STE WILLIAMS

Supercharge your infrastructure

iPads and mobile devices have been banned from Cabinet meetings over concerns the mobile devices could be compromised by foreign governments trying to spy on top level government meetings, the Mail on Sunday reports.

Francis Maude, the Cabinet Office minister, used iPads in a presentation last week about how the Government Digital Service might save the UK £2bn a year.

But after the presentation the devices were removed by Downing Street security staff to preclude the possibility that more sensitive Cabinet discussions might become the target of eavesdropping.

Smartphone malware is capable of surreptitiously turning on the microphone of infected devices. The resulting audio might be uploaded to a server for later analysis by a hostile actor, all without the victim being aware that anything was amiss.

Security services fear that China, Russia, Iran and Pakistan might have developed the ability to turn mobiles into microphones using malware, the MoS reports.

The paper adds that ministers in “sensitive government departments” were recently issued with soundproof lead-lined boxes to leave their mobiles in during meetings. The tactic mimics the tradecraft trick practised by Edward Snowden when he met reporters in Hong Kong and insisted they placed their phones in fridges before any meeting.

The heightened security concerns about minister’s mobile and fondleslabs is the unsurprising result of reports that German Chancellor Angela Merkel’s personal mobile had been bugged by the NSA for years until the operation was exposed last month.

Security experts reacted to the reports by noting that such surveillance, while arguably impolite among friends, ought to be expected. Ministers need to be provided with secure communication devices and the Merkel spying affair has at the very least left the German Federal Intelligence Service, with some awkward questions to answer.

William Hague, the British foreign secretary, admitted his phone has been modified by GCHQ to prevent bugging. “I think my phone has been modified by GCHQ enough that it’d [bugging] be difficult, but I’m sure the Chinese have had a good go,” the Daily Telegraph reported Hague as saying. ®

Free Regcast : Microsoft Cloud OS

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/11/04/cabinet_ipad_ban/

If you’ve received one of those letters notifying you that your personal data was involved in a corporate security breach, there’s more than a 25% chance that you will be the victim of fraud in the coming year.

That statistic is one of many revealed in the new study, Data at Rest Is Data at Risk:Confronting a Singular Threat to Three Major U.S. Industries, which was published last week by Javelin Strategy Research.

The study, which was sponsored by anti-fraud vendor Identity Finder, demonstrates that there is a strong correlation between enterprise data breaches and consumer identity fraud. According to the study, more than 16 million Americans were notified of a data compromise affecting their personal information in 2012.

Among those consumers that were notified of breaches in 2012, Javelin found the following:

• 4.4 million Americans were both notified that their payment card information was compromised in a data breach and suffered fraud on their existing credit or debit cards.

• 1.26 million Americans were both notified that their Social Security numbers (SSNs) were compromised in a data breach and became victims of identity fraud.

• 270,000 Americans were both notified that their online banking credentials were compromised in a data breach and suffered fraud on their financial accounts, including checking and savings accounts.

• 324,000 Americans were both notified that their bank account numbers were compromised in a data breach and became victims of fraud incurred against their checking, savings or other financial accounts.

“By breaching the data stores of businesses in the financial, healthcare and retail industries, criminals can obtain the fuel they need to execute various fraud schemes, and these crimes have crippling consequences,” said Al Pascual, senior analyst of security, risk and fraud at Javelin. “Identifying and protecting the sensitive information typically stored by these industries is essential for mitigating the risk of a data breach and, therefore, the risk of financial loss to data custodians, consumers and third-party businesses.”

To protect consumers’ and employees’ personal information, Javelin and Identity Finder recommend that enterprises seek out and identify sensitive personal information wherever it resides in the corporate network. They also recommend that enterprises maintain strong practices in data classification and risk-based security strategies for sensitive information.

Have a comment on this story? Please click “Add a Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/end-user/study-data-of-more-than-16-million-ameri/240163502

SAN FRANCISCO and OVERLAND PARK, Kan. – Nov. 4, 2013 – Mako Networks and Sprint (NYSE: S) have today announced a teaming agreement to add the Mako System to Sprint’s portfolio of solutions for retailers and distributed enterprises. U.S. customers can now purchase Mako’s solution integrated with Sprint’s wireless service to connect, protect, control and secure their data and payment transactions.

The Mako System creates simple, secure Payment Card Industry Data Security Standard (PCI DSS) compliant networks for distributed enterprises (multisite businesses), such as retail chains or franchises. With an easy-to-use cloud-based Central Management System (CMS), Mako allows administrators to manage the network connections at thousands of sites through a single Web interface, without jeopardizing their networks’ PCI-compliant status. The solution also includes built-in Wi-Fi and Mako Guardian content filtering and reporting, in addition to an array of other value-added features, including extensive 24×7 monitoring and alerts to help maintain network security.

Mako also offers a secondary Internet connection or ‘failover’ option, which switches a business’s Internet connection to Sprint’s fast and reliable wireless network if the fixed-line connection is disrupted. This backup option allows businesses to maintain a non-stop retail environment. Under the agreement with Sprint, customers will enjoy the security and easy management of the Mako System, backed up by a reliable and affordable Sprint mobile data connection. The Mako System can also be configured to use the Sprint network as a primary means of Internet access.

In turn, Sprint’s U.S. business customer base offers a significant growth opportunity for Mako with a leading wireless and wireline services provider.

“Sprint is the perfect company for Mako to align with in bringing our solution to the distributed enterprise market here in the United States,” said Simon Gamble, Mako Networks president for North American operations. “With Sprint’s sizeable footprint in machine-to-machine solutions and world-class network, we believe that U.S. businesses will be delighted with the solution our services provide.”

Ben Vos, vice president of Emerging Solutions at Sprint, added, “Mako’s technology is leading the way in secure, PCI-compliant networking for the distributed enterprise. Our business customers will appreciate the ease of use and powerful connectivity options the Mako System provides. Sprint’s retail M2M strategy is to integrate new technology that provides the customer an omni-channel experience while delivering a valuable set of data analytics for better decision-making to the retailer.”

For more information or to purchase the Mako System with Sprint, visit www.sprint.com/m2mretail.

Sprint Network Vision

To support the growing need for data, Sprint is rolling out a new network designed to provide faster data speeds, improved quality and easier connectivity. Sprint expects customers to benefit with better wireless signal strength and fewer drops/blocks. Sprint introduced its all-new 4G LTE network in 2012 and now offers service in 185 markets. For the most up-to-date information, please visit www.sprint.com/coverage.

About Sprint Emerging Wholesale Solutions

Sprint Emerging Wholesale Solutions provides platform solutions serving a broad range of industries and customers in more than 165 countries. These include machine-to-machine (M2M), connected transportation and traditional wholesale. Sprint’s M2M leadership has earned prestigious third-party validation, including Connected World’s 2013 CW 100 list of the most important and influential providers of M2M services for the ninth straight year. The Sprint VelocitySM in-vehicle connected services solution received Pipeline magazine’s 2013 Innovation Award for Innovation in Connectivity, the 2013 Telematics Update Industry Newcomer of the Year Award and M2M Evolution magazine’s 2012 Product of the Year Award. According to Informa Telecoms Media, Sprint is ranked No. 2 among the top 10 telecom operators in the worldwide automotive market. Sprint Integrated Insurance Solutions received the Frost Sullivan 2013 North American Customer Value Enhancement Award in usage-based insurance. To learn more about Sprint M2M offerings, visit www.sprint.com/m2m and www.twitter.com/sprintM2M.

About Mako Networks

Mako Networks provides simple, secure cloud-managed PCI DSS compliant networks for small and multisite businesses. Operating internationally from offices in San Francisco, London, Melbourne and Auckland, Mako integrates cloud management and reporting, Internet and Wi-Fi connectivity, 3G failover, VPNs, firewalls, end-to-end PCI DSS certification and content filtering into one, easy-to-manage system. For more information, visit www.makonetworks.com.

About Sprint

Sprint (NYSE:S) offers a comprehensive range of wireless and wireline communications services bringing the freedom of mobility to consumers, businesses and government users. Sprint served more than 54 million customers at the end of the third quarter of 2013 and is widely recognized for developing, engineering and deploying innovative technologies, including the first wireless 4G service from a national carrier in the United States; offering industry-leading mobile data services, leading prepaid brands including Virgin Mobile USA, Boost Mobile, and Assurance Wireless; instant national and international push-to-talk capabilities; and a global Tier 1 Internet backbone. The American Customer Satisfaction Index rated Sprint as the most improved company in customer satisfaction, across all 47 industries, during the last five years. You can learn more and visit Sprint at www.sprint.com or www.facebook.com/sprint and www.twitter.com/sprint.

Article source: http://www.darkreading.com/privacy/sprint-and-mako-networks-to-offer-pci-co/240163486

SUNNYVALE, Calif. — Nov. 4, 2013 — Centrify Corporation, the leader in Unified Identity Services across data center, cloud and mobile, today announced the availability of the Centrify User Suite, SaaS Edition — the industry’s first Identity-as-a-Service (IDaaS) solution to provide both robust Active Directory- and/or cloud-based Single Sign-on (SSO), access management, application management and mobile management across any cloud, mobile or on-premise application. With Centrify User Suite, SaaS Edition (“Centrify for SaaS”), organizations eliminate password sprawl for their users and for the first time gain centralized control over access to ever-increasing numbers of SaaS apps and mobile devices in the workplace.

Today’s users have too many passwords, which are inherently weak due to sharing and reuse and are susceptible to phishing and breaches. IT is increasingly reliant on user-managed passwords, and also faces accelerating adoption of SaaS and mobile apps which require multi-factor authentication for enhanced security, with mobile devices representing the best “something you have” factor. In addition, mobile is the new preferred way to access apps, with users mixing work and personal information on their mobile devices, creating the need from an identity and access management perspective that the underlying device be secured and trusted.

Because of this intersection between mobility and identity, IT requires a new user-centric approach that gives it visibility and control over end users’ identity and their mobile access, while enabling those same end users to have seamless anytime/anywhere /any device access. With today’s launch, Centrify for SaaS delivers unified SaaS and mobile management — all at a breakthrough price that is similar to competing products that offer only a subset of Centrify’s SaaS management functionality.

“We looked at the vendor landscape for identity management solutions that also support SSO and SAML and it turned out the Centrify Suite not only best addresses these needs, but it also covers other AD management requirements that we were trying to solve,” said Clifford Russell, CISO of Morehouse College in Atlanta, which worked with Centrify partner Corus360, an Atlanta-based technology consulting and solutions company, on the deal.

“Since Centrify covers all our needs around robust audit trails, role-based user management, Mac and Unix AD integration and management tools, our decision to select Centrify was a no-brainer,” Russell continued. “The Centrify Suite will be instrumental in providing the deep AD integration that we need for our Macs and Unix/Linux environments. Centrify will also play a critical role in role-based user management for our Windows systems, which is critical in supporting our new Tier l student manned service desk, and the deep audit trails that are required for regularity compliance regulations.”

With Centrify for SaaS, organizations can now solve users’ password problems and secure the devices that are accessing cloud and mobile apps. End users benefit from the SSO and self-service features that let them locate, lock or wipe their mobile devices, as well as reset their Microsoft Active Directory passwords. IT benefits from Centrify’s easy-to-deploy, cloud-based service that delivers centralized access control and visibility to SaaS app usage and integrated mobile application management with seamless integration to Active Directory or Centrify’s cloud user service. Centrify for SaaS decreases the cost of managing SaaS apps and mobile devices while at the same time improving security and compliance, as well as user adoption, satisfaction and productivity.

With its years of growth in the industry, adoption by more than 5,000 organizations, global expansion, and the broadest distribution made possible by more than 200 channel partners worldwide and its Samsung partnership, Centrify is uniquely positioned to deliver on these important new capabilities announced today. In addition to combining SaaS and mobile management into a single unified product, Centrify is adding significant new functionality including:

Identity Where you Need It – In addition to Centrify’s leading Active Directory integration for SaaS and mobile management, Centrify now supports cloud-only deployments for non-Active Directory users, as well as a hybrid Active Directory and cloud deployment for external users, thus enabling the industry’s most flexible Identity-as-a-Service (IDaaS) offering. Centrify is unique in not replicating Active Directory to the cloud and out of organizations’ control, even if they choose to manage some of their users via Centrify’s cloud model.

Industry’s Deepest Mobile Capabilities – Centrify is adding built-in multifactor authentication with Centrify Authenticator soft token, one time passcode (OTP) via text/email, and interactive phone calls, to its fully integrated mobile device, container, app and authentication management functionalities. Centrify now also delivers the industry’s most flexible and unique mobile per app authentication policies to restrict access or require additional authentication factors.

Global Enterprise Support – Building on Centrify’s global penetration and leadership, Centrify is the only company in the space delivering global support and regional separation so customers can deploy and keep their data in a preferred region. Centrify also delivers internationalization and localization support with more than a dozen local languages — unique in the IDaaS market — and global 24×7 support. This week Centrify has also recertified as SOC 2 compliant after a rigorous audit of more than 100 controls defined by established by the American Institute of Certified Public Accountants (AICPA) related to data security, availability and confidentiality with no noted exceptions.

“The industry is validating our unified approach to SaaS and mobile management with more than 2,000 end user organizations installing the solution since the beginning of the year,” said Corey Williams, Centrify senior director of product management. “With our new class-leading SaaS and mobile management features, our rapidly expanding catalog of more than 2,000 SaaS apps supported, and our global expansion, we are pleased to help thousands of enterprises solve their password problems and reign in the devices used to access their users’ apps.”

Centrify also offers self-service apps from the MyCentrify User portal; custom branding; and custom, dynamic, and role-based tagging of apps to make it easier and faster to find apps users want to launch. Its SaaS and mobile offerings are facilitated by the Centrify Cloud Service, a multi-tenanted service that provides secure communication from on-premise Active Directory infrastructure to mobile devices, and to the MyCentrify User Portal for secure authentication to SaaS apps. For customers who don’t have Active Directory as a corporate directory, Centrify also offers a fully cloud-based offering for SaaS and mobile management. This new edition rounds out Centrify’s complete solution set for unified identity and security across cloud, mobile and on premise; which also includes the Centrify User Suite, Mac Edition that delivers robust on premise or in-cloud management of Macs and mobile devices, as well as the Centrify User Suite, Premium edition that delivers combined management for SaaS, Macs and mobile devices.

Pricing and Availability

The new Centrify User Suite, SaaS Edition is available today from Centrify and authorized partners worldwide. List pricing is $4/user/month, and includes unlimited apps and full mobile security management. For more information, see http://www.centrify.com/saas.

About Centrify

Centrify provides Unified Identity Services across the data center, cloud and mobile that results in one single login for users and one unified identity infrastructure for IT. Centrify’s solutions reduce costs and increase agility and security by leveraging an organization’s existing identity infrastructure to enable centralized authentication, access control, privilege management, policy enforcement and compliance. Centrify customers typically reduce their costs associated with identity lifecycle management and compliance by more than 50%. With more than 5,000 customers worldwide, including approximately half of the Fortune 50 and more than 60 Federal agencies, Centrify is deployed on more than one million server, application and mobile device resources on-premise and in the cloud. For more information about Centrify and its solutions, call (408) 542-7500, or visit http://www.centrify.com/.

Article source: http://www.darkreading.com/privacy/centrify-delivers-unified-identity-solut/240163506

OMAHA, Neb.–Oct. 29, 2013 — Solutionary, the leading pure-play managed security services provider (MSSP), today announced that it has released its Security Engineering Research Team (SERT) Quarterly Threat Intelligence Report for Q3 2013, providing intelligence on key security threats observed and intelligence gathered over the period. The report provides follow-up on OpUSA, OpIsraelReborn and Operation Ababil Phase Four; information about the unanticipated spike in usage of The Onion Router (Tor); and observes that despite increased awareness of phishing, related attacks remain effective. Additionally, the report reveals that there has been an increase in Internet Control Message Protocol (ICMP) traffic originating primarily from China, the United States and Romania, which is consistent with past traffic associated with previous security events.

Key Findings

Tor traffic increased by 350%, likely due to attackers using it to shield botnet traffic and possible attempts to defend against NSA surveillance.

Hacktivist campaigns continued to compromise and deface the websites of Israel- and European Union-based organizations.

Phishing emails continued to be successful attack vectors, with attackers using them to launch APT campaigns.

There has been an uptick in anomalous ICMP traffic outside the realm of normal activity based on the structure and frequency of packets. One such payload shared commonalities with the famed worm Nachi, with the top three countries of traffic origin being China, the U.S. and Romania.

Tor Usage Spikes

Although it has been reported that surging Tor usage may be attributable to anti-NSA surveillance activities, SERT observed that the August and September surge in activity of the popular anonymizing service can also be attributed, to some extent, to a new variant of the Mevade malware family. Designed to use the Tor network to hide command and control servers, adoption gives attackers an advantage by deploying harder-to-detect malware. Organizations can find key indicators of this type of botnet activity as well as mitigation advice in the report.

Hacktivist Campaigns

The hacktivist campaigns OpUSA and OpIsraelReborn continued to compromise and deface Israel- and European Union-based organizations’ websites; the primary attack vectors consisted of spear phishing, Domain Name System (DNS) registry tampering, SQL injection, Cross-Site Scripting (XSS) and Distributed Denial of Service (DDoS) attacks.

Spear Phishing Remains Effective

Spear phishing attacks identified by SERT revealed that users still fall victim to phishing attacks despite the existence of anti-phishing awareness programs within organizations. While tactics and techniques have evolved over the years, this specific attack vector has maintained a very high success rate. Solutionary provides recommendations and insight in its report to help organizations mitigate this preventable threat, and offers examples of spoofed emails and scenarios to better prepare for this frequent attack.

Increase in ICMP Traffic Raises Red Flags

Finally, the report summarizes a noticeable increase in ICMP traffic targeting monitored devices in the U.S. and Europe. While ICMP is designed for diagnostic and control purposes and it occurs in normal traffic, the SERT has identified traffic that is outside the realm of normal activity based on the structure and frequency of the packets. One such payload shared commonalities with the famed worm Nachi. While conclusions have not been cemented, the traffic shares attributes similar to previous attacks, and many previous attacks have been foreshadowed by an increase in similar anomalous activity.

“This report reveals that the threat landscape continues to expand, making it a real challenge for organizations of all sizes to detect and defend against advanced attacks. Even organizations with established, mature security investments often come to realize they cannot provide effective security without the assistance of a trusted partner,” said Solutionary SERT Director of Research Rob Kraus. “The findings and intelligence revealed in this report provide IT security and risk professionals with essential intelligence that will aid them in defending against advanced attacks that frequently lead to data breaches and compliance problems.”

To access a copy of the complete report, please visit: http://www.solutionary.com/research/threat-reports/quarterly-threat-reports/sert-threat-intelligence-report-q3-2013

Visit our blog at http://blog.solutionary.com/.

Follow us on Twitter.

About Solutionary

Solutionary is the leading pure-play managed security service provider (MSSP), focused on delivering managed security services and global threat intelligence. Comprehensive Solutionary security monitoring and security device management services protect traditional and virtual IT infrastructures, cloud environments and mobile data. Solutionary clients are able to optimize current security programs, make informed security decisions, achieve regulatory compliance and reduce costs. The patented, cloud-based ActiveGuard service platform uses multiple detection technologies and advanced analytics to protect against advanced threats. The Solutionary Security Engineering Research Team (SERT) researches the global threat landscape, providing actionable threat intelligence, enhanced threat detection and mitigating controls. Experienced, certified Solutionary security experts act as an extension of clients’ internal teams, providing industry-leading client service to global enterprise and mid-market clients in a wide range of industries, including financial services, healthcare, retail and government. Services are delivered 24/7 through multiple state-of-the-art Security Operations Centers (SOCs).

For more information, visit www.solutionary.com.

Article source: http://www.darkreading.com/vulnerability/solutionary-q3-threat-intel-report-phish/240163507

ABINGDON, England, October 31, 2013 /PRNewswire/ —

Almost half of us have received bogus emails claiming to come from our bank, warns Kaspersky Lab [http://www.kaspersky.co.uk ] and Barclays [http://www.barclays.co.uk ]. This leaves thousands at risk of cyber-fraud, as fraudsters will often use fake notifications from banks in order to trick consumers into handing over account details – and subsequently access to their money.

According to a Kaspersky Lab study, 47% of users have received bogus emails allegedly coming from a bank and 29% reported suspicious messages supposedly sent on behalf of an online store. Nearly one in 10 had been automatically redirected at least once to a suspicious site asking them to enter their credit card credentials and five% stated that they had entered financial information on dubious sites. These are all examples of phishing, one of the many types of malicious attack that targets important confidential financial data including credit card numbers, logins and passwords to online banking accounts.

Although many will recognise phishing attempts, these attacks do often end in

success: with about four% of respondents reporting that they had lost money to cybercriminals – even a small success rate translates into big money for a cybercriminal.

David Emm, senior security researcher at Kaspersky Lab, says: “There are a huge number of threats to consumers who choose to bank online, but they shouldn’t let this outweigh the numerous benefits it offers. As long as people take a few simple precautions, and employ good sense, there is no reason not to bank online.”

Alex Grant, Managing Director, Fraud Prevention, Barclays, said: “These sorts of emails are a huge issue for all banks and our customers. The frequency of these scams and the professionalism with which they are orchestrated is ever-increasing. As such, it is an on-going challenge, one which Barclays takes very seriously, to try and ensure customers, and their money, remain safe. These scam emails could appear to have come from any bank and we would advise individuals to think carefully before opening and responding to emails.

“Barclays emails will always be personally addressed, they will never say ‘Dear Customer’ and they will also contain the last four digits of the customer’s account number. The documents included in the email will also be password protected with information that will only by known by the customer. If any Barclays customer is suspicious of any correspondence or contact they’ve received – letter, email, telephone or even in person – they should contact us immediately.

To ensure consumers are protected in the first instance, Kaspersky Lab recommends combined technologies to provide comprehensive protection against financial threats and ensure maximum protection for online banking and payment transactions.

Kaspersky Lab’s Safe Money

[http://media.kaspersky.co.uk/pdf/Kaspersky_Lab_Whitepaper_Safe_Money.pdf ] advanced protection technology helps users to keep their cash safe from cybercriminals. Safe Money is a set of special protection mechanisms activated automatically every time the user is banking or shopping online. The technology reliably protects the user’s money against almost any types of attack in the financial fraudsters’ arsenal.

Kaspersky Lab’s advanced anti-phishing technology detects and blocks fake websites which seek to trick users into giving away financial information. Safe Money verifies the security certificates of banking or online payment sites to add more protection for financial transactions. The special safe browser mode safeguards the user’s online activities against malicious attacks. Secure Keyboard and Virtual Keyboard technologies ensure passwords and credit card details cannot be intercepted when being entered, protecting sensitive data.

Safe Money is available as part of Kaspersky Internet Security [http://www.kaspersky.co.uk/internet-security-center/threats/malware-classifications

], the advanced protection solution for home users, http://www.kaspersky.com/internet-securityand as part of Kaspersky Internet Security – Multi-Device [http://www.kaspersky.co.uk/multi-device-security ], security solution across all your devices. Kaspersky Internet Security is also available free for Barclays’ online banking customers.

Notes to editors

Customers can call Barclays Customer Service line 0845 7 55 55 or the telephone number displayed on the reverse of their debit card and monthly statements.

Customers receiving a suspicious email claiming to be from Barclays can forward it to the team at [email protected] and they will investigate it further. Alternatively, customers can visit their local Barclays branch.

Kaspersky Lab advises that consumers should remember the following when banking

online:

– Use security software – most banks offer some for free to their customers

(for example, Barclays offer their online banking customers free Kaspersky Internet

Security).

– Look for the padlock, https or unbroken key symbol in your browser before

entering any personal details.

– Always type the address yourself, rather than following links to bank login.

– Be vigilant – if for any reason you become suspicious, end the session and

start again, and don’t click on links or attachments in emails unless you are 100%

sure.

About Kaspersky Lab

Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers.

Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at http://www.kaspersky.co.uk.

* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2011. The rating was published in the IDC report “Worldwide Endpoint Security 2012-2016 Forecast and 2011 Vendor Shares (IDC #235930, July 2012)”. The report ranked software vendors according to earnings from sales of endpoint security solutions in 2011.

Follow us on Twitter

Tweets by kasperskyuk

Like us on Facebook

http://www.facebook.com/Kaspersky

Article source: http://www.darkreading.com/applications/bogus-bank-emails-leave-brits-at-risk/240163508

London, U.K., November 4, 2013 — (ISC) (“ISC-squared”), the world’s largest not-for-profit information security professional body and administrators of the CISSP, today announced it has launched a new certification, the HealthCare Information Security and Privacy Practitioner (HCISPPSM), the first foundational global standard for assessing both information security and privacy expertise within the healthcare industry. The credential, available worldwide beginning today, is designed to provide healthcare employers and those in the industry with validation that a healthcare security and privacy practitioner has the core level of knowledge and expertise required by the industry to address specific security concerns.

As with all its credentials, (ISC) conducted a job task analysis (JTA) study to determine the scope and content of the HCISPP credential programme. Subject matter experts from the (ISC) membership and other industry luminaires from organisations in Europe, Hong Kong, and the United States attended several exam development workshops and contributed to develop the Common Body of Knowledge (CBK) that serves as the foundation for the credential.

The HCISPP is a demonstration of knowledge by security and privacy practitioners regarding the proper controls to protect the privacy and security of sensitive patient health information as well as their commitment to the healthcare privacy profession. It is a foundational credential that reflects internationally accepted standards of practice for healthcare information security and privacy. For executives accountable for protecting sensitive healthcare data, HCISPP demonstrates a proactive commitment to ensuring an organisation is making the necessary human resources investment in information security.

To attain the HCISPP, applicants must have a minimum of two years of experience in one knowledge area of the credential that includes security, compliance and privacy. Legal experience may be substituted for compliance and information management experience may be substituted for privacy. One of the two years of experience must be in the healthcare industry. All candidates must be able to demonstrate competencies in each of the following six CBK domains in order to achieve HCISPP:

Healthcare Industry

Regulatory Environment

Privacy and Security in Healthcare

Information Governance and Risk Management

Information Risk Assessment

Third Party Risk Management

Candidates may find more information about HCISPP, download the exam outline, and register for the exam at https://www.isc2.org/hcispp/default.aspx.

“The HCISPP credential was developed based on direct feedback from our membership and industry luminaries from around the world working in healthcare who have observed the evolving complexity of information risk management in the industry as online system migration and regulations increase,” said W. Hord Tipton, CISSP, executive director of (ISC). “Over the past few years, the healthcare industry has undergone a major transformation to adjust its compliance management practices and data protection requirements – moving from highly paper-based processes to a digital and more connected working environment. (ISC) has introduced this new healthcare credential to help employers bring more qualified and skilled professionals into this industry who can help protect vital patient records and personal data.”

The HCISPP provides multiple benefits to healthcare security and privacy practitioners and the organisations that employ them. For practitioners, HCISPP helps them to:

Validate their experience, skills, and competency as a healthcare security and privacy practitioner.

Demonstrate the qualifications to implement, manage, and/or assess the appropriate security and privacy controls for healthcare organisations.

Advance their career with a certification that establishes foundational knowledge and competency in health information security and privacy best practices.

Enhance their credibility as a healthcare information security and privacy practitioner with a credential backed by (ISC), the globally recognised Gold Standard in information security certification.

Affirm your commitment to continued competence in the most current security and privacy practices through (ISC) continuing professional education (CPE) requirement.

For organisations, HCISPP offers to:

Provides reinforced defense with qualified, experienced, and credentialed healthcare information security and privacy practitioners.

Demonstrate the organisation’s proactive commitment to minimising the risk of breaches.

Increase confidence that job candidates and employees can do the job right.

Mitigate risk by exchanging Protected Health Information (PHI) with 3rd parties that employ HCISPPs.

Increase credibility of the organisation when working with clients and vendors.

Ensure privacy and security personnel are current and capable through HCISPP’s CPE credits requirement.

Provide an added level of ethical adherence for their healthcare security and privacy practitioners.

“Within the NHS, Information Governance is the responsibility of every employee. The HCISPP encourages the appreciation of information governance as the healthcare sector across Europe strives towards a digital environment,” said Tim Wilson, CISSP, CITP FBCS, an NHS IT director. “In the UK alone, the current drive towards electronic patient records and eventually a paperless NHS makes it critical for professionals to have the skills and knowledge to grasp the intricacies and best practices of ensuring the security and privacy of healthcare patients. This initiative goes to the very heart of what we must ensure in health and social care anywhere – the provision of reliable information, public trust in the system and our ability to continuously use what we learn during the course of our day-to-day work for the benefit of everyone.”

“Recent trends towards stronger enforcement of security regulations have begun to change the healthcare industry’s perception of information security,” said Dr. Bryan Cline, CISSP-ISSEP, CISO and VP, CSF Development Implementation, HITRUST. “There is a growing need in the industry for qualified professionals to help mature the current state of healthcare information security and improve regulatory compliance. (ISC)’s HCISPP will help organisations streamline their hiring process by ensuring prospective candidates have a basic level of knowledge about the healthcare industry, the security and privacy concerns specific to healthcare, and the general risk management principles and concepts required of a healthcare information protection professional.”

“(ISC) thanks HITRUST for its assistance in the development of the HCISPP credential,” said W. Hord Tipton. “(ISC) recognises HITRUST’s commitment in the field of healthcare information security, and appreciates its guidance and support. HITRUST is an important voice in the healthcare information security field, and a key ally in the advancement of our healthcare credential. As both parties work in good faith toward the goals of our MOU, (ISC) looks forward to future ventures with their organisation.”

About (ISC)

(ISC) is the largest not-for-profit membership body of certified information and software security professionals worldwide, with over 92,000 members in more than 135 countries. Globally recognised as the Gold Standard, (ISC) issues the Certified Information Systems Security Professional (CISSP) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP), the Certified Cyber Forensics Professional (CCFPSM), Certified Authorisation Professional (CAP), HealthCare Information Security and Privacy Practitioner (HCISPPSM), and Systems Security Certified Practitioner (SSCP) credentials to qualifying candidates. (ISC)’s certifications are among the first information technology credentials to meet the stringent requirements of ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC) also offers education programmes and services based on its CBK, a compendium of information and software security topics. More information is available at www.isc2.org.

Article source: http://www.darkreading.com/privacy/isc2-introduces-new-healthcare-security/240163509

ROCKVILLE, Md., Nov. 4, 2013 /PRNewswire/ — Triumfant, creator of patented software that automatically discovers, analyzes and remediates advanced malware attacks on computers, today launched its first ever Advanced Volatile Threat

(AVT) module to detect and stop “in-memory” malware attacks. The new solution, which is bundled free with Triumfant’s newly-available 5.0 product suite, combines Triumfant’s unique, patented malware detection software with new tools that can accurately track malware functionality operating in the volatile memory of the endpoint machine. Offered to existing customers at no additional charge, Triumfant’s Memory Process Scanner module enables real time detection of a variety of threats that operate by manipulating objects in memory.

Advanced Volatile Threats are malware attacks that take place in a computer’s random access memory (RAM) or other volatile memory, and are difficult to detect because they are never stored to the hard disk. Unlike Advanced Persistent Threats (APTs) that create a pathway into the system and then automatically execute every time a machine is rebooted, an Advanced Volatile Threat enters a machine in volatile, real-time memory, exfiltrates the data, then immediately wipes its fingerprints clean – leaving no trace behind as the computer is shut down.

A key aspect of the Memory Process Scanner is its ability to detect volatile exploits. In the case of an exploit, the malware injects itself into a normal process. Once the malware is running, it may migrate to a different process and download other tools to be used by the attacker. Catching the initial exploit allows the earliest possible detection and identifies the vulnerable process that is being compromised.

“Triumfant’s unique ability to recognize ‘in-memory’ attacks — without relying on prior knowledge or signatures – means that we can provide unmatched defense against today’s most sophisticated cyber attacks from experienced criminals and state-sponsored threat actors,” said John Prisco, President and CEO of Triumfant. “As malicious threats against the endpoint continue to grow in volume, many organizations are focusing on sophisticated threats such as APTs, often neglecting an extremely vulnerable part of the machine: the memory. We believe our new Memory Process Scanner offering is a great way for our customers to complement existing security technologies in their organizations and create a multi-faceted defense against today’s most advanced cyber threats.”

Other features of Triumfant’s Memory Scanner module include:

— Anomalous Application Verification: Automatically links related

anomalous behaviors and generates supporting evidence for anomalous

applications on the endpoint.

— Irregular Process Notifications: An attacker will often hide a backdoor

process inside another process that doesn’t normally communicate over

the network. The Memory Scanner can detect processes as a behavioral

anomaly if it tries to communicate over the network.

— Bandwidth Authentication: Triumfant’s 5.0 update is more bandwidth

efficient than current messaging systems, includes bidirectional

authentication to prevent spoofing, and contains message sequence

numbers to prevent replay attacks.

— Second Generation Messaging System: Triumfant 5.0’s new messaging system

is based on JSON-RPC over HTTP implemented in JavaScript and can be used

to communicate with agents designed for Windows and non-Windows

platforms.

— Management: Installation, verification, operation, and maintenance of

the Triumfant malware detection solution is provided with each 5.0

upgrade.

“The security industry has tried many approaches to preventing malware over the years, and some have worked better than others. By now, thanks to numerous studies, everyone should realize that the signature-based approaches of old have limited value,” said Adrian Sanabria, Senior Security Analyst, 451 Research.

“Innovations like Triumfant’s memory scanning approach are an important and significant step forward in fighting the battle where it occurs – on the endpoint. Many current technologies address threats directly, taking a single step to prevent an attack. These are easily leapfrogged by the attacker, and have limited long-term value. The industry desperately needs more approaches that address problems at the root, and will force attackers to spend significantly more time and effort to achieve their goals.”

For more information, please visit: www.triumfant.com.

About Triumfant

Triumfant leverages patented analytics to detect, analyze and remediate the malicious attacks that evade traditional endpoint protection solutions such as the Advanced Persistent Threat, Zero Day Attacks,targeted attacks,and rootkits.

Triumfant automates the process of building a contextual and surgical remediation that addresses the malware and all of the associated collateral damage. Endpoints go from infection to remediation in five minutes without the need to reboot or re-image.

Triumfant uses these same analytics to continually enforce security configurations and policies, ensuring that organizations start every day with their endpoints secure and audit ready.

Please visit us at: http://www.triumfant.com/default.asp.

Follow Triumfant on Twitter and YouTube.

Article source: http://www.darkreading.com/vulnerability/triumfant-launches-memory-process-scanne/240163489

San Francisco, CA – November 4, 2013 – CoverMe, the most secure private texting, document sharing and phone call app available, officially launched today after a beta period in which over 500,000 users signed up to use the service and exchanged over 500 million messages. With military-grade encryption, CoverMe, delivers a safe and easy way of sharing private messages, phone calls, sensitive documents, photos, and videos so that users can rest assured that their private personal and professional content will remain private.

In addition to secure content sharing, CoverMe is equipped with an impenetrable vault to protect personal contacts, call logs, messages, documents, notes, diary, passwords, photos, and videos from prying eyes and in case a device is lost.

CoverMe is available for free on the App Store at: https://itunes.apple.com/us/app/coverme-private-texting-secure/id593652484?mt=8 and on Google Play at: https://play.google.com/store/apps/details?id=ws.coverme.im

The CoverMe app allows users to making voice calls and send texts, documents, photos, and videos with unrivalled protection, as CoverMe features military-grade encryption to ensure privacy. Key app features include:

• Make free secure phone calls

• Send self-destructing messages

• Recall or remotely wipe sent messages

• Safely share private photos videos

• Photo vault to hide photos videos

• Hide text messages, contacts, call logs

• Private vault for documents, notes diary

“The initial response to CoverMe during our beta period was overwhelming and now that the app has officially launched we expect that users around the world will come to appreciate the level of security and safety provided,” said Steve Wei, CEO of CoverMe. “With wireless devices being the primary form of communication, it is vital that consumers and businesses have the assurance that their messages are secure and cannot be intercepted.”

CoverMe provides full messaging control. Users will immediately know when the recipient has read their messages and they can recall or remotely wipe messages. For anyone who has ever sent a private picture or poorly judged text message to someone in error, they can now simply send out a remote wipe instruction to remove it. CoverMe also allows users to embed messages with ‘self-destruct’ options. Once a message is read it will disappear or after a certain amount of time.

To ensure that messages are secure, CoverMe uses an encrypted data connection to transmit phone calls, messages, and photos and videos. With military-grade encryption, no one can intercept content shared within CoverMe messages.

The app also features the CoverMe Private Vault, the ultimate way to ensure personal contacts, messages, call logs, confidential documents, notes, secret diary entries, pictures, and videos stay hidden and private. The encrypted vault is invisible and completely impenetrable without the password. Even if a users’ device is lost or left unattended, their private information is absolutely safe. The vault also provides a powerful password manager to safely store all passwords.

CoverMe is ideal for all mobile device users from families that want to keep their personal lives and content private to professionals that need to insure private company and customer information is secure.

More information on CoverMe is available at: www.coverme.ws

About CoverMe, Inc.

Based in San Jose, CA, CoverMe, Inc. is the developer of CoverMe, the most secure private texting, document sharing and phone call app available for iOS and Android mobile devices. With military-grade encryption, CoverMe delivers a safe and easy way of sharing private messages, phone calls, sensitive documents, photos, and videos so that users can rest assured that their private personal and professional content will remain private. Launching with over 500,000 users, CoverMe is ideal for all mobile device users from families that want to keep their personal lives and content private to professionals that need to insure private company and customer information is secure.

Article source: http://www.darkreading.com/authentication/coverme-private-texting-document-sharing/240163510

The crooks behind the CryptoLocker malware seem to have introduced a second chance option.

Victims, it seems, can now change their minds about not paying up.

Assume you were a victim of this devious malware, and decided, “No! I will not pay!”

Imagine that you’ve done a full cleanup; removed the malware from memory, hard disk and Windows registry; and gone to see what you can recover from your backup disks.

Now imagine that you are having malware cleaner’s remorse.

Perhaps paying $300 would have been the pragmatic approach?

→ As we’ve been saying, our recommendation is not to pay up, but we also have to admit that it’s easy for people who haven’t had their favourite files scrambled to take that attitude.

Perhaps you had the malware for longer than you realised, and the backups you thought would help are scrambled?

Perhaps your infected computer had access to documents on a server at the office, and ruined other people’s files, too?

In short, perhaps you’d like a chance to change your mind?

Enter the CryptoLocker Decryption Service:

This service allow you to purchase private key and decrypter for files encrypted by CryptoLocker.

If you already purchased private key using CryptoLocker, then you can download private key and decrypter for FREE.

Select any encrypted file and click “Upload” button.

The first 1024 bytes of the file will be uploaded to the server for search the associated private key. The search can take up to 24 hours.

IMMEDIATELY AFTER UPLOADING FILE TO THE SERVER, YOU RECEIVE YOUR ORDER NUMBER. YOU CAN USE THIS NUMBER TO CHECK STATUS OF ORDER.

OR if you already know your order number, you may enter it into the form below.

Apparently the crooks will now let you buy back your key even if you didn’t follow their original instructions.

Word on the street, however, is that the crooks want five times as much as they were charging originally to decrypt your data after you change your mind

The cost of is now 10 Bitcoins instead of the 2 Bitcoins they were after at the start – a sort of late payment penalty, like the taxation office imposes.

According to this latest website, you send them the first 1024 bytes of any encrypted file in order to determine your eligibilty for the new “service,” and then wait up to 24 hours.

We’re guessing that the delay is because the crooks have to run a brute force attack against themselves.

Without your public key to help them match up your keypair in their database, it sounds as though they have to try to decrypting your data with every stored private key until they hit one that produces a plausible result.

They’re not actually saying whether this new service works even if the 72 hour deadline imposed at the start has expired.

The implication, however, is that it will – not least because the 24-hour delay needed to process your “order” would otherwise reduce that deadline to 48 hours, cutting down their window for extortion substantially.

Furthermore, those 48 hours would have to include the time for you to clean up, find that you couldn’t recover by more palatable means than the initial threat, change your mind, and contact the “second chance” website.

If so, the crooks’ original claim was bogus all along:

The single copy of the private key, which will allow you to decrypt the files, located on a secret server on the Internet; the server will destroy the key after a time specified in this window. After that, nobody and never will be able to restore files.

Nobody and never, eh?

We’re still saying, “Don’t buy,” but we’re feeling your pain enough to know how tempting it will be for some people to pay the crooks, even though the blackmail charges have now ballooned to more than $2000.

In the meantime, if you’ve decided not to pay – or have escaped the depredations of these crooks so far – we urge you to check out our advice:

• Destructive malware “CryptoLocker” on the loose – here’s what to do
• CryptoLocker ransomware – see how it works, learn about prevention, cleanup and recovery

Follow @duckblog

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/5oEdgam-E6E/