STE WILLIAMS

Email delivery: Hate phishing emails? You’ll love DMARC

Android users expecting Windows levels of performance from Android-specific anti-virus packages are likely to be disappointed because only Google can automatically delete dodgy apps on Android devices, say malware experts.

Anti-malware bods agree that anti-virus programs on Android can’t remove viruses automatically, meaning that the process needs to be carried out manually by the user in each and every case.

“Android anti-malware applications can block URLs, scan downloads and identify malware that the user may have installed, but they cannot remove malicious applications that are installed by the user,” explained Simon Edwards, technical director at Dennis Technology Labs, an experienced antivirus tester and chairman of the Anti-Malware Testing Standards Organization.

“They have to alert the user and hope that the user is able to uninstall them manually, using the usual Android uninstall routine.”

Andreas Marx, chief exec of AV-Test, confirmed Edwards’ prognosis that Android security applications could only warn about maliciously installed apps, rather than shunting them into quarantine (the norm for equivalent Windows security software).

“The mobile security apps are all running in a sandbox, just like any other app,” Marx told El Reg. “Therefore, they are not able to remove malicious apps at their own.”

Chocolate factory controls Google malware ‘kill switch’

This existing but under-reported behaviour is not inherent to the architecture of Android smartphones and tablets.

Edwards told El Reg: “There actually is a way to remove malware from infected devices automatically. Google has a kill switch that can do it. But only Google has that power currently.”

Marx confirmed: “Only Google has the power to use it [the ‘kill switch’], as far as we know, but in past they only focused on disabling malicious apps which made it into the Google Play store. It looks like that they don’t really care about any third party marketplaces, but leave this field to the AV [anti-virus] companies.”

We invited Google to explain the design rationale for this treatment of malicious apps on Android devices but are yet to hear back from them.

Security apps on rooted devices might be able to get around these restrictions. However Marx reckons the security drawbacks outweigh this modest advantage.

“If you have a rooted device, some anti-malware apps offer additional features, but rooted devices usually have other kind of security issues, therefore we wouldn’t recommend this step,” he explained.

Marx reckoned the warning feature of Android anti-malware scanners meets the practical needs of consumers and enterprise users.

“Besides this, the majority of security apps offer to run an on-demand scan from time to time to check for other potential harmful stuff on your device. The security app can warn you, so you can uninstall the potential malicious app later,” Marx said, adding that “however, the on-installation check is the most important anti-malware feature.”

Scores on the doors

The effectiveness of on-demand and on-access detection of malware by Android ant-virus scanners were the main two areas covered by in tests by AV-Test, published last week.

AV-Test put 28 Android security apps through their paces, discovering improved results from previous comparable exercises. Only two products (Zoner Mobile Security and SPAMFighter VirusFighter Android) failed in AV-Test’s latest real-world review against 2,124 malicious apps. Al the paid for products from mainstream vendors (Kaspersky, Trend. McAfee, Sophos, etc.) passed, as did freebie scanners from Avast and others.

The malware protection rate during tests run in November and December 2013 was in the range of 42.3 per cent to 100 per cent, with an average detection of 96.6 per cent (6 percentage points better than the testing house’s last Android security software review, which was put together in October). Only a few programs created false positives on AV-Test’s test systems during the latest review.

An overview of the results can be found here.

The German testing house found that the main difference between free and paid-for Android security apps came from the features they offered rather than in detection of malign apps. Premium security features included functions such as anti-theft, backup and encryption.

The favourable results are welcome given that Android malware is becoming a growing nuisance. In total, AV-Test has already registered more than 1.5 million Android-related malware samples in 2013, and we have more than 1.8 million total in its database. During November 2013, for example, AV-Test was receiving about 6,000 additional unique samples per day. ®

The business case for a multi-tenant, cloud-based Recovery-as-a-Service solution

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/12/17/android_anti_malware/

Get yourself up to date with everything we’ve written in the last seven days – it’s weekly roundup time.

Watch the top news in 60 seconds, and then check out the individual links to read in more detail.

Monday 9 December 2013

• Top tech coalition demands limits on government surveillance
• Are contractors the weak link in your security chain?
• Serious Security: Google finds fake but trusted SSL certificates for its domains, made in France
• President Obama to propose “self-restraint” on NSA
• Microsoft’s anti-NSA encryption pledge raises questions

Tuesday 10 December 2013

• Patch Tuesday December 2013 – TIFF exploit patched, XP kernel flaw not fixed yet
• Agency spies snooped on online gaming worlds, including World of Warcraft, Second Life and Xbox Live

Wednesday 11 December 2013

• Revenge porn operator facing charges of conspiracy, extortion and identity theft
• For nearly 20 years, the launch code for US nuclear missiles was 00000000
• How Twitter tracks the websites you visit, and how to stop it
• “Smarter, shadier, stealthier” – Security Threat Report 2014 helps you understand the enemy
• Man fined $183k after joining Anonymous DDoS of Koch Industries for one minute

Thursday 12 December 2013

• US racketeering law enters the world of cybercrime
• TeamBerserk hacktivists use US judge’s credit card to buy sex toys for him
• Credit card data stolen from hundreds of attendees at Boston conventions

Friday 13 December 2013

• UK firms to be “encouraged” to adopt upcoming security standard
• Online bank thieves arrested with £80k and a grenade
• Nude Carla Bruni pics masking Trojan lured G20 attendees to click

Saturday 14 December 2013

• Patching by Microsoft, spoofing Google and launching nukes – 60 Sec Security [VIDEO]

Sunday 15 December 2013

• 93% of large organisations had a security breach last year

Would you like to keep up with all the stories we write? Why not sign up for our daily newsletter to make sure you don’t miss anything. You can easily unsubscribe if you decide you no longer want it.

Follow @NakedSecurity

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/o_Z6nJ51_xk/

On Monday, a US federal judge dealt the National Security Agency (NSA) its first legal blow, ordering the intelligence agency to stop collecting data on two plaintiffs’ personal phone calls and to destroy their calling history records.

In a 68-page ruling, Judge Richard J. Leon of the District of Columbia said that the NSA’s collection technology is “almost Orwellian”, would likely horrify James Madison (author of the US Constitution), and is likely unconstitutional in its encroachments on US persons’ liberty.

According to Politico, Judge Leon found that the program appears to violate the Fourth Amendment ban on unreasonable searches and seizures.

From the ruling, as quoted by the New York Times:*

I cannot imagine a more ‘indiscriminate’ and ‘arbitrary’ invasion than this systematic and high-tech collection and retention of personal data on virtually every single citizen for purposes of querying and analyzing it without prior judicial approval. Surely, such a program infringes on ‘that degree of privacy’ that the founders enshrined in the Fourth Amendment.

The judge also said the the Justice Department had failed to demonstrate that collecting the mobile phone records had helped to head off terrorist attacks.

This ruling is the first successful legal challenge to be brought against the NSA’s phone metadata collection program – known as “PRISM” when it originally came to light – since whistleblower Edward Snowden in June released the first of a still-flowing stream of top-secret documents concerning surveillance by the NSA and other countries’ intelligence agenies.

The case was brought by several plaintiffs led by Larry Klayman, a conservative legal activist and lawyer.

The American Civil Liberties Union (ACLU) has filed a similar lawsuit in the Southern District of New York.

(Please note also that the ACLU has released a spoof Christmas video [YouTube video] poking fun at the NSA, titled “The NSA is Coming to Town.” You’re welcome.)

Judge Leon is well aware that the government won’t, and probably shouldn’t, stop its intelligence operations overnight, and hence has stayed his injunction “in light of the significant national security interests at stake in this case and the novelty of the constitutional issues.”

He’s given the government time to appeal the ruling and said that this could take  six months.

The New York Times passed on a statement from Edward Snowden, distributed by leaked-document recipient Glenn Greenwald, lauding the decision:

I acted on my belief that the N.S.A.’s mass surveillance programs would not withstand a constitutional challenge, and that the American public deserved a chance to see these issues determined by open courts. … Today, a secret program authorized by a secret court was, when exposed to the light of day, found to violate Americans’ rights. It is the first of many.

It’s worth noting that, as Politico’s Josh Gerstein points out, Judge Leon wasn’t required to make a definitive ruling on the case’s constitutional questions but does take account of which side he believes is more likely to prevail.

Thus, Monday’s ruling does not mean that the NSA’s collection program has been definitively deemed unconstitutional.

Not yet, at any rate.

*The site for the US District Court for the District of Columbia wouldn’t load as of Monday afternoon, likely due to being utterly slammed with high traffic volume. The URL is courtesy of Politico.

Follow @LisaVaas

Follow @NakedSecurity

Image of constitution courtesy of Shutterstock.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/5DvE7PO4g1Q/

Microsoft has become a member of the FIDO (Fast IDentity Online) Alliance, a non-profit group working to design better and more standardised methods of checking identity across the internet.

The operating system, software and mobile giant joins fellow tech juggernaut Google as a member of FIDO’s board of directors, according to an announcement [PDF] issued this week by the Alliance.

FIDO was set up in July 2012 by a group including online payment processor PayPal, hardware maker Lenovo and a handful of specialist authentication firms.

Since then membership has swelled to include the likes of once-dominant mobile firm BlackBerry, global payment colossus MasterCard and a raft of firms working in the fields of identity, biometrics and authentication.

The mission of the Alliance is to combat the inherent weakness of the current standard authentication method, the username/password combo.

The problems with the old approach are many and severe, with humans seemingly incapable of maintaining good password hygiene, and businesses similarly wobbly when it comes to keeping their password databases secure.

FIDO’s answer is a set of standards and specifications for an authentication system based on public key infrastructure (PKI), which is still under development.

The idea is that once hardware, software and online service providers agree and adopt the standard, users should be able to use a unified system to prove they are who they say they are, to any and all services they use online.

It will work by generating key pairs for each site or service you use – the private (or “secret”) key stays with you, and the public key is handed over. Then each time you want to access the site, it presents you with a challenge encrypted with your public key, which can only be decrypted by the holder of the private key, ie: you.

This does away with the problem of hacked password databases at the server side, as they’ll only be holding public keys – these will be of little use to hackers, as it should be more or less impossible to figure out the private key even if you have the public one (hence the names).

Having separate key pairs for each site means sites can’t pretend to be other sites and peep over each others’ shoulders at what you’re doing.

Of course, you’ll still need to authenticate yourself to whatever device you’re storing the secret keys on, which is where all those biometric firms come in.

Fingerprints, voice patterns, hand gestures or even a good-old fashioned strong password should all be compatible with the standard, the good part being that even if you prefer to avoid eyeball scanners or implanted circuitry, you won’t need to remember new passwords for everything, only the one for the mobile/PC/wristwatch you’re using to surf the web.

Any local authentication information will be strictly kept to the local device, so again there’s no risk of hackers making off with a database of everyone’s bio data. There’s also a two factor-version of the standard being developed, with the addition of a dongle or one-time-password generator for extra security.

There will doubtless be all manner of apps and accessories providing different spins on the system, but the point of having a unified standard is that they can all interact in the same way, meaning end-users can choose how they want to do things without putting extra workload on the platform and web service makers – they should all just play happily together.

It may all just be a pipe dream of course, but having the weight of Microsoft behind it, alongside the existing lineup of heavyweights, makes it all a good chunk more likely to come true.

There are still a few serious players missing from the list, notably Apple who are notorious for preferring to plough their own furrow in all things, but with amount of support the Alliance is building up, FIDO’s ideas have a good chance of becoming a true standard that everyone will have to support.

That should be pretty good for everyone.

Follow @VirusBtn
Follow @NakedSecurity

Image of encryption key courtesy of Shutterstock.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/Ln3qotdnAK0/

5 ways to reduce advertising network latency

A US federal judge has ordered the NSA to stop collecting the mobile phone records of innocent American citizens – and to destroy the files already amassed.

Whistleblower Edward Snowden revealed in June that the controversy-hit spy agency harvests call metadata from telco giant Verizon – sparking a lawsuit by lawyer Larry Klayman and fellow campaigners against the Obama administration.

The plaintiffs claimed the widespread gathering of phone records was unconstitutional.

In today’s bombshell ruling in the case, district of Columbia Judge Richard J Leon described the mass surveillance as an “arbitrary invasion”. He agreed to put in place an injunction that will halt the collection of mobile phone data in bulk by intelligence agencies. The US government was granted time to appeal to a higher court, if it so desires.

The case centers on the millions of private customer records that the NSA slurps from US carriers. The spy agency – supposedly operating under a secret oversight court The Reg discussed in 2006 – said it stores the information just in case it is needed in a hurry in future investigations. This data includes when a call was made and to whom.

“I cannot imagine a more ‘indiscriminate’ and ‘arbitrary invasion’ than this systematic and high-tech collection and retention of personal data on virtually every single citizen,” Judge Leon noted in his judgment before granting the injunction.

“I am not convinced at this point in the litigation that the NSA’s database has ever truly served the purpose of rapidly identifying terrorists in time-sensitive investigations.

“The government, in its understandable zeal to protect our homeland, has crafted a counterterrorism program with respect to telephone metadata that strikes the balance based in large part on a thirty-four-year-old Supreme Court precedent, the relevance of which has been eclipsed by technological advances and a cell-phone-centric lifestyle heretofore inconceivable.

“In the months ahead, other courts, no doubt, will wrestle to find the proper balance consistent with our constitutional system.”

The decision is an early victory for the civil rights groups that have come together to challenge the NSA-led surveillance programs. The agency pressures mobile carriers and web companies to hand over customers’ private records in large batches, or simply taps into global communications links to collect data.

Ex-NSA contractor Snowden, today living in exile in Russia, hailed the judge’s decision to issue the injunction.

“I acted on my belief that the NSA’s mass surveillance programs would not withstand a constitutional challenge, and that the American public deserved a chance to see these issues determined by open courts,” Snowden said in a statement distributed to The New York Times.

“Today, a secret program authorized by a secret court was, when exposed to the light of day, found to violate Americans’ rights. It is the first of many.”

The case is among the many challenges being lobbed at the NSA for operating planet-wide electronic dragnets. Critics allege that the collection of data is violating the privacy of billions of innocent people around the world and is amounting to intimidation of many religious and advocacy groups. ®

5 ways to prepare your advertising infrastructure for disaster

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/12/16/judge_puts_nsa_mobile_record_collection_on_ice/

One company destroyed an old server it had replaced by dousing it in Thermite and setting it ablaze in the company’s parking lot.

“We lit it on fire and watched it” get destroyed, says Tyler Shields of the extreme data-wiping incident at one of his former employers. “That’s one effective way to do it, certainly.”

But unless your company’s smartphones or tablets are used by the President of the United States or contain classified or highly sensitive information, there’s no need for pyrotechnics to ensure that older mobile devices don’t leak data, says Shields, a senior analyst for security and risk management at Forrester Research.

Just how to properly purge employees’ smartphones and tablets when they return to work after Christmas with their new devices to replace them is a major holiday headache for IT and security teams. The number of employee-owned smartphones and tablets continues to skyrocket: the devices will number more than 1 billion by 2018, according to Juniper Research.

So what to do with the older devices when the shiny new ones from Santa come to the office?

“Most people are working on their second- or third generation of smartphone or tablet, so they’re going to be disposing of them” in lieu of new ones, says David Lingenfelter, information security officer at mobile device management firm Fiberlink. “A majority of them keep them, and 58 percent are going to keep them inactive. That’s not bad, but that typically means they’re being passed on to their children, and they will do something with them.”

Lingenfelter says a Harris survey commissioned by Fiberlink last year found that 68 percent of the workforce does not professionally wipe or destroy their devices.

[With employees bringing their smartphones and tablets into the workplace, companies need to work to limit the threat posed by mobile applications. See 5 Steps To Managing Mobile Vulnerabilities .]

Here are some basic rules of thumb for users recycling or disposing of a smartphone or tablet:

Activate the factory wipe feature
Before you hand down that tablet to your grade schooler, wipe it using the “factory data reset” function on an Android, for example, or the “Reset” function on an iPhone or iPad, for instance. That wipes all data and any apps you added from the device, and it returns to its out-of-the-box unregistered setting.

“The little things you don’t necessarily think of when you’re passing the device on to your children: children like to click on things, and they may make a mistake and adjust your finances” if you don’t wipe the tablet, for instance, Lingenfelter says. “Go back to factory defaults, so the kids can set it up [for] themselves and your personal and corporate information is gone.”

Sometimes going through the wipe process twice makes sense to ensure the device is clean, he says.

Don’t forget to remove the SD card
This is a common oversight: a user wipes the phone properly, but leaves the SD card in place, which may be storing data. The factory reset doesn’t touch the card, security experts say. This is an issue with many Android devices. “You have to remember to take the card out,” Lingenfelter says.

Some Android users configure their apps to save the SD card first, notes Forrester’s Shields. “Pull the card and replace it with a new one. Then A, you’ve got a backup copy of the data, and B, you don’t have to worry about any secure wipe technologies,” he says.

And any SIM card also should be pulled out when you deactivate a phone, Lingenfelter says. “A lot of SIMs can keep a copy of your contact list,” he says.

School your employees on your organization’s decommissioning procedures
Even when mobile device management (MDM) technology is in place, things can go awry when mobile devices are retired. “Once [the device] is disconnected from MDM, all is safe and secure is not always the case,” Shields says. “People may be lulled into a false sense of security. The device now yours is not always 100 percent secure.”

Organizations should consider a default factory reset wipe whenever a user or his or her device leaves the organization. “Then you make sure there are no fragments slipped outside the network,” he says.

And be sure employees are educated on the procedures for retiring or recycling a personal mobile device. “A lot of companies now implement MDM, with containerization, where all enterprise software and data stays in one section [of the device] and is not able to be contacted by personal software or leaked out by Dropbox,” or another app, says Lingenfelter.

Users should notify IT when they bring in their new Christmas iPad, for example. “If they are going to use it for work, you have to make sure they take the proper steps,” he says.

But keep in mind that even the best decommissioning practices can be bypassed by clever hacks. “At the end of the day, you’re never going to guarantee complete security when you’re selling your phone. There are all sorts of extremely advanced attacks,” Forrester’s Shields says. “If you’re paranoid about it, don’t sell it. Destroy it.”

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/end-user/how-to-safely-retire-mobile-devices/240164805

While security information and event management (SIEM) tools have certainly helped many an enterprise IT organization get a better handle on aggregating and analyzing logs across disparate security tools, these organizations are starting to butt up against the limitations of SIEM. And as enterprises seek to gain more insight into business trends and user activity affecting security stances, they’re finding that they shouldn’t make the mistake of confusing the use of SIEM for the existence of security analytics practices.

“I think SIEM is a starting point for security analytics, but only a starting point,” says Ed Bellis, CEO of Risk I/O.

SIEM gained steam as the tool of note for teams seeking to sift through real-time event information to more quickly respond to security programs, says Geoff Web, director of solution strategy for NetIQ, but he notes that over the last few years security teams have struggled to gain more value out of their SIEM deployments and that the reputation for these platforms have started to creak.

[Are you using your human sensors? See Using The Human Perimeter To Detect Outside Attacks.]

“Part of that is deserved — vendors sold it as security nirvana whereas the reality is very different: it’s a good tool and like all good tool needs to be used appropriately and for the right job,” he says.

Part of the difficulty with SIEM has been issues of increased security “noise” and complexity of systems feeding into the SIEM.

“The problem is that as more and more security and monitoring tools have been brought on line, the amount of raw noise that must be dealt with by the SIEM tool has grown too,” he says. “Worse, the infrastructure has become more and more complex, especially as virtualized devices become the norm, which contributes to an increasingly chaotic and noisy environment – perfect for attackers, terrible for the security team trying to piece together what’s going on.”

More detrimentally to a fully featured analytics practice, though, is SIEM’s lack of analysis range, Bellis says.

“SIEMs weren’t originally designed to consume much more than syslog or netflow information with a few exceptions around configuration or vulnerability assessment,” he says. “Security analytics is more than just big data, it’s also diverse data. This causes serious technical architectural limitations that aren’t easy to overcome with just SIEM.”

For example, SIEM can’t account for data sources like financial data that could help with fraud detection, human resource information, metadata about the business, or sentiment data from sources like social media. These kind of external sources to security can prove crucial in pinpointing business risks that require contextual clues to spot.

“Security analytics needs to include big picture thinking — integration of the meanings and interactions of signals, not just the raw reduction of streams of events,” says Mike Lloyd, CTO of RedSeal Networks.

As a result, organizations must first recognize that security analytics requires more computational power and start budgeting accordingly. If acquiring additional funds is an issue, the security organization can get started through creative collaboration with other departments, Bellis says.

“I think security analytics goes beyond SIEM and your SIEM budget,” he says. “There are great ways to jumpstart your Security Analytics program within a company by leveraging existing resources. Many organizations already have data analytics and business intelligence teams. These groups can be a CISO’s friend when building out a security analytics capability by leveraging both talent and tools. ”

In addition, they may also have the underlying big data infrastructure necessary for security analytics already up and running, including data warehouses or noSQL environments, which the organization may be able leverage for information security purposes. The point, says Bellis, is that repurposing existing investments made elsewhere can make it possible to kick analytics into gear without a huge additional budget.

“In the past I’ve repurposed ClickStream tools being used for Web analytics and customer service to identify security issues in near real-time,” he says. “Making do with what you have can go a long ways before expanding to a more complete security analytics platform.”

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/moving-beyond-siem-for-strong-security-a/240164807

It’s been another busy week for the cybercops and e-crime lawyers, with a gang of suspected bank swindlers rounded up in London, a conviction under RICO law in Las Vegas, and a hefty fine for an Anonymous DDoS contributer from Wisconsin.

There have also been a pair of jail terms handed out in the US, on two pretty different scales.

A 24-year-old from Pennsylvania was given 18 months on Wednesday for hacking into a number of networks and selling on-access rights.

Systems penetrated by Andrew James Miller, aka “Green”, and his cohorts apparently included some at Google and American Express, a variety of corporate, government and academic networks as well as two supercomputers used for research by the US Department of Energy.

Miller was part of a hacker collective known as “Underground Intelligence Agency”, who sold on-access to the backdoors they put in place, mostly for a few hundred to a few thousand dollars, but asked for $50,000 for the supercomputers.

He was caught after one of his fellow hackers turned informant, and an undercover FBI agent posed as a potential buyer of access details.

He pleaded guilty in August, avoiding a possible 15-year sentence had he contested the charges, but also picked up a fine of $25,000.

At the other end of the scale is 49-year-old Ukrainian national Roman Vega, the pioneering co-founder of cybercrime “bazaar” CarderPlanet, who also pleaded guilty but had to wait rather longer to find out his sentence.

Vega was handed a sentence of 18 years by a New York court on Thursday, having already spent more than 10 years in US prisons. He was picked up in Cyprus in 2003, and his guilty plea was entered in 2009.

In the late nineties Vega, who went by the handle “Boa” as well as other pseudonyms, set up his own cybercrime trading post Boa Factory, then went on to be a founding member and high-ranking operator of CarderForum, set up in 2001.

The crew apparently used Mario Puzo-inspired mafia terminology, under which Vega ranked as a “don”.

CarderPlanet flourished for several years, accumulating over 6,000 members trading stolen card numbers and other cybercrook merchandise, inspiring later waves of carder forums such as ShadowCrew, linked to TJMaxx hacker Albert Gonzalez, and Carder.su, involved in the recent RICO case.

As well as helping run the site, Vega ran his own network of hackers stealing information to sell on through CarderForum and elsewhere, leading to him being described by the US Department of Justice as “one of the world’s most prolific cybercriminals”.

A man thought to have been one of Vega’s fellow founder-operators, Dmitry Golubov, was also jailed following the dissolution of the site in 2004, but was later released and went on to become a political party leader in his native Ukraine.

Outside of the US, a trio of Norwegians were found guilty of criminal damage charges after attacking the websites of a number of firms including the DNB Bank, which suffered an outage in its online services thanks to the hackers.

Their activities earned them community service sentences, making a rather stark contrast to the monstrous $183,000 fine handed out to a US man who played a small part in taking down corporate websites.

In Malaysia, a large group of suspects were rounded up in relation to cybercrimes and online scams. The haul included 36 men and 11 women, most of them apparently of Nigerian extraction.

Another Nigerian, this time resident in Manchester in the UK, was handed a sentence of almost four years by a London court for his part in a phishing campaign targeting students, with over 200 victims defrauded.

We seem to be seeing more and more arrests, indictments and sentencings related to cybercrime. This is surely a positive sign, despite highlighting what appears to be an ever-growing boom in digital malfeasance.

It looks like our lawmakers and law enforcers are slowly getting up to speed with the problem, and developing the laws, tools and skills needed to take on the bad guys.

Follow @VirusBtn
Follow @NakedSecurity

Image of gavel on keyboard and DNB Bank courtesy of Shutterstock.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/4rWq21u55ss/

FAIRFAX, VA–(Marketwired – Dec 16, 2013) – Invincea, Inc., an innovator in the use of secure virtual containers for advanced malware threat detection, breach prevention and forensic threat intelligence, today announced that it has raised $16M in a Series C equity round led by new investors Aeris Capital and Dell Ventures with participation from existing investors Grotech Ventures, Harbert Ventures, and New Atlantic Ventures. Additionally, the company announced it acquired Sandboxie in an earlier 2013 transaction. Sandboxie is a globally deployed and widely respected competitor in the virtualized containment solutions market. The acquisition and this new round of funding support Invincea’s rapid growth across the globe, expansion into the small business sector, and further solidifies its position as the market leader in this game changing cyber-security segment.

These announcements come on the heels of major revenue and deployment milestones and the launch of a new offering — Invincea FreeSpacetrade for Small Business. The company recently announced achievement of 200% year-over-year growth and deployments in nearly 10,000 organizations world-wide — touching dozens of industry verticals such as energy, oil and gas, high tech, financial services, healthcare, retail, transportation, defense industrial, federal and state government agencies and companies of all sizes. The launch of Invincea FreeSpacetrade for Small Business came in response to a dramatic increase in demand for advanced threat protection from this highly vulnerable, yet underserved market. With the acquisition of Sandboxie, Invincea’s reach expands to more than 1,000 additional organizations globally primarily focused in the small business sector.

“Dell partners with Invincea to deliver the world’s most secure line of devices,” said Brett Hansen, Executive Director, Client Software at Dell. “In June of 2013, we began shipping a solution powered by Invincea — Dell Data Protection | Protected Workspace — to provide our customers with advanced malware protection out of the box. Investing in Invincea made perfect sense given the unique ability of their solution to address the increasing threat of targeted and zero-day attacks. We look forward to changing the endpoint security paradigm with Invincea as our partner, and as a Dell Ventures portfolio company.”

The investment follows a December 12, 2013 announcement by Dell Ventures, expanding the company’s commitment to entrepreneurship and innovation with a $300 million Strategic Innovation Venture Fund. The fund will enable Dell to invest in early-to-growth-stage companies in emerging technology areas including storage, cloud computing, big data, next-generation data center, security and mobility.

“We’re proud to be backed by our new investors Aeris and Dell, and for the continued support from our existing investors,” said Anup Ghosh, Founder and CEO at Invincea. “We are fortunate to be in a situation where our revenues and deployments are on an exponential growth plane — giving us the ability to take strategic funding to support certain initiatives, such as our expansion in Europe. The acquisition of Sandboxie is another strategic move for Invincea and we’re thrilled to be adding Sandboxie’s fervent fan base to our rapidly growing global user community. We look forward to working with and embracing the active community of Sandboxie users and are excited to offer them a pathway to an enterprise solution delivered by Invincea FreeSpace.”

Sandboxie Founder Ronen Tzur adds, “Invincea has been a great steward of Sandboxie since its acquisition earlier in 2013 and is committed to the user community. I’ve been extremely proud of the brand and following Sandboxie has built over the last several years among security enthusiasts, small businesses, and globally as an early pioneer in virtual containers for protecting against online infections. Sandboxie will continue to grow under Invincea’s market leadership.”

Invincea is recognized as providing one of most advanced malware prevention solutions in the market — having recently been awarded the 2013 Northern Virginia Technology Council Innovators Award and having previously been named “Most Innovative Company of the Year” at RSA Conference 2011 and “Best Anti-Malware Solution” for 2012 and 2013 by Government Security News. Invincea’s solutions include an endpoint security software suite and threat intelligence appliance. Together these solutions offer a unique ability to protect enterprise networks without requiring prior knowledge of attacks, commonly called attack signatures, against all types of threats directed at end users, including zero-days, by seamlessly moving applications that run untrusted content into controlled, secure virtual containers that automatically detect and terminate threats in real time.

About Invincea, Inc.

Invincea is the premier innovator in advanced malware threat detection, breach prevention, and forensic threat intelligence. Invincea is the market-leading solution that provides enterprise networks with coverage against the largest attack surface for cyber-breach attacks aimed at end-users in the form of spear phishing, drive-by download exploits, poisoned search results and user-initiated infections.

The company’s solutions include a desktop security software suite and threat intelligence appliance. The solutions offer a unique ability to protect networks against all types of threats directed at end-users, including zero-days, by seamlessly moving applications that render untrusted content into controlled, secure virtual containers that automatically detect and terminate threats in real time. Invincea’s platform seamlessly moves the browser, PDF reader and Microsoft Office suite from the native operating system into secure virtualized environments without altering the user experience. The company, which was founded by Dr. Anup Ghosh to address the rapidly increasing security threat from nation states, cyber-crime, and rogue actors, has commercialized technology originally built under DARPA funding. The company is venture capital-backed and based in Fairfax, VA. For more information, visit http://www.invincea.com.

Article source: http://www.darkreading.com/management/invincea-raises-16-million-in-c-series-f/240164785

ARMONK, N.Y., Dec. 13, 2013 /PRNewswire/ — IBM (NYSE: IBM) inventors have patented a technique that can enable businesses to improve cloud security and support secure transactions by preventing mobile devices from accessing software code that has been maliciously or inadvertently modified after it was encrypted.

(Logo: http://photos.prnewswire.com/prnh/20090416/IBMLOGO )

With the rise of the mobile workforce, many businesses are embracing bring your own device (BYOD) environments or they have employees using mobile devices while working at remote, off-site locations. These scenarios introduce new security vulnerabilities to corporate networks because employees can unknowingly download and attempt to run cloud apps that have been sabotaged. IBM’s patented invention helps businesses increase their confidence associated with implementing BYOD policies while averting nefarious code before it has a chance to cause any problems.

IBM received U.S. Patent #8,341,747, “Method to provide a secure virtual machine launcher,” for the invention.

“This patented invention will help organizations confidently and securely embrace the advantages of a mobile workforce while remaining protected against malicious content or intent,” said Andrew Cornwall, inventor and mobile software developer, IBM. “Our technique helps businesses prevent altered apps from running and unleashing their wrath on businesses, their networks and their customers.”

IBM’s invention provides security controls that restrict and prevent access to apps unless their original, previously encrypted code remains unchanged and uncompromised. For example, if an app is modified after it has been encrypted — without being properly decrypted and re-encrypted — IBM’s patented security mechanism will recognize that the code was altered and prevent it from running.

This approach is differentiated by detecting if an app has been modified before being executed, versus after, and provides businesses with additional control over which apps can be accessed.

Security for Mobile Leaders

According to a recent IBM Institute for Business Value survey, mobile leaders are making noteworthy investments in BYOD strategies, recognizing it requires a new approach to IT support and customer service. IBM found that leaders understand the importance of making mobile capabilities secure with 79% reporting that their organizations have well-documented policies in place for employees using mobile devices (versus 48% of non-leaders).

IBM’s secure virtual machine (VM) launcher invention can address the complexity of deploying and improving the security of business-critical cloud-based apps. A VM is a computer application used to create a virtual environment that mirrors physical operation systems, applications and programs. While VMs are frequently used for enterprise tasks, such as remote backup and disaster recovery, they also are increasingly embedded in consumer devices such as mobile phones, tablets and portable game consoles to ease software updates and management.

IBM’s invention can be applied to encrypted files that are sent from the cloud or a corporate server to a VM. The objective is to prevent embedded devices from executing code that has been altered — either maliciously or inadvertently.

With billions of embedded VM devices currently in use — from an estimated three billion mobile phones to 125 million smart televisions — and millions of additional applications projected in the future, IBM’s secure VM launcher patent has the potential to deliver improved security to a wide range of devices and applications.

IBM inventors around the globe are focused on researching and developing new technologies and techniques that will pave the way to leadership for IBM and its clients. Along with the IBM MobileFirst portfolio of solutions, this patented invention can help ensure that users have access to the apps they need without risk to the corporate network.

IBM invests more than $6 billion annually in RD and has topped the list of U.S.

patent recipients for 20 consecutive years. IBM’s invention and patent leadership is illustrated at http://ibm.co/11k6fRn.

Article source: http://www.darkreading.com/applications/ibm-labs-patented-invention-prevents-dev/240164786