – New Phishing Attack That Even Most Vigilant Users Could Fall For

By noreply@blogger.com (Mohit Kumar)
How do you check if a website asking for your credentials is fake or legit to log in? By checking if the URL is correct? By checking if the website address is not a homograph? By checking if the site is using HTTPS? Or using software or browser extensions that detect phishing domains? Well, if you, like most Internet users, are also relying on above basic security practices to spot if that

Navigating the murky waters of Android banking malware

By Lukas Stefanko

An interview with ESET malware researcher Lukáš Štefanko about Android banking malware, the topic of his latest white paper

The post Navigating the murky waters of Android banking malware appeared first on WeLiveSecurity

❌