STE WILLIAMS

Email delivery: Hate phishing emails? You’ll love DMARC

Former Silk Roaders say they are preparing to open new anonymous online drug bazaars after last week’s collapse of the illicit Tor marketplace. Meanwhile, drug dealers appear to have taken fright after the takedown of the hidden website.

The shadowy online community that formed around the Silk Road has been thrown into disarray since the arrest of Ross Ulbricht, whom the FBI has accused of being the so-called “Dread Pirate Roberts”, the username of the person who appeared to have run the hidden drug bazaar. El Reg notes that Ulbricht has denied all charges.

The Register has been told there are at least five people or organisations now making efforts to rebuild the Silk Road, although this figure is likely to be far higher.

Speaking on hidden forums, a user calling himself The Godfather has called for contributors to help build “Silk Road 2.0”. His credibility is high on the “dark net” (so-called because private internets can be set up and taken down outside the view of any authorities) and he has been linked to Silk Road for almost two years.

The underground “activist” wrote:

Know this when I say: ‘This is not the end, this is just the beginning.’ We will come out with a newer, sleeker, more secure version of Silk Road that will be 100% untraceable.

Why will this Silk Road be better? From the get-go, we have only made communications with each other through TOR so we all remain completely anonymous, even to each other. LONG LIVE SILK ROAD!!!!!!!!!

Some drug dealers have simply moved to other anonymous online services to beat the police, with an alternative market called Sheep now listing roughly three times as many drugs vendors as before the demise of Silk Road, according to the administrator of yet another anonymous drugs market, Atlantis.

He or she wrote: “I can’t help but get the feeling DPR [Dread Pirate Roberts] would be relatively happy… as his legion of vendors and customers scramble to re-establish contact on other marketplaces.”

Dark Webbers have expressed significant support for Ulbricht, the suspect accused by the Feds of being the mastermind behind the site. The “activists” have pledged financial support (in the form of Bitcoins) to help pay his legal bills.

US-based drug users on the messageboards claimed to be able to get drugs fairly easily, while users who said they were British have claimed there is a shortage of dealers following the collapse of the Silk Road.

Anyone who used to sell drugs on the website is likely to have been spooked by the shutdown of Silk Road and may be less likely to put their trust in the anonymity dark web users once took for granted. ®

Supercharge your infrastructure

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/10/08/silk_road_2_point_0/

Email delivery: Hate phishing emails? You’ll love DMARC

A popular mobile ad library used by multiple Android apps poses a severe malware threat, researchers at infosec firm FireEye have warned. The security researchers said that altogether 200 million affected apps had been downloaded.

This ad library aggressively collects sensitive data and is able to perform dangerous operations such as calling home to a command-and-control server before downloading and running secondary components on demand.

Mobile ad libraries are third-party software included by host apps in order to display ads. Because this library could potentially be used to conduct large-scale attacks on millions of users, FireEye refers to it anonymously by the code name “Vulna” rather than revealing its true identity.

An analysis of the most popular apps (those with over one million downloads) on Google Play reveals that 1.8 per cent of them used “Vulna”. The potentially affected apps have been downloaded more than 200 million times in total.

FireEye catalogues a variety of built-in aggressive behaviours which, in addition to vulnerabilities with the technology, make Vulna a threat.

Though it is widely known that ad libraries present privacy risks such as collecting device identifiers (IMEI, IMSI, etc.) and location information, Vulna presents far more severe security issues. First, Vulna is aggressive – if instructed by its server, it will collect sensitive information such as text messages, phone call history, and contacts. It also performs dangerous operations such as executing dynamically downloaded code.

Second, Vulna contains a number of diverse vulnerabilities. These vulnerabilities, when exploited, allow an attacker to utilize Vulna’s risky and aggressive functionality to conduct malicious activity, such as turning on the camera and taking pictures without the user’s knowledge, stealing two-factor authentication tokens sent via SMS, or turning the device into part of a botnet.

A blog post by FireEye warns that Vulna is also “plagued with various classes of vulnerabilities that enable attackers to turn Vulna’s aggressive behaviours against users”.

Security shortcomings of the software include its use of unsecured HTTP for receiving commands and the dynamic loading of code from its control server.

FireEye said that it has notified both Google and the developer of the software about the threat.

“We’ve notified both Google and the vendor of the ad library and given them the list of apps which are impacted by these issues,” Dr Tao Wei, a senior research scientist at FireEye, told El Reg. “They have confirmed the issues and are actively working on addressing these issues. The vendor of the ad library is in the process of notifying the developers using their library to upgrade to the latest version which fixes many of the security issues we addressed.

“In the meantime, detailed information will be provided to FireEye’s customers to protect them from potential attacks.”

We asked Google for comment on Monday but are yet to hear back. We’ll update the story as and when we hear more. ®

Supercharge your infrastructure

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/10/08/android_ad_peril/

ORLANDO, Fla., October 8, 2013 – Unisys Corporation (NYSE: UIS) announced today the availability of its Unisys Stealthtrade for Mobile solution to address the major security concerns facing enterprises as growing numbers of their employees use consumer devices at work.

Within the next two years, hundreds of millions of people are expected to be using smartphones for work – many of which will be employee-owned devices. The rapid proliferation of such bring-your-own devices (BYOD) in the workplace has resulted in an alarming increase in cybersecurity risks.

Unisys Stealth for Mobile enables secure access from data centers to the applications on mobile devices. The solution grants users access rights based on identity, to help ensure authorized users reach or have visibility to only the information they are approved to access or see.

Unisys Stealth for Mobile, announced at the Gartner Symposium/ITxpo 2013 being held here, is the latest member of a growing family of Unisys Stealth cybersecurity products. Unisys Stealth uses advanced data cloaking and encryption techniques to help organizations mitigate cybersecurity attacks and hacker incidents by rendering devices, data, and end users virtually invisible on the network. The solution creates secure user communities within an enterprise where only authorized users can access or see information.

“Stealth for Mobile allows enterprises to capitalize on the productivity gains and customer service improvements associated with mobility and consumerization of IT, while increasing assurance that their critical data remains safe,” said Rod Sapp, vice president of products and technology, Unisys. “Unlike other security solutions such as virtual private networks, Unisys Stealth for Mobile cryptographically protects data all the way to the application – a much more secure approach for BYOD environments.”

The new solution combines Unisys Stealth technology with application wrapping security software that allows users to define specific security policies on a per-mobile application basis. Unisys Stealth for Mobile then adds a layer of identity-based security that gives users access and visibility rights to only the assets within the data center they are entitled to access and see.

Unisys Stealth for Mobile is easy to implement, requiring no new code or application changes. The solution is transparent to end users, who will have the same access rights no matter which device they use to access the data center.

Unisys has entered into a worldwide reseller agreement to offer Mocana MAP, a leading application wrapping software, in connection with Stealth for Mobile. Unisys also is a customer of Mocana MAP, in support of Unisys internal mobile initiatives.

Follow Unisys on Twitter.

About Unisys

Unisys is a worldwide information technology company. We provide a portfolio of IT services, software, and technology that solves critical problems for clients. We specialize in helping clients secure their operations, increase the efficiency and utilization of their data centers, enhance support to their end users and constituents, and modernize their enterprise applications. To provide these services and solutions, we bring together offerings and capabilities in outsourcing services, systems integration and consulting services, infrastructure services, maintenance services, and high-end server technology. With approximately 22,500 employees, Unisys serves commercial organizations and government agencies throughout the world. For more information, visit www.unisys.com.

Article source: http://www.darkreading.com/applications/unisys-announces-stealth-solution-to-pro/240162367

.conf2013, LAS VEGAS – October 1, 2013 Splunk Inc. (NASDAQ: SPLK), the leading software platform for real-time operational intelligence, today announced the general availability (GA) of Splunk Cloudtrade, a new service that delivers Splunk Enterprise in the cloud. Organizations can now access Splunk Cloud to gain visibility and operational insights into their machine-generated big data in the cloud, as well as correlate this data across their cloud and on-premises environments. With the introduction of Splunk Cloud for large-scale production environments, Splunk Storm, the cloud-based service introduced last year, will significantly expand its free developer offerings to 20GB of total storage per month.

“We are expanding our offering because we heard our customers loud and clear – they want Splunk Enterprise as a cloud service,” said Dejan Deklich, vice president of cloud engineering, Splunk. “Delivering the enterprise-class Splunk Cloud, based on award-winning, patented technology, enabled us to also make Splunk Storm free. This is exciting because we are now giving a free service to developers who have to pay for the same results from other vendors.”

“The Splunk vision of delivering its software as a service across any type of user scenario allows its customers greater choice,” said Dennis Callaghan, senior analyst, 451 Research. “By providing an enterprise-class cloud service with all of the features of its flagship product, Splunk is making a strong statement about doing business in the cloud and looks to cement its position as a leader in the operational intelligence market, across all modes of delivery.”

Splunk Cloud, powered by Amazon Web Services (AWS), includes access to all features of the award-winning Splunk Enterprise platform including apps, APIs, alerting and role-based access controls. Splunk Cloud supports all core Splunk Enterprise use cases including application management, digital intelligence, IT operations management, security and more. Splunk Cloud also integrates with on-premises deployments of Splunk to deliver visibility into operational status, KPIs and security postures across all environments.

Customers Gain Operational Intelligence with Splunk Cloud

Funtomic, a leading games company, uses operational intelligence provided by Splunk Cloud to monitor the performance, availability and user experience of its website and games, while also visualizing analytics to measure the effectiveness of ad campaigns.

“Splunk Cloud is giving us unprecedented insights into the way users are utilizing our websites and mobile games by monitoring A/B website testing data to track performance and user behavior,” said Leeor Aharon, chief technology officer, Funtomic. “The flexibility of analytics from Splunk Cloud helps us track and alert marketing performance while also understanding user behavior to optimize their experience. Splunk Cloud has been outstanding in supporting the needs of DevOps and business users at Funtomic.”

White Ops, a digital advertising and security provider, uses Splunk Cloud as a security analytics platform to detect digital advertising impressions that are fraudulently made by bots, delivering actionable intelligence they use to rationalize media spending on behalf of their customers.

“Splunk Cloud is critical to our bot detection operations,” said Tamer Hassan, chief technical officer, White Ops. “It helps us fight crime by catching malicious traffic, both online and on enterprise networks. Splunk Cloud lets us use the full potential of Splunk Enterprise, and helps us do the number-crunching and deep analysis of massive traffic flows that we need to do to catch the bad guys, without having to install or manage any infrastructure.”

Splunk Cloud is available on an annual subscription basis, with plans available from 50 GB/day up through one Terabyte per day of machine data, with custom options available outside that range.

“Splunk, like AWS, is an innovative and disruptive technology,” said Terry Wise, Director, Worldwide Partner Ecosystem, AWS. “As the cloud provider of choice for the Splunk Cloud service, AWS is excited to offer our enterprise customers the ability to gain deeper operational intelligence from their AWS-based applications.”

Please contact Splunk sales if you are interested in learning more. To sign up for a free Splunk Storm account, visit the Splunk Storm website.

About Splunk Inc.

Splunk Inc. (NASDAQ: SPLK) provides the engine for machine datatrade. Splunk software collects, indexes and harnesses the machine-generated big data coming from the websites, applications, servers, networks, sensors and mobile devices that power business. Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. More than 6,000 enterprises, universities, government agencies and service providers in over 90 countries use Splunk Enterprise to gain Operational Intelligence that deepens business and customer understanding, improves service and uptime, reduces cost and mitigates cybersecurity risk. Splunk Cloud trade is a service that delivers Splunk Enterprise in the cloud for large scale production environments. Splunk Storm, a cloud-based subscription service, is used by organizations developing and running applications in the cloud.

To learn more, please visit www.splunk.com/company.

Article source: http://www.darkreading.com/management/splunk-announces-general-availability-of/240162368

HANOVER, Md., October 8, 2013 — Hexis Cyber Solutions (Hexis), a subsidiary of KEYW Corporation (NASDAQ: KEYW), today unveiled HawkEye G, the industry’s first truly active defense solution to detect stealthy advanced cyber threats and take automatic action to remove the threats from the network. By delivering fast detection of advanced attacks — from botnets and malware to advanced persistent threats (APTs) – and then applying automated countermeasures to remove these cyber threats, HawkEye G protects today’s networks at digital speeds.

Drawing on experience from supporting the U.S. Government as well as state of the art big data capabilities, Hexis designed HawkEye G to directly combat the tools, techniques, and procedures of the most advanced attackers. This breakthrough technology takes the guesswork out of active defense by detecting, diagnosing and removing cyber threats within the network before they can compromise intellectual property or disrupt the business. HawkEye G sets itself apart from other defense tools by combining intelligence and defense capabilities with a continuous capability delivery service that enables the HawkEye G system to evolve as quickly as the threat environment evolves.

“By leveraging KEYW’s legacy, Hexis Cyber Solutions is changing the way customers address their protection efforts,” said Len Moodispaw, Chairman and CEO of KEYW Corporation. “With the best possible detection techniques and unmatched automated countermeasures, we are empowering our customers to thwart their adversaries.”

HawkEye G’s unique collection, detection and defense capabilities empower users to detect, engage and remove threats:

Detect: Leveraging an embedded high performance event data warehouse and the most advanced analytics to date, HawkEye G detects in seconds and minutes what used to be virtually invisible.

Engage: HawkEye G gathers diagnostic intelligence to confirm malware’s presence, and determine the removal strategy.

Remove: HawkEye G eradicates threats in near real time, launching a spectrum of cyber countermeasures to mitigate the threat.

“Network owners today do everything possible to defend their perimeter – and they should – but still the threat gets in,” stated Chris Fedde, the President of Hexis. “HawkEye G was purpose-built to find and remove that threat before it compromises the network. In addition, the analytics that are applied to the spectrum of network behavior means that high quality security awareness is constantly available to the network operator.”

In addition to HawkEye G, the HawkEye family of products encompasses HawkEye AP, the Analytics Platform, for applications including suspicious behavior detection, log management, call detail record/internet protocol data record management, and risk and compliance applications.

For more information, please visit Hexis Cyber Solutions at www.hexiscyber.com where data sheets and white papers describing our solutions can be downloaded.

About Hexis Cyber Solutions

Hexis Cyber Solutions, Inc., a subsidiary of The KEYW Corporation (Nasdaq:KEYW) based in Hanover, Maryland, provides complete cybersecurity solutions for commercial companies, government agencies, and the Intelligence Community (IC).

Our mission is to ensure that business IT infrastructure is equipped with tools and capability to detect, engage, and remove both external and internal cyber threats. Cyber terrorists, organized crime, and foreign governments focus tremendous effort on commercial, government, and military interests as their prime target. Hexis Cyber Solutions’ HawkEye family of products offer active, multi-disciplined approaches to achieve a higher standard of cybersecurity that is based on our expertise supporting our nation’s cybersecurity missions to ensure that your business or organization can operate at its maximum potential. For more information contact Hexis Cyber Solutions, 7740 Milestone Parkway, Suite 400, Hanover, Maryland 21076; Phone 443-733-1900; Fax 443-733-1901; E-mail [email protected]; or on the Web at www.hexiscyber.com.

About KEYW

KEYW provides agile cyber superiority, cybersecurity, and geospatial intelligence solutions for U.S. Government intelligence and defense customers and commercial enterprises. We create our solutions by combining our services and expertise with hardware, software, and proprietary technology to meet our customers’ requirements. For more information contact KEYW Corporation, 7740 Milestone Parkway, Suite 400, Hanover, Maryland 21076; Phone 443-733-1600; Fax 443-733-1601; [email protected]; or on the Web at www.keywcorp.com.

Article source: http://www.darkreading.com/management/hexis-cyber-solutions-launches-intellige/240162351

SUNNYVALE, Calif. – October 8, 2013 – Today, Marble Security announced a series of updates to its mobile security platform that includes advanced mobile app scanning, secure browsing, real-time analytics and essential mobile device management (MDM) capabilities as well as support for new security features in iOS 7.

“The fact is sinking in that plain old MDM does not solve the mobile security problem,” said Marble Security Founder and CTO David Jevans. “What is resonating with the IT and security teams we are working with is that we put security first and address the problem holistically with a unique combination of technologies that go beyond just managing mobile devices to actually securing them. Plus, as a cloud service, they like how easy it is to set up and manage. They can get going in a few hours and spend only minutes a day keeping their network and mobile users safe.”

Enterprises are starting to face up to the reality that traditional MDM solutions do not protect their mobile perimeter. At the same time, mobile malware and phishing attacks have more than doubled, increasing the risks of BYOD and mobile access. Marble addresses these problems directly with its next generation mobile security cloud service, and in the new release, Marble is amping up its effective defense of enterprise mobile perimeters with more than four-dozen new and enhanced features spanning every aspect of the platform including devices, users, network connections and risk-based access control.

Mobile App Scanning/Device Security features in Marble for Android and iOS devices actively protect against malware and phishing, enforce security policies and create a real-time risk score used with Marble’s Mobile Perimeter Defensetrade (MPD) risk-scoring technology to control network access. Advances include:

Device-level app scanning is now integrated with the risk scoring and policy engines and continually monitored, enabling enforcement of security policies on customer-owned devices based on the actual installed apps

Mobile apps are scanned continually anytime they have Internet access, enabling instant remediation of dangerous apps

Improved user alerts help reinforce safe user behavior and let employees know when they have problems with a device and what to do about it

Marble Secure Browser provides an isolated, highly controlled browsing environment on mobile devices. Additional features include:

Enabling strict control of user browsing behavior within the secure browser

Protecting against malware on the device or in the network connection, such as a compromised Wi-Fi hotspot

Providing data loss prevention (DLP) features such as blocking printing and file downloads to prevent data leakage

Marble Network is a secure, hosted virtual private network (VPN) that isolates users from network attacks like man-in-the-middle, re-directs, phishing and wireless eavesdropping. New capabilities include:

Expanded URL, IP address and Domain Name System (DNS) blacklists of malicious websites, updated in real time from global sources, block users from visiting dangerous websites

Private DNS service assures all network traffic is secure and prevents site spoofing

Auto-notifications alert users to make them more aware of risks and help improve their behavior

Essential MDM has added new MDM features to the Marble platform for organizations that have not yet deployed MDM or are looking to replace their existing MDM solution with a more secure, less expensive, all-in-one solution. Updates include:

Administrator capabilities to enforce minimum levels of passcode security policies on a user’s device and passwords on the Marble app

Control over employees’ mobile SD cards or cameras to turn them on and off to enforce security policies

Ability to remotely lock devices or wipe data from them

Detection of jailbroken or rooted devices

Marble Control lets administrators set and enforce risk-based policies, control mobile security through dashboards and run risk analytics and compliance reports. New features include:

Advanced device-level controls and higher levels of auto-remediation, making risk-scores more actionable

Improved at-a-glance visualization, making risk-scores more informative

Interactive dashboards that enable admins to assess their entire network and drill down to specific device problems, reducing mobile security operations to just minutes a day

Automatic email alerts notify admins of critical situations, simplifying management

Enhanced big data analytics and real-time updating, allowing admins to take a holistic approach in managing user behavior and identifying those users most likely to be at risk

Streamlined on-boarding, reducing time needed to on-board users to minutes

Geo-fencing, allowing administrators to control access based on physical locations of mobile devices

iOS 7 adds many enterprise-class security features that Marble will support to improve security of and control over Apple mobile devices and users. Additionally, many of these features that move MDM-type capabilities into the Apple operating system can be managed through Marble, simplifying the management of mobile devices. Some of these new capabilities include:

Marble will support “Open In” management to enable administrators to restrict a user to open and save certain files types, such as word documents, for example, in the Marble App

With per-app VPN, policies can specify which apps must use the Marble network, providing more granular control

With streamlined MDM enrollment, organization owned and issued devices can be preloaded with Marble

More information about Marble mobile device security is available at www.marblesecurity.com or by calling (408) 737-4300.

About Marble Security

Marble Security, Inc., offers a mobile security cloud service that protects against the ever-changing threats unleashed into enterprises by mobile devices. Simple to use and deploy, the Marble cloud service includes patented, adaptive protection to eliminate risks to corporate data, networks and applications. Criminals, competitors and hostile governments target enterprises and end users with an ever more sophisticated array of attacks. The BYOD workforce is particularly at risk. Marble secures mobile workers’ access to corporate and public networks and cloud services on Android and iOS mobile devices, as well as Macs and Windows PCs, and offers more comprehensive protection than any other solution on the market.

Article source: http://www.darkreading.com/mobile/marble-updates-next-generation-mobile-se/240162369

• 

  10 Key Compliance Pitfalls – and How to Avoid Them

  Regulatory compliance is a concern among many – if not most – organizations these days. Getting and staying compliant according to industry and government mandates is complicated. The regulations themselves are complex, they often conflict with other business and technology concerns, and they require a level of staffing and expertise that organizations often lack internally. If you’re having trouble when it comes to compliance, you’re not alone. Indeed, organizations often share the same compliance pain points. In this Dark Reading report, we list the most common issues that organizations run up against and provide recommendations for overcoming or even avoiding them.

• 

  Assessing Risk In Your Enterprise Compliance Initiative

  Risk is a factor in any enterprise, and managing that risk is always a challenge. In regulated industries, however, the challenge is heightened by goals that sometimes overlap but more often do not. In this Dark Reading report, we examine the general considerations organizations must make when putting risk into a compliance context, as well as recommend specific strategies for leveraging organizational risk management work to achieve compliance goals.

• 

  Achieving Compliance In The Smart Grid

  In most industries, compliance mandates can feel like more of an annoyance than a necessity. In the energy business, strict compliance mandates could be all that stands between business as usual and a catastrophic, long-term power outage. Standards regulating the smart grid, are rightly stringent and often difficult to meet, but they can be modified and leveraged by organizations in all industries to lock down corporate and customer assets.

Other reports from the Compliance Tech Center:

• The Secret World of Compliance Auditors
• How To Boost Security Via FFIEC Compliance
• Keeping Compliance In Check
• FISMA Lifts All Compliance Boats
• Security Via HIPAA Compliance
• Security via SOX Compliance
• Security via PCI Compliance? Yes, If You Play Your Cards Right

Article source: http://www.darkreading.com/privacy/hitrust-and-thsa-partner-to-help-texas-t/240162353

.conf2013, LAS VEGAS – October 1, 2013 – Splunk Inc. (NASDAQ: SPLK), the leading software platform for real-time operational intelligence, today announced the general availability of Splunk Enterprise 6, the latest version of the company’s award-winning platform for machine data. Splunk Enterprise 6 delivers powerful and fast analytics, up to 1,000 times faster than previous versions, and patent-pending technology designed to quickly unlock the value of machine data to IT and business users alike. Download Splunk Enterprise 6 and join Splunk Chairman and CEO Godfrey Sullivan today, Tuesday, Oct. 1, for the first public demonstration of Splunk Enterprise 6 during the keynote session at .conf2013, the fourth annual Splunk Worldwide Users’ Conference. The keynote begins at 9 a.m. PT. Register now to watch the live feed of the keynote.

“Too many organizations are still struggling with a data divide between IT and the business,” said Sullivan. “At Splunk, we understand that the most successful organizations in the world give equal access to the data, regardless of skill level, to drive smart decisions that have true business impact. This is what inspired our product team to build Splunk Enterprise 6. We believe that everyone in the organization, from the system administrator to the C-level executive, should be empowered to find that ‘aha’ moment. Splunk Enterprise 6 bridges the data divide and unifies IT and business users around the tremendous value and ROI to be found in machine data.”

“Splunk Enterprise 6 is the platform for machine data for everyone, with powerful analytics and performance that unlock machine data insights to an entirely new set of users,” said Guido Schroeder, senior vice president of products, Splunk. “With an enhanced user experience, simple management of enterprise deployments and a rich developer environment, Splunk Enterprise 6 gives technical users the ability to define the meaningful relationships in the underlying data, enabling business users and analysts to easily manipulate and visualize data in a simple drag-and-drop interface. All of this, with amazing performance on low-cost commodity hardware.”

“Splunk Enterprise 6 signals a major evolution to the Splunk story, one that could introduce the platform to a new set of users,” said Eric Hanselman, chief analyst, 451 Research. “Business users want and need to use software that makes it easier to dig deeper into analytic tasks without the help of IT or knowledge of coding and query languages. Those who’ve been using the Splunk product for years will benefit from usability and management enhancements that will make their Splunk lives easier and more productive. By providing machine data analytics to a new set of users and an improved user experience, Splunk Enterprise 6 has value for both audiences.”

Customers Deliver Analytics Beyond IT with Splunk Enterprise 6

More than 250 customers and partners participated in the Splunk Enterprise 6 beta program. The response to new analytics features including, among others, data models and pivot has been overwhelmingly positive.

“At PostFinance, exceptional customer service has kept us in business for over 100 years. Splunk Enterprise gives us insights from our data that help us deliver a great online experience,” said Roger Bigler, team leader for Splunk, PostFinance. “Splunk Enterprise 6 provides a more powerful yet incredibly easy-to-use way to interact with and visualize machine-generated business data so we can share consistent views of the data, increasing the speed with which we deliver service to our customers.”

“Security analysts at Oak Ridge National Laboratory utilize Splunk Enterprise to analyze large volumes of diverse machine data streaming in real time,” said Jesse Trucks, cyber security engineer, Oak Ridge National Laboratory. “It is vital these analysts be able to directly manipulate and interact with the data to quickly obtain operational security intelligence. Splunk Enterprise 6 will enable many more analysts to discover patterns and generate information from our data with the new visualization capabilities.”

“The core value of Splunk Enterprise 6 goes beyond our IT engineers.It presents a significant opportunity for business users and developers to eliminate their fear of data,” said Chulhyun Cho, e-commerce development team leader, CJ O Shopping. “We expect a dramatic increase in the number of business users that will use the platform thanks to the new analytics features. For advanced Splunk users, pivot powered by data models makes it incredibly easy to build dynamic dashboards and fluid visualizations, which means our analysts can manipulate any data they want to analyze.Splunk Enterprise 6 is also very attractive to developers because it makes it easier to build insightful visualizations for our internal users.”

Click here to read all of the customer and partner testimonials.

Innovations Deliver Powerful Analytics Anyone Can Use

Splunk Enterprise 6 introduces three innovations that make analytics dramatically faster and easier for existing users. These breakthroughs also open up the value of gaining insights from machine data to an entirely new audience of business users:

Pivot opens up the power of analytics to non-technical business users and analysts with a simple drag-and-drop interface to explore, manipulate and visualize data. This includes the ability to click and drag pre-built visualizations and quickly build complex queries and reports without learning a query language.

Data Models provide for a more meaningful representation of underlying machine data and a deeper understanding of relationships in the data, making this data more useful to a broader base of users.

High Performance Analytics Store is a patent-pending transparent acceleration technology that delivers analytics performance up to 1,000 times faster than any previous version of Splunk Enterprise.

New User Experience and Simplified Management

Splunk Enterprise 6 includes powerful productivity features for users with a completely redesigned user experience that delivers simpler, more intuitive actions. The new home experience is easy to personalize and gives users instant access to the data, apps and content they care about. An enhanced search experience brings search and reporting together so users can author rich, dynamic reports and build visualizations, tables and custom searches faster than ever before.

Splunk Enterprise 6 is easier to deploy, configure and manage, even as customers scale out their mission-critical Splunk Enterprise deployments. It also adds a more powerful developer environment with an integrated web framework:

Simplified Cluster Management delivers easier management of mission-critical Splunk software deployments by monitoring high availability, automating search workloads and making it easier to deploy apps. Everything the Splunk admin needs to know can be monitored on a centralized dashboard.

Forwarder Management supports big data scale with easy configuration and visual management of thousands of forwarder configurations across multiple geographies.

Enhanced Dashboard Editing lets users build interactive dashboards and user workflows without writing advanced code and enables one-click access to develop in the Splunk web framework.

The Integrated Web Framework enables developers to quickly and efficiently build custom Splunk apps, customize dashboards or add advanced functionality using standard web technologies such as JavaScript and Django.

Download Splunk Enterprise 6 today and learn more by watching the Splunk Enterprise 6 video.

About Splunk Inc.

Splunk Inc. (NASDAQ: SPLK) provides the engine for machine datatrade. Splunk software collects, indexes and harnesses the machine-generated big data coming from the websites, applications, servers, networks, sensors and mobile devices that power business. Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. More than 6,000 enterprises, universities, government agencies and service providers in over 90 countries use Splunk Enterprise to gain Operational Intelligence that deepens business and customer understanding, improves service and uptime, reduces cost and mitigates cybersecurity risk. Splunk Cloud trade is a service that delivers Splunk Enterprise in the cloud for large scale production environments. Splunk Storm, a cloud-based subscription service, is used by organizations developing and running applications in the cloud.

To learn more, please visit www.splunk.com/company.

Article source: http://www.darkreading.com/splunk-enterprise-6-bridges-data-divide/240162370

RIDGELAND, Miss., Oct. 8, 2013 /PRNewswire/ — SecureBuy, a leader in global payment fraud prevention and security technology, announces today that it has developed technology to advance the 3-D Secure payer authentication process for merchants also known as Verified by Visa and MasterCard SecureCode(TM).

3-D Secure payer authentication is used globally by merchants of all sizes as an added layer of security to reduce online payment fraud. According to the 2013 True Cost of Fraud study by LexisNexis, 15% of all merchants and 35% of large merchants in the U.S. deploy 3-D Secure. This data clearly demonstrates that merchants understand the need and realize the benefits of 3-D Secure / payer authentication. 3-D Secure is the only authentication solution available to merchants that allows them to authenticate a consumer at the time of checkout directly with the consumers’ issuing bank. Additionally, as part of the 3-D Secure process, the merchant has the ability to receive interchange advantages (lower processing fees) and to shift the financial liability to the cardholders’

bank.

The new SecureBuy technology addresses the issue of merchants retaining liability for transactions even after receiving an “authenticated” 3-D Secure response code from the cardholders’ issuing bank at the time of authentication.

Currently, merchants would have to manually review the issuing banks response code AND the payment gateway authorization response code to be able to identify if the issuing bank accepted or rejected the financial liability of any given transaction in a post mortem environment.

SecureBuy has developed a patent pending 3DS Decision Engine to increase the automated efficiencies of any 3-D Secure MPI for merchants. SecureBuy’s 3DS Decision Engine provides merchants the ability to accept or reject transactions where the cardholders’ bank isn’t taking on the liability. If the 3DS Decision Engine detects the liability shift does not take place, the consumer can be prompted to present another card for payment. The 3-D Secure authentication process could then be applied to the new presented card. By automating the entire 3-D Secure risk assessment process, the merchant is able to lower their overall risk exposure and reduce chargebacks. Merchants improve the consumer experience by removing the manual review process and eliminating false positives or inadvertent customer “insults.”

“The 3-D Secure authentication and authorization processes may seem complex to merchants, but 3-D Secure MPIs and the SecureBuy 3DS Decision Engine are relatively easy to implement. Once in place the automation handles all of the heavy lifting for the merchant,” states Greg Wooten, CEO of SecureBuy.

About SecureBuy – A SignatureLink Company SecureBuy (www.securebuycommerce.com) is a wholly owned subsidiary of SignatureLink, Inc. Founded in 2002; SecureBuy is an established eCommerce cyber-security and technology company, a payment fraud prevention pioneer and leader. With a unifying focus on reducing the risk of eCommerce for customers, merchants and processors, SecureBuy solutions extend from payment fraud prevention to identity authentication and globally hosted real-time eCommerce cyber-security solutions.

Article source: http://www.darkreading.com/end-user/securebuy-develops-technology-to-advance/240162371

For at least the past two months, scammers have been hawking football shirts, Ugg shoes and Armani perfume from hacked US government pages that are actually supposed to provide services such as mental health counseling, suicide prevention and help for drug addicts, the Weekly Standard reported on Friday.

The hacked website pages, many of which are now showing 404 “page not found” errors, belong to the Substance Abuse and Mental Health Services Administration (SAMHSA).

SAMHSA is an agency of the US Department of Health and Human Services (HHS) and is responsible for running the new Obamacare insurance marketplace, Healthcare.gov.

The hacked pages were hawking merchandise such as National Football League (NFL) jerseys, Ugg shoes and Armani goods – specifically, fragrances, the Weekly Standard reports.

Weekly Standard’s site features screen captures of the various pages.

This is a partial screen snapshot of http://nace.samhsa.gov/images/img5/index.asp as it appeared on 28 September 2013. The whole thing can be seen here.

According to the Weekly Standard, clicking on the hacked pages in some cases took users directly to an external website, while at other times, certain functions seemed to operate within the samhsa.gov site itself.

The news site found that at the time it investigated the hacked sites, two domains were registered in the United States and one was registered in China.

All of the hacked pages that the Weekly Standard uncovered were under the subdomain nace.samhsa.gov, which is the Native American Center for Excellence. As of Monday morning, the main site was showing a message saying that it was undergoing maintenance.

The first breach dates back to 29 July 2013.

After the story was initially posted, the nace.samhsa.gov site returned an error message saying that the site could not be found, but the message later changed to this message, replete with a suspicious misspelling:

This site is undgoing maintenance. We are sorry for any inconvenience this has caused you.

The wonky spelling on the error message may well indicate that there are more hijinks going on than maintenance.

I wrote to SAMHSA to find out if the agency is aware of its hacked pages, if it’s actually fixing the problem, and why/how the hackers have managed to hawk boots for two months without being detected.

I hadn’t heard back by the time this article posted.

In the meantime, steer clear of counterfeit goods.

As Sophos’s Chester Wisniewski noted back in August 2011 when he wrote about Apple hiring a fake-Viagra expert to stop counterfeit iDevices, you’re not just running the risk of substandard quality with fake products.

In the case of fake computing gear, Sophos gets ample reports from consumers who’ve picked up cheap “third shift” products that are infected with malware directly from the factory, he said at the time.

You won’t get malware from fake, fashionable, fuzzy boots, but should you trust your credit card data to the people who sell them?

To quote my current favorite phrase from The Oatmeal comic, that sounds like a nice tall glass of “nope.”

Follow @LisaVaas

Follow @NakedSecurity

Image of Ugg boots courtesy of Flickr user marie-II under Creative Commons license.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/jO0aNHTWEd0/