Keep Your Network Productive
The challenge: Often the office network is being used for non-productive tasks, such as movie downloads, interacting with friends, and watching strea...
How to Secure Your Small Business With Big Business Protection
↧
↧
Raise cyber security awareness by eschewing routine training and doing the unexpected – Mimecast
Use employees' social media profiles to show them how easy it is to obtain their data, says Orlando Scott-Cowley
↧
Vtech Breach Exposes 5 Million Kids and Their Parents to Risk
Security experts see risks although VTech said no credit card, Social Security or driver license numbers are included in the breached database.
Consumer electronics vendor VTech Holdings warned today of a data breach that affects 5 million customers on its Learning Lodge app store database. Those affected include children as well as parents registered with VTech to obtain kid-friendly apps and educational content.
The breach occurred on Nov. 14, but VTech did not become aware of the attack until Nov. 24.
"Our customer database contains user profile information, including name, email address, password, secret question and answer for password retrieval, IP address, mailing address and download history," VTech officials said in a statement.
According to VTech officials, no credit card data, Social Security numbers or driver license numbers are included in the breached database. After becoming aware of the breach, VTech said that it performed an investigation and added measures to protect against future attacks. Part of those measures include the suspension of the Learning Lodge apps store as well as well as 13 affected VTech Websites.
Security experts eWEEK contacted warned of potential risks even though payment card information wasn't stolen in the VTech breach.
"Names, email addresses, hashed passwords and home addresses were stolen in the VTech breach, which could be used in subsequent phishing and social engineering attacks," Zscaler Chief Information Security Officer Michael Sutton told eWEEK. "While the passwords were hashed in the database, they can easily be exposed via a dictionary attack, and affected consumers should, therefore, consider them to be compromised and change authentication credentials at any other sites where the same passwords have been used."
Additionally, responses to password recovery questions were also compromised and stored in plain text, and this information could be leveraged to reset passwords at other sites, Sutton said. He suggested that those wishing to know if they were impacted by the VTech breach can do so by searching for their email address at HaveIBeenPwned.com, an online resource that tracks the accounts exposed in many recent high-profile data breaches.
Inga Goddijn, executive vice president of Risk Based Security, warned that consumers should be wary of phishing scams stemming from the VTech breach. "Once information like where you live, what toys or games you have given your child and your email address are known to scammers, it can be fairly easy to put together a malicious email campaign that looks legitimate," Goddijn said.
Tim Erlin, director of IT security and risk strategy at Tripwire, commented that he's not too surprised that VTech was breached, given that VTech is collecting and storing customer data, which makes the company an attractive target. Erlin suggested that all organizations should prepare a response plan before a breach occurs.
"After a breach, there's always an internal discussion about how security products and processes should change to address any gaps identified as complicit in the breach," Erlin told eWEEK. "I wouldn't expect much public disclosure of internal changes from VTech."
The breach highlights the need for parents and other consumers to be very vigilant about personal information.
Shuman Ghosemajunder, vice president of strategy at Shape Security, commented that parents in general should be very careful about who they give their children's information to and should watch for telltale signs that a company isn't taking security seriously, such as not using Secure Sockets Layer/Transport Layer Security (SSL/TLS) while logging in or submitting sensitive information.
Overall, though, all VTech users should change their passwords immediately. "If a password you use for other services was part of a breach, even if it was encrypted, you should change those passwords as quickly as possible," Erlin said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
↧
Cryptographic Key Reuse Exposed, Leaving Users at Risk
A lack of unique keys in embedded devices is revealed, leaving such devices subject to impersonation, man-in-the-middle or passive decryption attacks.
The promise of encryption is that it keeps information hidden from public view. But what happens when multiple devices share the same encryption key? According to a report from security firm SEC Consult, millions of devices are at risk because vendors have been reusing HTTPS and Secure Shell (SSH) encryption keys.
"Research by Stefan Viehböck of SEC Consult has found that numerous embedded devices accessible on the public Internet use non-unique X.509 certificates and SSH host keys," CERT warns in vulnerability note #566724. "Vulnerable devices may be subject to impersonation, man-in-the-middle, or passive decryption attacks."
Viehböck looked at more than 4,000 devices from 70 vendors and found only 580 unique private keys were in use. There is a significant amount of reuse across keys that SEC Consult has estimated to impact approximately 50 vendors and 900 products. CERT's vulnerability note explains that for the majority of vulnerable devices, vendors reused certificates and keys across their own product lines.
"There are some instances where identical certificates and keys are used by multiple vendors," CERT's vulnerability note states. "In these cases, the root cause may be due to firmware that is developed from common SDKs (Software Development Kits), or OEM (Original Equipment Manufacturer) devices using ISP-provided firmware."
Tod Beardsley, research manager at Rapid7, is not surprised at the SEC Consult findings. When auditing inexpensive embedded devices, his No. 1 complaint is when the administrative interface isn't encrypted at all, he said.
"However, even when I do see that there is an encrypted interface, they're often vulnerable to the shared key problem detailed by VU#566724," Beardsley told eWEEK. "The problem here is that it's difficult for low-end, low-margin device managers to implement unique key generation on individual devices."
Plus, generating unique keys as part of the manufacturing process cuts into a vendor's already thin margins, and designing something that generates a key on first use is going to require some development and quality assurance effort, Beardsley said.
"The problem is that software developers and security architects haven't yet come together to design an easy-to-use, push button library that embedded devices leverage routinely," he said. "As technologists, we need to get ahead of this problem and design encryption solutions that are not only secure, but easy to implement."
Using hardcoded private keys is a security disaster, according to Dr. Yehuda Lindell, co-founder and chief scientist at Dyadic. Lindell sees a number of reasons why the private keys may have been left exposed and reused by multiple vendors.
"Sometimes, keys are hardwired for the purpose of development and testing, and are just forgotten when moving the software into production," Lindell told eWEEK. "Other times, developers don't know where to put the keys and mistakenly think that hardwiring them is a good idea."
↧
Microsoft Targets Unwanted Windows Apps in the Enterprise
Microsoft wants to make drive-by downloads, and threats they pose to business users, a thing of the past for enterprise customers.
The vast variety of available software for Windows—from little system utilities from independent developers to complex business software suites—has been key to the operating system's success. The downside to such an ecosystem is that it can be used to conceal undesirable code, ranging from nuisance code to adware-ridden software apps.
Now, Microsoft is helping administrators keep these drive-by downloads and other sneaky potential unwanted applications (PUAs) off their users' Windows devices with a new Microsoft System Center 2012 Configuration Manager feature, said Microsoft Malware Protection Center (MMPC) staffers Geoff McDonald, Deepak Manohar and Dulce Montemayor in a Nov. 26 announcement.
"If you are an enterprise user, and you are running System Center Endpoint Protection (SCEP), or Forefront Endpoint Protection (FEP), it's good to know that your infrastructure can be protected from PUA installations when you opt-in to the PUA protection feature," they stated. "If enabled, PUA will be blocked at download and install time."
Apart from slowing down a PC's performance and cluttering up the Start menu, PUAs can put business data at risk and impose an additional burden on IT personnel.
Potential unwanted application "refers to unwanted application bundlers or their bundled applications," stated the MMPC crew. "These applications can increase the risk of your network being infected with malware, cause malware infections to be harder to identify among the noise, and can waste help desk, IT and user time cleaning up the applications."
PUAs run the gamut, they added. "Typical examples of behavior that we consider PUA include ad-injection, many types of software bundling, and persistent solicitation for payment for services based on fraudulent claims."
Available only for enterprise customers, the opt-in Potentially Unwanted Application Protection feature acts much like antivirus software.
"PUA protection updates are included as part of the existing definition updates and cloud protection for Microsoft's enterprise customers. No additional configuration is required besides opting in to PUA protection," they stated. When enabled, client systems will begin detecting and blocking PUAs after the next system restart or signature update. Blocked PUAs can be viewed in SCEP's history tab.
Naturally, false positives can crop up from time to time. Microsoft suggests that customers submit applications wrongfully flagged as PUAs to the MMPC developer resource site.
Before rolling out the new safeguard, Microsoft is advising enterprises to perform their due diligence and ensure that the feature adheres with an organization's policies toward allowable software. It also helps to keep end users in the loop.
"With a corporate policy or guidance in place, it's recommended to also sufficiently inform your end-users and your IT help desk about the updated policy or guidance so that they are aware that potentially unwanted applications are not allowed in your corporate environment," said McDonald, Manohar and Montemayor. "This will pre-emptively inform your end users as to why SCEP or FEP is blocking their download."
A concise deployment guide, including the required registry key policy settings, is available in this blog post.
↧
↧
Encryption Ban Wouldn’t Have Affected Paris Attackers’ Plans
NEWS ANALYSIS: Despite the inconvenient findings in Paris that the terrorists didn't actually use encryption, the call in Congress for backdoors persists.
Despite the bluster in Congress about the need to press forward with laws banning the use of encryption in the United States following the Nov. 13 terrorist attacks in Paris, the truth is out. It turns out that the Paris attackers didn't encrypt anything, but instead communicated openly, in some cases publically, about their plans.
Instead of using sophisticated message encryption and brilliant tradecraft, it seems that the reason the attackers were able to communicate so effectively is because of the low-tech nature of their communications, and because the intelligence community simply missed it.
What actually happened is that the terrorists did the one thing that is hard for big spy agencies to deal with—they mostly talked among themselves. The attacks were planned and carried out by the Abdeslam brothers, who lived in the small town of Molenbeek, Belgium. Most of their co-conspirators lived or visited nearby. The close proximity of the bulk of the attackers meant that they simply discussed their plans in person.
While the attackers were apparently known to French police, it appears that little, if anything, was done to keep tabs on them or on their communications. According to press reports, the brothers may have discussed their plans in the jihadist online magazine Dabiq months before the attack, but apparently nobody picked up on that.
Likewise, phone metadata had already identified the Abaaoud brothers as having been in contact with participants in earlier attacks in France when the Thalys train was attacked (and thwarted by three American travelers) on the way to Paris. They were also identified by metadata as having been in contact with terrorists who attacked a Jewish museum in Belgium in 2014.
With the information that the intelligence community apparently already had on the terrorists, especially on the leadership, it probably wouldn't have mattered if their electronic communications had been encrypted. But they weren't. French investigators have revealed in their post-attack press conferences that while the attackers communicated using Short Message Service (SMS) texting, nothing was encrypted. The messages were sent in the clear.
This information provides insight into the collection of metadata by the National Security Agency, which has been the subject of controversy since the existence of the program was revealed by former contractor Edward Snowden. That is that the existence of such metadata can indeed be critical in identifying and exposing activities such as those by the Paris attackers. But to be effective, somebody has to be paying attention, and in the case of the attacks in Paris, apparently nobody was.
The encryption blather is also revealed for what it is, which is simply so much hot air. A ban on encryption would have made no difference at all in revealing the plans of the Paris attackers because they didn't encrypt their communications.
But suppose they had used encryption, and suppose the collection of phone metadata had worked as intended? The fact that people known to be in contact with other terrorists were communicating using encrypted messages would have been enough to alert the intelligence community that something was up, and a properly timed investigation would have revealed the terrorist plans.
↧
Security Concerns and Lack of Visibility Hinder Cloud Adoption say 65% of IT Pros
Netwrix 2015 Cloud Security Survey reveals unauthorised access and account hijacking are the leading security risks associated with the cloud1 December 2015 – Netwrix today released the results of its global 2015 Cloud Security Survey that show when it comes to migrating to the cloud, 65% of companies are concerned with security and 40% worry about their loss of physical control over data in the cloud. In particular, 69% of companies are afraid that migration to the cloud will increase the risks of unauthorised access, while 43% worry about account hijacking.Security is gaining increasing attention from cloud technology and service providers, but the lack of visibility into sensitive data stored externally raises fears that are still holding back wider cloud adoption. Netwrix surveyed more than 600 IT professionals worldwide, representing technology, manufacturing, government, healthcare, finance, education and other industries, to answer questions about cloud security, expectations from cloud providers and measures being taken to ensure data security. Other key survey findings show that:A hybrid cloud deployment model is preferred by 44% of respondents as they transition from an on-premise infrastructure to a cloud-based model. Private clouds attract 37% of organisations prepared to invest in additional security. Companies migrating to the cloud plan to enforce internal security policies: 56% plan to improve identity and authentication management; 51% will utilise encryption; and around 45% of medium and large enterprises plan to establish auditing of changes and user activity.Overall, 13% of organisations reject the idea of adopting of cloud technology in the near future. However, 30% of them are ready to reconsider their decision as soon as cloud security mechanisms are improved.Some 30% of organisations already take advantage of improved cloud security, while more than 40% of organisations are ready to invest in additional security guarantees, if offered. Overall, 71% of enterprises perceive continuous auditing of cloud infrastructure as a very important part of security guarantees to ensure data integrity in the cloud. “We wanted to find out what are the exact reasons that prevent companies from cloud adoption and taking advantage of all the benefits it offers,” said Alex Vovk, CEO and co-founder of Netwrix. “The survey revealed that even though cloud is not a new technology, the market has a good potential to grow further. Advanced security solutions and true visibility into what is going on across the cloud infrastructure will help companies minimise security risks, take back control over business-critical assets and accelerate cloud adoption.” Learn more about cloud technology concerns and download the 2015 Cloud Security Survey: http://www.netwrix.com/go/cloudsurvey2015 About Netwrix CorporationNetwrix Corporation provides IT auditing software that delivers complete visibility into IT infrastructure changes and data access, including who changed what, when and where each change was made, and who has access to what. Over 150,000 IT departments worldwide rely on Netwrix to audit IT infrastructure changes and data access, prepare reports required for passing compliance audits, and increase the efficiency of IT operations. Founded in 2006, Netwrix has earned more than 70 industry awards and was named to both the Inc. 5000 and Deloitte Technology Fast 500 lists of the fastest growing companies in the U.S.For more information, visit http://www.netwrix.com/ CONTACT:Peter Rennison PRPR01442 245030pr@prpr.co.uk Source: RealWire
↧
xMatters enhances its Public Sector focus and secures accreditation as a G-Cloud Supplier
Cloud-based technology enables public sector organisations to automate efficiency of communications and unlock ‘value’ during time sensitive events London, UK. – 1 December 2015 – xMatters, inc., a leader in communication-enabled business processes, has received accreditation from the Crown Commercial Service to trade on G-Cloud 7 in the UK’s Digital Marketplace. It can be found under the ‘Software As A Service’ Lot in the procurement framework, which went live on 23 November. xMatters’ intelligent cloud communications technology automates communication processes, improves efficiency and reduces the amount of ‘noise’ that people are influenced by during a range of scenarios. For example, it improves communication during everything from IT incidents to civil unrest to operations of public facilities.xMatters’ cloud-based platform can be applied across any scenario where communication processes need to be interpreted and automated to improve the speed and efficiency of communications around time-sensitive events. This latest accreditation means UK public sector organisations continue to have access to xMatters’ proven and cost effective cloud-based technologies. John Duffy, Head of Public Sector at xMatters said, “In David Cameron’s 'smarter state' speech, he outlined the importance of delivering a progressive government focused on reform, devolution and efficiency. ICT has an integral role to play in driving efficiency gains. However, what often prevents these gains from occurring is human intervention while managing processes and communications across the range of channels required to manage a time-sensitive event. What’s necessary, nowadays, is technology that enables teams to cost-effectively unlock the value that has been invested in their systems so that they can get on with their jobs. This is where the real gains are to be made, in automation.”xMatters can be found on G-Cloud 7 at this link. Alternatively, please liaise with xMatters Head of Public Sector, John Duffy, via email at jduffy@xmatters.com.About xMatters, inc.xMatters’ cloud-based communications solutions enable any business process or application to trigger two-way communications (text, voice, email, SMS, etc.) throughout the extended enterprise during time-sensitive events. With over a decade of experience in rapid communication, xMatters serves more than 1,000 leading global firms to ensure business operations run smoothly and effectively during incidents such as IT failures, product recalls, natural disasters, dynamic staffing, service outages, medical emergencies and supply-chain disruption. xMatters is headquartered in San Ramon, CA with additional offices in London and Sydney.###UK Media Contact: David Mieny Elate Communications for xMatters david.mieny@elatecommunications.com +44 (0)203 691 8234 / +44 (0)7859 923 122Source: RealWire
↧
VTech Hacker Obtains Kids’ Photos, Chat Logs
It's not just user contact information that's at risk from the VTech hack; actual chat logs and pictures are targets too.
The full extent of the VTech Holdings breach continues to spiral outward, as even more information is at risk than initially reported. VTech issued a statement on Nov. 30 that admitted the company became aware of a breach on Nov. 24.
According to VTech, information was stolen from its customer database, including user profile information. VTech has also admitted that the breach impacts approximately 5 million consumers. As it turns out, much more personal information was taken than first believed, according to a report from Motherboard, which claims to have been contacted by the hacker behind the data breach.
The report claims that the hacker was also able to obtain 190GB of photos, including both children and parents. The photos were being stored by VTech as well as chat and audio logs between parents and children, used as part of VTech's Kid Connect service.
VTech has already taken what it considers to be precautionary measures, suspending its Learning Lodge apps store as well as well as 13 VTech Websites.
VTech isn't the only manufacturer of childrens' toys that has been the target of hackers this holiday season. Mattel's Hello Barbie doll, which is a WiFi-enabled toy, has also attracted the attention of the security community. According to a report on NBC, security researchers claim that Hello Barbie is a security risk, enabling an attacker to gain access to stored audio files. Hello Barbie is an interactive device that makes use of WiFi to listen and respond to a child's voice.
In light of the latest revelations about toy safety in the Internet era, there are a number of best practices that security experts contacted by eWEEK recommend.
"Continually evaluate how, when and where your child's information is stored or given out on the Internet," Justin Harvey, chief security officer at Fidelis Cybersecurity, suggests. "I recommend putting as little information about your child as possible over the Internet."
Marcus Carey, founder and chief technology officer at vThreat, warns that anything parents put on the Internet about their children, even on social networks, could potentially be used for fraud or even worse.
"Parents should share their children's information on a 'need to know' basis, meaning with schools, health care providers, etc," Carey said.
Parents are not entirely on their own when it comes to online privacy. The Children's Online Privacy Protection Act (COPPA) was passed in 1998. "COPPA imposes certain requirements on operators of websites or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age," explains the U.S Federal Trade Commission in a summary of the act.
Although COPPA was put in place to protect children's privacy, the act does not include any requirements that data about and from children be stored securely, according to Chris Eng, vice president of security research at Veracode.
"It only protects against unscrupulous operators who would misuse children's information," Eng said. "Children, like parents, have no protection from operators that do not put adequate security protections in place."
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
↧
↧
10 Things to Know About VTech Hack That Exposes Data of Kids, Parents
...
↧
Cybersecurity VCs Discuss Their Top Investment Criteria
IT security is one of the hottest markets in technology today, as organizations of all sizes try to protect themselves against a seemingly endless onslaught of adversaries and online threats. Where there is a need, there is also a sizable market opportunity for venture capitalists, as they aim to invest in the next big thing.
Venky Ganesan is managing director at Menlo Ventures, a leading cybersecurity investment firm that has an enviable track record of picking winners. Menlo Venture was an early backer of Ironport, a company Cisco acquired in 2007 for $830 million, as well as Q1 Labs, which IBM bought in 2011.
Menlo Venture's portfolio also includes vArmor, which emerged from stealth mode in 2014, after raising $42 million in funding. Ganeson sees opportunity in the cloud security space, which is where vArmor fits in.
"Cyber-security is not a trend; it's a permanent long-term unfortunate issue that we all have to deal with as a cost of modern-day technology use," Ganeson told eWEEK.
In Ganeson's view, one of the next major waves of innovation and growth for the cybersecurity industry will come from breach-detection vendors. Breach-detection technologies help organizations identify breaches as well as provide guidance on how to patch and fix the breach. Menlo Ventures has a stake in a company called BitSight, which is active in the breach-detection space.
Don Dixon, founder and managing director of Trident Capital Cybersecurity, also has an impressive track record of cybersecurity investing, with a portfolio that includes Qualys, now a publicly traded company; Prolexic, which Akamai acquired for $370 million in 2013; and Voltage, which HP purchased in February.
Among Dixon's more recent investments is IronNet Cybersecurity, a company founded by former U.S. National Security Agency Director General Keith Alexander. Dixon said that as the security perimeter fades, with growing mobile and cloud use, there is an increasing need to track and secure endpoints and protect against advanced persistent threats, an area of focus for IronNet.
Determining a valuation for a startup company on which to base an investment is a challenge for venture capitalists.
"Valuation like beauty is in the eye of the beholder," Ganeson said. "Invariably, it's a topic of intense negotiation and frustration, rather than being a finite science."
For the most part, valuations for cybersecurity companies in recent years have gone higher, as the market opportunity for security continues to grow, Ganeson said.
Dixon's rule of thumb before investing in a company is that he would like to see at least 18 months of prior funding for the company. In the case of IronNet, the company was bootstrapped (that is self-funded) while building the product, Dixon said. The venture capital funding that Dixon provided for IronNet is being used to ramp up the commercial side of the business for sales and marketing. IronNet has raised $32.5 million in a Series A round of funding led by Trident Capital Cybersecurity.
With so many companies now in the cybersecurity market, it is increasingly difficult to pick the winners.
"It's a very crowded space; there probably isn't a single sector of security that isn't over-funded," Ganeson said. "The reason is simple; everyone sees the opportunity."
Dixon often hears complaints that the cybersecurity sector is over-populated and over-funded, but that's not something he agrees with. His firm has an advisory council made up of 30 people that are industry professionals, including chief information security officers. That customer and user experience helps Trident Capital Cybersecurity find the companies that are trying to solve the problems that haven't been solved yet.
In terms of how Ganeson tries to pick the winner, he's looking for strong management teams that have been in security for a decade or longer. He's also looking for management teams that understand how to build a product platform rather than just features.
For Ganeson, a key challenge is figuring out what's real and what's an also-ran. "It turns out that doing a PowerPoint is a lot easier than building a product," Ganeson said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
↧
China’s Underground Cyber-Crime Economy Grows in Size, Sophistication
While state-sponsored online espionage is most often associated with China, freelance cyber-crime is alive and well in the country, according to a recent research report.
The tool is called Social Engineering Master. Anyone who pays the equivalent of $50 can search through a variety of stolen or leaked information and use it to create a convincing cyber-attack targeted at a specific victim or group of victims.
The online service is just one of the offerings that have cropped up as part of an online criminal ecosystem in China. While China is well known as a source of cyber-attacks targeting Western political and economic targets through operations called Darkhotel, Emissary Panda and Naikon that made headlines worldwide, online criminal marketplace activity has grown significantly over the past year.
Underground developers are not only selling products, such as exploit kits, and services, such as made-to-order denial-of-service attacks, but they are branching out into easy-to-use Web applications and polished hardware hacks, according to a report released by security firm Trend Micro on Nov. 23.
Services, such as Social Engineering Master, show that the country's criminals are becoming more sophisticated, Christopher Budd, global threat communications manager with Trend Micro, told eWEEK.
"The big problem these days is not getting the data, but getting to the data that you want," he said. "They provide a tool that gives you a nice interface, so the cyber-criminals can create very compelling social engineering emails."
While malware and hacking services continue to be a staple of the underground marketplace in China, criminals have branched out into other areas, according to Trend Micro. Hacked hardware has gone from prototypes to polished products, especially such devices as payment-card readers, which can quickly skim financial information, the company stated.
Legitimate-sounding services—such as boosting the rank of free apps in Apple's App Store and paying for dedicated servers—have doubled in price in some cases, while services more commonly associated with crime—such as buying hacked registration codes for software and renting botnets—have become cheaper.
"While it is less open in China, this is now truly a marketplace," Budd said. "We no longer talk about it as a curiosity. We are in the second, maybe third, generation of cyber-crime offerings."
Take payment-card skimming. With non-cash transactions growing by more than a quarter in the past year, criminals are turning a greater focus toward stealing card data and using it for fraudulent transactions. For that purpose, criminals have developed advanced devices for skimming credit- and debit-card information, the Trend Micro report states.
"We are seeing compromised payment card readers that are being mass-produced and they are being inserted into the legitimate supply chain without people realizing it," Budd said. "It is like the owners of a mom-and-pop restaurant going to the local version of Staples and buying what they think it is a legitimate card reader, but in reality, it is grabbing data from every transaction."
↧
Poole Alcock Automates Legal Processes With Zylpha
Poole Alcock has selected document bundling technology, Adobe eSignature integration and HM Land Registry integration from legal systems innovator Zylpha (www.zylpha.com). As part of the practice’s digital innovation strategy, the development is aimed at both boosting efficiency and driving customer service levels for clients. Established for over 120 years, Cheshire based Poole Alcock LLP provides a wide range of legal services for both business and private clients. These combine both traditional values with the best of modern technology and range from commercial law, conveyancing and criminal law through to wills, personal injury, and family matters.Poole Alcock will use Zylpha’s software to produce legal document bundles and secure communication. The software, which is fully integrated with the practice’s Visualfiles case management system, will also deliver Adobe eSign technology to ensure the highest levels of e-signature compliance. Poole Alcock will also use Zylpha’s widely acclaimed e-DRS integration with the Land Registry to streamline the practice’s conveyancing registration processes.Poole Alcock’s IT Partner Scott Harding believes that ultimately the beneficiary of the new systems will be the practice’s clients, noting, “Having an on-going commitment to innovation drives efficiency and means we provide an increasingly high level of service and professionalism for our clients. Our investment in Zylpha’s document bundling, eSignatures and property registration through e-DRS is a key part of this strategy and we look forward to working closely with them as we fully exploit the benefits available.”Zylpha’s CEO Tim Long welcomed Scott Harding’s comments adding, “Poole Alcock’s approach to innovation has impressed us greatly. They don’t just see technology as purely improving internal systems. Rather, they ensure that this investment translates into a customer service dividend for clients too.”ends About Zylpha www.zylpha.comHeadquartered in Southampton Zylpha is an innovative specialist offering tools for the legal profession including:Secure electronic document production and delivery. Court Bundling.Integration with the MOJ Portal.Links to agencies for AML and Identity Verification.The company, which was founded by Tim Long its CEO, has won widespread acclaim in both the legal and local government sectors for its systems that transform secure communications for court and case management bundles.For more information please contact: Tim LongZylpha Ltd.T: 01962 658881M: 07917 301496t.long@zylpha.comwww.zylpha.comOrLeigh RichardsThe Right ImageT: 0844 / 561 7586M: 07758 372527leigh.richards@therightimage.co.ukwww.therightimage.co.uk Source: RealWire
↧
↧
Unified Endpoint Management tops the list of workspace trends in 2016
Corporate IT will need to manage a wide range of issues affecting the IT strategy agendaLondon, England, 2nd December 2015 – Matrix42 (http://www.matrix42.com/), a top provider of software for workspace management, today revealed that Unified Endpoint Management tops the list of IT trends that companies will see in 2016. Other areas of IT that will have a major impact include mainstream adoption of wearables and smartwatches, Internet of Things, Social ITSM and workspace aggregation.Oliver Bendig, CTO of Matrix42 has analysed the trends affecting the modern IT workspace and identified 10 key areas that companies will need to manage in 2016.Adaptive workspace accessThe context-based provision of workspaces taking into account location, time, device or available bandwidth is set to play a dominant role in the coming months. Companies will use clever management tools to ensure employees have access to the right apps, documents and data at the right time and on the right device so that they can complete their tasks as simply as possible. This makes it possible to control access to sensitive data on a mobile device according to the site, for example, or automatically configure a printer at the current site.Unified endpoint managementMobile and traditional devices have combined, meaning that integrated management of this indifferent situation using a uniform solution and a unified management process is becoming increasingly important. It is becoming more and more difficult to keep track of and manage the assignment of devices and applications, meaning that unified endpoint management is set to be on the IT agenda for 2016. Virtual personal assistants/voice controlSiri, Cortana and the likes are not only a part of our private lives; they have become so powerful that they are finding their way into working life. They already have the potential to develop into a type of personal assistant that helps deal with e-mails and implementing appointments. The ability to control management tasks (for example, block/update devices) using voice control surely cannot be far behind. Wearables and smartwatchesSmartwatches and wearables have become more than just status symbols; they have developed into an extension of the workspace. Data capture and transmission methods using wearables established in the health sector and the production and logistics industries are set to become widely accepted in other industries in the near future. Gartner predicts that five million smartwatches will be in use in the enterprise environment by 2018, and it will be necessary to manage and secure these devices.Social ITSMThe key features of social networks have become indispensable in many areas. This also applies to IT service management, which is set to shift more towards interaction next year. Concepts like ‘employees help employees’ and interactive knowledge platforms are on the rise and N-1 or N-N communications with hashtags are becoming ubiquitous. Licence management for the cloud/mobile first eraCompanies are increasingly relying on mobile and SaaS applications. As a result, it is necessary to consider licence management in the mobile/cloud era, as the new apps generate a new level of complexity when it comes to licence management and indeed potential cost optimisations for the companies, for example, usage analyses for SaaS apps like Office 365, Salesforce and Citrix GoToMeeting. As a result, licence management for the cloud is set to play a key role in 2016. Workspace aggregationWorking methods and workspaces are changing so rapidly that Gartner has started to call this workspace aggregation. The browser is establishing itself as the new operating system, as it is becoming increasingly important to link apps, data, information, services and identities in a context-based manner. Predictive workspace analyticsPredictions and simulations on workspaces and the associated processes are gaining in significance. This is because relationships are becoming more complex and investments (budget, personnel) are increasing. It is helpful for IT managers to be able to simulate recurring tasks or lengthy processes like rollouts in advance. High incident rates at the Service Desk are another example, Many companies are also interested in conducting simulations of licence adaptations in order to identify savings potential and compliance implications, as this saves both time and costs. Internet of Things/ServicesLike smartwatches and wearables, the Internet of Things (IoT) is becoming increasingly established in working life. It is possible to improve numerous processes in logistics and production through automated communication of devices and sectors. IoT also generates significant added value in the traditional office area, for example, by integrating traditional workspace management with home automation systems. This way, it is possible to optimise the preparation and implementation of meetings, including automation of the telephone system, light control and the projectors. In combination with the functions of voice control, IoT is set to rapidly evolve into a powerful business tool and simplify the use of IT in companies.Windows 10 universal appsThe advantage of Windows 10 universal apps is that there is just one code for all device types. This will soon lead to an exponential increase in the programming and distribution of apps, both for private life and business life.About Matrix42Matrix42 is a top provider of workspace management software. The company offers forward-thinking solutions for modern work environments under its ‘Smarter workspace’ motto. More than 3,000 customers around the world, including BMW, Infineon, and Carl Zeiss, currently manage approximately 3 million workstations using workspace management solutions from Matrix42.Matrix42 operates successfully in seven countries – Germany, Austria, Switzerland, the Netherlands, the United Kingdom, Australia and the United States of America. The company’s headquarters are in Frankfurt am Main, Germany.Matrix42’s products and solutions are designed to manage modern work environments simply and efficiently – across physical, virtual, and mobile workspaces.Matrix42 focuses on user orientation, automation, and process optimisation. The company’s solutions meet the requirements of modern employees who want to work from any location using a wide range of devices, while also addressing the needs of IT departments and businesses.Matrix42 offers its solutions to organisations across different sectors who value forward-looking and efficient workspace management. The company also successfully collaborates with partners who provide on-site consultation to Matrix42 customers. Some of these leading partners include TAP.DE Solutions GmbH, Consulting4IT GmbH, and DSP IT Service GmbH. For further information, visit: http://www.matrix42.com/ Press contact Matrix42Harald KnapsteinVice President MarketingTel.: (+49-6102) 268Mobile: (+49-172) 656-6258Fax: (+49-6102) 816-100www.matrix42.com/en Adam OsmanPublic Relations, Matrix42Tel: 07976 891 335adam.osman@matrix42.com Source: RealWire
↧
Anam Technologies endorsed as inventor of SMS Home Routing
European Patent Office (EPO) dismisses appealDublin, December 2, 2015. The Appeals Board of the European Patent Office (EPO) last week dismissed an Appeal in Opposition proceedings which sought to revoke Anam’s patent (EP 1683375 B1) on SMS Home Routing. The decision conclusively held that Anam’s patent for an SMS routing system that allows Mobile Network Operators to offer SMS value added services, was both novel and inventive. The decision by the EPO Appeals Board in Munich brings seven years of opposition proceedings to conclusion. Initially filed in 2004, the routing technique is today central to how Mobile Operators are implementing new monetisation strategies. Referred to in the Industry as “Transparent SMS Home Routing”, this ingenious technique gives the mobile network operator full visibility and control of all SMS traffic being delivered to its subscribers, even when they are roaming. A compelling feature of Anam’s patented technique is that it does not require any change in message handling for the interconnecting networks.Company Founder Louise O’Sullivan, who attended the appeal hearing, sees the decision as indicative of Anam’s technical prowess in the sector. “Retaining the patent after such rigorous testing is a resounding endorsement. Our position as the foremost provider of SMS Firewalling technology is beyond question”. The routing technique is central to how SMS Firewalls are best deployed by Mobile Operators to protect their subscribers against SPAM, fraudulent & grey route SMS traffic. Mobile Operators can also generate new revenue by using the Anam invention to expose “free loading” A2P traffic on their networks and moving it onto a paid footing. In the wake of OTT services growth, Operators are actively looking at introducing other new revenue generating Value Added Services using the Home routing capability. Truly delighted with the outcome of the appeal court, Anam’s CTO and Inventor of the patent, John Murtagh flagged impact beyond the SMS arena stating “the technology behind the patent is fundamental to SS7 firewalling”. He goes on “SMS Home Routing plays a central role in the measures that a Mobile Network Operator would deploy to counteract SS7 attacks based on the inherent vulnerabilities with the global SS7 network”. This means that the technology can be used to secure networks against well publicised hacking attempts. The decision is also welcomed by Anam’s R&D Board Chairman, Professor Gerry Byrne who is responsible for driving Anam’s Technology Innovation programme. “I am delighted to be leading the creative process at Anam and the EPO’s acknowledgement of such a widely used invention is huge encouragement for the team.About Anam TechnologiesAnam Technologies Limited (http://www.anam.com/) is a Global company focussed on solutions to secure and monetise Mobile Operator Networks. Anam’s technology has been deployed in over 60 networks worldwide.Anam’s SMS ASSURE product combines a patented SMS Firewall with a suite of Managed Services that enables mobile operators to fully monetise A2P SMS. In addition to generating new revenue on the mobile messaging channel, the firewall technology allows for filtering of unwanted SMS traffic (SPAM). Anam’s patent-protected SMS Home Routing™ is the basis of its intelligent & transparent firewall platform. Anam’s solutions are easily integrated into the network or deployed as cloud-based services.Anam Technologies is a private company headquartered in Dublin, Ireland with an office in Malaysia and Managed Services presence also in Hong Kong and Vietnam. ContactMary Therese Fitzpatrick, Director of Marketing; Anam Technologies Limited; http://www.anam.com/ Email: mary-therese.fitzpatrick@anam.com; Mobile: +353.87.2497543Source: RealWire
↧
RiskIQ Makes Facebook ThreatExchange Data Accessible within PassiveTotal
Company will also share Intelligence on Web Threats, Malvertising and Malicious Mobile Apps with ThreatExchange Community SAN FRANCISCO, USA & LONDON, UK, Dec. 2, 2015 - RiskIQ, the leading security company defending organisations from threats beyond the perimeter, today announced that its PassiveTotal threat infrastructure analysis product will provide a visual front end for Facebook’s ThreatExchange. With this integration, RiskIQ customers have the option to centralise data from ThreatExchange alongside critical data sets such as passive DNS, WHOIS, and SSL Certificates within PassiveTotal to accelerate security investigations and automate the sharing of findings with the community.“Sharing threat intelligence, whether it’s private sharing of attack campaigns, long-form reports on threat actors or just public lists of indicators, is the most effective way for organisations to pre-empt and protect themselves from attacks,” said Elias Manousos, CEO of RiskIQ. “We believe the process of sharing should occur without friction and that’s why we’ve added full integration of Facebook’s ThreatExchange within the PassiveTotal platform. We are also sharing data from RiskIQ researchers with ThreatExchange to further arm the community with actionable intelligence.” To automate intelligence sharing with the ThreatExchange community, PassiveTotal allows users to set global controls on how, with whom and what data is shared. Once the initial configuration is complete, users can simply begin searching within PassiveTotal much like they normally would. When data related to a search is found within ThreatExchange, PassiveTotal will display a tab and show the specific data along with who submitted it into the exchange. Additionally, when available, PassiveTotal will automatically extract details such as tags or the status of an indicator, including malicious, suspicious, etc. For real-time sharing, PassiveTotal can be configured to automatically add findings to ThreatExchange as investigations are being conducted. For example, a group of individuals that know and trust each other can instantly work as an ad-hoc team to help protect their peers’ organisations while they are protecting their own company. The addition of ThreatExchange to the PassiveTotal platform can facilitate larger, inter-company intelligence sharing efforts that previously would only be performed through email, if at all.AvailabilityPassiveTotal with ThreatExchange integration is available immediately. RiskIQ threat data is publicly available in ThreatExchange under a TLP GREEN designation.About RiskIQRiskIQ provides organisations the visibility and intelligence they need to secure their Enterprise Digital Footprint and to map their Adversaries’ infrastructure. RiskIQ products, powered by a global proxy network, virtual user technology and threat analysis engine, allow organisations to get an actionable and timely picture of both their own and their adversaries infrastructure to proactively defend against threats targeting their websites, mobile applications, brands, customers, and employees. Leading financial institutions, insurance providers and consumer as well as B2B brands use RiskIQ to protect themselves and their users from code level threats, malware, phishing, social media attacks and fraud. RiskIQ is headquartered in San Francisco and backed by growth equity firms Summit Partners and Battery Ventures. To learn more about RiskIQ, visit http://www.riskiq.com/.Media Contact:Gemma Smith Atomic PR for RiskIQ+44 (0)207 025 7507gemma@atomicpr.com # # #Source: RealWire
↧
Chinese Hacker Group Uses Dropbox for Malware Command and Control
NEWS ANALYSIS: The current malware threat isn't targeting U.S. interests now, but the hacker group could easily turn its attention in that direction as it has in the past.
The Chinese cyberthreat group known a...
↧
↧
VTech Admits Lack of Database Security Opened Door to Hack
A SQL injection, a common software flaw, was found to be the root cause in the VTech breach.
VTech Holdings is now admitting to at least one of the root causes behind the breach that exposed information on millions of children and parents. In an update to the Frequently Asked Questions (FAQ) about the breach on Dec. 1, VTech now admits that its database security was lacking.
"Regretfully our Learning Lodge, Kid Connect and PlanetVTech databases were not as secure as they should have been," VTech stated. "Upon discovering the breach, we immediately conducted a comprehensive check of the affected site and have taken thorough actions against future attacks. All other VTech online systems have not been affected."
The database weakness is related to a class of security vulnerability known as SQL injection. SQL injection is not a new class of vulnerability as it was first publicly discussed back in 1998 by security researcher Jeff Forristal. In a 2013 video interview, Forristal said he wasn't surprised that SQL injection is still a common vulnerability that is widely exploited.
"It is not surprising that this [VTech] breach would occur through SQL injection as this is among the most common and threatening Web flaws," Craig Young, cyber-security researcher at Tripwire, told eWEEK.
Young explained that SQL injection is one of the most prevalent Web security flaws, in which the attacker is able to alter the meaning of commands relayed to a database server. This is possible when data from a Web request is directly used to construct the database (SQL) query without replacing unsafe characters. He noted that sophisticated tools exist to automate the process of finding and exploiting SQL injection flaws, including a tool known as SQLmap, which enables even unskilled attackers to gain extensive access into a system.
Since SQL injection vulnerabilities often give direct access to a back-end database via a front-end Website, it's not surprising that a SQL injection flaw was the root cause in the VTech breach, said Tod Beardsley, research manager at Rapid7.
"The data stolen was likely stored in a database that had a straight-line relationship with a front-end Website," Beardsley told eWEEK. "Of course, the attacker could have used SQL injection to go back to databases that aren't directly connected to the Internet, but it doesn't seem to be the case in this instance."
Beardsley added that the risk of a data leak exponentially increases when photographs, chat logs or any type of data is accessible via the front end of a Website.
"Organizations can start protecting themselves and their customers by only collecting the data that is actually needed, and making it easy for customers to review and delete stored data routinely," Beardsley said.
It's also a good idea for organizations to limit the risk of SQL injection in the first place. Programmers only need to use parametrized queries to thwart SQL injection attempts entirely, according to Young.
"This technique allows the database engine to know precisely how the input was intended to be used such that there is virtually no risk of it being misinterpreted," he said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
↧
Genomics England Selects Skyscape To Support 100,000 Genomes Project
Assured cloud services provider selected via G-Cloud to deliver Infrastructure-as-a-Service solutionsLondon – 3 December 2015 – Skyscape Cloud Services Limited, the easy to adopt, easy to use and easy to leave cloud services company, today announced that it has been chosen by Genomics England to deliver Compute-as-a-Service solutions to support the 100,000 Genomes Project, which aims to make the UK a world leader in genomics research.The Project is currently focused on sequencing whole genomes of patients with certain rare diseases and cancers, where scientists believe they can have the greatest impact on diagnosis and treatment. Technologies such as cloud computing are helping to significantly reduce the cost of genome sequencing which will enable whole genome sequencing to become part of NHS mainstream healthcare in the future.Key to Genomics England’s decision was Skyscape’s heritage as a trusted UK government cloud services provider, with the highest possible levels of resilience and security. Skyscape’s full service catalogue is suitable for all data at OFFICIAL (including OFFICIAL SENSITIVE) under the Government Security Classification Policy. Skyscape was also the first cloud provider to achieve N3 aggregator status, enabling it to better serve the healthcare community. Genomics England will leverage the Skyscape Compute-as-a-Service platform for the processing and analysis of genomic data. Genomics England will build a high performance compute cluster that will drive over 20,000 CPU cores. The Genomics England solution will utilise Skyscape’s two UK data centres to host a private cloud and will be available to health and social care organisations via the N3 network. “Given the nature of our work and the sensitive patient data that we are entrusted with, it was crucial that we enlisted the help of a cloud services provider with an exemplary record when it comes to security,” said Dave Brown, Head of Infrastructure at Genomics England. “Indeed as a public body, value for money and scalability were also top of our list of priorities. As a result, we turned to the G-Cloud Framework to ensure that we selected a fully accredited and flexible supplier and are delighted to be working with Skyscape on the Project.”“As is the case for any public sector body, security and value for money were essential for Genomics England and we are proud to be supporting the vital work of the 100,000 Genomes Project with our IaaS solutions,” said Simon Hansford, Skyscape Cloud Services’ CEO. “This is also the latest customer-win for Skyscape via the G-Cloud Framework, which continues to benefit SMEs by enabling competitive and innovative suppliers to reach the public sector market. Our work with Genomics England also demonstrates the part that G-Cloud has to play in supporting transformational projects such as this with flexible and massively scalable cloud solutions, without compromising on security.”- ends -About Skyscape Cloud ServicesSkyscape’s assured cloud solutions have been specifically designed to meet the needs of the UK public sector, delivering UK sovereign services that are easy to adopt, easy to use and easy to leave, with genuine pay by the hour consumption models. Skyscape is a certified Public Services Network (PSN) service provider and its full range of services has been accredited by CESG Pan Government Accreditor (PGA). As a UK SME, Skyscape has won a number of high-profile contracts via the G-Cloud Framework and is a key supporter of the programme. Its services are delivered with leading technologies from the Skyscape Cloud Alliance Partners: QinetiQ, VMware, Cisco, EMC and Ark Data Centres. Skyscape has been named a “Cool Vendor” by analyst firm, Gartner. To learn more about Skyscape, visit www.skyscapecloud.com or follow on Twitter @skyscapecloud Media ContactsCharlotte MartinJohnson King, a Finn Partners Company +44 (0)20 7401 7968SkyscapeTeam@finnpartners.co.ukAbout Genomics EnglandGenomics England is a company owned by the Department of Health and was set up to deliver the 100,000 Genomes Project. This flagship project will sequence 100,000 whole genomes from NHS patients and their families.Genomics England has four main aims:to bring benefit to patientsto create an ethical and transparent programme based on consent to enable new scientific discovery and medical insightsto kickstart the development of a UK genomics industryThe project is focusing on patients with rare diseases, and their families, as well as patients with common cancers. ContactKatrina Nevin-Ridley, Director of Communications Phone: 0207 882 6493Email: katrina.nevin-ridley@genomicsengland.co.uk@GenomicsEngland #genomes100kSource: RealWire
↧
New Vulnerability Update: Bundling With Adobe Flash® Exposes Windows® and Microsoft® Had More Vulnerable Products
For the first time since the report was introduced in 2014, IBM® does not top the list as the vendor with the most vulnerable products. Maidenhead, U.K. – December 3, 2015. Flexera Software, the leading provider of next-generation software licensing, compliance, security and installation solutions for application producers and enterprises, today released a Vulnerability Update covering the Top 20 products with the most vulnerabilities in August, September and October 2015. The total number of recorded vulnerabilities in the three Top 20’s was 2,450, and with 12 product entries, Microsoft products outnumber IBM’s eight product entries. The Vulnerability Update is a recurring report based on data from Flexera Software’s Vulnerability Database. The report provides a Top 20 per month of products with the most vulnerabilities recorded over a three month period, along with brief comments from Secunia Research at Flexera Software.In this edition, Secunia Research provides commentary on QNAP® NAS, a network attached storage device, used for data storage by private users and small businesses, and on vulnerabilities in security tools like AlienVault Unified Security Management™ (USM). And the report puts Microsoft as the vendor with the most vulnerable products over the three month period – a position held by IBM in previous Vulnerability Updates. “The reason so many Microsoft products are in the Top 20 lists this time is that both Microsoft Internet Explorer and Microsoft Edge come bundled with Adobe Flash, adding the 35 Flash vulnerabilities listed in August to Windows 8 and upwards. This means that for Windows systems from 8 and later, the 35 vulnerabilities in Adobe Flash Player are added to the Microsoft vulnerabilities, resulting in these products climbing higher than they otherwise would,” explained Kasper Lindgaard, Director of Secunia Research at Flexera Software.New lesson: Start patching your fridge!The report also touches on one of the new challenges facing the IT industry: the Internet of Things (IoT), which is bringing more internet-connected devices into businesses and the homes of consumers. IoT impacts both the ‘old’ IT guard - application producers, and the security community - and newcomers, like manufacturers creating Internet-connected intelligent devices, who must start integrating software security into their product strategy. “With the IoT trend comes the necessity to educate businesses and consumers and get them to treat their connected devices – from telecommunications equipment and medical devices to toasters, thermostats and cars - like their PC’s, full of updateable software that can be vulnerable to hackers,” said Lindgaard, “We need to get businesses and consumers to start applying security updates to their devices, just as they should be doing to the software on their PCs and mobiles. The problem is, that even though we have been trying to get the “apply security updates” message across for more than 10 years, consumers still are not sufficiently aware that they need to do so.” You can download the Vulnerability Update here: https://secunia.com/resources/reports/vulnerability-update/?utm_source=MarketWire&utm_medium=PR&utm_campaign=VulnUpdate5 # # #Resources:Learn more about Flexera Software’s:Vulnerability Intelligence ManagerCorporate Software InspectorPersonal Software Inspector Follow Flexera Software…on LinkedInon Twitteron Facebookon Google+via RSSAbout Flexera Software Flexera Software helps application producers and enterprises increase application usage and security, enhancing the value they derive from their software. Our software licensing, compliance, cybersecurity and installation solutions are essential to ensure continuous licensing compliance, optimised software investments, and to future-proof businesses against the risks and costs of constantly changing technology. A marketplace leader for more than 25 years, 80,000+ customers turn to Flexera Software as a trusted and neutral source of knowledge and expertise, and for the automation and intelligence designed into our products. For more information, please go to: http://www.flexerasoftware.com/.Secunia – now Flexera SoftwareIn September 2015, Flexera Software acquired Secunia, adding Secunia’s Software Vulnerability Management solutions to complement Flexera Software’s Software License Optimisation and Application Readiness solutions. Under Flexera Software, Secunia Research continues to perform vulnerability verification, issue Secunia Advisories and publish data on the global vulnerability landscape.For more information, contact:Vidushi Patel/ Nicola MalesVanilla PRprflexera@vanillapr.co.uk +44 7958474632 / +447976652491Copyright© 2015 Flexera Software LLC. All other brand and product names mentioned herein may be the trademarks and registered trademarks of their respective owners.Source: RealWire
↧
