STE WILLIAMS

As the United Airlines flight on which Stuart McClure was traveling with his mother and little brother began nosediving toward the Pacific Ocean after a midair explosion, a passenger sitting next to the-then college sophomore McClure said to him, “It’s been really good knowing you,” as they covered their heads in preparation for a crash.

McClure, now 44, recalls the plane suddenly returning to a horizontal position, and seeing lights on the horizon, and then, a shockingly near-perfect landing on the ground in Hawaii. A known design flaw in the Boeing 747’s door-latching mechanism that the airline hadn’t yet fixed had blown open the cargo door at 25,000 feet, causing the explosion and fire in two of the plane’s engines that ripped a massive hole in the business-class section of the aircraft and killed nine people.

“United Airlines had known about it, and it was a month or two from the deadline to repair it, and they hadn’t done it yet,” McClure says.

Even more chilling for McClure was that he and his family had nearly moved to seats in the section where the accident had occurred, but ultimately decided to stay put. He says his brush with death has a lot to do with his incessant drive to figure out security holes and get them fixed. “I can’t sleep until I figure something out. I started to realize that [the crash] was a big part of it” and wanting to ensure no one becomes the victim of a mistake, he says.

McClure, who co-authored the widely recognized and read “Hacking Exposed: Network Security Secrets and Solutions” book with Joel Scambray and George Kurtz and later co-founded Foundstone, a security consulting and products company that McAfee acquired in 2004, a year and a half ago started up security services and product firm Cylance, which among other things focuses on embedded systems and critical infrastructure security. Cylance researchers have pinpointed vulnerabilities in medical equipment and building automation systems, for example, systems that have physical security ramifications as well.

“It’s all been leading to developing these next-generation technologies to detect good and bad algorithmically,” says McClure, who is CEO and president of Cylance. “We take all that is known and the experience in how they work, the techniques, and holes in defense and then try to find the math algorithm of what is good or bad.”

Stuart McClure

McClure’s first hack came a few years after surviving the airplane accident. He was a TA in a secure programming class at the University of Colorado in Boulder. “A buddy of mine was a systems administrator for a Solaris box, and he was bragging that his Solaris box was never hit by the Morris worm … I was no hacker [then], but was a pretty darn good programmer,” he says. “I knew the ins and outs of Unix, so I said, ‘okay, are you challenging me then?'”

It was throwdown time. “I didn’t sleep for 36 hours and was able to reverse-engineer the encryption algorithm for the password on his system,” he recalls. “So I got a brute-force tool to break his password, and gave him a folded-up piece of paper with his root password, ‘apple1,’ as unglamorous as it was. You should have seen his face go ashen white.”

McClure, who had previously done some low-level reverse-engineering of the Morris worm when it hit other servers at the university in 1988, says that password crack gave him the hacking bug. He went on to write virus detection tools early in his IT career, and later co-founded Foundstone. McClure served as enterprise vice president and global CTO and general manager of the management business unit at McAfee, part of Intel, after the Foundstone acquisition.

But the red McAfee brand shield won’t carry the McAfee name anymore: Intel CEO Brian Krzanich yesterday at the Computer Electronics Show announced that Intel is dropping the McAfee name and rebranding McAfee products as Intel Security products. What does former McAfee exec McClure think of the move?

McClure says he wasn’t really all that surprised by it. “The reason Intel bought McAfee, honestly, was to extend Intel into security. It’s natural to have a name change,” he says. “And I’m sure some of John McAfee’s activities have helped spur that along a bit,” he says of the infamous McAfee founder who in the past year fled Belize to avoid questioning by police about a murder of one of his neighbors as well as posted a bizarre video on YouTube criticizing his former company.

Meanwhile, McClure’s legacy at Foundstone includes building a product he describes as akin to an early Metasploit or Core Impact. “It was [built] way ahead of Core and Metasploit. But the market just wasn’t ready for it at the time. They didn’t understand a vulnerability or how to exploit it,” he says. “We would release it a couple of years later as Vulnerability Manager.”

Those were the days when white hat researchers kept their bug finds to themselves for the most part, he says. “You would keep it a few weeks so you could impress your customers when you did a pen test. Eventually, you’d roll it out to Microsoft” and they would patch it a year or so later, he says.

McClure’s view of the traditional reactive approach to security reflects his mission to fix problems before someone or something gets hurt. He says the security industry today needs to stop waiting to see an attack before coming up with a detection mechanism: “The AV industry and all signature-based technologies are flawed,” he says.

PERSONALITY BYTES

Worst day ever at work: When I was forced to lay off a team of people, despite having crushed our numbers for the quarter and year.

What McClure’s co-workers don’t know about him: I enjoy studying immunology — bacteria, viruses, cancer cells, fungi, parasites, prions, etc. — and how the body’s defenses work.

Favorite team: Denver Broncos — especially this year.

Favorite hangout: My house, since I travel a lot.

In his music player right now: Mostly RB/pop and dance. Some explicit tracks, but don’t tell anyone.

McClure’s security must-haves: Encryption (PGP), two-factor authentication on everything possible, and a desktop firewall.

McClure’s security must-not-haves: USB sticks, “Click here to win your prize” emails, antivirus (but I am not typical).

Comfort food: Right now an Immunizer drink at Juice-it-up.

Ride: Audi, but about to move into a hybrid.

For fun: Long bike rides, 50- to 75 miles.

Guilty pleasure: “Real Housewives”– OC and Beverly Hills mostly– and “Vanderpump Rules.” Only because they make my life look calm.

Actor who would play him in a film: Tom Cruise

Next career: Immunologist

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/vulnerability/mcclure-hacking-exposed/240165183

WALTHAM, Mass., January 7, 2014 – CounterTack, a pioneer in delivering real-time endpoint threat detection, context and visibility around targeted attacks, today announced the next-generation of its revolutionary endpoint threat detection and response platform, Sentinel, to help global organizations regain control of their security against targeted, persistent threats.

“Defending against advanced persistent threats and protecting our organization and customers from threats like Dark Seoul are our top priorities,” said Jae Woo Lee, General Manager of the Managed Security Service Team, SK Infosec. “We needed a platform that provides deep behavioral analysis of persistent attacks with an unparalleled level of intelligence, to make better security decisions. Sentinel gives us the visibility and attack context that we need to prioritize our response to known and unknown threats.”

The endpoint has emerged as the epicenter of attacker access and activity – the new battleground between attackers and enterprise organizations. To combat large-scale, persistent threats, organizations need unobscured visibility into attacker behavior across the enterprise with automated intelligence to dramatically improve response time and response tactics. Sentinel combines its real-time stealthware with Big Data analytics to provide organizations with that visibility, context and intelligence necessary to make better, more informed security decisions across the entire enterprise.

“Persistent, motivated attackers have had the advantage over enterprise and government organizations for far too long – it’s time to put these organizations back in control of their security,” said Neal Creighton, CEO, CounterTack. “We leverage attackers’ own technology and methods, delivering enterprise-grade stealthware to customers, that provides automated attack intelligence and enterprise-wide correlation. With Sentinel, CounterTack is turning the tide on attackers by giving teams a platform that’s simple to deploy and operationalize across the entire enterprise.”

Endpoint threat detection and response has emerged as a critical component in defending against sophisticated adversaries, driving market and technology consolidation evidenced by FireEye’s recent acquisition of Mandiant. CounterTack remains the independent technology leader, with substantial advantages over competitive platforms including:

No post-exploit search for attack signatures like other endpoint technology. Sentinel’s driverless behavioral analysis capability analyzes application executtion in real-time to identify attacks in-progress.

Better response to potential attacks because Sentinel identifies what actually happened during an attack while providing forensic-level details of attacks in progress. Security personnel use Sentinel’s attack intelligence to choose the best response based on the type of attack.

Complete attack analysis. Sentinel’s robust search interface helps teams access any type of endpoint data from artifacts like files and registry keys, to real-time network statistics of which attacks accessed which hosts. This searchable data enables security engineers to understand how one identified attack affects the entire enterprise without the need for individual endpoint querying.

Endpoint monitoring to scale the entire enterprise. Sentinel is built on Big Data technology which helps it scale to handle hundreds of thousands of endpoints. Simultaneously, Sentinel provides real-time forensic data through an enterprise architecture, giving teams the high availability, load balancing, and search capabilities they demand.

Sentinel does not install agents to collect data on endpoints. Instead, it uses a lightweight, driverless kernel technology to gather continuous, real-time data from endpoints without a performance impact.

“…In fact, kernel-based tools offer better protection from tampering because the userland agent tool cannot be protected from the attacker with kernel-level access. It is more difficult for the attacker to hide from ETDR data collection than, say, native OS logging,” Gartner, Endpoint Threat Detection and Response Tools and Practices, Anton Chuvakin, September 25, 2013.

About CounterTack

CounterTack is revolutionizing security by bringing real-time attack detection and forensics to the endpoint, rendering traditional endpoint security obsolete with its Scout and Sentinel solutions, shortening the gap between detection and infection for enterprise organizations. By actively engaging attackers, CounterTack helps organizations dramatically reduce the dwell time of advanced, persistent adversaries and the damage they can cause. Through blazing-fast detection, real-time attack capture and automated intelligence, CounterTack provides unparalleled visibility into malicious behavior, enabling organizations to make smarter decisions on countering known and unknown threats to protect their business. To learn more, visit www.CounterTack.com.

Article source: http://www.darkreading.com/vulnerability/countertack-unveils-next-generation-of-s/240165209

A man, having trouble in his marriage, worries about his wife’s fidelity. He decides to snoop on her online activity to see if she’s flirting with anyone via email, IM or social network.

Not good, but a fairly common story, and not too serious so far.

He decides to snoop on her by attaching a hardware keylogger to her PC. He goes after her work machine. She works at the county courthouse, and her work system is used for sensitive court work, including payment processing.

This is rapidly getting much more serious – he’s using some hardcore kit, and attaching it to a system which should be considered way more important than your average home laptop.

The man himself is the County Sheriff, a position of considerable authority. That seems to make it all so much worse – this is someone people should be able to trust to uphold the law.

In the end he is caught, of course, and after repeated denials ends up admitting to his crimes and resigning from his job. At trial, prosecutors push for a strong sentence, citing both the man’s position of trust and the sensitive nature of the system he compromised.

But, thanks to an otherwise good record, strong support from the community, and the mitigating personal circumstances, he is let off fairly lightly – 2 years probation, plus a $1000 fine. The judge suggests that merely having lost his job was enough punishment.

The location is Clay County, West Virginia. The man’s name, Miles Slack. The target of his snooping, Lisa, is now his ex-wife, but seems to remain supportive. The events took place in April 2013, with the keylogging device in place for around two weeks before being spotted by a technician. The sentence was passed just before Christmas.

But was it the right sentence?

The US Attorney prosecuting the case seemed to have some good points. Law enforcement agents have to be held up to higher standards than normal people.

It’s much worse if a trained restaurant chef with a certificate in food safety gives you food poisoning than if you get sick from eating a burger your mum grilled up for you. If a clumsy friend accidentally puts a hole in your wall while helping you with some DIY, you’ll accept their gushing apology and still be friends; if your builder does the same, you might be less forgiving.

By the same reasoning, cops really, really shouldn’t do crimes, and if they do, one might expect it to be treated more seriously.

It doesn’t always seem to work that way though. Law enforcement looks after its own, as the movies love to tell us, but maybe there are other, less morally dubious mitigating factors.

Police work must make people used to snooping and monitoring as an everyday part of life. We see regular stories of cops overstepping boundaries, like the NYPD officer who hacked into colleagues’ mail accounts and phones, or the Canadian policeman who planted spyware on his wife’s mobile phone – he was also let off pretty lightly.

There seems to be a theme of emotional or marital problems here, but ordering spyware online or sneaking into a building and planting a keylogging device are hardly spur-of-the-moment things, they can’t really be justified as crimes of passion.

There’s also the question of the system Mr Slack attached his keylogger to. This was a government machine, owned by and connected to the network of the West Virginia Supreme Court. There’s going to be all kinds of sensitive information on that network, and by compromising one of the nodes, Slack risked compromising the security of the entire network.

So what do you think? Does the punishment fit the crime, or is it so light that it hardly discourages people from snooping on their nearest and dearest?

Does the fact that Slack was a senior police officer make his crime worse, or does it not really matter? Is it important that the computer he bugged was on the Supreme Court network, even if he was only interested in his wife’s chat logs?

I know where I stand. A small fine plus probation may seem appropriate for someone who bugs a family member’s PC, but this case is considerably more than that.

Given the hefty sentences being bandied about for other types of cyber offences, this sort of thing seems to be routinely treated as no more than innocent high-jinks.

And that seems wrong to me.

Follow @VirusBtn
Follow @NakedSecurity

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/5fYatyqhy38/

Build your sender reputation in four steps

An accidental drug overdose caused the untimely death of elite hacker Barnaby Jack, an autopsy has concluded.

Jack, who was famed for demonstrating cash machine hacks live on stage in Las Vegas and later highlighted the insecurity of smart medical devices, was found dead at home in San Francisco last July days before he was due to give a talk on give a talk on hacking electronic medical implants such as heart implants at the Black Hat conference in Las Vegas.

The sudden death of the 35 year old New Zealander spurred numerous online tributes from his peers in the security research community.

An autopsy carried out after his death, released last week, concluded that Jack died of a multi-drug overdose including a mix of heroin and cocaine as well as prescription drugs – specifically, diphenhydramine (Benadryl) and alprazolam (Xanax). His girlfriend found him lying in bed and unresponsive, surrounded by beer and champagne bottles, when she returned home in the evening. Subsequent efforts to revive Jack proved unsuccessful and paramedics confirmed his death at the scene.

There was “no visible or palpable evidence of trauma” and the acute mixed drug overdose was likely to have been accidental, the autopsy concluded.

A copy of the autopsy report can be found here.

At the time of his death, Jack was the director of embedded device security at security firm IOActive.

More background on Jack’s untimely death and reflections on his work can be found in a story on the autopsy finding by the BBC here and a blog post by freelance journalist Marcus Williamson here. ®

A guide to transactional email

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2014/01/07/barnaby_jack_autopsy_result_accidental_death/

Malware became even smarter, stealthier, and shadier in 2013, according to the latest Sophos Threat Report. Nowhere was this more evident than in the use of the Web as a vector for spreading malware to unsuspecting users. Sure, the payloads — from the disruptive Cryptolocker ransomware to the silent but deadly ZeroAccess botnet — were more sophisticated this past year, but the unsung “heroes” of cybercrime are the 20,000–30,000 new malicious URLs that come online each day.

Those malicious URLs — 80% of which are on compromised, legitimate websites, according to a SophosLabs estimate — can serve a number of purposes. Some deliver the payload, of course, usually through drive-by downloads, malvertising, or social engineering. But those are just a small handful of the total. The rest serve as the funnel to get users to the payload delivery sites. That includes generating SEO spam that increases exposure to dangerous URLs and shuffling users from the legitimate sites they were viewing through a series of traffic redirectors to the ultimate payload. Recently, Sophos researchers have seen that some compromised sites are centrally controlled like a botnet, allowing them to serve up DDoS and other coordinated attacks.

That coordination, and the delivery of the payloads, is handled by exploit kits. While Blackhole has been on the decline, especially after the arrest of its alleged creator, Paunch, plenty of others have stepped up to take its place. Names like Neutrino and Glazunov have become familiar to security researchers, along with Redkit, which wreaked havoc this spring on high profile sites like NBC.com and lesser-known URLs advertised by tasteless spam exploiting the Boston Marathon bombings. These new exploit kits build on the leaked source code of Blackhole, while adding new features and capabilities, like the aforementioned bot-like behavior.

Hosting the exploit kits are infected web servers. This past year saw a rise in the use of malicious modules for the Apache web server, such as Darkleech. This nasty bugger is capable of using all kinds of tricks to avoid detection and analysis, such as only responding with malicious behavior once per IP address or triggering randomly one in every ten times a page is accessed.

It’s notable that most of the compromised web servers out there are running Linux, which should give pause to those who think of the OS as immune from malware. Attackers continue to infect Linux web servers through vulnerabilities in content management systems (e.g., WordPress and Joomla), plugins for those CMSes, control panels, and development platforms like PHP. Of course, passwords are also a weak link, as they can be stolen by malware, guessed based on defaults or common user choices, and purchased on the black market following data breaches (since many site owners use the same password in multiple places).

For organizations, the implications are clear. First, websites and other servers exposed to the Internet must be protected with defense in depth. Web application firewalls, AV software, a robust patching strategy, and even specialized web protection services may be warranted. Second, a thoughtful strategy for protecting users within the organization from web-borne malware is critical. This includes robust perimeter protection, but also layered endpoint protection like web filtering, web threat detection, and HIPS, so users’ machines are secure even when they’re outside your network perimeter.

For more information about the latest threat trends, check out Sophos Threat Report 2014 at sophos.com/threatreport.

Article source: http://www.darkreading.com/sophoslabs-insights/when-websites-attack/240165069

Las Vegas – BlackBerry, in attendance at CES Government (CESG), communicated its intention to invest in a new security innovation center in the Washington, D.C. area. Building on BlackBerry’s technical experience and leadership in mobile security, the new Center will serve as a hub for collaboration with key government customers and other expert partners.

CESG is held each January as part of the world-renowned International Consumer Electronics Show (CES). John Chen, Chief Executive Officer of BlackBerry addressed key members of Congress and government officials on Monday at the show.

“We are committed to working with government and industry experts to solve some of the biggest challenges we face in securing mobile communication. The Washington, D.C.-based security innovation center will be focused on creating lasting partnerships that will encourage ongoing dialogue aimed at making better products and policy,” said Chen during his speech at CESG.

Additional details will be revealed in the coming weeks.

Follow BlackBerry on Twitter @BlackBerry4Biz and on our blog at http://bizblog.blackberry.com/.

About BlackBerry

A global leader in mobile communications, BlackBerry revolutionized the mobile industry when it was introduced in 1999. Today, BlackBerry aims to inspire the success of our millions of customers around the world by continuously pushing the boundaries of mobile experiences. Founded in 1984 and based in Waterloo, Ontario, BlackBerry operates offices in North America, Europe, Asia Pacific and Latin America. The Company trades under the ticker symbols “BB” on the Toronto Stock Exchange and “BBRY” on the NASDAQ. For more information, visit www.blackberry.com.

Article source: http://www.darkreading.com/government-vertical/blackberry-makes-new-investment-in-secur/240165193

BETHESDA, Md., Jan. 6, 2014 /PRNewswire-USNewswire/ — SANS Institute today announced it will debut a new version of its popular digital forensic examination toolkit, SIFT Workstation, at the upcoming SANS Digital Forensics and Incident Response Training Event (DFIRCON — pronounced d?-‘f?r-‘kn) in Monterey, CA, March 5 – 10. SIFT 3.0 is a complete rebuild of the previous SIFT version and features the latest digital forensic tools available today.

Offered free of charge, the SIFT 3.0 Workstation will debut during SANS’

Advanced Computer Forensic Analysis and Incident Response course (FOR508) at DFIRCON. SIFT 3.0 demonstrates that advanced investigations and responding to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.

“Even if SIFT were to cost tens of thousands of dollars, it would still be a very competitive product,” says, Alan Paller, director of research at SANS. “At no cost, there is no reason it should not be part of the portfolio in every organization that has skilled forensics analysts.”

Developed and continually updated by an international team of forensic experts, the SIFT is a group of free open-source forensic tools designed to perform detailed digital forensic examinations in a variety of settings. With over

100,000 downloads to date, the SIFT continues to be the most popular open-source forensic offering next to commercial source solutions.

“The SIFT Workstation has quickly become my “go to” tool when conducting an exam. The powerful open source forensic tools in the kit on top of the versatile and stable Linux operating system make for quick access to most everything I need to conduct a thorough analysis of a computer system,” said Ken Pryor, GCFA Robinson, IL Police Department.

Key new features of SIFT 3.0 include:

— Ubuntu LTS 12.04 Base

— 64 bit base system

— Better memory utilization

— Auto-DFIR package update and customizations

— Latest forensic tools and techniques

— VMware Appliance

— Ready to tackle forensics

— Cross compatibility between Linux and Windows

— Option to install stand-alone via (.iso) or use via VMware

Player/Workstation

About DFIRCON

This unique Digital Forensics and Incident Response (DFIR) event brings SANS’

most popular forensics courses, instructors, and bonus seminars together in one place. It is one of the industry’s most comprehensive DFIR training experiences.

DFIRCON will be held in in Monterey, CA, March 5 – 10, 2014. For more information, including panel and discussion overviews, a complete list of instructors, or to register for the event or one of the courses offered via simulcast, please visit: http://www.sans.org/info/147850

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest source for world-class information security training and security certification in the world, offering over 50 training courses each year. GIAC, an affiliate of the SANS Institute, is a certification body featuring over 27 hands-on, technical certifications in information security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet’s early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community.

(www.SANS.org)

Article source: http://www.darkreading.com/perimeter/sans-investigative-forensic-toolkit-sift/240165194

LAS VEGAS, Jan. 7, 2014 /PRNewswire/ — from ShowStoppers @ CES 2014 — While biometrics are becoming a ubiquitous component of securing consumer data on mobile and other digital devices, there is no industry standard in place to protect that data once it leaves the device and enters the cloud. Today, Hoyos Labs, a leading digital infrastructure company, announced the formalization of its Biometric Open Standards Protocols (BOPS).

BOPS comprises a set of rules that govern secure communications among a variety of client devices including mobile phones, desktop computers and ATMs, among others, and a trusted server managing the acquisition and manipulation of biometric data captured by those devices. The BOPS guidelines make use of The U.S. Department of Defense’s Trusted Computer Systems Evaluation Criteria
(TCSEC) and are biometric agnostic.

“Nearly every smartphone, digital device or computer system that has a financial component to it will have a biometric component built into it in the very near future. The concerns about fraud, hacking and personal privacy have created a tidal wave of momentum on this front,” said Hector Hoyos, founder and Chief Executive Officer of Hoyos Labs. “Now, securing all of the biometric data that’s being generated is of the utmost importance. As with every major technological breakthrough, a series of accepted standards and protocols must be widely adopted from the manufacturer and database management end before consumers can fully be comfortable. BOPS are those standards and protocols.”

Hoyos continued, “We have created a rule-based system by building upon The U.S.
Department of Defense’s core infrastructures. What Hoyos Labs has done is made our system work across all biometric types – from iris and periocular to fingerprint and beyond – and is available to any company that wants to implement it.”

The BOPS system addresses the five most widely recognized key security consideration components:

— Identity Assertion – The BOPS identity assertion platform provides a
guarantee that named users are who they claim to be. The identity
assertion implies reliance on human biometrics; however, the BOPS is an
interoperable standard and can incorporate any identity asserter, or a
number of asserters, that provides this guarantee. The application of
the Intrusion Detection System (IDS) provides active monitoring to
prevent spoofing of the credentials set and blacklisting of a subject or
device that makes malicious attempts.
— Role Gathering – Role gathering is focused on the data confidentiality
and privileged access based on the rules enforced by a known system. To
determine whether a specific access mode is allowed, the privilege of a
role is compared to the classification of the group to determine if the
subject is authorized for a confidential access. The objects structure
is defined by the access control. Role gathering occurs on the system’s
level or through the client/server call. The BOPS server stores
role-gathering information to associate a unique user with a unique
device.
— Access Control – The BOPS supports access control between the named
users and the named objects (e.g., files and programs). The adjudication
mechanism is role-based and allows users and administrators to specify
and control the sharing of those objects by named individuals, or
defined groups of individuals, or by both.
— Auditing – The BOPS supports all auditing requests at the subject/object
level or at the group level. The BOPS uses Aspect Oriented Programming
(AOP) to ensure that all calls are safely written to an audit trail. A
RESTFul web services and JSON interface provides a mechanism to read the
audit trail. Auditing may occur at the subject per action, the object
per action or the group per action. For example, a group of users called
“Accounting” may audit all writes to General Ledger. Or the “Chief
Financial Officer” may have audits for reads of the Income Statement.
— Assurance – The auditing of all BOPS specifications and proof of the
security model to prevent a system from unknowingly being compromised.
The entire BOPS document is available upon request from Hoyos Labs at no cost, with a properly executed non-disclosure agreement between the party who is requesting it and Hoyos Labs. Please contact: [email protected].

About Hoyos Labs
Hoyos Labs is a digital infrastructure security company with security, computer vision and biometrics and big data experts. The goal of Hoyos Labs is to develop and deploy enterprise and consumer identity assertion technology platforms that will conveniently and securely address the identity assertion challenges of today. Hoyos Labs currently has offices in New York, Boston, Bucharest (Romania) and Beijing (China).

Article source: http://www.darkreading.com/privacy/hoyos-labs-issues-biometric-open-protoco/240165206

McLean, VA – January 7, 2014 – Commtouch (NASDAQ: CTCH) announced it is operating globally under the name CYREN, effective immediately. The company adopted its new name as it completes its transformation into a leading provider of cloud-based information security solutions that are specially designed to be deployed or private labeled by customers and partners alike.

As the global leader in real-time malware detection and proactive data analytics, CYREN provides its worldwide partners with relentless protection for Web, email and mobile transactions. CYREN leverages its GlobalViewT Cloud and its patented Recurrent Pattern DetectionT technology to deliver powerful cloud-based information security solutions that feature the most robust transaction base in the industry.

CYREN Web is the first service launching on the company’s cloud service infrastructure, which allows partners to deploy new security services quickly through any ecosystem, thus opening significant new revenue streams. CYREN Web offers the flexibility to secure any device, anywhere from Web-borne threats. Using one of the most intuitive management interfaces in the industry, organizations can easily secure Internet transactions for roaming users, smartphones and tablets. To learn more about CYREN Web, visit the newly published website at www.cyren.com.

“This is far more than just a name change,” said Lior Samuelson, chairman and chief executive officer at CYREN. “This rebranding comes during a defining moment for the company, as we continue our successful strategy of shifting from a component technology company to a ‘plug-and-play’ complete security solution provider. Already relied upon by many of the world’s most well-known IT brands as the ‘secret sauce’ in their security solutions, CYREN’s uniquely powerful detection technologies are constantly evolving to protect against tomorrow’s threats.”

The company will continue to trade as CTCH on the NASDAQ exchange and the Tel Aviv Stock Exchange (TASE). The name and ticker symbol for both financial markets are scheduled to change in February and will be announced in a separate press release. Two recently acquired businesses, Germany-based Eleven and the Iceland-based FRISK Software’s antivirus unit, have also adopted the CYREN name.

Current customers will receive the same outstanding product support and customer service, and will benefit from the global presence and expertise of CYREN to support not only existing but also future information security requirements.

About CYREN
CYREN provides the world’s largest service providers and software vendors with the Internet security solutions they need to protect billions of people and transactions. Designed specifically to be easily deployed or private labeled by partners, CYREN’s Web, Email and Anti-Malware products provide relentless protection on any device. CYREN’s proactive analytics and cloud-based malware detection capabilities equip its partners with security solutions that stand out as clear differentiators in the ever-evolving industry. Founded in 1991, CYREN is headquartered in McLean, Virginia. Visit CYREN’s GlobalView Security Center or go to www.cyren.com.

Article source: http://www.darkreading.com/management/commtouch-renamed-cyren/240165207

The secretive spy court that OKs the US National Security Agency’s (NSA’s) snooping has once again given the agency a thumbs-up to keep collecting phone records in the midst of recent, conflicting court decisions over whether it’s legal.

Shawn Turner, a spokesman for the Office of the Director of National Intelligence, said in a statement that the government filed an application with the Foreign Intelligence Surveillance Court (FISC) to keep collecting telephony metadata in bulk and that FISC had renewed the authority as of Friday.

This is all somewhat perfunctory: such requests have been required since the program started in 2006.

But this time, the request was rubber-stamped within the crossfire of court decisions about the legality of the NSA’s massive data collection program.

On 13 December, Judge Richard J. Leon of the District of Columbia ordered the intelligence agency to stop collecting data on two plaintiffs’ personal phone calls and to destroy their calling history records, saying the data collection was “almost Orwellian” and likely unconstitutional in its encroachments on US persons’ liberty as protected by the Fourth Amendment to the US Constitution.

Justice Leon was fully aware that the government would likely appeal his decision and hence stayed his order to grant it time to do so.

Appeal it they did.

On Friday, the Department of Justice (DOJ) filed an appeal of Justice Leon’s decision on behalf of President Barack Obama, Attorney General Eric Holder and NSA Director General Keith Alexander in the US Court of Appeals for the District of Columbia Circuit.

The DOJ has defended the phone records program, arguing that FISC judges have approved the program on multiple occasions.

In fact, Turner said in the court’s statement, 15 FISC judges have approved the data collection on 36 separate occasions over the past seven years.

Justice Leon’s recent decision that the program is likely unconstitutional has been the lone dissenting voice.

In December, Judge William Pauley III of the US District Court for the Southern District of New York ruled on behalf of the NSA in a case filed by the American Civil Liberties Union (ACLU), finding that the intelligence agency’s phone records collection is legal.

The ACLU appealed that decision last week.

FISC said in its statement that it’s still “open to modifications” that would improve privacy and civil liberty protections “while still maintaining operational benefits.”

To that end, Turner said in the statement, they’re looking over the recommendations of the President’s Review Group on Intelligence and Communications Technologies.

In mid-December, that group of presidential advisors released a 303-page report recommending that, among other things, the NSA’s massive data trawling carry on, but that the data be kept in private hands for “queries and data mining” only by court order.

In other words, the panel recommended, keep collecting the data, same as before, but put somebody else’s hands on the reins.

And so it seems – new year, same old, same old.

Follow @LisaVaas

Follow @NakedSecurity

Images of Capitol Hill and monitoring phone courtesy of Shutterstock.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/aq4ew7YfHrI/