Author Archives: Dean Alvarez

Drone Industry Welcomes World’s First Ever Drone Standards.

Today, the first ever worldwide Standards for the drone industry are being released by the International Standards Organisation (ISO)*.

The new, long awaited Standards have been developed after several years of global collaboration between standards institutions from across the world and are expected to trigger rapid acceleration of growth within the drone industry as organisations throughout the world are galvanised to adopt drone technology against a new background of reassurance on safety and security. The new Standards will play an essential role in guiding how drones are used safely and effectively in a framework of regulatory compliance.

The ISO Draft International Standards for Drone Operations are formally released today for public consultation, with drone professionals, academics, businesses and the general public being invited to submit comments by 21 Jan 2019 with final adoption of these Standards expected in the US, UK and worldwide in 2019.

Today’s announcement by ISO is the first important step in the standardisation of the global drone industry, encompassing applications for all environments – Surface, Underwater, Air and Space. The first drone Standards, announced today, are particularly significant for the general public and Government, in that they address Operational Requirements of the more recognised and prevalent aerial drones, including protocols on Safety, Security and overall ‘Etiquette’ for the use of drones, which will shape regulation and legislation going forward. They are the first in a four part series for aerial drones, with the next three addressing General Specifications, Manufacturing Quality and Unmanned Traffic Management (UTM).

Air safety
A prime characteristic of the ISO Standards announced today, is their focus on air safety, which is at the forefront of public attention in connection with airports and other sensitive locations. The new Standards act as a new ‘etiquette’ for drones which promote and reinforce compliance regarding no-fly zones, local regulation, flight log protocols, maintenance, training and flight planning documentation. Social responsibility is also at the heart of the Standards, strengthening the responsible use of a technology that aims to improve and not obstruct everyday life. The effectiveness of the Standards in improving air safety will be further strengthened by the rapid development of geo-fencing* and of counter-drone technology*, providing frontline protection against ‘rogue’ drone use.

Privacy And Data Protection
The Standards are also set to address public concerns surrounding privacy and data protection, demanding that operators must have appropriate systems to handldata alongside communications and control planning when flying. The hardware and software of all related operating equipment must also be kept up to date. Significantly, the fail-safe of human intervention is required for all drone flights, including autonomous operations, ensuring that drone operators are accountable.

The Exciting Future For Drones
Empowered by Standards, drones are set to provide the key to some of the most pressing economic, transport, security, environmental and productivity challenges faced by governments and industry throughout the world, reducing road traffic, easing congestion, saving lives through a reduction in accidents and reducing pollution in our cities. As well as speeding up the delivery of large-scale infrastructure projects, drones are expected to reduce the need for some major transport projects altogether.

New exciting applications for drones are being developed daily. In particular revolutionary approaches are emerging for freight and passenger transportation, with drones providing a cost-effective and environmentally responsible alternative to traditional methods, relieving the burden on our already stretched road traffic system. Further applications in the agricultural, maritime, construction and energy sectors, among others, are already transforming businesses, with all industries and business sectors set to benefit from the Standards-led adoption of drone technology.

The Impact On UK Plc
Excitement surrounding the growth potential of the drone industry worldwide has been fermented through attempts to forecast its economic impact. For instance, PWC recently predicted that the UK aerial drone industry will contribute £42 billion and 628,000 jobs to the UK economy by 2030, while Goldman Sachs estimate that drones worldwide are evolving into a $100 billion market by 2020. But these predictions only address aerial drones, and it is therefore clear that the economic benefits offered by drone technology are vast, and set to grow further, particularly when Surface, Underwater, Air and Space applications are taken into account in their entirety.

Commenting on today’s announcement, Robert Garbett*, Convenor of the ISO Working Group responsible for global drone operational Standards, Chairman of the BSI Committee for UK Drone Standards and Founder of Drone Major Group, the world’s first global drone consultancy, said: “I am delighted that we have now reached the point where the first ever Standards for the global drone industry are ready for public consultation after 3 years of hard work and international cooperation between ISO, BSI and Standard’s bodies across the world, with final adoption expected in 2019. These Standards will undoubtedly lead to a new confidence in safety, security and compliance within this dynamic industry, resulting in a massive expansion in the availability and use of drone technology in the years to come.”

“Drones represent a global phenomenon and an unprecedented economic opportunity for any country which embraces the technology. It’s very encouraging that the UK Government is a world leader in recognising the importance of this vital business sector. Informed by the first drone Standards, it is expected that the forthcoming UK Drone Bill*, due in early 2019 will create a regulatory framework that allows the industry to flourish in an environment that is both safe and responsible. My conversations with drone buyers, manufacturers, users and the wider public indicate that these Standards are warmly and enthusiastically welcomed by all. I would encourage all those with an interest in drones to engage with the consultation process so that no stone has been left unturned in our quest for the creation and adoption of best-practice drone Standards.”

[tpr-boilerplate company=’null’]

The post Drone Industry Welcomes World’s First Ever Drone Standards. appeared first on IT SECURITY GURU.

80% Of European Magento Websites At Risk From Hackers Due To Simple Security Oversight.

Security web scans and analysis on over 80,000 European Magento websites – the most popular e-commerce platform globally – reveal 80% are at risk from cyber criminals, according to leading global cybersecurity experts.

The latest survey carried out by Foregenix in October identifies the most significant vulnerability for European SMEs is hackers looking to exploit the absence of critical security patches.

Global cybersecurity experts Foregenix, which has offices in the UK and Germany, found almost 90% of websites using Magento 1 were at risk, however, the figures fell sharply to under 40% for Magento 2 websites.

The global analysis – which examined over 170,000 Magento websites in total – also reveals that 1.5% of these sites (2,548) are infected with malware. Out of these infected sites, 1,591 were compromised by credit / debit card stealing malware which is actively harvesting their customers’ sensitive data for subsequent sale and / or fraud.

A further 2.3% of all websites are vulnerable to Magento Shoplift, a vulnerability which was disclosed and patches made available in January 2015. This allows hackers to completely administer the website remotely, steal sensitive data and even order items for free through a single exploit command, which is publicly available.

The cybersecurity company, which is renowned globally for its work on payment security, has an active threat intelligence team researching and analysing attack trends, with a strong focus on the e-commerce sector.

Unveilin the research for the first time at Payment Card Industry Security Standards Council European Community Meeting in London, Foregenix’s CEO Andrew Henwood said:

‘While the figures for Europe are of great concern, they are roughly in line with our findings for many other regions such as North America.

‘The issues highlighted are a truly global problem, which threatens to undermine confidence in e-commerce, especially in markets leading the way in online sales such as the UK. Repercussions as a result of compromises are heavy penalties by card providers and these put many smaller traders at risk.

‘Magento and other e-commerce platforms release regular software updates in response to vulnerabilities. These security patches, if not used, can leave websites highly vulnerable to hacking and loss of sensitive data.

‘Online businesses often assume web developers, agencies and hosting providers take care of security. Design agencies are great at producing beautiful, transactional websites that sell their wares, but their expertise on security issues generally isn’t as well developed. Agencies and their clients need to be aware of e-commerce security issues, as even a single breach can be devastating for a small business.

‘Simple precautions can make a real difference to reducing a company’s risk from criminals such as regularly patching, changing default settings on the administration interface and using stronger passwords with multi-factor authentication. Risk can never be entirely eliminated, so companies should also consider investing in a partnership with a cybersecurity specialist organisation and cyber insurance policy.‘

Any business that wants to know whether its website is secure can scan externally for free, using similar technology that detected the issues above at http://webscan.foregenix.com

www.foregenix.com

[tpr-boilerplate company=’null’]

The post 80% Of European Magento Websites At Risk From Hackers Due To Simple Security Oversight. appeared first on IT SECURITY GURU.

Retailers Acting Quickly To Fix Flaws In Software But Code Quality Issues Remain Rampant.

Veracode’s latest State of Software Security report (SoSS) revealed retail is faster than most industries when it comes to addressing common vulnerabilities found in software. The global report found retail is second only to healthcare in its speed of shutting down flaws, which reduces risk exposure.

However, two-thirds (66%) of current applications used by retailers are at risk from information leakage attacks, in which an application reveals sensitive data that can be used by an attacker to exploit the target web application, its hosting network, or its users. The retail sector reported the third-most information leakage issues behind the technology and financial services industries.

Veracode’s report also investigated flaw persistence, or how long a flaw lingers after first being discovered. The report showed healthcare and retail are reducing their risk the fastest, with the retail sector remediating a quarter of vulnerabilities in 14 days and 50 percent of flaws in 64 days. In fact, retail outpace the average speed of fix at every interval across all industries, meaning the sector remains consistent with its urgency in closing vulnerabilities.

Even as it is making strides reducing risk, retail recorded the highest amount of code quality flaws of all other verticals at 65 percent. Code quality is the third most common vulnerability category in all industries, following information leakage and cryptographic issues, suggesting this is an industry-wide dilemma with developing quality code.

“In the wake of GDPR, it’s vital that retailers have visibility into risk associated with code flaws,” said Paul Farrington, Director of EMEA and APJ at Veracode. “With the busy holiday shopping season arriving, vulnerabilities in applications can allow attackers seeking sensitive information such as consumer payment data a way in. Many retailers are showing an aptitude for remediating flaws quickly to help improve security and protect their high value information. This is promising, yet the persistence and prevalence of vulnerabilities that continues to plague retailers calls for both increased speed of fix and better prioritising which flaws to fix first.”

About Veracode
Veracode is a leader in helping organisations secure the software that powers their world. Veracode’s SaaS platform and integrated solutions help security teams and software developers find and fix security-related defects at all points in the software development lifecycle, before they can be exploited by hackers. Our complete set of offerings help customers reduce the risk of data breaches, increase the speed of secure software delivery, meet compliance requirements, and cost effectively secure their software assets- whether that’s software they make, buy or sell.

Veracode serves over 2,000 customers across a wide range of industries, including nearly one-third of the Fortune 100, three of the top four U.S. commercial banks and more than 20 of Forbes’ 100 Most Valuable Brands. Learn more at www.veracode.com, on the Veracode blog, on Twitter and in the CA Veracode Community.

Legal notice
Copyright © 2017 Veracode, Inc. All rights reserved. All other brand names, product names, or trademarks belong to their respective holders.

[tpr-boilerplate company=’null’]

The post Retailers Acting Quickly To Fix Flaws In Software But Code Quality Issues Remain Rampant. appeared first on IT SECURITY GURU.

DigiCert Selected By USB-IF To Operate Managed PKI For USB Type-C™ Authentication.

DigiCert, Inc., the world’s leading provider of TLS/SSL, PKI and IoT security solutions, has been selected by USB Implementers Forum (USB-IF) to operate registration and certificate authority services for the USB Type-C™ Authentication specification. Using cryptographic-based authentication, the optional security protocol is designed to further strengthen USB Type-C’s position as the global standard for connecting and charging devices.

USB Type-C Authentication gives OEMs the opportunity to use certificates that enable host systems to confirm the authenticity of a USB device or USB charger, including such product aspects as the descriptors, capabilities and certification status. This protects against potential damage from non-compliant USB chargers and the risks from maliciously embedded hardware or software in devices attempting to exploit a USB connection.

“USB Type-C adoption continues to grow and the interface is quickly establishing itself as the solution of choice for connecting and charging an endless variety of devices,” said Jeff Ravencraft, USB-IF President and COO. “USB-IF is eager to work with DigiCert to manage our certificate authority for USB Type-C Authentication, which will further support the USB ecosystem.”

“DigiCert is excited about being chosen to provide PKI services for the USB-IF, and the opportunity to advance secure authentication for the USB Type-C Authentication specification,” said Deepika Chauhan, executive vice president of emerging markets at DigiCert. “DigiCert looks forward to working with the more than 1,000 member companies of the USB-IF and the industry as a whole.”

DigiCert has proven to be the provider of choice for IoT device consortiums implementing certificate-based security programs. In addition to USB-IF, DigiCert is also in use by the WiMAX Forum, CI Plus, GSMA, WinnForum/CBRS, the Open Connectivity Foundation and AeroMACS. DigiCert’s scalability has stood the test of time, having already issued billions of certificates globally for IoT devices.

For more information about the USB Type-C Authentication specification, visit https://www.usb.org/sites/default/files/article_files/USB_Type-C_Authentication_PR_FINAL.pdf.

USB Type-C™ and USB-C™ are trademarks of USB Implementers Forum.

About DigiCert, Inc.

DigiCert is the world’s leading provider of scalable PKI solutions for identity and encryption. The most innovative companies, including the Global 2000, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS/SSL and other digital certificates for PKI deployments at any scale through its certificate lifecycle management platform, CertCentral®

. The company has been recognized with dozens of awards for its enterprise-grade management platform, fast and knowledgeable customer support, and market-leading growth. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.

[tpr-boilerplate company=’null’]

The post DigiCert Selected By USB-IF To Operate Managed PKI For USB Type-C™ Authentication. appeared first on IT SECURITY GURU.

BlackBerry To Acquire Cylance And Add Premier AI And Cybersecurity Capabilities.

BlackBerry Limited (NYSE: BB; TSX: BB) today announced it has entered into a definitive agreement to wholly acquire Cylance, an artificial intelligence and cybersecurity leader, for US $1.4 billion in cash, plus the assumption of unvested employee incentive awards. Pending regulatory approvals and other customary closing conditions, the deal is expected to close prior to the end of BlackBerry’s current fiscal year (February 2019).

“Cylance’s leadership in artificial intelligence and cybersecurity will immediately complement our entire portfolio, UEM and QNX in particular. We are very excited to onboard their team and leverage our newly combined expertise,” said John Chen, Executive Chairman and CEO of BlackBerry. “We believe adding Cylance’s capabilities to our trusted advantages in privacy, secure mobility, and embedded systems will make BlackBerry Spark indispensable to realising the Enterprise of Things.”

According to Gartner in its most recent Internet of Things Backbone Survey: security was cited as the top barrier to IoT success (35%), with privacy concerns (25%), and potential risks and liabilities (25%) also in the top five.

Cylance is a pioneer in applying artificial intelligence, algorithmic science, and machine learning to cybersecurity software that has proven highly effective at predicting and preventing known and unknown threats to fixed endpoints. The fast-growing company has become a market leader with an advanced and lightweight agent that resides on the endpoint, operates both online and off, and requires a minimum of memory and power to function. Founded in 2012, Cylance generates highly recurring revenue from over 3,500 active enterprise customers, including more than 20% of the Fortune 500.

“Our highly skilled cybersecurity workforce and market leadership in next-generation endpoint solutions will be a perfect fit within BlackBerry where our customers, teams and technologies will gain immediate benefits from BlackBerry’s global reach,” said Stuart McClure, Co-Founder, Chairman, and CEO of Cylance. “We are eager to leverage BlackBerry’s mobility and security strengths to adapt our advanced AI technology to deliver a single platform.”

BlackBerry Spark Platform

BlackBerry Spark is a next-generation secure chip-to-edge communications platform for the EoT that will create and leverage trusted connections between any endpoint. Designed for ultra-security and industry-specific safety-certifications, such as ISO 26262 in automobiles, BlackBerry Spark will leverage the company’s deep portfolio of technology that includes FIPS-validated, app-level, AES 256-bit encryption to ensure data is always protected. BlackBerry Spark enables organisations to comply with stringent multi-national regulatory requirements. In fact, BlackBerry is the only EoT platform provider to achieve Common Criteria EAL4+ for both iOS and Android, offering the highest level of security in the market.

BlackBerry expects that after the anticipated close of the transaction, Cylance will operate as a separate business unit within BlackBerry Limited.

Investor conference call details

BlackBerry will host an investor conference call beginning at 8:30 a.m. ET, Friday, November 16, 2018. The call can be accessed by dialing (866) 393-4306 and providing Conference ID #2284588, or live streamed on the company’s website at http://ca.blackberry.com/company/investors/events.html.

A replay of the call will be available on November 16, 2018 by dialing (855) 859-2056 and entering Conference ID #2284588.

Additional details on the acquisition and the two companies can be found at BlackBerry.com/Investors.

Perella Weinberg Partners LP acted as exclusive financial advisor and Morrison Foerster LLP acted as legal advisor to BlackBerry. Cylance was advised on the transaction by Morgan Stanley and Jones Day.

About BlackBerry

BlackBerry Limited (NYSE: BB; TSX: BB) enables the Enterprise of Things by providing the technology that allows endpoints to trust one another, communicate securely, and maintain privacy. Based in Waterloo, Ontario, the company was founded in 1984 and operates globally. For more information, visit www.BlackBerry.com and follow @BlackBerry.

About Cylance

Cylance develops artificial intelligence to deliver prevention-first, predictive security products and smart, simple, secure solutions that change how organisations approach endpoint security. Cylance provides full spectrum predictive threat prevention and visibility across the enterprise to combat the most notorious and advanced cybersecurity attacks. With AI-based malware prevention, threat hunting, automated detection and response, and expert security services, Cylance protects the endpoint without increasing staff workload or costs. We call it the Science of Safe. Learn more at www.cylance.com.

Forward-looking statements in this news release are made pursuant to the “safe harbor” provisions of the U.S. Private Securities Litigation Reform Act of 1995 and applicable Canadian securities laws. When used herein, words such as “expect”, “anticipate”, “estimate”, “may”, “will”, “should”, “intend”, “believe”, and similar expressions, are intended to identify forward-looking statements. These forward-looking statements include statements relating to the proposed acquisition of Cylance and expectations regarding the timing and benefits thereof. Forward-looking statements are based on estimates and assumptions made by BlackBerry Limited in light of its experience and its perception of historical trends, current conditions and expected future developments, as well as other factors that BlackBerry believes are appropriate in the circumstances. Many factors could cause BlackBerry’s actual results, performance or achievements to differ materially from those expressed or implied by the forward-looking statements, including the risk that BlackBerry may be unable to obtain regulatory approvals required for the proposed acquisition or may be unable to obtain those approvals on favorable terms; the risk that the required regulatory approvals may delay the proposed acquisition; the risk that a condition to the closing of the proposed acquisition may not be satisfied or the acquisition agreement may be terminated prior to closing; risks associated with the integration of the Cylance business; and those risks described in the “Risk Factors” section of BlackBerry’s Annual Information Form, which is included in its Annual Report on Form 40-F (copies of which filings may be obtained at www.sedar.com or www.sec.gov). These factors should be considered carefully, and readers should not place undue reliance on BlackBerry’s forward-looking statements. BlackBerry has no intention and undertakes no obligation to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise, except as required by law.

BlackBerry and related trademarks, names and logos are the property of BlackBerry Limited and are registered and/or used in the U.S. and countries around the world. All other marks are the property of their respective owners. BlackBerry is not responsible for any third-party products or services.

[tpr-boilerplate company=’null’]

The post BlackBerry To Acquire Cylance And Add Premier AI And Cybersecurity Capabilities. appeared first on IT SECURITY GURU.

Netskope Expands Amazon Web Services Security Capabilities With Insider Threat Protection, Continuous Security Assessment Enhancements.

Netskope, the leader in cloud security, today announced the release of several enhancements to Netskope for IaaS. For Amazon Web Services (AWS), enterprises can now use Netskope to create and enforce policies prohibiting data exfiltration from managed to unmanaged Amazon S3 buckets. Organizations can also achieve their compliance objectives with a continuous view of cloud inventory, and identify assets that may need configuration remediations. In addition to these enhancements to Netskope for AWS, the company also introduced a multi-cloud dashboard and report for organizations that use more than one cloud infrastructure provider.

AWS provides two primary controls for defining authorized access control policies for S3. Enterprises can define user permissions with identity and access management (IAM) policies to control what resources users have access to and what actions are allowed or denied for each role. Enterprises can also define bucket policies to prescribe the permissible actions on buckets. Many organizations, however, still grapple with how to ensure users with legitimate access to data stored in S3 buckets are not inadvertently or maliciously uploading that data to an unsanctioned or non-corporate S3 bucket.

Powered by the patented Netskope Cloud XD technology, these industry-first capabilities enable customers to use Netskope to monitor and prevent data movement to S3 buckets outside of an organization’s control. Netskope for AWS enables customers to apply granular control policies that allow copy/sync to managed buckets but prevent copy/sync to unmanaged ones. With a list of approved accounts and buckets that is automatically and continuously updated, customers can create real-time policies to whitelist bucket activities like copy/sync to or from specific buckets, and block the action for unapproved buckets. Other data exfiltration paths can also be thwarted, such as blocking users uploading data from their machine to unmanaged buckets.

Netskope enhancements to the continuous security assessment for AWS include:

● Simplified cloud compliance for large multi-cloud environments: Most large enterprises operate in multiple clouds and have large numbers of accounts. The new Netskope user interface, powered by our unique “One Cloud” architecture, provides a comprehensive view of public cloud infrastructure. Administrators have an overview of the application spread across multiple clouds summarized by view of all their cloud infrastructure, and can drill down by filtering on Cloud Service Provider, Account, Tags, and more; thereby removing the need for “swivel-chair administration” by logging into multiple consoles.

● Asset inventory: See cloud infrastructure assets and resources from a single dashboard. View inventory and manage risk of cloud resources across CSPs, drilling down into details with an asset oriented view of your cloud risks.

● Expanded configuration checks: Configuration drift may occur due to one time changes or deployment scripts changes. These can now be identified easily with over 40 out-of-the-box configuration checks. They include correlation configuration checks that look at multiple layers of controls to find misconfigurations that expose resources in your environment. These checks go beyond the basic compliance checks to produce higher fidelity, more actionable alerts. For example, these checks will identify security groups that expose SSH to the internet for EC2 instances that are currently running and have internet connectivity.

In addition to these enhancements to Netskope for AWS, Netskope also announced the availability of a multi-cloud dashboard and a reporting framework that delivers on-demand and on-schedule compliance reports for customers that use more than one cloud infrastructure provider. With today’s release, customers can use an intuitive new user interface that gives an aggregated view of security and compliance posture across multiple cloud providers. With this new view, admins can find quickly find misconfigurations, security threats, view compliance status and gaps and remediate them.

“Data breaches resulting from leaky public cloud infrastructure like Amazon S3 buckets are a major concern for enterprises, and today’s announcement will go very far in protecting our customers from inadvertent or malicious insider threats,” said Sanjay Beri, founder and CEO, Netskope. “We look forward to working with enterprises around the world to help them realize the benefits of public cloud infrastructure without sacrificing security. ”

Netskope is unique in its ability to identify all managed and unmanaged AWS, Microsoft Azure, and Google Cloud Platform (GCP) instances inside of an enterprise, identify the owner of the instance, audit all activities, and protect against deliberate or inadvertent exposure of sensitive data. Similarly, it can also prevent malware and ransomware in these instances. No other CASB provides this capability across the broad spectrum of enterprise IaaS use.

About Netskope
Netskope is the leader in cloud security. We help the world’s largest organizations take full advantage of the cloud and web without sacrificing security. Our patented Cloud XD technology eliminates blind spots by going deeper than any other security provider to quickly target and control activities across thousands of cloud services and millions of websites. With full control through one cloud-native interface, our customers benefit from 360-degree data protection that guards data everywhere and advanced threat protection that stops elusive attacks. Netskope — smart cloud security.

[tpr-boilerplate company=’null’]

The post Netskope Expands Amazon Web Services Security Capabilities With Insider Threat Protection, Continuous Security Assessment Enhancements. appeared first on IT SECURITY GURU.

Ping Identity Announces Additions To Leadership Team.

Ping Identity, the leader in Identity Defined Security, today announced the addition of two new executives to its leadership team. Bernard Harguindeguy is now Chief Technology Officer (CTO) and Richard Bird has been appointed Chief Customer Information Officer (CCIO). These senior leaders bring much knowledge expertise to the organisation, with strong backgrounds in the API security and identity and access management (IAM) industries.

Bernard Harguindeguy, Chief Technology Officer

Bernard Harguindeguy joined Ping in June 2018 through the acquisition of Elastic Beam, where he was the CEO and founder. Elastic Beam revolutionised the use of artificial intelligence (AI) to protect API infrastructures from cyber attacks, and deliver deep insight into API access and usage.

Since then, he has been serving as senior vice president of intelligence, driving market awareness to the economic benefits that APIs and digital transformation initiatives can bring to global businesses. Taking on the new role of CTO will allow him to continue this work, while also evolving the company’s technology strategy. Bernard will help drive overall product direction and innovation by offering world-class technologies to our customers. He has extensive experience in virtual data centers and security from his roles as CEO of Atlantis Computing, GreenBorder and WorldTalk, and in identity management at Critical Path, where he was the EVP and GM of that business unit.

Richard Bird, Chief Customer Information Officer

As Chief Customer Information Officer, Richard Bird is a welcome addition to the Ping family. As part of his new responsibilities, he will act as an adviser to the Ping Identity community and the global marketplace. His unique perspective will explore the most challenging identity and cyber security issues faced in today’s world.

He brings more than 20 years of corporate business, technology and security operations experience to the table. This includes serving as an executive director in the office of the CISO advisory practice at Optiv, the global head of identity and access management for JPMorgan Chase, and the chief information security officer for Mettler-Toledo. An author and frequent speaker on a broad range of cybersecurity topics, Richard is widely recognised as an identity evangelist.

“The addition of Bernard Harguindeguy and Richard Bird underscores our unwavering focus on customer enablement and success. With their strong leadership and professional experiences, I believe we’re better positioned to deliver world-class intelligent identity security solutions. I’m excited to have their energy on our executive team,” shared Andre Durand, CEO of Ping Identity.

To learn more about Ping Identity and how it’s improving security and engagement with its Ping Intelligent Identity Platform, visit pingidentity.com.

About Ping Identity | The Identity Security Company

Ping Identity envisions a digital world powered by identity. As the identity security company, we simplify how the world’s largest organizations prevent security breaches, increase employee and partner productivity and provide personalized customer experiences. Enterprises choose Ping for our identity expertise, open standards leadership, partnership with companies like Microsoft, Amazon and Google, and collaboration with customers like Boeing, Cisco, GE, Kraft Foods, Walgreens and over half of the Fortune 100. The Ping Intelligent Identity Platform allows enterprises and their users to securely access cloud, mobile and on-premises applications while managing identity and profile data at scale. Architects and developers have flexible options to enhance and extend their existing applications and environments with multi-factor authentication, single sign-on, access management, directory, data governance and intelligent API security capabilities. Visit www.pingidentity.com.

[tpr-boilerplate company=’null’]

The post Ping Identity Announces Additions To Leadership Team. appeared first on IT SECURITY GURU.

Extortion phishing! Wide Ranging Email Attacks Landing In Aussie Inboxes.

A very-large extortion phishing scam began hitting inboxes early Wednesday AEST. There are several variations of the email scam, each attempting to blackmail their target.

The theme is the same – telling victims that sensitive, often deeply personal and embarrassing, information has been obtained, and threatening to publish the content unless a ransom payment is made in bitcoin.

Three variations of the scam are described below:

1) Stolen passwords

The first variation involves extortion emails informing recipients that their passwords have been hacked. Cybercriminals place the targets password within the email body or in the subject of the email

It is likely that the scammers obtained the credentials from a password list that included the recipient’s email address. These lists are often from a compromised service that the original hackers have displayed or sold on the dark web. In most cases, the credentials are outdated, however those that are clinging on to old passwords, could still be fooled. Recipients should change passwords immediately if still in use.

Another tactic in this scam is the reference to a CISCO router vulnerability. Well-known and publicized security holes or exploits are often mentioned in these attacks to boost the credibility of the scam.

Forging of the recipient’s email address to send the email, is another way scammers lend authenticity, by highlighting it within the body of the email as per the below:

“I understand that it is hard to believe, but here is my evidence:
– I sent you this email from your account.”

2) Embarrassing video footage

A different variation of the extortion phishing scam tells victims that the attackers have installed special software on their devices to record them when they are viewing adult content, as in Screenshot 2 attached above.

This attack preys on a fear of humiliation and embarrassment.

3) Personal browsing history

A third variation takes a similar approach, informing recipients that a trojan virus has been installed on their system, that has been monitoring the users’ activity for an extended period of time.

All variations of these extortion phishing email scams are attempting to blackmail recipients. Scammers inform victims that unless a ransom payment to a bitcoin wallet is received, the (supposedly hacked) confidential data or compromising footage will be published.

Scammers are attempting to blackmail me! Now what?

It is key to remember that these scams are all fake, and cybercriminals do not have any incriminating or personal information to use against you. Rather, they are trying to tap into your fears and paranoia.

This is a reminder to be careful about how we use our mobile devices and computers, and of the threat of online surveillance. Think carefully about what data is being stored or shared online that might be used against you.

To be safe, MailGuard suggests using unique passwords for every site you visit, and setting up 2 factor authentication where available.

[tpr-boilerplate company=’null’]

The post Extortion phishing! Wide Ranging Email Attacks Landing In Aussie Inboxes. appeared first on IT SECURITY GURU.

Global Survey Reveals Coming Shift In Cyber Security Priorities.

As the Barracuda team celebrates the company’s 15th anniversary this month, we’ve been thinking about how much technology has changed since 2003 when we launched our first email security solution. We wanted to see how our customers and channel partners feel about the past, present, and future of cyber security and how their approach has evolved over time.

We surveyed more than 1,500 IT leaders and security professionals in North America, EMEA, and APAC about their IT security priorities, how those priorities have shifted, and where they’re headed next.

Overall, the study indicates that while the top security priorities have remained consistent over the past 15 years, the types of threats organisations are protecting against has shifted significantly. Looking ahead, respondents believe that the cloud will be a higher priority 15 years in the future and that AI will be both a threat and an important tool. Let’s take a closer look.
Consistent focus on email and network security

The IT professionals we surveyed identified email and networks as their top two priorities in both 2003 and 2018. A full 25 percent of respondents said email was their top security priority in 2003, and 23 percent said the same about their current priorities. Network security came in a close second for both 2003 and 2018 priorities, with 24 percent and 22 percent respectively.
Evolution of email-borne threats

Although what organisations care most about protecting has stayed consistent over the past 15 years, the threat landscape has changed dramatically. Respondents identified viruses (26%) and spam and worms (18%) as the top two threats they were concerned about in 2003. When asked about current concerns, ransomware (24%) and phishing/spear phishing (21%) are topped the list.

This shift fits with how Barracuda’s approach to email security has developed over the years. Growing from the spam filter the company was founded on, Barracuda added critical capabilities to better fight much more targeted threats, such as spear phishing, phishing, zero-day malware, as well as secure data, and help with regulatory compliance. To keep up with changing threats and protect against phishing, spear phishing and other threats like account takeover and business email compromise, we were the first company to pioneer the use of artificial intelligence to stop spear phishing and detect account takeover, and we were the first company to add simulation and training to our email security portfolio.

Cloud security is a top priority for the future

While email and network security are currently a higher priority than cloud security for most of the IT professionals we surveyed, that order shifts when they look to the future. A full 25 percent said the cloud would be their most important security priority 15 years from now, outranking email, network, and data security, which were each selected by 14 percent of respondents.

This change has been gradual. Only 3 percent of respondents said cloud security was a top priority for them in 2003. That number went up to 14 percent when they were asked to rank their current security priorities. We don’t believe this shift means email protection will be less important to organisations in the future, simply that questions about how to secure the cloud loom large as IT professional try to predict the way their responsibilities will evolve over the next decade and a half.

AI: High hopes and big worries

Artificial intelligence is another technology that is top of mind for many of the IT professionals we spoke with—both as an opportunity to improve security and as a theat. It’s an interesting contrast.

A full 31 percent of respondents chose AI as the new technology that they will rely on to help improve security, and 43 percent identified the increasing use of artificial intelligence and machine learning as the development that will have the biggest impact on cyber security in the next 15 years. On the other hand, 41 percent believe the weaponisation of AI will be the most prevalent attack tactic in the next 15 years. We share our customers’ concern about the weaponization of AI. Imagine how social engineering attacks will evolve when attackers are able to synthesize the voice, image, or video of an impersonated target.

That’s why Barracuda has made significant investments in solutions powered by AI, such as Barracuda Sentinel, which provides AI-based protection from spear phishing, account takeover, and business email compromise. With our strong investment in AI and a robust big data infrastructure across our different products, we plan to stay several steps ahead in the upcoming cybersecurity AI arms race.

I recently spoke with BJ Jenkins, Barracuda’s CEO, and he explained it this way: “At Barracuda, we feel it’s important to see where customers’ concerns and priorities are moving and getting there ahead of the need, so we can provide the solutions they’ll be looking for as threats get more sophisticated. We’ve come a long way over the past 15 years, and we’re looking forward to finding new ways to protect businesses. We’re excited to celebrate this milestone with our customers and channel partners, as well as introducing a refresh brand identity that reflects the way the company has evolved.”

[tpr-boilerplate company=’null’]

The post Global Survey Reveals Coming Shift In Cyber Security Priorities. appeared first on IT SECURITY GURU.

Integration with Cisco Technologies Delivers IT / ICS Security

Large organizations utilize a variety of technologies and solutions to create cyber resiliency, an important part of the best practice known as Defense in Depth. But, using disparate systems can actually result in increased security exposure and risks, and slower response to threats.

A few years ago, Cisco began working with the best and brightest minds around the world to address this issue. This led to the creation of their security technology program, which included an open platform for collaboration called the Cisco Security Technology Alliance (CSTA).

Nozomi Networks has integrated its ICS security solution with the CSTA to deliver comprehensive operational visibility and cyber security across IT/OT networks.

Nozomi Networks Integrates with Cisco Security Policy Platform and Devices

The CSTA provides an environment for leading security solution providers like us to integrate with Cisco APIs and SDKs across the Cisco security portfolio.

Nozomi Networks kicked off membership in CSTA with security integration for Cisco’s Identity Services Engine (ISE).

The Identity Services Engine (ISE) is a security policy management platform that helps organizations manage users and devices on business networks. Sharing contextual usage data amongst IT systems and solutions makes it much easier to enforce policies for resource access, and more.

If you want to learn more click here

The post Integration with Cisco Technologies Delivers IT / ICS Security appeared first on IT SECURITY GURU.

Global Study Finds Artificial Intelligence is Key Cybersecurity Weapon in the IoT Era

As businesses struggle to combat increasingly sophisticated cybersecurity attacks, the severity of which is exacerbated by both the vanishing IT perimeters in today’s mobile and IoT era, coupled with an acute shortage of skilled security professionals, IT security teams need both a new approach and powerful new tools to protect data and other high-value assets. Increasingly, they are looking to artificial intelligence (AI) as a key weapon to win the battle against stealthy threats inside their IT infrastructures, according to a new global research study conducted by the Ponemon Institute on behalf of Aruba, a Hewlett Packard Enterprise company (NYSE:HPE).

The Ponemon Institute study, entitled “Closing the IT Security Gap with Automation & AI in the Era of IoT,” surveyed 4,000 security and IT professionals across the Americas, Europe and Asia to understand what makes security deficiencies so hard to fix, and what types of technologies and processes are needed to stay a step ahead of bad actors within the new threat landscape.

The research revealed that in the quest to protect data and other high-value assets, security systems incorporating machine learning and other AI-based technologies are essential for detecting and stopping attacks that target users and IoT devices. The majority of respondents agree that security products with AI functionality will help to:

  • Reduce false alerts (68 percent)
  • Increase their team’s effectiveness (63 percent)
  • Provide greater investigation efficiencies (60 percent)
  • Advance their ability to more quickly discover and respond to stealthy attacks that have evaded perimeter defense systems (56 percent)

Twenty-five percent of respondents said they currently use some form of an AI-based security solution, with another 26 percent stating they plan on deploying these types of products within the next 12 months.

Current Security Tools are not Enough

“Despite massive investments in cybersecurity programs, our research found most businesses are still unable to stop advanced, targeted attacks – with 45 percent believing they are not realizing the full value of their defense arsenal, which ranges from 10 to 75 security solutions,” said Larry Ponemon, chairman, Ponemon Institute. “The situation has become a ‘perfect storm,’ with nearly half of respondents saying it’s very difficult to protect complex and dynamically changing attack surfaces, especially given the current lack of security staff with the necessary skills and expertise to battle today’s persistent, sophisticated, highly trained, and well-financed attackers. Against this backdrop, AI-based security tools, which can automate tasks and free up IT personnel to manage other aspects of a security program, were viewed as critical for helping businesses keep up with increasing threat levels.”

IoT and Cloud Adds Significant Risk

Ponemon researchers found that the majority of IT security teams believe that a key gap in their company’s overall security strategy is their inability to identify attacks that use IoT devices as the point of entry. In fact, more than three-quarters of respondents believe their IoT devices are not secure, with 60 percent stating even simple IoT devices pose a threat. Two-thirds of respondents admitted they have little or no ability to protect their “things” from attacks. Continuous monitoring of network traffic, closed-loop detection and response systems, and detecting behavioral anomalies among peer groups of IoT devices, were cited as the most effective approaches to better protect their environments.

Even the ownership model for IoT security presents potential risk. When asked who inside their organization was responsible for IoT security, responses ranged from the CIO, CISO, CTO, and line-of-business leaders, with no majority consensus. Only 33 percent identified the CIO, with no other executive or functional group achieving response totals above 20 percent. Surprisingly, “No Function” was the third-highest answer (15 percent).

Survey results also highlighted the importance of visibility and the ability to define which resources that people and IoT devices can access, with 63 percent of respondents stating network access control is an important element of their company’s overall security strategy and critical for reducing the reach of inside exploits. Also cited as important was having detailed information about applications (71 percent), endpoints (69 percent), cloud (64 percent), and networks (63 percent), with more than half saying they currently deploy network access control solutions for enabling visibility and control across both wired and wireless networks.

Additionally, more than half of respondents said it’s hard to protect expanding and blurring IT perimeters resulting from requirements to concurrently support IoT, BYOD, mobile, and cloud initiatives (55%).

“Partnering with the Ponemon Institute helps us to improve customer experiences by better understanding security teams’ challenges, and then arming them with advanced solutions that enable quick identification and responses to an ever-changing threat landscape,” said Larry Lunetta, vice president of security solutions marketing for Aruba. “The insight gained from this study enables us to continually improve our ability to provide an enterprise wired and wireless network security framework with an integrated and more comprehensive approach for gaining back visibility and control.”

The post Global Study Finds Artificial Intelligence is Key Cybersecurity Weapon in the IoT Era appeared first on IT SECURITY GURU.

Akamai Credential Stuffing Report Shows Financial Services Industry Under Constant Attack From Automated Account Takeover Tools

According to the Akamai 2018 State of the Internet / Security Credential Stuffing Attacks report, worldwide malicious login attempts are on the rise. Findings from the report show that Akamai detected approximately 3.2 billion malicious logins per month from January through April 2018, and over 8.3 billion malicious login attempts from bots in May and June 2018 – a monthly average increase of 30 percent. In total, from the beginning of November 2017 through the end of June 2018, Akamai researcher analysis shows more than 30 billion malicious login attempts during the eight-month period.

Malicious login attempts result from credential stuffing, where hackers systematically use botnets to try stolen login information across the web. They target login pages for banks and retailers on the premise that many customers use the same login credentials for multiple services and accounts. Credential stuffing can cost organisations millions to tens of millions of dollars in fraud losses annually, according to the Ponemon Institute’s “The Cost of Credential Stuffing” report.

Akamai security and threat research plus behavioural detections power the company’s bot management technology, and Akamai’s Vice President of Web Security, Josh Shaul, shared an example of combating credential abuse on behalf of a customer. “One of the world’s largest financial services companies was experiencing over 8,000 account takeovers per month, which led to more than $100,000 per day in direct fraud-related losses,” said Shaul. “The company turned to Akamai to put behavioural-based bot detections in front of every consumer login endpoint and immediately saw a drastic reduction in account takeovers to just one to three per month and fraud-related losses down to only $1,000 to $2,000 per day.”

In addition, the State of the Internet report details two instances where Akamai combatted credential stuffing attempts for clients, demonstrating the severity of the method.

In the first case, the report recounts the issues faced by a Fortune 500 financial services institution where attackers used a botnet to conduct 8.5 million malicious login attempts within 48 hours against a site that typically only sees seven million login attempts in a week. More than 20,000 devices were involved in this botnet, which was capable of sending hundreds of requests a minute. Akamai research identified that nearly one-third of the traffic in this particular attack was generated from Vietnam and the United States.

The second real-world example from the report illustrates a “low and slow” type of attack identified at a credit union earlier this year. This financial institution saw a large spike in malicious login attempts, which ultimately revealed a trio of botnets targeting its site. While a particularly noisy botnet caught their attention, the discovery of a botnet that had been very slowly and methodically trying to break in created a much bigger concern.

“Our research shows that the people carrying out credential stuffing attacks are continuously evolving their arsenal. They vary their methodologies, from noisier, volume-based attacks, through stealth-like ‘low and slow’-style attacks,” said Martin McKeay, Senior Security Advocate at Akamai and Lead Author of the State of the Internet / Security report. “It’s especially alarming when we see multiple attacks simultaneously affecting a single target. Without specific expertise and tools needed to defend against these blended, multi-headed campaigns, organisations can easily miss some of the most dangerous credential attacks.”

A complimentary copy of the 2018 State of the Internet / Security Credential Stuffing Attacks report is available for download here. For additional information about the rise of credential stuffing challenges and ways to protect your organisation against them, visit here.

The post Akamai Credential Stuffing Report Shows Financial Services Industry Under Constant Attack From Automated Account Takeover Tools appeared first on IT SECURITY GURU.

Future UK Cyber Security Stars Tackle Vulnerable Cryptocurrency in Latest Challenges

On Friday, Her Majesty’s Government Communications Centre (HMGCC) and leading science and engineering company QinetiQ hosted the latest Cyber Security Challenge UK Face-to-Face competition at QinetiQ’s headquarters in Farnborough. The competition saw 28 code-breaking amateurs from across the country ethically hack the cryptocurrency wallets of customers from a fictitious bank. The challenges, which put contestants’ cryptography, problem-solving, automation and scripting skills to the test, included breaking into digital vaults and delivering presentations to expectant board members.

With crypto wallets making headlines in the news recently and cryptocurrencies such as Bitcoin reaching incredible worth, it is no wonder that Action Fraud found that cryptocurrency fraud created more than £2 million of losses this summer. It is therefore crucial that the systems and services people use are safe, secure and tested by highly skilled cyber security experts before people invest and store money in them thereby ensuring a high enough level of protection.

To highlight these contemporary issues, HMGCC and QinetiQ have worked in partnership to develop one of the most challenging face-to-face competitions in Cyber Security Challenge UK history as validated by HMGCC interns – who road-tested the challenges while on placement there within their NCSC CyberFirst bursary programme. Teams pulled from the technical minds of experienced staff and graduates from both companies created the digital challenges for the contestants to battle their way through on the day, and HMGCC lent their manufacturing skills to create a vault to be cracked as well.

The scenario in particular was based on a mock company QQGCC – a new cryptocurrency bank – which, in a move of confidence, publicly listed the encrypted wallets of each customer account. To avoid the high-profile security errors of other companies before them, QQGCC allowed customers to choose their own system to hide the key that would ultimately give people access to the account. With each customer choosing a unique method to conceal their account’s encryption key, candidates were tasked with fool-proofing each system by attempting to hack their way into the accounts and discover which character’s money would be at risk.

“We really wanted to push the contestants and seriously test their skill sets. Digital wallets and cryptocurrencies may not feel like money, but they have genuine real-world value that needs to be protected,” said Ashleigh Curnow from HMGCC’s Recruitment Team. “Supporting competitions and initiatives with Cyber Security Challenge UK and QinetiQ provides a brilliant platform for uncovering and nurturing cyber security talent while also highlighting the need for due diligence to be carried out with digital security. We’ve been really impressed with the skills and determination we have seen from all of the competitors and we are excited to see that the UK is continuing to develop the engineers that we need.”

This latest event also acted as the final semi-final round of Cyber Security Challenges UK’s 2018 Masterclass competition, with the top performers earning a place at the Masterclass Grand Final at Barclays in Canary Wharf in November. In order to qualify, for the face-to-face competition each contestant had to pass rigorous online tests which created a diverse group of people taking part, including seven people aged 30 or over and nearly half of the contestants aged 18 or under.

“It has been amazing to see the number of talented and skilled individuals taking part in this competition. The great thing about these challenges is it helps demonstrate to people how many career paths and opportunities are open to them. Cyber security is a vibrant and exciting sector to work in and we are pleased to showcase that with the help of our expert cyber security specialists,” said Bryan Lillie, Chief Technical Officer Cyber Security at QinetiQ. “All of the contestants in today’s competition displayed the skills we would look for when hiring talent for our own security teams. Congratulations to the winners, for a well-deserved result.”

The winning team, Great Hyperlobic Omnicognate Neutron Wrangler, was comprised of:

  • Callum, 17, an A-level student from London who also played Cyber Discovery this year
  • Daniel, 17, an A-level student from Stoke-on-Trent
  • Yousef, 18, an intern from St Albans
  • Edmund, 18, an A-level student from London
  • Laura, 37, an IT Technical Support professional (non-cyber security related) from Lincolnshire

Colin Lobley, CEO of Cyber Security Challenge UK added: “It was great to see that the latest challenge with QinetiQ and HMGCC not only attracted young, talented school and university students, but also people looking for career changes too. The cyber security industry has the need for a range of skills, from computer experts to psychologists, communicators and policy-makers. What we are looking for is those with an inquisitive mind. It is therefore crucial that we continue to partner with forward-thinking organisations such as HMGCC and QinetiQ to identify and inform people about what is on offer when choosing a career in cyber security.”

Those interested in learning more about a career in cyber security should attend the upcoming Cyber Re:coded event which is taking place in Tobacco Dock in London from October 15-16. During the two-day event there will be talks from security professionals, industry leaders and interactive workshops aimed at showing the large number of career opportunities on offer in the security industry. So, whether you want to spot and analyse the latest threats; design resilient digital cities, cars or games; stop counterfeiting; reverse-engineer mobile apps; shape new laws; profile cyber criminals; or develop cyber services in the age of AI and Quantum computing, the cyber security industry needs you!

For more information on Cyber Security Challenge UK and the work it is doing, please visit: https://www.cybersecuritychallenge.org.uk/

The post Future UK Cyber Security Stars Tackle Vulnerable Cryptocurrency in Latest Challenges appeared first on IT SECURITY GURU.

City of Stockholm Selects MobileIron Threat Defense to Detect and Mitigate Mobile Threats

MobileIron, the secure foundation for modern work, today announced that City of Stockholm has selected MobileIron Threat Defense to detect and mitigate mobile threats. MobileIron Threat Defense will be deployed on 30,000 mobile devices used by the employees of the City of Stockholm.

MobileIron Threat Defense provides unparalleled mobile threat protection, securing mobile devices from device, network, and app threats. Organizations can protect sensitive data by detecting and remediating known and zero-day threats on mobile devices with no need for the users to take any action to activate or deploy the app.

“City of Stockholm employees rely on their mobile devices to increase their work efficiency,” said Constantinos Amiridis, solution architect, City of Stockholm. “With MobileIron Threat Defense, we can give our employees the peace of mind to safely use their devices without any data being compromised.”

“City of Stockholm has always been at the forefront of technology, deploying innovative solutions that help its many departments perform with agility and efficiency,” said Simon Biddiscombe, CEO, MobileIron. “Today, through its selection of MobileIron Threat Defense, City of Stockholm has yet again shown its commitment to working with best-in-class technology to keep its workforce secure and productive.”

The post City of Stockholm Selects MobileIron Threat Defense to Detect and Mitigate Mobile Threats appeared first on IT SECURITY GURU.