Category Archives: News

MageCart Hacked Customers’ In NewEgg Credit Card Data Breach

The infamous cyber gang Magecart seems unstoppable. The gang has been around for quite a few years. However, this year,

MageCart Hacked Customers’ In NewEgg Credit Card Data Breach on Latest Hacking News.

Latest Hacking News Podcast #126

Microsoft Jet zero-day and WD My Cloud vulnerabilities disclosed, US authorizes offensive cyber operations and more on today's Latest Hacking News Podcast.

Latest Hacking News Podcast #126 on Latest Hacking News.

Tech Titans 2018: Washington’s Top Tech Leaders

washingtonian

Tech Titans 2018: Washington’s Top Tech Leaders
Joe Guinto, Washingtonian, September 20, 2018
Source: https://www.washingtonian.com/2018/09/20/tech-titans-2018-washingtons-top-tech-leaders/


Our guide to the most important and innovative people in Washington’s digital economy.

There was a time when Washington’s tech sector was dominated by three big names—Micro­Strategy, LivingSocial, Blackboard. But as those companies split apart or morphed into something other than the juggernauts they once were, they gave way to firms with names like Cofense, EverFi, EdgeConneX—hopeful, hip, made-up words that suggest something fresh and new on the scene. Look closer, though, and you’ll see that the old titans are very much there in this new landscape: Sid Banerjee at Clarabridge. Andrew Rosen at Interfolio. Sanju Bansal at Hunch Analytics. Timothy Chi at WeddingWire. Susan Tynan at Framebridge. All are alumni of those Big Three.

What’s also new is that none of the aforementioned companies are dependent on Washington’s best-known buyer of tech, the federal government. As the DC technology industry has expanded, it has diversified. Today it’s increasingly common for local start-ups not to depend on the government at all, instead getting into the kind of business that would be equally at home in Silicon Valley—things such as SocialCode’s “audience intelligence software,” which helps big brands better leverage social media, or Alarm.com’s connected, smart-home devices.

The region’s entrepreneurial class has long fantasized about being seen as more than a cadre of glorified federal contractors, which is one reason firms like these get so much hype. In reality, Uncle Sam’s bony fingers are still all over our list—and that’s good news, even if that story isn’t as sexy as the Silicon Valley version. The government being the government, some of what it buys from local contractors is relatively mundane, if important, work such as data processing and enterprise software. Yet some of the local companies that do those things for government agencies now rank among the fastest-growing small businesses in the country. Meanwhile, some government tech contractors here have become multibillion-dollar IT concerns: Leidos, General Dynamics Information Technology, and DXC Technology are all billion-dollar businesses, and all have expanded exponentially through recent mergers.

The feds are also helping drive what may be the fastest-growing subcategory of tech here—cybersecurity. Companies such as Endgame are earning their keep protecting federal databases, while firms including Altamira are getting paid to manage geospatial-intelligence info. Others, such as LookingGlass Cyber Solutions and Dragos, are also establishing reputations for being the best in the business for addressing cybersecurity.

A lot of venture-capital money is betting on those cyberfirms—K Street’s Paladin Capital, for one, has made more investments in such companies than any other VC fund in the US. Steve Case’s Revolution Growth is putting its money into cybersecurity, too, as well as funding local companies such as Optoro, which finds innovative ways to resell products that have been returned by customers, and Cava, the Greek fast-casual chain that has leveraged high-tech tools to fuel its nationwide expansion.

Plenty of others are moving money into tech here, including local NextGen Venture Partners and QED Investors, as well as the local branches of Silicon Valley Bank and the vast New Enterprise Associates. What’s more, Washington firms have drawn the attention of national funds not based here. The Rise Fund (singer Bono is an investor) has poured cash into EverFi, a hot start-up in education technology—another growing sector, along with cybersecurity and data centers (70 percent of all internet data traffic now flows through Northern Virginia).

On and on it goes. Cushman & Wakefield ranks ours as the third-best metropolitan area for tech, behind only San Francisco and Silicon Valley. Were Washington to land Amazon’s HQ2, that position would likely be solidified.

The ranking reflects what we found in compiling our 2018 list of Tech Titans, a group that covers small start-ups with big potential and ever-expanding tech mega-firms. Backed by local financiers, boosted by potentially billions in federal funding, and supported by a plethora of local universities, the tech industry is growing at a blazing clip. That may make this year’s group of Tech Titans the most innovative, most important, and most influential we’ve ever assembled.

 

The Entrepreneurs

Reggie Aggarwal
Founder and CEO, Cvent

Aggarwal started this event-management software company with his own money and a staff of two back in 1999. It’s now a 3,400-person firm and was sold two years ago to Vista Equity Partners for $1.65 billion, but Aggarwal remains at the helm.

Michael Avon
CEO, chairman, and founder, ICX Media

A former principal at Columbia Capital, Avon now runs ICX, which offers a platform that can be used by digital video creators, including big consumer brands and social-media stars, to more closely monitor and understand their audience. In April, actor/writer/filmmaker Edward Burns joined the three-year-old company’s board, which includes former Time Inc. CEO Laura Lang. The company has been backed by $9.6 million in funding.

Brian Ballard, Jeff Jenkins, and Chris Hoyt
Founders, Upskill

The company makes a software platform called Skylight that runs on smart glasses and other wearable devices, giving workers instant access to data that can boost their productivity. The platform is in use by Boeing, and GE Ventures has invested in Upskill. The latest in­fusion, of $17.2 million, came this past spring.

Zvi Band and Tony Cappaert
Cofounders, Contactually

Maker of a customer-relationship-management platform that has been optimized for real-estate agents, Contactually was launched seven years ago, and both of its founders have tried to help other executives enjoy the same kind of success they’ve had. Band helped found the DC Tech Meetup group, and Cappaert holds a regular dinner-party series in which he meets with other local business founders.

Sid Banerjee
Founder, executive vice chairman, and chief strategy officer, Clarabridge

Banerjee was one of the founding employees at MicroStrategy. At Clara­bridge, he has created a firm offering artificial-intelligence-driven software systems that analyze customer interactions to help boost customer service at major companies including Walmart, United, and eBay.

Sanju Bansal, Aneesh Chopra, and Dan Ross
CEO (Bansal) and founders (Chopra and Ross), Hunch Analytics

In 2014, Bansal, a former executive vice president at MicroStrategy, joined this firm founded by Ross and Chopra, who in 2009 became the first federal-level chief technology officer. Hunch Analytics mines public and private databases for information that can help health-care firms and other companies make more informed strategic decisions.

Randy Brouckman
CEO, EdgeConneX

This Herndon company is the only global provider of “edge” data centers—facilities that either fill in gaps in internet connectivity or boost signal service in high-traffic areas. It’s expanding rapidly, having announced new centers this year in Miami, Atlanta, Phoenix, Portland, Denver, Toronto, and Buenos Aires.

Richard D. Calder Jr.
CEO and president, GTT Communications

This McLean company, which offers cloud networking services to multinational firms, has been growing through acquisitions, including the $2.3-billion cash buyout of the European cloud networker Interoute, which closed this year. GTT Communications appears to be on track to top $1 billion in revenue in 2018.

Matt Calkins
Founder and CEO, Appian

Appian was one of a few Washington-area firms to issue an IPO in 2017, and shares have nearly tripled since the company made its Nasdaq debut. In his spare time, Calkins competes in the World Boardgaming Championships, which is a real thing.

Timothy Chi
Cofounder and CEO, WeddingWire

In 2007, Chi—a cofounder of Blackboard—launched WeddingWire, an online marketplace that pairs grooms- and brides-to-be with wedding vendors. It has grown steadily, and in May it sold a majority stake to the private-equity firm Permira for $350 million.

Zia Chishti
CEO, founder, and chairman of the board, Afiniti

Born in the US and raised in Pakistan, Chishti now has led a second company to a billion-dollar valuation. (His first was Align Technology.) The DC firm makes artificial-intelligence products that more efficiently pair agents with customers who dial into a company’s call center. It expects to go public in 2019.

Zack Christenson
CEO, Crowdskout

The company makes a customer-relationship-management soft-ware platform for political-advocacy groups. The platform has been used by the Republican National Committee, nonprofits, and trade groups. Under Christenson, Crowdskout has added nearly two dozen people in recent months, tripling the staff before the 2018 midterm elections.

Tom Davidson
Cofounder and CEO, EverFi

Last year the über-exclusive Rise Fund—which includes U2’s Bono and LinkedIn’s Reid Hoffman among its investors—put $150 million of a total $190 million in financing into EverFi, which offers online-education courses. That cemented its place as one of the hottest education-tech start-ups in the country.

Ted Davies
CEO and chairman, Altamira Technologies Corporation

Davies came to Altamira after being president of Unisys Federal Systems as well as a partner specializing in tech and government at Booz Allen Hamilton. Today the company he leads is a major contractor helping the Defense Department and US intelligence agencies find ways to move data to the cloud securely.

Brandon Torres Declet
Cofounder and CEO, Measure

Declet had worked for the Department of Defense, the NYPD, and the House Homeland Security Committee before cofounding Measure, a drone operator headquartered, ironically, in one of the least drone-friendly cities in the US. The company’s drone services—which include pilots who do the flying—can help firms inspect things such as construction or cell towers as well as respond to emergencies. Measure received $15 million in Series B financing last year.

Donald Graham
Chairman, Graham Holdings Company

Born with ink in his veins, Graham knew his way around digital even before his family sold the Washington Post. He was a longtime member of Facebook’s board of directors, and his $2.6-billion Graham Holdings owns several techy companies, including the cybersecurity education outfit CyberVista. It can only help that Timothy O’Shaughnessy, former head of LivingSocial—who is married to Graham’s daughter, Laura—is CEO of Graham Holdings.

Blake Hall
Founder and CEO, ID.me

Late last year, this company, which offers a digital-identity service—sort of a driver’s license for online transactions—brought on a CFO and CTO as it surpassed 5 million total users. That came just months after Hall, an Army veteran who served in a combat unit in Iraq, secured $19 million in Series B funding for his growing company.

Tim Hwang
Founder and CEO, FiscalNote

Investment heavyweights New Enterprise Associates, Mark Cuban, Revolution, and Jerry Yang have all backed 26-year-old Hwang’s FiscalNote, now the top player in legal analytics, offering data that helps customers track and predict the potential impact of new regulations and legislation. This July, FiscalNote expanded into media by acquiring CQ Roll Call from the Economist Group.

Wayne Jackson III
CEO, Sonatype

Jackson, head of Sonatype since 2010, once led the network-security firm Sourcefire from start-up to IPO to a $2.7-billion acquisition by Cisco. Sonatype, which helps distribute secure open-source software to developers, saw sales double in the first quarter of this year.

Reid Jackson
CEO and president, Compusearch

Late last year, Jackson led the buyout of Route 7 neighbor and reverse-auction marketplace maker FedBid. The combined companies today work with every Cabinet-level agency in the federal government, for example, providing modern procurement services and supply-chain analytics.

Kay Kapoor
Founder and CEO, Arya Technologies

A former CEO of Accenture Federal Services, Kapoor left her lead position at AT&T’s $15-billion Global Public Sector division last year to found her own firm. Though still in the early start-up phase, Arya Technologies is worth watching because at AT&T Kapoor helped land a 25-year federal contract worth an estimated $100 billion.

Ajay Kori and Jeff Sheely

Cofounders, UrbanStems

This flower-delivery business now has six operations centers and is delivering same-day to customers in Washington and New York City, as well as next-day to customers nationally through a new partnership with FedEx.

Mike Lawrie
Chairman and CEO, DXC Technology

DXC is still in its infancy but is already a leader in IT services—a mega-firm with 6,000 clients from a variety of industries. The $21-billion Tysons company was formed in April 2017 by the merger of CSC and the enterprise-services division of Hewlett Packard Enterprise. Lawrie, who had been CEO of CSC before the merger, oversees a worldwide workforce of 134,000 people.

Robert M. Lee, Justin Cavinee, and Jon Lavender
CEO (Lee), chief data scientist (Cavinee), and CTO (Lavender), Dragos

This trio of former cybersecurity experts working within the US intelligence community raised $10 million in 2017 for Dragos. The mission of their Han-over, Maryland, firm is to help protect private companies from cyberattacks, especially those whose businesses involve infrastructure used by the public—a wind-farm operator, for instance. Or, as Lee has grandly put it: “Dragos exists to safeguard civilization.”

John Mazur
CEO, Homesnap

Deloitte ranks this Rockville company as one of the 500 fastest-growing tech firms in the US. Its app, launched in 2012, connects real-estate brokers and homebuyers and offers instantly updated home listings. Homesnap, which Mazur took over in 2017, has raised more than $30 million.

Tobin Moore and Adam Vitarello
Cofounders, Optoro

Several of Washington’s biggest investors have backed Optoro, which runs a software platform offering retailers a way to make money off of the millions of things retail customers either didn’t buy or did buy but later returned. QED, Grotech, and Revolution Growth have all chipped in to what’s now a $129-million investment pool that Optoro’s founders—a couple of thirtysomething St. Albans grads—hope will help them create a billion-dollar business.

Laura Graham O’Shaughnessy
CEO, SocialCode

The company markets “audience-intelligence software” to major brands—everything from Heine­ken to GEICO—helping them better identify, understand, and target their customers on social media.

Bill Pardue and Jim Shelhamer
CEO and co-founder (Pardue) and executive vice president (Shelhamer), Athenium Analytics

The forecast for Pardue’s start-up, formerly called Weather Analytics, proved to be sunny. The six-year-old DC firm—provider of weather and predictive-risk software to insurance companies—took in $17 million in financing last year and completed a merger with the insurance-software maker Athenium this summer.

Carolyn Parent
CEO, LiveSafe

Parent’s Arlington firm demonstrated its technology in front of industry leaders this year, outfitting almost 5,000 SXSW conference staff and volunteers in Austin with mobile technology that can instantly connect people and share their locations in the event of an emergency.

Chip Paucek
CEO, 2U

Northwestern, USC, SMU, Georgetown, and other universities use 2U’s platform to provide online classes. Revenues are growing—fast. In June, the Lanham company raised $331 million through a public offering of its common stock to fund more growth through acquisitions.

Andrew Rosen
CEO, Interfolio

Rosen is an alumnus of two of Washington’s best-known tech firms, Blackboard and Micro­Strategy. He took over as Interfolio CEO in 2015 from founder and now president Steve Goldenberg. The company’s software steers applicants and faculty committees through the higher-education hiring process. Since joining the company, he has driven growth by helping secure a $12-million financing round, inking a partnership with the University of California at San Diego, and acquiring a Kentucky faculty-data-evaluation firm.

Brett Schulman
CEO, Cava

Tech and tzatziki? For the burgeoning fast-casual restaurant chain Cava—with more than 60 locations nationwide and counting—that’s been a delicious combination. Schulman has invested heavily in data tools. Among them: sensors at some locations that track employee and customer movements. The resulting data is analyzed to improve efficiency and better understand how customers use Cava’s spaces.

Steve Trundle
CEO, Alarm.com

This publicly traded firm was a small division within MicroStrategy until it spun off in 2000. Since then, it has broken into the “smart security” industry in a big way: Among the 8 million homes and businesses with smart-security systems in this country, some 5 million areAlarm.com subscribers.

Susan Tynan
Founder, Framebridge

Tynan’s business—which offers quick custom framing at cut-rate prices—has taken off with investors, including New Enterprise Associates and Revolution. They’ve placed $67 million into the four-year-old business, including a $30-million funding round this summer.

 

The Government

Matt Cutts
Acting administrator, US Digital Service

USDS focuses on, among other things, making the websites of federal agencies more functional. Cutts, a former Google executive, began running it early last year. Since then, he has prioritized hiring tech talent and working to retain workers amid rapid turnover.

Andrei Iancu
Director, US Patent and Trademark Office

Iancu was unanimously confirmed by the Senate on February 5. No doubt that same day, tech execs all over the country began Googling for old syllabi from the advanced patent class he taught at UCLA.

Christopher C. Krebs
Undersecretary, National Protection and Programs Directorate, Department of Homeland Security

Krebs headed cybersecurity policy for Micro­soft before joining the Trump administration in March 2017. Today he oversees a key division at DHS involved with protecting US infrastructure (e.g., the power grid) as well as cybersecurity and communications network security—all of which are thought to be under potential threat from foreign powers and terrorist groups.

Barney Krucoff
Interim chief technology officer, District of Columbia

When he was chief data officer for the District, the city described Krucoff as “the man behind all of DC’s data.” Now, after taking over as CTO, he’ll be the man in front of all DC’s data, which is increasingly being made available online for public perusal.

Jason Matheny
Director, Intelligence Advanced Research Projects Activity

Matheny’s agency, part of the Office of the Director of National Intelligence, is looking to invest in “high-risk, high-payoff research programs that have the potential to provide our nation with an overwhelming intelligence advantage over future adversaries.” A few examples: IARPA is seeking technology that could detect and prevent the use of biological weapons as well as new technology that will improve the accuracy of polygraph machines.

Dawn Meyerriecks
Deputy director for science and technology, CIA

Spy vs. Spy is increasingly becoming Machine vs. Machine. Under the direction of former AOL executive Meyerriecks, the CIA is transforming the way it monitors other countries, employing artificial intelligence to watch the machines that are watching American agents. As of last year, Meyerriecks’s division has been engaged in almost 140 AI projects.

Jerrold Nadler, Doug Collins, Steve Chabot, and Tom Marino
Congressional representatives, House Judiciary Committee

Top contenders to re­place longtime Virginia congressman Bob Goodlatte, who isn’t seeking reelection, as Judiciary Committee chair, these four will all help decide the fate of net-neutrality rules repealed by the FCC in June, because their committee would need to sign off on countering the FCC action. Republicans Collins, Chabot, and Marino are all against net neutrality. Democrat Nadler, who’s likely to take over the committee if a blue wave swamps the House, is in favor of congressional action to restore the rules.

General Paul Nakasone
Director, National Security Agency; Commander, US Cyber Command

The Minnesota native who commanded troops while deployed in Iraq and Afghanistan headed the Army’s Cyber Command for two years before taking on the Department of Defense’s top cybersecurity post this past spring. USCYBERCOM, as it’s known, is expanding quickly in response to perceived cyber threats against military targets.

Buddy Rizer
Economic-development director, Loudoun County

Loudoun is called “Data Center Alley” in part be­cause Rizer has worked hard to make his suburban county a hotbed for data centers. Some 70 percent of all global internet traffic now flows through the area, and data centers across Virginia create an estimated $10.2 billion in annual economic output.

Steven H. Walker
Director, Defense Advanced Research Projects Agency

Few agencies have done more to influence the development of cutting-edge technologies. For example, DARPA robotics initiatives led to the technology that makes driver­less cars possible. That means Walker—who officially took over DARPA last November—is one of the most important people in all of tech.

Mark Warner and Tim Kaine
US senators from Virginia

Warner, who founded the Senate Cybersecurity Caucus, and Kaine introduced legislation to overrule the FCC’s elimination of net-neutrality regulations last February. It passed with bipartisan support, but the House hasn’t fol­-lowed suit and likely won’t if Republicans retain control after November. In that case, Warner and Kaine may reach into the bag of parliamentary tricks to find another way to block the FCC’s removal of those Obama-era rules.

 

The Lobbyists

Danielle Burr
Head of federal affairs, Uber

Uber’s spending on lobbying has, ahem, surged—to a record $540,000 in the first quarter of this year—since this former aide to House majority leader Kevin McCarthy took over the company’s top federal-liaison spot in January. The firm, which has tested its own self-driving vehicles, could be affected by a bill called the SELF-DRIVE Act, which would allow it to test-drive autonomous cars. After passing the House overwhelmingly last fall, the legislation has languished in the Senate.

Teresa Carlson
Vice president, worldwide public sector, Amazon Web Services

Amazon Web Services—Amazon’s cloud-services arm—is projected to do $2.8 billion in business with the federal government this year and $4.6 billion in 2019. It’s also reportedly a lead contender for a $10-billion Defense Department IT contract.

Colin Crowell and Carlos Monje
Vice president of global public policy (Crowell) and director of public policy (Monje), Twitter

Twitter has a fight on its hands with the powers that be in the House GOP. In August, majority leader Kevin McCarthy called for Twitter CEO Jack Dorsey to testify on the Hill about the company’s filtering of certain accounts. Some have alleged that Twitter is “shadow-banning” conservatives. Crowell, who was senior counsel at the Obama-era FCC, and Monje will lead the effort to calm those concerns.

Matthew Eggers
Vice president for cybersecurity policy, US Chamber of Commerce

Anything that the Chamber, an enormous lobbying group, has to say on cybersecurity policy is likely to be heard at the White House.

Jeff Greene
Vice president, global government affairs and policy, Symantec

Lawmakers on the Hill often rely on Greene, a top DC representative for the California security-software firm Symantec, to share industry insights as well as offer official testimony. He recently addressed a hearing titled “Empty Threat or Serious Danger: Assessing North Korea’s Risk to the Homeland.”

Brian Huseman
Vice president of public policy, Amazon

Amazon has built the biggest tech-business lobbying shop in Washington over the past year, doubling the number of employees to, at last count, 28. That’s twice the size of Google’s DC operations. All those new faces fall under Huseman’s purview. Whether they’re about to be joined by 50,000 new Amazonians working at a Washington HQ2 remains to be seen.

Joel Kaplan and Erin Egan
Vice president of global public policy (Kaplan) and chief privacy officer (Egan), Facebook

Even if you get most of your news from Russian online trolls, you probably know that the world’s leading social network has had a rough year. But bad news for Facebook’s stock price is good news for its DC office, which reportedly spent a record $3.67 million on lobbying during the quarter when Mark Zuckerberg appeared on the Hill to answer questions on privacy issues related to Cambridge Analytica. Look for them to add more muscle as law­makers and regulators circle.

Angela McKay and Fred Humphries
Senior director of cybersecurity policy and strategy (McKay) and corporate vice president of US government affairs (Humphries), Microsoft

A Booz Allen Hamilton alum, McKay heads cybersecurity and cloud-security policy for Microsoft. That’s an important position considering the federal government’s current emphasis on cyber issues. Humphries helms government affairs overall. Last year, the company spent $8.5 million on lobbying. One of its big pushes is to get the Trump administration to reverse its decision to place tariffs on imported solar panels and solar cells. In March, Microsoft made the largest corporate purchase of solar power in history, buying millions of megawatts from solar farms in Virginia.

Coleman Mehta
Senior director, US policy, Palo Alto Networks

The $2.24-billion Palo Alto Networks, which sells network-and-enterprise-security products from Santa Clara, California, brought on Mehta last year to lead its federal interactions. He was director of legislative affairs for the National Security Council during the Obama administration. The company provides cybersecurity services for government clients and issues watch reports on hacker activities that federal agencies could use.

Susan Molinari
Vice president of public policy and government relations for the Americas, Google

President Trump leaped to Google’s defense when the European Union sanctioned the company for antitrust violations this past summer. Molinari’s connections may have played a role in that. She’s a former Republican representative from New York who, the Center for Public Integrity reported, personally donated money to Trump’s transition. Even though her company hasn’t taken the public shaming that, say, Facebook has, it still spent $18 million on lobbying in 2017—second only to AT&T among individual companies.

Nuala O’Connor
President and CEO, Center for Democracy & Technology

The nonprofit CDT, whose mission is to “advance our digital rights,” has been urging lawmakers to roll back the FCC’s elimination of net-neutrality rules installed during the Obama administration. So far, it has won Senate support, and in July it picked up the backing of its first House Republican.

Jeff Ratner
Senior policy counsel, Apple

Ratner was director for legislative affairs and cybersecurity policy in the Obama administration before leaving to join Apple in 2016. As a conduit between the company and the federal government, he’s been especially busy this year thanks to Apple CEO Tim Cook’s public stance against the Trump administration’s immigration policies.

Gary Shapiro
President and CEO, Consumer Technology Association

This Arlington trade group lobbies for the industry and puts on a wacky, well-known annual event in Las Vegas, the Consumer Electronics Show.

 

The Financiers

Jenny Abramson
Founder and managing partner, Rethink Impact

Rethink Impact is a rare venture-capital firm that focuses its investments on companies led by women.

Frank Adams
Founder and managing general partner, Grotech

Adams’s firm, which has more than $1.5 billion under management, has financed fellow tech titans ICX Media, Op-toro, and Contactually. He also cofounded Mid-Atlantic Venture Association, a nonprofit that promotes investment in tech start-ups in the Mid-Atlantic region.

Edward Albrigo
CEO, the Center for Innovative Technology

CIT is a nonprofit technology accelerator backed by the state of Virginia. Its funds have put money into more than 200 companies since 2004— investments that helped attract $600 million in additional private equity. Albrigo has been with CIT only since 2015, but in his first year he shored up its finances, wiping out nearly all of an $800,000 deficit that had been covered by the state and returning $710,000 to the Commonwealth.

Peter Barris
Chairman and general partner, New Enterprise Associates

Barris took a step up from his managing partner role to become chairman in 2017. Now, in response to a sluggish market for IPOs, the venture-capital mega-firm (which had about $20 billion in assets last year) plans to sell its investments in some 20 start-ups for about $1 billion—opening them up for private investment.

Jason Booma, Jim Fleming, Patrick Hendy, Monish Kundra, and John Siegel
Partners, Columbia Capital

The VC fund founded in 1989 by Virginia senator Mark Warner made winning bets on Nextel Communications early on and has since put some of its money into local start-ups including Broadsoft, Millennial Media, and Digital Signal Corp.

Steve Case
Chairman and CEO, Revolution

Billionaire Steve Case is using campaign tactics to tout his Rise of the Rest fund, a $150-million investment vehicle that backs seed-stage companies that aren’t in Silicon Valley, New York City, or Boston. He’s taken seven bus tours through 26 states and 38 cities in recent years to meet start-ups that might get some of that money.

Chris Darby
CEO, In-Q-Tel

In-Q-Tel is a nonprofit investment firm, founded by the CIA, that puts money into start-up companies developing technologies to serve the nation’s intelligence agencies. It has funded multiple start-ups that went on to fetch big acquisition prices—Google bought one firm backed by In-Q-Tel for $625 million; IBM acquired another for $1.3 billion.

Mark Ein
Founder, Capitol Acquisition Corp. IV

After serial investor Ein—who has been involved in the founding or early stages of six companies that have grown to be valued at more than $1 billion, including XM Satellite Radio—closed the $2.4-billion merger between his Capitol Acquisition Corp. III and Cision in July 2017, he started all over, incorporating Capitol Acquisition Corp. IV and taking that firm public only months later through a $350-million IPO.

Scott Frederick
Business-development and federal head, New Enterprise Associates

Frederick specializes in introducing his VC-backed firms to those in government who have needs to fill and money to spend.

Jeff Ganek, Robert Poulin, and Mark Foster
Cofounders, Blazar Ventures

The original employees at Neustar back when it was still a division within Lockheed Martin, these three took Neustar public in 2005 and have since moved on to form their own VC firm in Alexandria.

Carter Griffin
General partner, Updata

DC’s Updata Partners has put more than $750 million of investments into 40-plus companies, most of them growth firms in the software development business. That includes, earlier this year, part of a $14-million investment Griffin helped put together in Homesnap, a Bethesda firm that makes a real-estate database and app.

Ted Leonsis
Founder and partner, Revolution Growth

This year, his Washington sports teams won the Stanley Cup and the Arena Bowl. So if the co-founder of the Revolution Growth fund contacts your tech firm looking to invest, definitely take his call.

Dan Mindus and Brett Gibson
Founders, NextGen Venture Partners

Gibson is one of many LivingSocial alums still working in Washington, while Mindus has been in investing most of his career. Their portfolio has a distinctively local flavor, having backed Avizia, Interfolio, Upskill, and UrbanStems.

Nigel Morris
Cofounder and managing partner, QED Investors

Morris’s Alexandria firm filed with the SEC this past June to raise $150 million for a new investment fund. That will pave the way for new investments such as those QED has made in Credit Karma.

Steve Pann
Founding partner, Razor’s Edge

In 1997, Pann cofound-ed Blackbird Technologies, an engineering, research, and technology company, then sold it to Raytheon in 2014. In 2010, he cofounded Razor’s Edge Ventures, an investment firm in Reston that specializes in big data, computing, and space-technology enterprises. Its investments include Altamira, a data-analytics firm in McLean that’s a government contractor with the Pentagon.

Tige Savage
Managing partner, Revolution Ventures

Savage helps oversee Revolution Ventures, a portfolio with investments in local companies such as Optoro and Cava, as well as Sweetgreen, which moved from Georgetown to Los Angeles in 2016.

Fredrick Schaufeld and Anthony Nader
Cofounders and managing directors, SWaN & Legend Venture Partners

Their firm has backed Cava, Optoro, Frame­bridge, and Urban­Stems—whose CEOs are all fellow Tech Titans—as well as the nutrition-bar maker Kind.

Michael Steed
Founder and managing partner, Paladin Capital Group

Paladin has made 19 total investments in cybersecurity firms in the past three years—more than any other venture-capital firm in the country. It’s also the fourth-leading firm in terms of total general technology investments over that same stretch.

Sean Stone
Head of sales origination, Silicon Valley Bank

Is there anyone in DC tech whom Sean Stone doesn’t know? Maybe not. Stone’s bank, which is headquartered in California but has an outpost in Arling­ton, has helped fund Ever-Fi, among other local firms, and he’s constantly meeting with top tech and government leaders as well as newer start-ups around town.

J.D. Vance
Managing partner, Rise of the Rest

Venture capitalist isn’t exactly an on-brand title for the bestselling author of Hillbilly Elegy, who’s known for sorrowful ruminations about troubled small towns and the state of conservatism. However, Vance—who lives in Ohio but spends much of his time in Washington (his wife is a clerk for Supreme Court chief justice John Roberts)—is involved in the tech sector, where he oversees Revolution’s $150-million Rise of the Rest fund, which is investing in early-stage companies headquartered outside of the nation’s big tech hubs.

 

The Biggest Players

Ted Colbert
Chief information officer and senior vice president, Information Technology and Data Analytics, Boeing

Colbert is part of the small team of executives who work in Boeing’s Arlington office, but his job is a big one. He over-sees IT strategy and operations as well as 6,500 IT and analytics employees worldwide.

Jim Connelly
Vice president and chief information-security officer, Lockheed Martin

Connelly is in charge of a cyberattack team that’s impressive in scope: It has hundreds of cyber-intelligence officers stationed in centers around the globe.

Amy Gilliland
President, General Dynamics Information Technology

After General Dynamics completed a nearly $10-billion acquisition of the Falls Church IT-services firm CSRA in April, it merged the company’s operations into its General Dynamics Information Technology division, which Gilliland had taken over late last year. It’s a giant organization that’s likely to be one of the most competitive bidders for government IT contracts.

Charles E. Gottdiener
President and CEO, Neustar

Neustar, in Sterling, has been called “the most powerful, well-connected company you’ve never heard of.” The 1,800-person firm grew out of being the initial “Local Number Portability Administrator” in 1996—meaning it helped telcos help customers switch numbers between carriers. But it lost that business, worth about $500 million, after a 2015 FCC ruling granting the LNPA title to Iconectiv, which is partly owned by Ericsson. That didn’t derail a private-equity group from taking Neustar private last summer in a $2.9-billion deal. Gottdiener took over this summer after that deal closed.

Marillyn Hewson
CEO, Lockheed Martin

This former industrial engineer who has been with Lockheed Martin for 35 years has built the company into a powerhouse defense contractor that also runs a burgeoning tech investment fund called Lock-heed Martin Ventures. That San Francisco–based division looks to back companies developing “disruptive, cutting-edge technologies” that could be important to Lockheed Martin. Ear­lier this year, Hewson announced that the company would increase the fund’s size, doubling it from $100 million to $200 million.

Gus Hunt
Cyberstrategy lead and managing director, Accenture Federal Services

Hunt, a former chief technology officer for the CIA, oversees cybersecurity for government clients for Accenture, which is in the midst of a rapid expansion of its local cyber workforce.

Roger A. Krone
Chairman and CEO, Leidos

Krone runs one of the biggest technology-and-science contractors in the defense industry, a $10-billion company headquartered in Reston that now has 31,000 employees. It became the mega-firm it is today after a division of Lockheed Martin was spun off and merged with Leidos two years ago.

Ryan LaSalle
Managing director, Accenture Security North America

LaSalle oversees the newly created Accenture Cyber Fusion Center in Arlington—which, among other things, helps clients simulate threats and test their response to cyber breaches. He’s also one of the local executives heading Accenture’s plans to add 1,000 skilled tech jobs to its local workforce—most in cybersecurity and cloud-based services—by the end of 2020.

Phebe Novakovic
CEO, General Dynamics

The mega–defense contractor’s chief led the acquisition of CSRA this year, in the process helping its General Dynamics Information Technology division better challenge the leader in that field, Leidos.

Michael Papay
Vice president and chief information-security officer, Northrop Grumman

Papay oversees the company’s global computer and network information-security systems and handles Northrop Grumman’s cyberstrategy.

Kathy Warden
Incoming CEO, Northrop Grumman

Warden was just named CEO in July. A month earlier, as Northrop Grumman’s chief operating officer, she oversaw the $9.2-billion purchase of Dulles’s Orbital ATK, a top defense and aerospace contractor. That led to the creation of a fourth division of the company, called Northrop Grumman Innovation Systems. With the purchase, total 2018 sales for Northrop Grumman are expected to be $30 billion.

 

The Lawyers

Eric Grossman
Partner, DLA Piper

Grossman came to DLA Piper’s Northern Virginia offices from a firm based in Palo Alto, so you know he knows tech. He has represented start-ups and established clients in a variety of businesses including cloud computing, e-commerce, and cybersecurity.

Steve Kaplan
Partner, Pillsbury Winthrop Shaw Pittman

Entrepreneurial companies are Kaplan’s specialty. No surprise, then, that he has represented the local start-ups Social Tables and UrbanStems.

Mike Lincoln
Business-department chair, Cooley

Lincoln has worked with multiple high-profile clients including ad­vising Optoro since its inception and Hyperloop One through its first few rounds of financing.

 

The Cybersecurity Specialists

Will Ackerly and John Ackerly
Cofounders, Virtru

The company’s encryption software—which works with Gmail and Microsoft Outlook—has drawn the attention of Mark Zuckerberg’s wealth-fund manager, ICONIQ Capital. The fund led a Series B round this past spring that’s part of $77 million Virtru has raised to date.

Rohyt Belani and Aaron Higbee
Cofounders and CEO (Belani) and CTO (Higbee), Cofense

When Paladin Capital, an early backer of this company when it was known as PhishMe, cashed in its early stake in February, the firm was valued at a whop-ping $400 million. Belani and Higbee’s cyber-security-counterpunching firm has since rebranded as Cofense.

Frank Cilluffo
Director, Center for Cyber and Homeland Security, George Washington University

Cilluffo, a former Homeland Security assistant in the George W. Bush administration, has put together a murderer’s row of cybersecurity senior fellows. They once included Kirstjen Nielsen, now head of DHS.

Chris Coleman
CEO, LookingGlass Cyber Solutions

The company moved to bigger corporate digs in Reston last year, reflecting gr0..owth fueled by about $100 million in funding. LookingGlass also made headlines when it discovered 40 million voter-registration records being offered for sale online.

Rohyt Belani and Aaron Higbee.

Their cybersecurity firm, Cofense, helps clients guard against email phishing attacks.

Michael Daniel
CEO, Cyber Threat Alliance

It once was an informal information network among top cybersecurity firms, but now Cyber Threat Alliance is a formal threat-watch/threat-response organization. This more official version of CTA set up shop in Arlington last year, headed by Daniel, a onetime Obama-administration official.

Nate Fick
CEO, Endgame

Endgame is a cyber-security firm in Arling-ton that has worked with both the federal government and private companies since 2012. Fick, a former Marine officer, was named this year to a Fast Company list of the 100 most creative people in business.

Dave Merkel
CEO, Expel

They call him Merk, and his firm takes an irreverent approach to the serious business of managing cybersecurity services for companies. He insists, for instance, that some people mis-take him for Willy Wonka, and Merk—who once chased hackers for the federal government—seems to be holding a Golden Ticket. Expel has racked up $27.5 million in financing, including $20 million in a Series B round last April.

Matthew Rhoades
Managing director, cybersecurity and technology program, Aspen Institute

Rhoades oversees one of the most important cyberstrategy groups meeting today. Aspen’s is made up of 35 former elected officials, industry heads, scholars, and others who get together regularly to discuss threats and responses to them.

Sam Visner
Director, National Cybersecurity Federally Funded Research and Development Center

The FFRDC—a di­vision of MITRE, a government-backed research-and-development outfit—is creating a set of cybersecurity practices for an industry desperate for such standards.

 

The Networkers, Nonprofits, and Incubators

Steve Balistreri
Emerging-growth-company practice leader, Deloitte

Balistreri is an ex-pert in working with firms on the rise. He’s also an active member of the board at Mind­share, a year­long training-and-mentoring program that pairs CEOs of new companies with executives at more established firms.

Melissa Bradley
Professor, McDonough School of Business at Georgetown University; founder of Project 500

Project 500 hopes to help 500 entrepreneurs in the District’s Wards 7 and 8 find help and mentorship in expanding their businesses.

Alexandra Reeve Givens
Executive director, Institute for Technology Law & Policy at Georgetown Law

Besides running Georgetown Law’s Institute for Technology Law & Policy, Givens oversees Beacon, a DC-backed initiative to encourage the formation of start-ups that are owned by women, whether by providing more access to re-sources and capital or creating new opportunities.

Shana Glenzer
CMO, Crowdskout

Glenzer cofounded DCFemTech, a collective of the city’s female tech leaders who support one another regularly. She’s also a board member of Beacon, an organization whose ultimate goal is to make Washington the top city in the country for women entrepreneurs. In her day job, she works for Crowdskout, which makes a customer-relationship-management software platform for political-advocacy groups.

Bobbie Kilberg
CEO, Northern Virginia Technology Council

You probably already know that Northern Virginia is a hotbed for data centers, cybersecurity, data analytics, and health tech. But Kilberg, who runs a trade group representing 1,000 companies, is working to spread that news to people who don’t.

Elizabeth Lindsey
Executive director, Byte Back

This nonprofit received a half-million-dollar grant from Citibank this year and was award-ed a top prize in WeWork’s Creator Awards last year for the innovative ways in which it offers free tech career training to underserved DC residents. Lindsey was named this year to the Federal Communications Commission’s Advisory Committee on Diversity and Digital Empowerment, which has her working with influential Washington lobbyists from Verizon, Comcast, and T-Mobile.

Anna Mason and Rebecca Yarbrough
Partner, Rise of the Rest (Mason), and director of growth and business operations, Virgil Security (Yarbrough)

The two are codirectors of the Washington chapter of the Vinetta Project, which encourages investors to put money into businesses founded by women. Yarbrough is also president of the Off­line Society, which sets up social events for singles in DC.

DJ Saul
CEO, ISL; founder, DC Tech Meetup

Saul’s company is a digital, design, and marketing agency that works with top companies such as Lockheed Martin. His monthly meetups range from casual cocktail chats to product-demo events.

Aaron Saunders
CEO, Clearly Innovative

Saunders’s company, which develops mobile apps and other digital products for clients, was hired by the District to help establish the Inclusive Innovation Incubator on the campus of Howard University last year. The 8,000-square-foot space has conference rooms, individual workstations, private offices, and free wi-fi, as well as classes and training for budding entrepreneurs.

Julia Spicer
Executive director, Mid-Atlantic Venture Association

Tech people will tell you that the reason the Washington area has a robust venture-capital scene is because of the work done by the nonprofit Mid-Atlantic Venture Association, which has been trying to speed the flow of investment capital here for 30 years. The organization is perhaps best known for its Tech Buzz events, which put early-stage companies in front of investors. Spicer has been executive director since 2002, when she left Columbia Capital to join the group.

Tien Wong
Chairman, Lore Systems; founder, Connectpreneur

Wong’s Connectpreneur is a quarterly breakfast forum that draws about 500 attendees who come to hear speakers such as Steve Case and Mark Ein. Wong’s Lore Systems offers cloud storage and cloud-based IT software.

The post Tech Titans 2018: Washington’s Top Tech Leaders appeared first on LookingGlass Cyber Solutions Inc..

Magecart’s Next Attack Resulted In ABS-CBN Data Breach

We’ve been hearing about the malicious attacks by Magecart attacks targeting multiple firms. After British Airways and Feedify, Magecart’s next

Magecart’s Next Attack Resulted In ABS-CBN Data Breach on Latest Hacking News.

Authentication Bypass Vulnerability Disclosed in Western Digital My Cloud NAS Devices

Security Researchers at Securify have found an elevation of privilege vulnerability in the WD MyCloud platform which can be exploited by

Authentication Bypass Vulnerability Disclosed in Western Digital My Cloud NAS Devices on Latest Hacking News.

US authorities Have Pardoned Authors of Mirai Ransomware in Return For Government “Cooperation”

The authors of the Mirai botnet have been pardoned and have avoided jail since they have helped the FBI in

US authorities Have Pardoned Authors of Mirai Ransomware in Return For Government “Cooperation” on Latest Hacking News.

Cloudflare requested to expose Showbox, YTS and Popcorn Time site operators

Movie studios obtain subpoena that orders Cloudflare to expose piracy site operators including Showbox, YTS and Popcorn Time site

A group of independent movie studios has obtained a DMCA subpoena that orders Cloudflare to expose the operators connected to piracy sites.

For those unaware, a subpoena is a request for the production of documents, or a request to appear in court or other legal proceedings. It is a court-ordered command that basically requires you to do something, such as testify or present information that may help support the facts that are at issue in a pending case.

The group of movies companies that includes Bodyguard Productions, Cobbler Nevada, Criminal Productions, Dallas Buyers Club, and Venice PI recently filed a subpoena through a federal court in Hawaii.

Cloudflare is one of the leading CDN and DDoS protection services, which is used by millions of websites across the world, of which some are infamous pirate sites. However, instead of taking a strong stand against piracy, Cloudflare maintains its position as a neutral service provider.

This means that those copyright holders who want Cloudflare to act against the piracy sites need to follow the legal process. In this case, it means obtaining a subpoena, commanding the company to share the personal information of its customers.

The above movie studios are involved in a series of piracy lawsuits especially the best-known “copyright trolling” cases against alleged BitTorrent pirates.

While the documents of the subpoena were not posted publicly, TorrentFreak managed to obtain a copy, which shows that the movie companies want information of the operators behind Showboxbuzz.com, Showbox.software, Rawapk.com, Popcorn-time.to, Popcorntime.sh, YTS.ag, and YTS.gg.

Showbox, YTS and Popcorn Time
Credits- TorrentFreak

On the other hand, Cloudflare has not filed any motion to quash the subpoena, which means that the service provider may likely hand over the requested details. However, the subpoena itself doesn’t disclose anything about the intentions of the movie companies.

While the original lawsuit doesn’t list the above-mentioned sites, it’s likely the owners are suspected of being linked to the defendants. Regardless, it is clear that the movie outfits are looking at the information as a possible valuable evidence in their legal battle.

However, the question remains how helpful would the data obtained from Cloudflare be to the copyright holders, as in most cases, operators of pirate sites and services ensure their best to shield the identity of the true operators from being exposed.

Source: TorrentFreak

Also Read- Developer of Terrarium TV says he could hand over user info to authorities

The post Cloudflare requested to expose Showbox, YTS and Popcorn Time site operators appeared first on TechWorm.

New Magecart victims ABS-CBN and Newegg are just the tip of the iceberg

With the Magecart attackers compromising web shops left and right, online shopping is becoming a risky proposition. After Ticketmaster, British Airways and Feedify, two new Magecart victims have been identified: the broadcasting giant ABS-CBN and online retailer Newegg. Compromised shops Security researcher Willem de Groot flagged the ABS-CBN compromise a few days ago and he believes the attackers added the payment card skimming script on or before August 16th. RiskIQ and Volexity researchers shared details … More

The post New Magecart victims ABS-CBN and Newegg are just the tip of the iceberg appeared first on Help Net Security.

Gunman Shoots 4 at Middleton Software Company; Dies in Shootout With Police

Several Slashdot readers shared this report overnight: A gunman shot four people, none fatally, at his Middleton workplace Wednesday morning before he was killed in a shootout with police, Middleton Police Chief Charles Foulke said. Authorities had not released the man's name or age, but police said he was from Madison and worked at WTS Paradigm, a software company at 1850 Deming Way where the shooting occurred. Police said a motive for the shooting was not yet known. Foulke said the shooter had been in the building before he began shooting at fellow employees around 10:29 a.m. One of the four people injured was just grazed by a bullet police say was fired from a handgun. Citing UW Health, a local NBC affiliate reported that two victims are in serious condition and one is in critical condition. "In a situation like this, you learn how great a community really is," WTS Marketing Manager Ryan Mayrand said. "We cannot thank the Middleton Police Department, the Dane County Sheriff's Office and other emergency personnel enough for their amazing response."

Read more of this story at Slashdot.

5 Ways Consumer Electronics Are Shaping the American Lifestyle

The American home is starting to get shaped by consumer electronics. All sorts of equipment surround us in our homes, and this equipment is starting to affect our lives. Similar to the way electricity changed the life of the people in the early 20th century by paving the way for appliances such as washing machines and dishwashers, the introduction of affordable IoT powered products to the masses is starting to reshape the lives of millions.

Sophisticated home automation is no longer a thing only available for the rich – you no longer need an expensive smart home consultant if you want to make your home a smart one. Consumer electronics companies are flooding the market with gadgets that are meant to ease our lives. Technology is helping us raise our children, socialize, get entertained, and be more productive.

Technology and children

While consumer electronics products have always been able to entertain the little ones as they grow, the gadgets that started appearing on the market over the last couple years have been helping babies too.

Since the day babies are born, technology can help them sleep better and have stress-free first months in the new world. You no longer have to go through books with expert sleep strategies for babies and spend hours rocking your baby to sleep, you can just use one of those smart bassinets that do it for you while you focus on recovering from the exhausting pregnancy.

Online communications

Like it or not, smartphones are undoubtedly changing the way we communicate. While it may not feel as personal as real communication, social media platforms such as Facebook are helping billions of people stay connected.

Without Facebook, there would be billions of missed birthday congratulations! Social media also allows people to peek into the lives of others and is changing the way people communicate not only at home but at work and school too. It is hard to find a working person, or a student, who is not somehow included in a work or education related group chat.

Entertainment

Consumer electronics devices can keep you entertained. When the gaming industry initially appeared people thought that video games are just for children. Well, those children are adults now, and they still want to be entertained. Gaming consoles are in place to entertain not only your children but yourself too. There are games for every taste.

Watching movies has never been more comfortable too, you no longer have to keep your fingers crossed on your way to the movie-rental place hoping the film you want to watch tonight is available, now almost all the content in the world is just a few clicks away from you.

Security

Trackable smartwatches allow you to keep an eye on your little ones by always knowing their location, and video cameras installed around your house help you keep an eye on what is going on outside. You no longer have to go downstairs if you hear squeaking, all you have to do is open the app on your phone and see live camera feed on your kitchen or living room.

Face recognition locks have arrived too; some smart homes do not even have key locks – all you have to do is show up your face, and the door will unlock itself. Say bye to that nervous pocket key searching while both your hands are busy!

Appliances

Whether you want to start the washing machine couple hours before you leave work, or you want to set up the room temperature in your house at comfortable 76 degrees, or make sure the oven is pre-heated and waiting for you to throw that frozen pizza in, appliance control from smart devices is shaping the way we live. Voice recognition technology advances sometimes allow you to perform such activities hands-free while you drive. You no longer even have to remember if you have butter left in the fridge, you just have to take a sneak peek at your fridge live camera feed.

Undoubtedly the future has arrived, many of the things that we were dreaming about twenty years ago are now easily accessible. Almost every room on your home now has a high-tech environment. However, there is more to come – sometimes things are more complicated than they are supposed to so simplifying the processes can ease people’s lives.

Voice control is currently giving the humanity real freedom where you no longer will have to deal with complicated remote controls who ran out of battery, or looking for that white noise app on your phone while trying to put a baby to sleep. IoT brings a lot of positives but it could sometimes be dangerous too, protecting all your connected devices at home is a must.

In order to be prepared for the risks that the IoT could bring us, we must remember that it is essential to add a security layer that monitors our devices, but also all our connections to the Internet, in order to minimise these threats.

Download your Antivirus

The post 5 Ways Consumer Electronics Are Shaping the American Lifestyle appeared first on Panda Security Mediacenter.

Interview with Daniel Stenberg: His thoughts on the Curl Bug Bounty Program

Curl is the most popular, open source command line tool and library for transferring data with URLs. It is also used

Interview with Daniel Stenberg: His thoughts on the Curl Bug Bounty Program on Latest Hacking News.

DNSRecon – An Open Source DNS Enumeration Tool

DNSRecon is a python script used for DNS information gathering.  DNS information about a target is an essential requirement for

DNSRecon – An Open Source DNS Enumeration Tool on Latest Hacking News.

State Department Email Breach Exposed Personal Data Of Employees

Data breaches are not unusual in this day and age. In fact, the frequency of such incidents makes them look

State Department Email Breach Exposed Personal Data Of Employees on Latest Hacking News.

How do you protect digital channels from cyber threats?

A well-thought out and managed social media presence is a must for most companies and their workforce, but too few of them think about the potential repercussions of an attack targeting it. Social media is increasingly seen as a battleground, providing the platform for complex influence campaigns mounted by nation-states (Iran, Russia), various hacker groups to get their message out and to advertise their services, and attackers looking to trick other users into parting with … More

The post How do you protect digital channels from cyber threats? appeared first on Help Net Security.

Manipulation tactics that you fall for in phishing attacks

It’s 6 p.m. on a Friday. Just as you finish packing up for the day, an email from your boss pops up on your phone asking why an urgent payment didn’t go out earlier in the week. He’s tied up in a business dinner, so he needs you to wire payment to a specific vendor immediately and send him a confirmation email here once you’ve done so. Eager to help (and get out of the … More

The post Manipulation tactics that you fall for in phishing attacks appeared first on Help Net Security.

Better security needed to harness the positive potential of AI, mitigate risks of attacks

Despite heightened interest in enterprise deployment of artificial intelligence, only 40 percent of respondents to ISACA’s second annual Digital Transformation Barometer express confidence that their organizations can accurately assess the security of systems based on AI and machine learning. This becomes especially striking given the potential for serious consequences from maliciously trained AI; survey respondents identify social engineering, manipulated media content and data poisoning as the types of malicious AI attacks that pose the greatest … More

The post Better security needed to harness the positive potential of AI, mitigate risks of attacks appeared first on Help Net Security.

Building security into DevOps versus bolting it on

In this podcast, Hari Srinivasan, Director of Product Management for Qualys, talks about building security into DevOps versus bolting it on, specifically for containers. Here’s a transcript of the podcast for your convenience. Hello! My name is Hari Srinivasan, Director of Product Management for Qualys, cloud and virtualization security. Welcome to this Help Net Security podcast. Today we’re going to talk about building security into DevOps versus bolting it on, specifically for containers. Containers are … More

The post Building security into DevOps versus bolting it on appeared first on Help Net Security.

eBook: 9 Tips to Supercharge Your IT Security Career

Demand for IT security skills has never been higher. As cybercrime rises, the world faces a shortfall of 1.8 million cybersecurity professionals by 2022. Now’s the time to own your future. (ISC)² research shows 70% of employers plan to hire cybersecurity staff. But many organizations don’t really know what they need to secure the enterprise. To get ahead, you need to plan your strategy now. This Career eBook explains employer challenges and how you can … More

The post eBook: 9 Tips to Supercharge Your IT Security Career appeared first on Help Net Security.

Latest Hacking News Podcast #125

MageCart hits Newegg, Mirai botnet operators cooperate with FBI and UK ICO fines Equifax £500,000 on episode 125 of the Latest Hacking News Podcast.

Latest Hacking News Podcast #125 on Latest Hacking News.

Winamp’s new beta version 5.8 leaks online

Winamp 5.8 beta leak surfaces on the web

A beta version of the upcoming Winamp 5.8 has been leaked online where it is being distributed heavily.

For those unaware, Winamp is one of the oldest popular MP3 players for Microsoft Windows devices, that supports numerous audio and video formats. Released in 1997, Winamp was originally developed by Justin Frankel and Dmitry Boldyrev by their company Nullsoft, which they later sold to AOL in 1999 for $80 million.

In November 2013, AOL announced that it would be shutting down Winamp.com in December 2013, and the software would no longer be available for download, nor supported by the company after that date. While the shutdown did not take place, but in January 2014, it was announced that Winamp was acquired by Radionomy, owners of the platform to create, discover, and listen-to online radio stations, for an undisclosed sum.

After the acquisition, Radionomy relaunched the Winamp website and made it available for download again. Back then, the company had promised to release a new version of Winamp with numerous features. However, no new stable version has been developed since Radionomy’s acquisition of Winamp in 2014.

Now, more than 4 years later, an anonymous user has uploaded a beta version of Winamp 5.8 media player leaked build that dates back to October 26, 2016. This leaked version also happens to be the first Winamp beta released under Radionomy’s umbrella. There are many change logs of the leaked build that mentions several new features and improvements, including the full compatibility with Windows 10 and Windows 8.1. The changes of the beta version have been listed on a forum post on the official Winamp forum.

Please note that Radionomy has not released the stable version of Winamp 5.8 yet, which means that the .exe uploaded online could contain numerous bugs and may lead to unexpected software crashes.

Hence, it is advisable not to install the media player yet. However, if you still choose to install it, it will be at your own risk and Techworm shall not be responsible for any consequences. You can download the file from here.

The post Winamp’s new beta version 5.8 leaks online appeared first on TechWorm.

11M Records of E-Marketing Data Exposed Online From Unsecured MongoDB Instance

It has only been a week since we heard of the massive Veeam data leakage from misconfigured MongoDB server incident. The

11M Records of E-Marketing Data Exposed Online From Unsecured MongoDB Instance on Latest Hacking News.

Pirated Windows Instances Have Been Infected with EternalBlue Exploit Code

Avira have published a report that contains information about unpatched Windows Machines which are infected with the EternalBlue Exploit Code.

Pirated Windows Instances Have Been Infected with EternalBlue Exploit Code on Latest Hacking News.

Bogus finance apps on Google Play target users worldwide

ESET researchers have discovered malicious apps impersonating various financial services and the Austrian cryptocurrency exchange Bitpanda on Google Play. The fake apps Uploaded to Google’s official app store in June 2018 and collectively downloaded and installed over a thousand times, upon launch the apps would immediately request the user to enter credit card details and/or login credentials to the targeted bank or service. The entered information would then be sent to the attacker’s server, and … More

The post Bogus finance apps on Google Play target users worldwide appeared first on Help Net Security.

GovPayNow Website Leaked Data Of 14 Million Customers Publicly

Once again, a website flaw leaked data of millions of customers online. This time, it is the website of the

GovPayNow Website Leaked Data Of 14 Million Customers Publicly on Latest Hacking News.

DerpNStink – Vulnhub CTF Challenge Walkthrough

DerpNStink is available at Vulnhub. It is compatible with both VMWare and Virtualbox. According to the author, this machine is

DerpNStink – Vulnhub CTF Challenge Walkthrough on Latest Hacking News.

Staff at Amazon Being Investigated Over Selling of Customer Data

Amazon have confirmed that there is an internal investigation currently occurring over allegations that staff have been stealing confidential customer

Staff at Amazon Being Investigated Over Selling of Customer Data on Latest Hacking News.

Many Android Apps Are Targeting Children in Their Advertising Campaigns

Last Week, Attorney General Hector Balderas has filed a lawsuit against the company TinyLab who gave been exploiting kids through

Many Android Apps Are Targeting Children in Their Advertising Campaigns on Latest Hacking News.

Malicious hacking activity increasingly targeting critical infrastructure

In this podcast, Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions, and Edward Amoroso, CEO of TAG Cyber, talk about how the traditional focus of most hackers has been on software, but the historical focus of crime is on anything of value. It should come as no surprise, therefore, that as operational technology (OT) and industrial control system (ICS) infrastructure have become much more prominent components of national critical infrastructure, that malicious hacking … More

The post Malicious hacking activity increasingly targeting critical infrastructure appeared first on Help Net Security.

Why humans are necessary to the threat hunting process

For thousands of years, humans have worked to collect intelligence on their enemies. Intelligence gathering is not a new practice; in fact, it is one of the oldest war tactics dating back to biblical times, when warlords and army commanders used it to gain advantages over their rivals. However, the methods have changed as new technologies and new forms of “warfare” have been developed. In recent years, cyber-attacks have led to an entirely new host … More

The post Why humans are necessary to the threat hunting process appeared first on Help Net Security.

83% of SMB owners have no cash put aside to deal with the fallout from a cyber attack

Small businesses are leaving themselves exposed to significant financial risk from cybercrime by not having adequate measures in place to recover in the event of a cyber attack. That’s according to the findings of InsuranceBee’s Cyber Survey, which asked more than 1,000 SMBs how prepared they are to deal with cybercrime. Although the average cost for small and medium-sized businesses to recover from a cyber attack is estimated to be $120,000, 83% of SMBs do … More

The post 83% of SMB owners have no cash put aside to deal with the fallout from a cyber attack appeared first on Help Net Security.

Regtech to account for 40% of global compliance spend by 2023

A new study from Juniper Research has found that spending on Regtech platforms will exceed $115 billion by 2023, up from an estimated $18 billion in 2018. The research found increased regulatory pressures, as demonstrated by the recent GDPR implementation, are driving businesses towards Regtech to meet greater compliance challenges. According to the research, any heavily regulated business sector not prioritising Regtech adoption would risk damaging fines from failing to keep pace with regulatory changes. … More

The post Regtech to account for 40% of global compliance spend by 2023 appeared first on Help Net Security.

Latest Hacking News Podcast #124

US State Department email system hacked, Judge rejects paperless voting machine ban though convinced they are vulnerable and Pegasus spyware being used illegally on episode 124 of our daily podcast.

Latest Hacking News Podcast #124 on Latest Hacking News.

Peekaboo Zero-Day Vulnerability Allows Hacking of Surveillance Cameras

iOT based security cameras from various vendors invites opportunities for flaws. Recently, researchers have discovered a similar vulnerability that allows hacking

Peekaboo Zero-Day Vulnerability Allows Hacking of Surveillance Cameras on Latest Hacking News.

H.A.S.T.E – Vulnhub CTF Challenge Walkthrough

H.A.S.T.E is available at Vulnhub. This is not a Boot2Root Challenge and getting lower shell is enough. This VM is

H.A.S.T.E – Vulnhub CTF Challenge Walkthrough on Latest Hacking News.

Facebook Bug Bounty Program Expands To Include Third-Party Apps

In the post-Cambridge Analytica phase, Facebook appears to have worked extensively towards user data privacy. Although, even after the Cambridge Analytica

Facebook Bug Bounty Program Expands To Include Third-Party Apps on Latest Hacking News.

Facebook offers bounties for user token bugs in third-party apps, websites

Facebook is expanding its bug bounty program to include vulnerabilities in third-party apps and websites that involve improper exposure of Facebook user access tokens. What’s in scope? “Access tokens allow people to log into another app using Facebook and are uniquely generated for the specific person and app,” security engineer Dan Gurfinkel noted. “If exposed, a token can potentially be misused, based on the permissions set by the user. We want researchers to have a … More

The post Facebook offers bounties for user token bugs in third-party apps, websites appeared first on Help Net Security.

Insurance experts expect higher cyber-related losses

Insurance companies are expecting increased cyber-related losses across all business lines over the next 12-months, driven by increasing reliance on technology and high-profile cyber-attacks, according to Willis Towers Watson. The survey reveals that over 60% of respondents estimate it is likely to incur more than one cyber related loss for every hundred non-cyber covered losses over the next 12 months in all lines of business apart from workers compensation compared to less than 50% in … More

The post Insurance experts expect higher cyber-related losses appeared first on Help Net Security.

Improved features and security fixes in iOS 12, watchOS 5, tvOS 12, and Safari 12

Apple has released new versions of iOS, watchOS, tvOS and Safari and has plugged a number of security holes in each. iOS 12 iOS 12 comes with improved usability, stability, reliability, speed, but also with some interesting new and improved features that should help users choose and manage passwords and use two-factor authentication. Apple software engineer Ricky Mondello has highlighted a number of them, including: A revamped iCloud Keychain password manager that generates passwords when … More

The post Improved features and security fixes in iOS 12, watchOS 5, tvOS 12, and Safari 12 appeared first on Help Net Security.

Indian Government Websites Affected By Cryptojacking Attacks

CoinHive – the infamous cryptominer – started off as a great tool for mining cryptocurrency. However, the malefactors quickly began

Indian Government Websites Affected By Cryptojacking Attacks on Latest Hacking News.

ENISA launches Cybersecurity Strategies Evaluation Tool

The European Union Agency for Network and Information Security (ENISA) has launched a tool that will help EU Member States evaluate their priorities according to their National Cyber Security Strategies. ENISA supports EU Member States Since 2012, ENISA has been supporting the EU Member States to develop, implement and evaluate their National Cyber Security Strategies. To achieve this goal, ENISA has developed several tools, studies, guidelines and a group of experts. Initially, only 12 Member … More

The post ENISA launches Cybersecurity Strategies Evaluation Tool appeared first on Help Net Security.

Google Will “Temporarily” Bring Back The WWW And M Subdomains In Chrome 69

Around a week ago, Google announced its decision to hide the WWW and M subdomains from website URLs in it’s

Google Will “Temporarily” Bring Back The WWW And M Subdomains In Chrome 69 on Latest Hacking News.

How to create a Hall of Fame caliber cybersecurity playbook

Whether the sport is football, basketball or hockey, all the best coaches have playbooks and reports with the latest information on opponents. They study the playing field and never go into a game unprepared, spending hours fine tuning strategies, whether that’s finding the perfect angle to swoop past defenders or knowing an offenses’ weakness and stopping them dead in their tracks. Cybersecurity should be no different. Sure, you’re not a quarterback looking for a lane … More

The post How to create a Hall of Fame caliber cybersecurity playbook appeared first on Help Net Security.

Seizing cyber resilience mastery in financial services

Despite the volume of cyberattacks doubling in 2017, financial services firms are closing the gap on cyberattacks, having stopped four in five of all breach attempts last year, up from two-thirds in 2016, according to Accenture. However, firms will need to improve their security procedures to heed off increasingly sophisticated attacks powered by new technologies. The study, “2018 State of Cyber Resilience for Financial Services,” is based on a survey of more than 800 enterprise … More

The post Seizing cyber resilience mastery in financial services appeared first on Help Net Security.

Bristol Airport Flight Display Screens Failed After Ransomware Incident

Anyone who visited Bristol Airport during the past few days would have seen a big mess with their flight display

Bristol Airport Flight Display Screens Failed After Ransomware Incident on Latest Hacking News.

Awareness and tendency towards risky online behavior

​Spanning Cloud Apps announced the results of a survey of over 400 full-time U.S. employees on their awareness of and tendency towards risky online behavior. The study measured U.S. workers’ risk aversion for a range of behaviors, including use of online account credentials, susceptibility to phishing attacks and potential for data loss. It found that, while employees are generally risk averse, more than half (55 percent) admitted to clicking links they didn’t recognize, 45 percent … More

The post Awareness and tendency towards risky online behavior appeared first on Help Net Security.

Latest Hacking News Podcast #123

On today's Latest Hacking News Podcast a zero-day flaw exposes surveillance cameras, Altaba agrees to Yahoo breach class-action settlement and Facebook expands it's bug bounty program.

Latest Hacking News Podcast #123 on Latest Hacking News.

A New variant of Brrr Dharma Ransomware has been released

Brrr Dharma Ransomware has released a new variant of their ransomware. The ransomware appends the .brrr extension to files it

A New variant of Brrr Dharma Ransomware has been released on Latest Hacking News.

MageCart Cyber Gang Compromised Feedify Cloud Service Architecture

Cloud service firm Feedify has been compromised by a crime gang known as MageCart. The gang have been very active

MageCart Cyber Gang Compromised Feedify Cloud Service Architecture on Latest Hacking News.

Webroot SecureAnywhere Vulnerability Could Trigger Kernel Exploit In MacOS

Sometimes, the tool that saves your computer can become a threat in itself. It would appear such has occurred with

Webroot SecureAnywhere Vulnerability Could Trigger Kernel Exploit In MacOS on Latest Hacking News.

A CSS-Based Web Attack Can Restart Your iPhone Or Freeze Your Mac

A researcher discovered a new CSS-based web attack that can make your iPhone restart or respring. Moreover, Mac users may

A CSS-Based Web Attack Can Restart Your iPhone Or Freeze Your Mac on Latest Hacking News.

Tech Support Scam Uses “Evil Cursor” Attack To Con Users Into Paying For Assistance

Tech support scams aren’t something new or novel for the internet users. Almost all of us have come across such

Tech Support Scam Uses “Evil Cursor” Attack To Con Users Into Paying For Assistance on Latest Hacking News.

Hackers Exploited Flaw In EOSBet Smart Contract To Steal 44,000 EOS

Once again, the crypto world faced another cyber attack losing several thousands of dollars to hackers. This time, the hackers

Hackers Exploited Flaw In EOSBet Smart Contract To Steal 44,000 EOS on Latest Hacking News.

Windows and Linux Are Being Targeted by Malicious Kodi Add-ons

The Kodi Open-Source Media player has been modified with a malicious script that downloads crypto mining software on Windows and

Windows and Linux Are Being Targeted by Malicious Kodi Add-ons on Latest Hacking News.

Data breaches make companies underperform the market in the long run

While the share prices of companies that experienced a sizeable/huge data breach suffer just a temporary hit, in the long term breached companies underperformed the market, an analysis by consumer tech product review and comparison site Comparitech has shown. This is the site’s second annual analysis into the share prices and overall performance of 24 companies that are listed on the New York Stock Exchange and have suffered a data breach in the last ten … More

The post Data breaches make companies underperform the market in the long run appeared first on Help Net Security.

Microsoft Patched FragmentSmack Vulnerability Targeting Windows

This Tuesday, Microsoft September Patch was rolled out containing fixes for a number of security vulnerabilities. While it gained attention

Microsoft Patched FragmentSmack Vulnerability Targeting Windows on Latest Hacking News.

(IN)SECURE Magazine issue 59 released

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 59 has been released today. Table of contents The importance of career pathing in the cybersecurity industry Securing healthcare organizations: The challenges CISOs face Fingerprinting HTTP anomalies to dissect malicious operations How to keep cryptominers from opening up your IT container boxes Report: Black Hat USA 2018 Vulnerability research and responsible disclosure: Advice from an industry veteran Managing … More

The post (IN)SECURE Magazine issue 59 released appeared first on Help Net Security.

Break out of malware myopia by focusing on the fundamentals

Organizations today suffer from malware myopia, a condition characterized by threat-centric security programs caused by the ease of imagining a takedown by malicious code. Malware myopia is a mental bug; a defect in reasoning that scrambles people’s judgment. If asked point-blank, few would say that malware is an existential threat. To be sure, it is vital to acknowledge that an attacker only has to be ‘right’ once, and given eye-catching headlines surrounding new forms of … More

The post Break out of malware myopia by focusing on the fundamentals appeared first on Help Net Security.

How to gain visibility with global IT asset inventory

In this podcast recorded at Black Hat USA 2018, Pablo Quiroga, Director of Product Management at Qualys, talks about how to gain unprecedented visibility with global IT asset inventory. Here’s a transcript of the podcast for your convenience. My name is Pablo Quiroga. I’m the Director of Product Management at Qualys, and today I’m going to be speaking about how to gain unprecedented visibility with global IT asset inventory. A complete visibility of your IT … More

The post How to gain visibility with global IT asset inventory appeared first on Help Net Security.

Data privacy automation: Unlock your most valuable asset

In years past, data privacy was the purview of the chief privacy officer. However, increasingly, CTOs are being tasked with operationalizing a data privacy solution for the company. That’s because data privacy is fundamentally a data issue, with privacy being an outcome of a comprehensive data protection strategy. In a world of exploding data, it’s impossible for privacy professionals using manual, survey-based approaches to stay on top of this ever-changing sea of information. Companies constantly … More

The post Data privacy automation: Unlock your most valuable asset appeared first on Help Net Security.

Latest Hacking News Podcast #122

Ransomware hits Bristol Airport, officials warn of Hurricane Florence phishing scams and former Anonymous hacker raises $2.5 million for start-up on today's episode of Latest Hacking News Podcast.

Latest Hacking News Podcast #122 on Latest Hacking News.

Intel Patched A Vulnerability Leaking Intel ME Encryption Keys

Despite continuous patches, Intel CPUs keep making the news for one or another vulnerabilities being spotted by researchers. While numerous

Intel Patched A Vulnerability Leaking Intel ME Encryption Keys on Latest Hacking News.

Week in review: API security, malware-less email attacks, reversing the cybersecurity skills shortage

Here’s an overview of some of last week’s most interesting news and articles: What can we do to reverse the cybersecurity skills shortage? Having a strong pipeline of talent coming through is vital to help organizations and individuals protect themselves. How do you feed that pipeline, though? Verizon details breaches they were called in to investigate Last year, Verizon Enterprise Solutions released a Data Breach Digest that gathered 16 cybercrime case studies. This year, each … More

The post Week in review: API security, malware-less email attacks, reversing the cybersecurity skills shortage appeared first on Help Net Security.

New Cold Boot Attacks Can Evade Current Mitigations

Many people tend to put laptops to ‘Sleep’ instead of shutting it down. Whether you’re at home, or at your

New Cold Boot Attacks Can Evade Current Mitigations on Latest Hacking News.

Microsoft September Patch Fixed 61 Vulnerabilities Including A Zero-Day

Last month, Microsoft Patch Tuesday addressed 60 vulnerabilities that also included two zero-day flaws. This month also, the tech giant

Microsoft September Patch Fixed 61 Vulnerabilities Including A Zero-Day on Latest Hacking News.

Lin.Security – Vulnhub CTF Challenge Walkthrough

Lin Security is available at Vulnhub. This VM is made for “Beginners” to master Privilege Escalation in Linux Environment using

Lin.Security – Vulnhub CTF Challenge Walkthrough on Latest Hacking News.

Canadian town forced to pay Bitcoin after nasty ransomware attack

By Uzair Amir

The town of Midland, Ontario, Canada, has decided to pay cybercriminals after its servers were targeted and infected with a nasty ransomware on Saturday, September 1, at approximately 2 a.m. The total amount of ransom payment has not been disclosed but the demand from cybercriminals was that they must be paid in Bitcoin if the town wants […]

This is a post from HackRead.com Read the original post: Canadian town forced to pay Bitcoin after nasty ransomware attack

Veeam Left Nearly Half-A-Billion! Records Exposed

Veeam, A company that handles backup disaster recovery and intelligent data management software based in Switzerland markets itself as one

Veeam Left Nearly Half-A-Billion! Records Exposed on Latest Hacking News.

Cyberry – Vulnhub CTF Challenge Walkthrough

Cyberry is available at  Vulnhub. This machine works on both VMware and Virtualbox. This VM is intended for “intermediates” and

Cyberry – Vulnhub CTF Challenge Walkthrough on Latest Hacking News.

Preventing exfiltration of sensitive docs by flooding systems with hard-to-detect fakes

A group of researchers from Queen’s University (Canada) have proposed a new approach for keeping important documents safe: creating so many believable fakes that attackers are forced either to exfiltrate them all or to try to find the real one from within the system. Of course, both actions carry an increased risk of detection. They’ve also demonstrated that creating and maintaining many fakes can be relatively inexpensive for the defenders, that the real document can … More

The post Preventing exfiltration of sensitive docs by flooding systems with hard-to-detect fakes appeared first on Help Net Security.

Tech support scammers leverage “evil cursor” technique to “lock” Chrome

Tech scammers are constantly coming up with new techniques to make users panic and seek their bogus services. The latest one, documented by Malwarebytes researchers, has been dubbed “evil cursor”. “Evil cursor” The trick works against a recent version of Google Chrome (69.0.3497.81) and prevents the victims from closing a tab or browser window by clicking on the “X” in the upper right corner. The victims believe that they are pressing the “X”, but code … More

The post Tech support scammers leverage “evil cursor” technique to “lock” Chrome appeared first on Help Net Security.

North Korean hacker officially charged for the WannaCry attacks

Korean Hacker charged for WannaCry

Last month, we warned of the dangers that the FBI’s most wanted cybercriminals pose. Among these criminals are the perpetrator of the cyberattacks against HBO and the developer of the Zeus malware. And there is now a new name at the top of the list.

Park Jin Hyok, who has officially been charged by the US Department of Justice for carrying out the WannaCry attacks, among other cybercrimes.

According to the investigators, Park works for a company called Korean Expo Joint Venture, a front for the Korean government that, alongside illegal activities, also carries out legitimate software and IT support. Apart from working in this company, Park allegedly belongs to the hacking group known, among other names, as Lazarus Group – a group that has carried out numerous cyberattacks against South Korea.

One of the clues that helped track down Park was his use of free email services such as Gmail, which he used both for legitimate business at his company, and to carry out phishing attacks and other crimes.

As well as the criminal charges, the Treasury Department has announced that it will impose sanctions against Park and against the company. In a statement, it said, “North Korea has demonstrated a pattern of disruptive and harmful cyber activity that is inconsistent with the growing consensus on what constitutes responsible state behavior in cyberspace.”

While it is unlikely that Park will ever be handed over the the US authorities, according to Martyn Williams, a journalist specialized in North Korean affairs, it is a symbolic step from the American government: an official accusation against the North Korean government is a rare move.

A long criminal record

The most notorious cybercrime of which Park is accused is WannaCry, the 2017 global ransomware attack that affected computers in over 150 countries, and had an estimated cost of up to $4 billion worldwide.

Another accusation is that he was behind the 2014 hack of Sony Pictures. This attack was carried out using a piece of malware called Destover. During the incident, 100 terabytes of information was leaked, including personal emails, films, information about salaries, and scripts of future films.

Suspicions about this attack already fell on North Korea at the time, due in part to the fact that one of the attackers’ demands was the withdrawal of the film ‘The Interview’, in which two journalists attempt to assassinate the North Korean leader, Kim Jong Un.

Along with these cyberattacks, he is also accused of being involved in the 2016 robbery of the Bangladesh Central Bank. Using sophisticated malware to have visibility of the IT system, the attackers were able to observe how the bank’s operations worked. With this information, they carried out fraudulent transactions worth $850 million dollars. According to the FBI report, the malware could have got onto the system using a version of the BEC scam [p. 58 of the report].

Although the bank was able to recover a large part of the money –  it is estimated that the bank’s total loss was around $81 million – it was still one of the largest thefts of this type in history.

How to keep your company safe from the most wanted cybercriminals

One of the main reasons to hire a cybersecurity solution for your company is to gain time: having the right tools to be able to react immediately to a cyberattack can make the difference between being a victim and staying safe.

One way to do so is to have a cybersecurity suite that provides an active search for threats. This way, the company can stay ahead of cybercriminals and react before an attack takes place. This is exactly what Panda Adaptive Defense 360’s Threat Hunting service does.

This managed service from Panda provides visibility of all activity on the corporate network, so that you know exactly what is happening at all times. Adaptive Defense 360 classifies 99.98% of processes via machine learning, and the remaining 0.02% are classified by Panda’s expert cybersecurity analysts. Advanced technologies like this allowed Panda to protect all clients with Adaptive Defense installed in Lock mode from WannaCry. It is an advanced cybersecurity solution that is still protecting the endpoints of companies all over the world.

The post North Korean hacker officially charged for the WannaCry attacks appeared first on Panda Security Mediacenter.

New Ransomware Named PyLocky Discovered

Security experts at Trend Micro have found a new Ransomware strain named PyLocky which has been involved in attacks between July

New Ransomware Named PyLocky Discovered on Latest Hacking News.

New infosec products of the week​: September 14, 2018

Exabeam adds updated Case Management module to behavioral analytics product Exabeam Case Management is a module that provides a user interface designed for the workflows of security teams, and that adds intelligence to help analysts resolve incidents. Machine learning helps make the interface context aware, presenting users with fields, values, and data for different incident types. The resulting workflows bring details to analysts when and where they are needed. Arxan launches advanced protection for client-side … More

The post New infosec products of the week​: September 14, 2018 appeared first on Help Net Security.

Researchers exploring how IoT apps can to imitate human decisions

CA Technologies announced its participation in scientific research to discover how Internet of Things (IoT) applications can use a type of AI known as ‘deep learning’ to imitate human decisions. The research will also explore how to prevent that AI-based decisions are not producing biased results. This three-year research project is named ALOHA (adaptive and secure deep learning on heterogeneous architectures). “The future of all technologies will include AI and deep learning in some way,” … More

The post Researchers exploring how IoT apps can to imitate human decisions appeared first on Help Net Security.

Latest Hacking News Podcast #121

Cold Boot attacks are back, a Nigerian email scammer gets sentenced and 2 billion devices still vulnerable to old Bluetooth flaws on episode 121 of the Latest Hacking News Podcast.

Latest Hacking News Podcast #121 on Latest Hacking News.

Researchers Discover Vulnerability in Tesla Model S Key

A group of COSIC experts form KL Leuven University in Belgium have developed a new relay attack called Passive Key

Researchers Discover Vulnerability in Tesla Model S Key on Latest Hacking News.

Latest Hacking News Podcast #120

MageCart infecting Feedify sites, malware campaign targeting Jaxx cryptocurrency wallet and mobile cyber crime increasing on episode 120 of Latest Hacking News Podcast.

Latest Hacking News Podcast #120 on Latest Hacking News.

GDPR lands at British Airways: How did the hackers manage to get in?

Data Breach GDPR

A few days after British Airways suffered the worst cyberattack in its history, the airline still hasn’t revealed any technical details about the breach – beyond the official apology – to the over 380,000 users whose data was compromised after making purchases on BA’s website. As well as the ensuing official notification to the appropriate authorities and all the affected clients

Names, email addresses, and credit card details – including numbers, expiry dates and CVV security codes – have been stolen. A few hints that have allowed cybersecurity experts, such as Professor Alan Woodward, to get an idea of how the hackers were able to sneak onto BA’s website and app between August 21 and September 5. This was an attack similar to the one recently suffered by Ticketmaster, after a customer service chatbot was labeled as the potential cause of an infraction that affected over 40,000 users in the UK. In fact, in the last few hours, information has emerged that suggests that the perpetrators of this attack may also be behind the British Airways hack.

Money has wings…

Until a few months ago, companies would shrug their shoulders when faced with attacks of this type. The greatest concern during previous cyberattacks was the potential damage to reputations. But now, with the new General Data Protection Regulation and the fines that infringing it can lead to, there is a new threat for the coffers of companies that fall victim to security breaches like this, affecting both clients’ and investors’ pockets. And BA’s case has been no exception.

The most immediate consequence? Shares in IAG, the parent company of British Airways, fell around 3% on the Ibex and on the FTSE after the attack and its scope were revealed. This meant a 456 million Euro drop in in its market value on Friday, after it emerged that hackers had stolen the payment details of 380,000 clients.

British Airways’ chairman and CEO, Álex Cruz, hasn’t explained how the data was stolen, though he has denied that the attackers had managed to breach the company’s encryption. “There were other methods, very sophisticated methods, that criminals used to obtain that data,” he said in an interview with the BBC

However, Professor Woodward, in his statements, said, “You can put the strongest lock you like on the front door, but if the builders have left a ladder up to a window, where do you think the burglars will go?” The controversy is here.

How to avoid the fines

While it can’t be 100% categorically stated that it was a script attack that compromised British Airways’ security services, it does seem to be the most likely cause. However, other theories even talk about an expert within the company manipulating the website with malicious intent. The fact is that the airline is going through a rough patch as far as its IT system is concerned.

This incident has been a lesson, and has also underlined the need to invest in cybersecurity in order to demonstrate that enough is being done to safeguard sensitive data. Because the only way to avoid paying economic sanctions is to keep these security breaches from happening.

It has recently been shown that the difficulty experienced by large companies when it comes to locating the unstructured data in their systems could be a question of volume. In fact, 65% of companies collect so much data that they’re unable to categorize or analyze it.  If we take into account the nature of British Airways, the largest European airline, we can get an idea of the sheer amount of personal data managed by their systems.

These days, there are advanced cybersecurity solutions specifically designed to provide support for the whole IT team, with the aim of avoiding situations like the one that BA has gone though. One such solution is Panda Data Control.

What will happen with those clients who decide to request to have their data permanently deleted from one of these platforms? In this case, the companies must have a highly detailed inventory of where all their data is, a perfect chart of this information, and almost notarial control in order to be able to prove the complete deletion of the data from all systems. All of this is offered by Panda Data Control, to ensure that users can exercise their right to be forgotten with total transparency and be able to certify it.

This data protection solution, which is integrated into Panda Adaptive Defense, allows you to discover, audit and monitor unstructured personal and sensitive data on your company’s endpoints: from data at rest, to data in use and data in motion.

It identifies the files that contain personal data (PII) and records any kind of access to it, alerting in almost real time about leaks, use, and suspicious or unauthorized traffic.

Total visibility of files, users, devices and servers that access this information, so you can supervise any action carried out on the personal information that you store.

Because the most important thing when it comes to mitigating the risks related to data is to be extremely careful with how personal information is dealt with, and it is vital to know where data is stored and to know who has access to it.

The post GDPR lands at British Airways: How did the hackers manage to get in? appeared first on Panda Security Mediacenter.

British Airways Website and App Compromised

The customer data of more than 380,000 people have been compromised. British Airways (BA), the largest airline in the United Kingdom, operating flights to almost every major city in the US, has been attacked by hackers.

Cybercriminals have stolen the personal and financial details of hundreds of thousands of BA customers. The data includes credit card details and other banking information, as well as names, addresses, and phone numbers of people who have used the website and the app between 22:58 BST August 21st, 2018 and 21:45 BST September 5th, 2018. According to British Airways, the stolen data does not include passport details. Currently is not known if the hackers have been able also to access saved cards on the website.

The data breach was announced earlier this week on the company’s blog. According to the statement released by BA, the breach is now resolved, and both the website and the app are safe to use. The airline carrier has hired a team of experts who currently are investigating the cause of the breach. BA has notified the police and all relevant authorities about the incident. It is still unknown who is behind the attack and if the stolen data has already been used for fraudulent transactions.

Alex Cruz, British Airways’ Chairman, and Chief Executive Officer said “We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously.”

The UK airline has already started approaching the potential victims assuring them to keep an eye on their bank accounts and report any unusual account activities to the bank. If you’ve purchased anything from British Airways over the last few weeks, your identity and finances might be in potential trouble.

British Airways angered its customers by tweeting about the leak instead of approaching the victims directly. Even though BA is a company that bills itself as the world’s favorite airline, this is an excellent example that even companies that strive to take data protection very seriously sometimes fall victims to hackers and experience technical issues.

It is your responsibility to change passwords at least once every three months, monitor your bank statements, and have antivirus software installed on all your connected devices – hackers know that people will be expecting emails from BA and will start sending phishing emails.

Keep your eyes wide open and don’t fall victim!

Download your Antivirus

The post British Airways Website and App Compromised appeared first on Panda Security Mediacenter.

Insurance Occurrence Assurance?

You may have seen my friend Brian Krebs’ post regarding the lawsuit filed last month in the Western District of Virginia after $2.4 million was stolen from The National Bank of Blacksburg from two separate breaches over an eight-month period. Though the breaches are concerning, the real story is that the financial institution suing its insurance provider for refusing to fully cover the losses.

From the article:

In its lawsuit (PDF), National Bank says it had an insurance policy with Everest National Insurance Company for two types of coverage or “riders” to protect it against cybercrime losses. The first was a “computer and electronic crime” (C&E) rider that had a single loss limit liability of $8 million, with a $125,000 deductible.

The second was a “debit card rider” which provided coverage for losses which result directly from the use of lost, stolen or altered debit cards or counterfeit cards. That policy has a single loss limit of liability of $50,000, with a $25,000 deductible and an aggregate limit of $250,000.

According to the lawsuit, in June 2018 Everest determined both the 2016 and 2017 breaches were covered exclusively by the debit card rider, and not the $8 million C&E rider. The insurance company said the bank could not recover lost funds under the C&E rider because of two “exclusions” in that rider which spell out circumstances under which the insurer will not provide reimbursement.

Cyber security insurance is still in its infancy and issues with claims that could potentially span multiple policies and riders will continue to happen – think of the stories of health insurance claims being denied for pre-existing conditions and other loopholes. This, unfortunately, is the nature of insurance. Legal precedent, litigation, and insurance claim issues aside, your organization needs to understand that cyber security insurance is but one tool to reduce the financial impact on your organization when faced with a breach.

Cyber security insurance cannot and should not, however, be viewed as your primary means of defending against an attack.

The best way to maintain a defensible security posture is to have an information security program that is current, robust, and measurable. An effective information security program will provide far more protection for the operational state of your organization than cyber security insurance alone. To put it another way, insurance is a reactive measure whereas an effective security program is a proactive measure.

If you were in a fight, would you want to wait and see what happens after a punch is thrown to the bridge of your nose? Perhaps you would like to train to dodge or block that punch instead? Something to think about.

Free SANS Webinar: I Before R Except After IOC

Join Andrew Hay on Wednesday, July 25th, 2018 at 10:30 AM EDT (14:30:00 UTC) for an exciting free SANS Institute Webinar entitled “I” Before “R” Except After IOC. Using actual investigations and research, this session will help attendees better understand the true value of an individual IOC, how to quantify and utilize your collected indicators, and what constitutes an actual incident.

Overview
Just because the security industry touts indicators of compromise (IOCs) as much needed intelligence in the war on attackers, the fact is that not every IOC is valuable enough to trigger an incident response (IR) activity. All too often our provided indicators contain information of varying quality including expired attribution, dubious origin, and incomplete details. So how many IOCs are needed before you can confidently declare an incident? After this session, the attendee will:

  • Know how to quickly determine the value of an IOC,
  • Understand when more information is needed (and from what source), and
  • Make intelligent decisions on whether or not an incident should be declared.

Register to attend the webinar here: https://www.sans.org/webcasts/108100.

Security newsround: July 2018

We round up reporting and research from across the web about the latest security news and developments. This month: stress test for infosec leaders, cybercrime by the numbers, financial fine for enabling cyber fraud, third party risk leads to Ticketmaster breach, Privacy Shield in jeopardy, and a win for Wi-Fi as security improves.

Under pressure: stress levels rise for security professionals

Tense, nervous headache? You might be working in information security. A global survey of 1,600 infosec leaders has found that the role is under more stress than ever. Rising malware threats, a shortage of skilled people, and budget constraints are producing a perfect storm of pressure on professionals. The findings come from Trustwave’s 2018 Security Pressures Report. It found that the trend of increasing stress has been edging steadily upwards since its first report five years ago.

Some 54 per cent of respondents experienced more pressure to secure their organisation in 2017 compared to the previous year. More than half (55 per cent) also expect 2018 to bring more pressure than 2017 did. Dark Reading quoted Chris Schueler of Trustwave saying the pressure to perform will push security leaders to improve performance or burn out. SecurityIntelligence led with the angle that the biggest obligation facing security professionals is preventing malware. Help Net Security has a thorough summary of the findings.

There was some good news: fewer professionals reported feeling pressure to buy the latest security tech compared to past years. The full report is available to download here.

CEO fraud scam hits companies hard

CEO fraud, AKA business email compromise, was the internet crime most commonly reported to the FBI during 2017. Victims lost a combined amount of more than $676 million last year, up almost 88 per cent compared to 2016. Total cybercrime-related losses totalled $1.42 billion last year. The data comes from the FBI’s 2017 Internet Crime Report, which it compiles from public complaints to the agency. (No vendor surveys or hype here.)

The next most prominent scams were ransomware, tech support fraud, and extortion, the FBI said. Corporate data breaches rose slightly in number year on year (3,785 in 2017, up from 3,403 in 2016) but the financial hit decreased noticeably ($60.9 million in 2017 vs $95.9 million in 2016). There were broadly similar numbers of fake tech support scams between 2017 and 2016, but criminals almost doubled their money. The trends in the report could help security professionals to evaluate potential risks to their own organisation and staff.

Asset manager’s lax oversight opens door to fraud and a fine

Interesting reading for security and risk professionals in the Central Bank of Ireland’s highly detailed account of a cyber fraud. Governance failings at Appian Asset Management led to it losing €650,000 in client funds to online fraud. Although Appian subsequently replaced the funds in the client’s account, the regulator fined the firm €443,000. A CBI investigation uncovered “significant regulatory breaches and failures” at the firm, which exposed it to the fraud. It’s the first time the Irish regulator has imposed such a sanction for cyber fraud.

The fraud took place over a two-month period, starting in April 2015. The CBI said a fraudster hacked the real client’s webmail account to impersonate them during email correspondence with an Appian employee. The fraudster also used a spoofing technique to mimic that employee’s email address. The criminal intercepted messages from the genuine client and sent replies from the fake employee email to hide traces of the scam.

The press release runs to more than 3,200 words, and also goes into great detail about the gaps in policy and risk management at Appian.

Tales from the script: third-party app flaw leads to Ticketmaster data breach

As growing numbers of websites rely on third-party scripts, it’s vital to check they don’t put sites’ security at risk. That’s one of the lessons from the data breach at Ticketmaster UK. The company discovered malicious code running on its website that was introduced via a customer chat feature. This exposed sensitive data, including payment details, of around 40,000 customers. Anyone who bought a ticket on its site between September 2017 and June 2018 could be at risk, Ticketmaster warned.

On discovering the breach, Ticketmaster disabled the code across all its sites. The company contacted all affected customers, recommending they change their passwords. It published a clearly worded statement to answer consumer questions, and offered free 12-month identity monitoring.

Although this first seemed like good crisis management and proactive breach notification, the story didn’t end there. Inbenta Technologies, which developed the chat feature, weighed in with a statement shifting some blame back towards Ticketmaster. The vulnerability came from a single piece of custom JavaScript code Inbenta had written for Ticketmaster. “Ticketmaster directly applied the script to its payments page, without notifying our team. Had we known that the customised script was being used this way, we would have advised against it, as it incurs greater risk for vulnerability,” Inbenta CEO Jordi Torras said.

Then Monzo, a UK bank, blogged in detail about the steps it took to protect its customers from the fallout. This included the bombshell that Ticketmaster knew about the breach in April, although the news only went public in June. Wired said these developments showed the need to thoroughly investigate potential breaches, and to remember subcontractors when assessing security risks.

Privacy Shield threat puts EU-US data sharing in doubt

US authorities have two months to start complying with Privacy Shield or else MEPs have threatened to suspend it. The EU-US data sharing framework replaced the Safe Harbor framework two years ago. Privacy Shield was supposed to extend the same rights for protecting EU citizens’ data as they have in Europe. In light of the Facebook-Cambridge Analytica scandal (both of which were certified under Privacy Shield), it seems that’s no longer the case.

MEPs consider privacy and data protection as “fundamental rights … that cannot be ‘balanced’ against commercial or political interests”. They voted 303 to 223 in favour of suspending the Privacy Shield agreement unless the US complies with it.

This could have implications for any organisation that uses a cloud service provider in the US. If they are using Privacy Shield as an adequacy decision for that agreement, they may no longer be GDPR-compliant after 1 September. Expect more developments on this over the coming months.

Welcome boost for Wi-Fi security

The Wi-Fi Alliance’s new WPA3 standard promises enhanced security for business and personal wireless networks. It will use a key establishment protocol called Simultaneous Authentication of Equals (SAE) which should prevent offline dictionary-based password cracking attempts. Announcing the standard, the Wi-Fi Alliance said the enterprise version offers “the equivalent of 192-bit cryptographic strength, providing additional protections for networks transmitting sensitive data, such as government or finance”. Hardware manufacturers including Cisco, Aruba, Broadcom and Aerohive all backed the standard.

Tripwire said WPA3 looks set to improve security for open networks, such as guest or customer networks in coffee shops, airports and hotels. The standard should also prevent passive nearby attackers from being able to monitor communication in the air. The Register said security experts have welcomed the upgrade. It quoted Professor Alan Woodward, a computer scientist at the University of Surrey in England. The new form of authentication, combined with extra strength from longer keys, is “a significant step forward”, he said.

 

The post Security newsround: July 2018 appeared first on BH Consulting.

The Daily Threat Brief: The President Gets A Daily Brief, Shouldn’t You?

The Daily Threat Brief is our version of the President’s Daily Brief (PDB),  focused on cyber threats and tips on being as secure as possible. We provide actionable insights into threat actors and their motivations and also dive into their tactics in ways that will inform your business decisions.

To sign up for the Daily Threat Brief see: CTOvision Newsletter Signups

Our full array of newsletters includes:

  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

 

 

The post The Daily Threat Brief: The President Gets A Daily Brief, Shouldn’t You? appeared first on The Cyber Threat.

The CTOvision Cyberwar and Cybersecurity Weekly

The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. We help you defend your piece of cyberspace at home and at work.

To sign up for the CTOvision Cyberwar and Cybersecurity Weekly see: CTOvision Newsletter Signups

Our full array of newsletters includes:

  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

The post The CTOvision Cyberwar and Cybersecurity Weekly appeared first on The Cyber Threat.

The CTOvision Artificial Intelligence, Big Data and Analytics Weekly

The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.

To sign up for the Weekly AI, Big Data and Analytics Newsletter see: CTOvision Newsletter Signups

Our full array of newsletters includes:

  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

The post The CTOvision Artificial Intelligence, Big Data and Analytics Weekly appeared first on The Cyber Threat.

The CTOvision Weekly Tech Review

The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts for the executive in need of actionable insights which can drive decisions and lead to victory in the market place.

We report on: on Cloud Computing, Artificial Intelligence, Mobility, Big Data, Robotics, Internet of Things, Cybersecurity and Blockchain and Cryptocurrencies.

We also provide focus on high interest topics, including Science Fiction, Entertainment, Cyber War, Tech Careers, Training and Education and Tech Tips.

To sign up for the CTOvision Pro IT Report see: CTOvision Newsletter Signups

Our full array of newsletters includes:

  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

The post The CTOvision Weekly Tech Review appeared first on The Cyber Threat.

The CTOvision Daily: Keep your finger on the pulse of the tech world

The Daily CTOvision.com is produced for the technology executive who needs to stay in the loop on the latest in technology and concepts for applying IT to address business and mission needs. Our daily provides summaries of all reporting.  If we don’t publish it does not go out, but it is never more than once a day.

We report on: on Cloud Computing, Artificial Intelligence, Mobility, Big Data, Robotics, Internet of Things, Cybersecurity and Blockchain and Cryptocurrencies.

We also provide focus on high interest topics, including Science Fiction, Entertainment, Cyber War, Tech Careers, Training and Education and Tech Tips.

To sign up for the CTOvision Daily see: CTOvision Newsletter Signups

Our full array of newsletters includes:

  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

The post The CTOvision Daily: Keep your finger on the pulse of the tech world appeared first on The Cyber Threat.

The CTOvision Monthly Report

CTOvision writes for the enterprise technologist. We provide CTOs, CIOs, CISOs, data scientists and other technologists with insights into emerging tech trends and concepts for making the most of advanced technologies. We organize events focused on thought leadership and provide research insights through a portfolio of newsletters.

Our premier publication is our monthly technology review, sent to over 32,000 technology thought leaders. This monthly summarizes reporting from the CTOvision.com blog as well as tech trends from the IT industry. The monthly also provide links to our technology assessments. The result: readers are provided with deep and actionable insights into the dynamic tech world.

To sign up for the Monthly CTOvision.com Tech Review see: CTOvision Newsletter Signups

Our full array of newsletters includes:

  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

The post The CTOvision Monthly Report appeared first on The Cyber Threat.

Inform your decisions with exquisite intelligence from CTOvision and ThreatBrief

For 10 years, Crucial Point, the consultancy formed by The Cyber Threat author Bob Gourley, has supported business and government decision-makers with action oriented research, consulting and advisory services. We have continually provided insights on our research via products under our CTOvision and ThreatBrief brands.
The current newsletter lineup includes:
  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities. This is our largest distribution list with over 32000 members. As its name implies, it is published once a month.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

The post Inform your decisions with exquisite intelligence from CTOvision and ThreatBrief appeared first on The Cyber Threat.

Interviewed on RSAC TV

I had the pleasure of being interviewed by Eleanor Dallaway, Editor and Publisher – Infosecurity Magazine, on RSA Conference Television (RSAC TV) last week at the annual RSA Security Conference.

In the interview, we spoke of what I had observed on the show floor, the state of the security industry, and I describe my perfect customer in information security.

Windows 10 Update Disrupts Pen Input; Microsoft Offers Potentially Dangerous Fix

A recent Microsoft security update – according to Wacom’s support pages, the OS build 16299.334 – has had a rather unexpected side-effect. Many users of have been experiencing issues where drawing apps, such as Photoshop, no longer function correctly. For example, pressing the pen to the tablet device does not “draw” as it should, but […]

Why the Cyber Criminals at Synack need $25 Million to Track Down Main Safety Faults

The enormous number of hacks in 2014 have propelled information safety into the front of the news and the brains of many companies. Cyber attacks on big enterprises like Target, Sony, and Home Depot lately caused President Obama to call for partnership amongst the two sectors (private and public) in order to share the information

The post Why the Cyber Criminals at Synack need $25 Million to Track Down Main Safety Faults appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Three Hacking Groups You Definitely Need to Know About

Hacker groups began to flourish in the early 1980s with the emergence of computer. Hackers are like predators that can access your private data at any time by exploiting the vulnerabilities of your computer. Hackers usually cover up their tracks by leaving false clues or by leaving absolutely no evidence behind. In the light of

The post Three Hacking Groups You Definitely Need to Know About appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Political analysts caution air plane connections systems that are susceptible to cyber attacks

Marketable and even martial planes have an Achilles heel that could abscond them as susceptible to cyber criminals on the ground, who specialists say could possibly seize cockpits and generate disorder in the skies. At the present, radical groups are thought to be short of the complexity to bring down a plane vaguely, but it

The post Political analysts caution air plane connections systems that are susceptible to cyber attacks appeared first on Hacker News Bulletin | Find the Latest Hackers News.

The Health insurance Company – Premera Blue Cross – of the United States of America was cyber criminally attacks and 11 million records were accessed

Pemera Blue Cross, a United States of America – based health insurance corporation, has confided in that its systems were infringed upon and their security and associability was breached when  cyber criminals hacked the company and made their way in 11 million of their customers’ records. It is the second cyber attack in a row

The post The Health insurance Company – Premera Blue Cross – of the United States of America was cyber criminally attacks and 11 million records were accessed appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Want to have a VPN Server on Your Computer (Windows) Without setting up Any Software?

Windows has the added facility to work as a VPN server, even though this choice is undisclosed. This can work on both versions of Windows – Windows 8 and Windows 7. To enable this, the server makes use of the point-to-point tunneling protocol (PPTP.) This could be valuable for linking to your home system on

The post Want to have a VPN Server on Your Computer (Windows) Without setting up Any Software? appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Anonymous wants to further its engagement in the exploration of space – ‘Unite as Species’

The hack – tivist cyber criminal group Anonymous, more often than not related with cyber campaigns in opposition to fraudulent government administrations and terrorist organizations, has now set its sights on space. They posted a video on the group’s most important You Tube channel on the 18th of March, and called on to everyone through

The post Anonymous wants to further its engagement in the exploration of space – ‘Unite as Species’ appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Microsoft Remote Desktop Connection Manager

Imagine having the access and control to your computer to any place in the world from your iPhone. That would be really futuristic, no? Actually, this is not because there are applications available that can let you tap into your computer from on your mobile. These remote control applications do more than simply allow you

The post Microsoft Remote Desktop Connection Manager appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Vanished in 60 seconds! – Chinese cyber criminals shut down Adobe Flash, Internet Explorer

Associates of two Chinese cyber crime teams have hollowed out the best prizes at a main yearly hacking competition held in Vancouver, Canada. Cyber attackers at Pwn2Own, commenced in 2007, were triumphant in violating the security of broadly -used software including Adobe Flash, Mozilla’s Firefox browser, Adobe PDF Reader and Microsoft’s freshly – discontinued Internet

The post Vanished in 60 seconds! – Chinese cyber criminals shut down Adobe Flash, Internet Explorer appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Researcher makes $225,000, legally, by cyber attacking browsers

A single researcher who is actually a cyber criminal made $225,000 this week  – that too all by legal means! This cyber research hacker cyber criminally attacked browsers this past week. For the past two days, safety researchers have tumbled down on Vancouver for a Google – sponsored competition called Pwn – 2 – Own,

The post Researcher makes $225,000, legally, by cyber attacking browsers appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Security Beyond The Perimeter

Whether we like it or not, the way we architect, utilize, and secure the networks and systems under our control has changed. When servers were safely tucked away behind corporate firewalls and perimeter-deployed intrusion prevention controls, organizations became complacent and dependent on their host security. Unfortunately, inadequately architected security controls that rely solely on broad network-based protection can make the migration of an organization’s systems to private, public, and hybrid cloud hosting even more exposed to attackers than they were before.

Everyone has heard the “defense in depth” analogy relating security to a medieval castle with controlled access to different locations of the castle and a defensive moat around the perimeter. This “hard outside” and “soft inside” model was designed to make it as difficult as possible to get past the perimeter. However, once inside the walls, the trusted individual had elevated access to resources within the network.

Unsurprisingly, the medieval defense analogy has lost much of its relevance in a world where systems and users move effortlessly from within the confines of a walled corporation, to a local coffee shop, and perhaps even to a different country as part of normal business operations.

Securing the next generation of hosting platforms requires a new approach that not every organization is ready for. Some industry analyst firms promote the idea of a “cloud first strategy” for all technology deployments. Though not a bad idea, per se, this doesn’t mean that forklifting your entire architecture into cloud or containerized environments should be your number one priority – especially if you’re being forced to choose between a new architecture and the traditional security controls that you depend upon.

Thankfully, technology has evolved to allow for more seamless security in environments that need to span traditional datacenters, virtualization, and cloud environments. This has allowed organizations to grow their capabilities without the need to choose between having security and having new technology stacks.

So how do we, as security professionals and business owners, decide what mitigating controls should be deployed to future-proof our security? It’s actually much easier than it sounds. To learn more about how to perform security beyond the perimeter please read my full post on https://www.juniper.net/us/en/dm/security-beyond-the-perimeter/.

The Hay CFP Management Method

By Andrew Hay, Co-Founder and CTO, LEO Cyber Security.

I speak at a lot of conferences around the world. As a result, people often ask me how I manage the vast number of abstracts and security call for papers (CFPs) submissions. So I thought I’d create a blog post to explain my process. For lack of a better name, let’s call it the Hay CFP Management Method. It should be noted that this method could be applied to any number of things from blog posts to white papers and scholastic articles to news stories. I have successfully proven this methodology for both myself and my teams at OpenDNS, DataGravity, and LEO Cyber Security. Staying organized helped manage the deluge of events, submitted talks, and important due dates in addition to helping me keep track of where in the world my team was and what they were talking about.

I, like most people, started managing abstracts and submissions by relying on email searches and documents (both local and on Google Drive, Dropbox, etc.). Unfortunately, I didn’t find this scaled very well as I kept losing track of submitted vs. accepted/rejected talks and their corresponding dates. It certainly didn’t scale when it was applied to an entire team as opposed to a single individual.

Enter Trello, a popular (and freemium) web-based project management application that utilizes the Kanban methodology for organizing projects (boards), lists (task lists), and tasks (cards). In late September I start by creating a board for the upcoming year (let’s call this board the 2018 Conference CFP Calendar) and, if not already created, a board to track my abstracts in their development lifecycle (let’s call this board Talk Abstracts).

Within the Talk Abstracts board, I create several lists to act as swim lanes for my conference abstracts and other useful information. These lists are:

* Development: These are talks that are actively being developed and are not yet ready for prime time.
* Completed: These are talks that have finished development and are ready to be delivered at an upcoming event.
* Delivered: These are talks that have been delivered at least once.
* Misc: This list is where I keep my frequently requested form information such as my short bio (less than 50 characters), long bio (less than 1,500 characters), business mailing address (instead of browsing to your corporate website every time), and CISSP number (because who can remember that?).
* Retired: As a personal rule, I only use a particular talk for one calendar year. When I feel as though the talk is stale, boring, or stops being accepted, I move the card to this list. That’s not to say you can’t revive a talk or topic in the future as a “version 2.0”. This is why keeping the card around is valuable.

Within the 2018 Conference CFP Calendar board, I create several lists to act as swim lanes for my various CFPs. These lists are:

* CFP open: This is where I put all of the upcoming conference cards that I know about even if I do not yet know the exact details (such as location, CFP open/close, etc.).
* CFP closes in < 30 days: This is where I put the upcoming conference cards that have a confirmed closing date within the next 30 days. Note, it is very important to record details in the cards such as closing date, conference CFP mechanism (e.g. email vs. web form), and any related URLs for the event.
* Submitted: These are the conferences that I have submitted to and the associated cards. Note, I always provide a link to the abstract I submitted as a way to remind myself what I’m talking about.
* Accepted: These are the accepted talk cards. Note, I always put a copy of the email (or link to) acceptance notification to record any details that might be important down the road. I also make sure to change the date on the card to that of the speaking date and time slot to help keep me organized.
* Attending but not presenting: This is really a generic catch-all for events that I need to be at but may not be speaking at (e.g. booth duty, attending training, etc.). The card and associated dates help keep my dance card organized.
* Accepted but backed out: Sometimes life happens. This list contains cards of conference submissions that I had to back out of for one reason or another. I keep these cards in their own column to show me what was successfully accepted and might be a fit for next year in addition to the reason I had to back out (e.g. conflict, personal issue, alien abduction, etc.).
* Completed: This list is for completed talk cards. Again, I keep these to reference for next year’s board as it provides some ballpark dates for when the CFP opens, closes, as well as the venue and conference date.
* Rejected: They’re not all winners and not everybody gets every talk accepted. In my opinion, keeping track of your rejected talks is as (if not more) important as keeping track of your accepted talks. Not only does it allow you to see what didn’t work for that particular event, but it also allows you to record reviewer feedback on the submission and maybe submit a different style or type of abstract in the future.
* Not doing 2018: This is the list where I put conference cards that I’ve missed the deadline on (hey, it happens), cannot submit to because of a conflict, or simply choose to not submit a talk to.

It should be noted that I keep the above lists in the same order every year to help minimize my development time against the Trello API for my visualization dashboard (which I will explain in a future blog post). This might sound like a lot of work but once you’ve set this board up you can reuse it every year. In fact, it’s much easier to copy last year’s board than starting fresh every year, as it brings the cards and details over. Then all you need to do is update the old cards with the new venue, dates, and URLs.

Now that we have our board structure created we need to start populating the lists with the cards – which I’ll explain in the next blog post. In addition to the card blog post, I’ll explain two other components of the process in subsequent posts. For reference, here are the upcoming blog posts that will build on this one:

* Individual cards and their structure
* Moving cards through the pipeline
* Visualizing your board (and why it helps)

The post The Hay CFP Management Method appeared first on LEO Cyber Security.

Detect and Prevent Data Exfiltration Webinar with Infoblox

Please join SANS Institute Instructor and LEO Cyber Security Co-Founder & CTO Andrew Hay and Infoblox Security Product Marketing’s Sam Kumarsamy on Thursday, August 17th, 2017 at 1:00 PM EDT (17:00:00 UTC) as they present a SANS Institute webinar entitled Detect & Prevent Data Exfiltration: A Unique Approach.

Overview

Data is the new currency in the modern digital enterprise and protecting data is a strategic imperative for every organization. Enterprises must protect data whether it resides in a data center, an individual’s laptop that is used on premise or off premise and across the global distributed enterprise. Effective data exfiltration prevention requires protecting DNS, the most commonly used channels to steal data and combining reputation, signatures and behavioral analytics. The detection and prevention of loss of data requires analysis of vast amounts of network data and require a solution that can scale to examine this data. In this webinar you will also learn about the Infoblox’s unique approach to detecting and preventing data exfiltration.

To register for the webinar, please visit: https://www.sans.org/webcasts/detect-prevent-data-exfiltration-unique-approach-infoblox-104985

You can now also attend the webcast using your mobile device!

 

The post Detect and Prevent Data Exfiltration Webinar with Infoblox appeared first on LEO Cyber Security.

Petya Ransomware: What You Need to Know and Do

By: Andrew Hay

Unless you’ve been away from the Internet earlier this week, you’ve no doubt heard by now about the global ransomware outbreak that started in Ukraine and subsequently spread West across Western Europe, North America, and Australia yesterday. With similarities reminiscent to its predecessor WannaCry, this ransomware attack shut down organizations ranging from the Danish shipping conglomerate Maersk Line to a Tasmanian-based Cadbury chocolate factory.

I was asked throughout the course of yesterday and today to help clarify exactly what transpired. The biggest challenge with any surprise malware outbreak is the flurry of hearsay, conjecture, speculation, and just plain guessing by researchers, analysts, and the media.

At a very high level, here is what we know thus far:

  • The spread of this campaign appears to have originated in Ukraine but has migrated west to impact a number of other countries, including the United States where pharmaceutical giant Merck and global law firm DLA Piper were hit
  • The initial infection appears to involve a software supply-chain threat involving the Ukrainian company M.E.Doc, which develops tax accounting software, MeDoc
  • This appears to be a piece of malware utilizing the EternalBlue exploit disclosed by the Shadow Brokers back in April 2017 when the group released several hacking tools obtained from the NSA
  • Microsoft released a patch in March 2017 to mitigate the discovered remote code execution vulnerabilities that existed in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handled certain requests
  • The malware implements several lateral movement techniques:
    • Stealing credentials or re-using existing active sessions
    • Using file-shares to transfer the malicious file across machines on the same network
    • Using existing legitimate functionalities to execute the payload or abusing SMB vulnerabilities for unpatched machines
  • Experts continue to debate whether or not this is a known malware variant called Petya but several researchers and firms claim that this is a never before seen variant that they are calling GoldenEye, NotPetya, Petna, or some other random name such as Nyetya
  • The jury is still out on whether or not the malware is new or simply a known variant

 

Who is responsible?

The million dollar question on everyone’s mind is “was this a nation-state backed campaign designed to specifically target Ukraine”? We at LEO believe that to be highly unlikely for a number of reasons. The likelihood that this is an opportunistic ransomware campaign with some initial software package targets is far more likely scenario than a state-sponsored actor looking to destabilize a country.

Always remember the old adage from Dr. Theodore Woodward: When you hear hoofbeats, think of horses not zebras.

If you immediately start looking for Russian, Chinese, or North Korean state-sponsored actors around every corner, you’ll inevitably construct some attribution and analysis bias. Look for the facts, not the speculation.

What does LEO recommend you do?

We recommend customers that have not yet installed security update MS17-010 to do so as soon as possible. Until you can apply the patch, LEO also recommends the following steps to help reduce the attack surface:

  • Disable SMBv1 with the steps documented at Microsoft Knowledge Base Article 2696547
  • Block incoming SMB traffic from the public Internet on port 445 and 139, adding a rule on your border routers, perimeter firewalls, and any intersecting traffic points between a higher security network zone to a lower security network zone
  • Disable remote WMI and file sharing, where possible, in favor of more secure file sharing protocols
  • Ensure that your logging is properly configured for all network-connected systems including workstations, servers, virtualized guests, and network infrastructure such as routers, switches, and firewalls
  • Ensure that your antimalware signatures are up-to-date on all systems (not just the critical ones)
  • Review your patch management program to ensure that emergency patches to mitigate critical vulnerabilities and easily weaponized attacks can be applied in an expedited fashion
  • Finally, consider stockpiling some cryptocurrency, like Bitcoin, to reduce any possible transaction downtime should you find that your organization is forced to pay the ransom. Attempting to acquire Bitcoin during an incident may be time-prohibitive

 

Should your organization need help or clarification on any of the above recommendations, please don’t hesitate to reach out to LEO Cyber Security for immediate assistance.

Further reading

The post Petya Ransomware: What You Need to Know and Do appeared first on LEO Cyber Security.

Diving into the Issues: Observations from SOURCE and AtlSecCon

Last week I had the pleasure of presenting three times, at two conferences, in two different countries: SOURCE in Boston, MA and at the Atlantic Security Conference (AtlSecCon) in Halifax, NS, Canada.

The first event of my week was SOURCE Boston. This year marked the tenth anniversary of SOURCE Conference and it continues to pride itself on being one of the only venues that brings business, technology and security professionals together under one roof to focus on real-world, practical security solutions for some of todays toughest security issues. Though I was only there for the first day, I was able to catch up with friends, play some Hacker Movie Trivia with Paul Asadoorian (@securityweekly), and chat with attendees on some of the biggest challenges we face around detecting and mitigating ransomware attacks.

After my presentation, I rushed off to Logan Airport to sit in, on what I now choose to call, the “Air Canada Ghetto” – a small three gate departure area segregated from the rest of the airport and its amenities. A minor four hour delay later, I was on my way to Halifax for AtlSecCon.

Between meetings and casual conversations I was enlightened by several presentations. Raf Los (@Wh1t3Rabbit), managing director of solutions research & development at Optiv, discussing Getting Off the Back Foot – Employing Active Defence which talked about an outcome-oriented and capabilities-driven model for more effective enterprise security.

After his talk, Aunshul Rege (@prof_rege), an assistant professor with the Criminal Justice department at Temple University, gave a very interesting talk entitled Measuring Adversarial Behavior in Cyberattacks. With a background in criminology, Aunshul presented her research from observations and interviews conducted at the Industrial Control Systems Computer Emergency Response Team’s (ICS-CERT) Red/Blue cybersecurity training exercise held at Idaho National Laboratory. Specifically, she covered how adversaries might engage in research and planning, offer team support, manage conflict between group members, structure attack paths (intrusion chains), navigate disruptions to their attack paths, and how limited knowledge bases and self-induced mistakes can possibly impact adversaries.

The last presentation was Mark Nunnikhoven’s (@marknca) highlighting Is Your Security Team Set up To Fail? Mark, the VP of cloud research at Trend Micro and a personal friend, examined the current state of IT security programs and teams…delving into the structure, goals, and skills prioritized by the industry.

The second day of the conference was filled with meetings for me but I was able to sit through Michael Joyce’s talk entitled A Cocktail Recipe for Improving Canadian Cybersecurity.  Joyce described the goals and objectives of The Smart Cybersecurity Network (SERENE-RISC) – a federally funded, not-for-profit knowledge mobilization network created to improve the general public’s awareness of cybersecurity risks and to empower all to mitigate them through knowledge. He was an excellent presenter and served as a call to action for those looking to help communicate the need for cybersecurity to all Canadians.

At both conferences I presented my latest talk entitled The Not-So-Improbable Future of Ransomware which explored how thousands of years of human kidnap and ransom doctrine have served as a playbook for ransomware campaign operators to follow. It was well received by both audiences and sparked follow-up conversations and discussions throughout the week. The SOURCE version can be found here and the AtlSecCon version here.

The conversation was received some early praise on the SOURCE session in addition to written pieces by Bill Brenner (@billbrenner70) from Sophos:


And Taylor Armerding (@tarmerding2) from CSO:


At AtlSecCon I joined a panel entitled Security Modelling Fundamentals: Should Security Teams Model a SOC Around Threats or Just Build Layers? Chaired by Tom Bain (@tmbainjr1), VP of marketing at CounterTack, the session served as a potpourri of security threats and trends ranging from ransomware, to regulation, to attack mitigation. It was quite fun and a great way to end the day.

Though it was a long series of flights home to the Bay Area I thoroughly enjoyed both conferences. I would highly recommend attending and/or speaking at both next year if you are provided with the opportunity.

Next up, (ISC)² CyberSecureGov 2017 in Washington, D.C. and the Rocky Mountain Information Security Conference (RMISC) in Denver, CO. Perhaps I’ll see some of our readers there!

The post Diving into the Issues: Observations from SOURCE and AtlSecCon appeared first on LEO Cyber Security.

Transitioning from my CISO role at DataGravity

As of today I’m transitioning out of my CISO role at DataGravity and am on the hunt for a new full-time gig. Though I appreciate your condolences, I see this as a good thing and the transition is an amicable one.

 

What this really means, however, is that I get to explore exciting opportunities with exciting companies 🙂

 

Who is looking…

This guy. Many of us have met before but, if you’re like me, you may recognize the face but forget (or have never known) what my work history included.

 

For some background on my past work experience, please check LinkedIn (https://www.linkedin.com/in/andrewhay/) or the press kit section of my blog (http://www.andrewhay.ca/press-kit).

I also have a resume ready to go if you’d like a copy.

 

What I’m looking for…

A senior leadership role (e.g. Chief Research Officer, Head of Research, VP Research, etc.) in a data-centric security company where I can lead and mentor an existing, or help found, a world-class security research organization.

 

AND/OR

 

A senior leadership (e.g. CTO, CISO, CSO, etc.) role in an early-stage security startup where I can contribute to the company’s growth, innovation, product strategy, and market penetration.

 

AND/OR

 

A senior leadership (e.g. CISO, CSO, etc.) role in an established company where I can help keep the organization, its employees, and its customers safe and secure through the implementation and management of a measurable information security program.

 

Where I’m looking…

As my wife has a vested interest (no pun intended) in staying in San Francisco, I cannot relocate at this time. That means any opportunities would have to be in the San Francisco Bay Area or allow me to continue working from home as I do now.

 

If you’re in the market for a passionate security leader with my experience and qualifications I’d love to hear from you.

 

 

Security is Not, and Should not be Treated as, a Special Flower

My normal Wednesday lunch yesterday was rudely interrupted by my adequate friend and reasonable security advocate Javvad calling me to ask my opinion on something. This in itself was surprising enough, but the fact that I immediately gave a strong and impassioned response told me this might be something I needed to explore further… The UK … Read More

“And the winner is… Compliance!”

Disclaimer: My comments below are based upon quotes from both Twitter and The Times of London on the UK’s TalkTalk breach; as a result the subsequent investigation and analysis may find that some of the assertions are in fact incorrect. I will post clarifying statements should this happen to be the case. I am not … Read More