STE WILLIAMS

San Mateo, Calif., (September 5, 2013) – AlienVault, the leading provider of Unified Security Managementtrade solutions and crowd-sourced threat intelligence, today announced a $26.5 million Series D funding round led by GGV Capital, with strong participation from existing investors Trident Capital, Kleiner Perkins Caufield Byers (KPCB), Sigma West and Adara Venture Partners, and new investors Top Tier Capital and Correlation Ventures. The funding will be used to scale the company’s global sales and marketing programs in response to high demand for its products. Funds will also be used for continued investments in product innovation and expansion of AlienVault’s Open Threat Exchange.

“AlienVault’s ability to deliver on the promise of complete, simple and affordable security visibility and threat intelligence products for businesses of any size or scale has been strongly demonstrated over the past year that we’ve gotten to know the company,” said Glenn Solomon, Partner at GGV Capital. “At GGV, we strive to invest in companies that can create and lead large new global market opportunities. AlienVault’s management team is well on its way to building the clear leader in Unified Security Management. The company’s strong executive team and board, compelling market need, devoted customer references and rapid growth combine to make AlienVault a very exciting investment for GGV.”

AlienVault’s Unified Security Management (USM) platform is a collection of the best open source tools for asset discovery, vulnerability assessment, threat detection, behavioral monitoring and security intelligence. These essential security capabilities are pre-integrated and tuned to provide complete security visibility and threat management through an easy-to-use management console. The product is available as a Virtual Appliance, a Hardware Appliance and as an Amazon AMI.

The new Series D round of funding comes at a time of continued rapid growth for AlienVault, as the company is on target to more than double bookings for the third year in a row. With over 100% growth in net new customers in 2013 and thousands of free product trials being downloaded each quarter, AlienVault has seen strong adoption of its Unified Security Management platform, as well as great participation in its Open Threat Exchange (OTX). Since it was introduced early last year, AlienVault’s OTX Reputation Monitor, available through the Exchange, has become the largest crowd-sourced repository for threat information around the world, counting more than 8,000 contributors from 140 countries, and growing rapidly.

“Trident Capital is proud of what the team at AlienVault has been able to accomplish in the two years that we’ve been involved with the company,” said J. Alberto Ypez, AlienVault’s Chairman of the Board of Directors and Managing Director at Trident Capital. “Many companies have great vision but fall short of realizing it. Through its USM platform and Open Threat Exchange, AlienVault is delivering on its vision of open and collaborative security. It’s great to have GGV Capital’s support as AlienVault works to make security visibility and better threat intelligence easily accessible and attainable, even for smaller and midsize organizations around the world whose security needs have largely gone unmet. The team assembled at AlienVault is amongst the most accomplished and well respected in the industry.”

“AlienVault is on the path to being a disruptive, game-changing force in the security market,” added Ted Schlein, general partner at KPCB. “They anticipated the need for an all-in-one security platform that businesses of any size could use and afford, as well as the need for better threat management through crowd-sourced threat intelligence with the Open Threat Exchange.”

“GGV Capital has an amazing track record for investing in companies that truly are category creators, and we look forward to living up to their legacy with Unified Security Management,” said Barmak Meftah, AlienVault’s President and CEO. “Glenn’s experience guiding companies that have created new technology paradigms and markets–companies like Pandora, Square, ZenDesk and Successfactors–will be invaluable as we continue to put the power of a unified security platform and shared threat intelligence within reach of all organizations.”

GGV Capital’s Glenn Solomon will join AlienVault’s board as a director.

About AlienVault

AlienVault’s Unified Security Managementtrade solution (USM) provides a fast and cost-effective way for organizations with limited security staff and budget to address compliance and threat management needs. With all of the essential security controls built-in, USM puts enterprise-class security visibility within fast and easy reach of smaller security teams who need to do more with less. AlienVault’s Open Threat Exchangetrade is an open and collaborative initiative for security professionals to connect with their peers, and learn about the latest threats and defensive tactics from industry experts and security researchers. AlienVault is a privately held company headquartered in Silicon Valley and backed by Trident Capital, Kleiner Perkins Caufield Byers, GGV Capital, Sigma West, Adara Venture Partners, Top Tier Capital and Correlation Ventures. For more information visit www.AlienVault.com or follow us on Twitter.

Article source: http://www.darkreading.com/management/alienvault-announces-265-million-in-seri/240160857

VANCOUVER, BC – September 5, 2013 – Today, HootSuite, the most widely adopted social relationship management platform, announces a new partnership with Nexgate, a leader in enterprise social media security, to protect brands and address the increasing compliance and policy management requirements facing social media practitioners. This new partnership provides HootSuite Enterprise customers with a comprehensive compliance solution that protects their brand and secures their organization’s social media network environments from employee misuse, hackers, spam, hate, and malware.

With well over seven million users and growing, HootSuite has customers in nearly every country who use its social relationship platform to securely manage social marketing, social customer service and social selling. While large organizations have the opportunity to amplify their messages and engage with customers at unprecedented levels using social media, this reach and engagement has created new security and compliance issues that are only now being addressed.

In a July 2013 report titled The Social Media Legal and Regulatory Landscape, analyst firm Forrester Research discussed the importance of social media risk management: “The rapid rise of social media throughout the business world has left organizations and regulators in all industries scrambling to play catch-up. Social media changes how we interact with fellow employees, develop business relationships with our customers, and build the company brand; it also creates a slew of new regulatory and compliance “gray” areas.”

The Nexgate partnership with HootSuite Enterprise is a complete brand protection solution that addresses these issues as a risk management solution for social businesses, inclusive of:

● Policy Management: Nexgate’s patent-pending policy management features allow large organizations to establish specific policies for business units, divisions, and groups as part of their workflow. Whether meeting FINRA, HIPAA, SEC, and PCI standards or custom policies, organizations are empowered with monitoring and compliance controls.

● Pre-Publish Content Scanning: HootSuite automatically passes social media posts through Nexgate to ensure all content conforms with acceptable use and compliance policies, including scanning all URLs for threats or risks.

● Automated Content Moderation: Nexgate automates content filtering across all social channels. This allows admins to set action types to log or delete and send notifications about a particular post, Tweet, or comment that violates set policies. All comments and posts can also be archived for future auditing.

● Advanced Security and Compliance: Nexgate ProfileLocktrade helps prevent hackers and hijackers from co-opting brand-owned accounts. Customers can create custom alerts to notify when changes are made to account profiles. Organizations can also set up social media archiving and compliance reporting for access to spot checks and audits.

● Automated Account Discovery: Automatically find, categorize, and monitor social media accounts affiliated with a brand using Nexgate’s patent-pending advanced social search technology.

“Social media has become the frontline of many organizations for real-time engagement with their customers. In turn, online security breaches can really hurt a brand’s image and consequently its bottom line. Thankfully these crises are avoidable,” says Ryan Holmes, CEO of HootSuite. “Our partnership with Nexgate ensures that our clients are equipped with a comprehensive set of social media security tools to protect their businesses. I’m thrilled for this Nexgate partnership and what it means for Enterprise-level security and compliance.”

“Managing risk and compliance is a big challenge for organizations with large enterprise brands,” says Devin Redmond, Co-Founder and CEO of Nexgate. “Our partnership with HootSuite combines the leading technologies for enterprise social media management and security and compliance to stop account hacks, automate content moderation, and ensure compliance.”

“I am excited to see this partnership and integration between HootSuite and Nexgate,” says Eric Ludwig, Vice President and General Manager of US Consumers at Rosetta Stone. “HootSuite is a key marketing, engagement, and collaboration solution for us and Nexgate helps us use HootSuite more effectively. This partnership increases our ability to protect our social accounts, keep our audiences safe, and meet regulatory requirements all while improving our efficiency and ROI.”

HootSuite Enterprise, used by global brands like Investec, ING DIRECT, Tower Hill Insurance Group, Inc., Seagate, Virgin, PepsiCo, Sony Music Entertainment, FOX, WWF, and 744 of the Fortune 1000 companies, is built for enterprise businesses. With the most advanced tools and services available for security, collaboration, engagement, and analytic measurement of your social media strategy, HootSuite Enterprise is built to bring brands their social ROI.

To learn more about HootSuite’s partnership with Nexgate, register for our upcoming webinar entitled “Secure your Social Enterprise with HootSuite and Nexgate” on Thursday, September 12, 2013 featuring Ray Kruck, Co-Founder Chief Revenue Officer of Nexgate, and Kevin Zellmer, Global Director of Enterprise Business Development of HootSuite.

More information:

● Register for Webinar: http://ow.ly/olGHF

● Blog Post: http://blog.hootsuite.com/nexgate-security-compliance

● HootSuite Enterprise: http://enterprise.hootsuite.com

● Media Kit: http://media.hootsuite.com/media-kit

About HootSuite

HootSuite is a social relationship platform for businesses and organizations to collaboratively execute campaigns across social networks such as Twitter, Facebook, LinkedIn and Google+ Pages from one secure, web-based dashboard. Advanced functionality includes tools for audience engagement, team collaboration, account security and comprehensive analytics for end-to-end measurement and reporting. To learn more, visit: http://www.hootsuite.com.

About Nexgate

Nexgate provides cloud-based brand protection and compliance for enterprise social media accounts. Its patent-pending technology seamlessly integrates with the leading social media platforms and applications to find and audit brand affiliated accounts, control connected applications, detect and remediate compliance risks, archive communications, and detect fraud and account hacking. To learn more, visit http://www.nexgate.com.

Article source: http://www.darkreading.com/authentication/hootsuite-expands-social-media-security/240160862

IRVINE, CA – September 5, 2013 – Are you ready for some football!? NT OBJECTives, Inc., provider of the most automated, comprehensive and accurate web application security software, services and SaaS, has confirmed a mobile web application vulnerability in a recent previous version of the popular Yahoo! Fantasy Football application that, when hacked, allowed individuals to change team line-ups and post imposter comments. Users who have not updated their mobile app to the most recent version are at risk of having their line-ups manipulated by other league managers or troublemaking hackers.

While conducting vulnerability testing, NT OBJECTives discovered that the Yahoo! Fantasy Football mobile app was vulnerable to session hijacking, the process of authenticating the user and ensuring an attacker isn’t impersonating a user or eavesdropping on the service. The mobile web application vulnerability allowed an attacker to impersonate another player on message boards and manipulate other players’ lineups, putting injured or poor performing players in the weekly lineup, while benching top-seeded players on that individual’s team.

“Our research shows that very few mobile apps are developed and tested with security in mind. One of the most common security mistakes made during the development of mobile web applications is related to session management,” said Dan Kuykendall, co-CEO and CTO of NT OBJECTives. “In most cases, a vulnerability in any single area isn’t a significant liability. However, the more mistakes that are made, the easier it is to attack the application, and that was the case with Yahoo’s fantasy football mobile application.”

While this vulnerability doesn’t represent a major risk for people, it is an example of the many vulnerable mobile applications with weak or nonexistent session management. This points to a larger trend of insecure mobile applications being developed and delivered too quickly without proper security testing. It also serves as a reminder that when users fail to update their mobile apps, which they often do, they may be vulnerable to a security breach.

NT OBJECTives identified a number of instances where best practices in web application security were not followed during development, contributing to the application’s vulnerability issues:

The API used by the mobile app lacked the use of SSL, so even a simple rogue WiFi hotspot could see the traffic between the mobile app and the Yahoo! Fantasy Football API.

The session cookies lasted too long. Once the session tokens were stolen, the attacker could continue to impersonate that user for a very long time. Test sessions continued to work for over a month, with the ability to send query requests and roster changes for even longer.

The application lacked the use of a NONCE (number used once) or private token to sign the requests to confirm their legitimacy, instead using a simple session cookie.

The requests from the mobile web application included full blown SQL statements revealing the tables and columns, opening the door to SQL injection vulnerabilities. This example skips real SQL injection for now, as it was intended to change the victim’s lineup. To do so, the attacker simply needed to look at the SQL statement, and see that the value to the ‘mbody’ column is an XML document of the full lineup. By simply extracting that XML, the hacker could make any desired changes and then toss it back into the SQL statement and send it on.

“Imagine a scenario where the hacker provides WiFi access on draft day and steals everyone’s session tokens. During the season, he can then change the lineup of his opponents whenever he wants to ensure a win for the week,” said Kuykendall. “Mobile web applications store information about the client, like a secret encoder ring, and the server stores all the secret decoder rings. If the server recognizes the secret, it knows the request is valid. When using shared secrets, developers must be sure both the client and server know the value, and that once the secret token is given to the client, it is never again transmitted.”

Yahoo! was notified of the vulnerability and the newest version now requires SSL. However, the vulnerability still exists for mobile users who have not updated the application. For more information and to see a demonstration of how the mobile hack works, see Kuykendall’s video, “Dan Hacks Fantasy Football” at http://go.ntobjectives.com/l/8672/2013-09-04/dhg2h

NTOSpider’s dynamic application security testing (DAST) solution allows companies to test mobile and web applications built with the newest programming technologies like JSON, REST, SOAP, HTML5 and AJAX.

Tweet: @ntobjectives finds @Yahoo #fantasyfootball Vuln. Change line-ups to win! Are you ready for some football? http://bit.ly/17rKzm2 #infosec

About NT OBJECTives, Inc.

NT OBJECTives, Inc. (NTO) is a provider of automated, comprehensive and accurate mobile and web application security software, services and SaaS. NTO’s customizable suite of solutions includes application security testing, SaaS scanning and in-depth consulting services to help companies build the most comprehensive, efficient and accurate web application security program. NT OBJECTives is privately held with headquarters in Irvine, CA. For more information, visit www.ntobjectives.com or follow us on Twitter at @ntobjectives or @dan_kuykendall.

Article source: http://www.darkreading.com/mobile/vuln-confirmed-in-yahoo-fantasy-football/240160874

DURHAM, N.C., Sept. 5, 2013 /PRNewswire/ — GFI Software(TM) today announced a new initiative to help small and mid-sized businesses (SMBs) manage their servers and workstations at no cost. Free Asset Tracking Forever is a no-charge component of the GFI Cloud suite of cloud-based IT management services that enables organizations to audit and asset manage servers and workstations across the organization, as well as identify and manage units running legacy operating systems with minimal effort, all from a single management console.

(Logo: http://photos.prnewswire.com/prnh/20120330/NE79547LOGO )

As businesses grow, auditing and inventory of the increasing volume of computer and other IT assets becomes a major consideration for the business as a whole, as well as for IT personnel. SMBs frequently struggle with deploying and using asset tracking solutions, most of which are often expensive to purchase and to maintain support contracts, time consuming to deploy and use and limited in their ability to ‘see’ beyond the perimeter of the core physical network.

Offering fully-featured asset tracking, the Free Asset Tracking Forever solution enables SMBs to deploy the service using a simple one-time lightweight agent installation on each target server and workstation that handles tasks such as monitoring the network, running services and assessing the health and status of each of your computers. For the many SMBs still running Microsoft’s legacy operating systems such as Windows XP, Free Asset Tracking Forever will identify these systems and help IT staff implement additional security, management and decommissioning measures as needed, helping to ensure that legacy and discontinued systems are not overlooked, do not become a security risk or a productivity obstacle.

Once deployed, IT staff can get a real-time view of hardware and key software status using the GFI Cloud browser-based management console. The cloud-based nature of the service also means that mobile users working at home and in the field become far easier to include in asset tracking activities, as well as being included in the same single view as on-premise devices. GFI Cloud and the Free Asset Tracking Forever service are completely secure, so devices can be monitored from any location using a normal web browser, all without having to leave additional ports open that could create a security risk. All communications are done over the standard web port 80 that is monitored by firewalls and anti-malware software.

“PC asset management is one of the most time consuming and admin-intensive tasks the IT department has to carry out in any organization. In SMBs where IT staff numbers are often limited, this necessary task creates a massive manpower burden if it is not automated and centralized,” said Sergio Galindo, head of global product management at GFI Software. “The launch of Free Asset Tracking Forever is in direct response to requests from SMBs looking for a cost-effective way to not only improve visibility of both fixed and mobile IT assets, but also to help SMBs kick-start the migrating back office IT services to the cloud to further improve efficiency and cost control, but without taking on undue financial and operational risk.”

Server and workstation management is one of the most stressful parts of an IT admin’s job. A recent independent survey of 207 US IT administrators conducted by Opinion Matters on behalf of GFI Software revealed that tight deadlines (20

percent) and lack of staff (24 percent) were two of the top three reasons why IT admins are stressed at work.

The Free Asset Tracking Forever service also simplifies the process of adding and deploying additional cloud services to users as needed, without additional physical intervention. Other services such as patch management, antivirus and server and workstation monitoring can all be pushed from the same single management console to devices, speeding up deployment and minimizing disruption and personnel time needed to complete the work, a key consideration for SMBs with limited dedicated IT staff.

“Many SMBs want to move more of their IT into the cloud, keen to take advantage of the cost savings and simplicity that cloud services offer. However, many don’t know where to start or how well it will fit their organisation. Free Asset Tracking Forever not only provides a useful and cost-effective first step into the cloud, it also offers a basis for other services to be slipstreamed into everyday use leveraging the same agent infrastructure, allowing SMBs to move IT management to the cloud on their own timetable and with minimal effort and disruption,” Galindo added.

About GFI Cloud

GFI Cloud services provide SMBs with advanced antivirus and anti-malware protection, server and workstation monitoring and service assurance, patch management and free asset and inventory tracking. These features give administrators the ability to monitor the health and stability of their networks and optimize server and workstation configurations to improve performance. Any or all of these services may be deployed in a flexible and scalable manner that best suits the unique business needs of small and medium-size businesses. It also comes with pre-installed integration with the remote access system Teamviewer. Where Teamviewer is installed, it allows one-click access to any device where the agent is installed, allowing the IT administrator to jump on problems early and resolve them. And all for a few pennies a day.

GFI will continue to expand GFI Cloud’s portfolio with functionality powered by the company’s award-winning business and security solutions.

To learn more about GFI Cloud and start a free 30-day trial, visit https://signup.gficloud.com or email [email protected].

About GFI

GFI Software(TM) develops quality IT solutions for small to mid-sized businesses with generally up to 1,000 users. GFI offers two main technology solutions: GFI MAX(TM), which enables managed service providers (MSPs) to deliver superior services to their customers; and GFI Cloud(TM), which empowers companies with their own internal IT teams to manage and maintain their networks via the cloud.

Serving an expanding customer base of more than 200,000 companies, GFI’s product line also includes collaboration, network security, anti-spam, patch management, faxing, mail archiving and web monitoring. GFI is a channel-focused company with thousands of partners throughout the world. The company has received numerous awards and industry accolades, and is a long-time Microsoft Gold ISV Partner.

Article source: http://www.darkreading.com/management/gfi-software-launches-free-asset-trackin/240160863

Emeryville, Calif., September 5, 2013–Sendmail today introduced Sentrion Rogue Email Application Control (REAC) 2.0, the first inside-threat protection application with new Big Data search capabilities to further protect organizations against the growing internal threats posed by machine-generated email, which accounts for more than 50% of all corporate email traffic.

“Through our experience supporting email infrastructure for the world’s largest enterprises, we have seen businesses grind to a halt due to email-generating business systems and applications suddenly going rogue and inadvertently causing internal e-mail storms,” said Glen D. Vondrick, President and CEO at Sendmail, Inc.

Ian Emery, Sendmail’s VP EMEA, added: “Left hidden and uncontrolled by IT, these auto-generated emails can cause surprise denial-of-service attacks from within that bring down critical business systems and messaging infrastructure.”

Because email-generating systems and applications can number in the thousands across hundreds of departments, discovering and controlling them can place undue burden on IT with no guarantee that all rogue systems and apps will be found. Further complicating the problem of discovery is enterprise email itself, by far the largest source of big data in the enterprise today, generating nearly three exabytes of data annually in email and accompanying attachments.

With Sentrion REAC 2.0, IT can leverage Sendmail’s advanced Big Data analysis tools to capture and scan all email data flowing through the enterprise via email logs from the most commonly used MTAs in the world–including sendmail open source, Sendmail Sentrion and Postfix open source–to locate all the email-generating systems and apps that operate hidden in the enterprise. Once Sentrion REAC 2.0 identifies and helps IT inventory these machines, the business applications can be:

1. Registered with the respective business unit

2. Monitored for normal behavior

3. Controlled to reduce the threat of inadvertent internal attack on an on-going basis

“The addition of Sentrion REAC to IT’s arsenal is especially critical today, given the concerns around cloud-based email,” said Christiaan van Woudenberg, REAC product manager at Sendmail. “If not properly managed, the high volume of machine-generated email can cause critical business systems to fail during cloud migrations. REAC prevents this by identifying all origins of hidden email traffic, so it can be controlled ahead of the migration–before it creates problems.”

Among the biggest concerns in cloud security, data control and data loss rank high–just second behind BYOD, according to Infonetic’s April 2013 report. With Sentrion REAC 2.0, businesses can also better manage, secure and ensure the regulatory-compliant handling of sensitive content contained in emailed attachments and the emails themselves by identifying all the systems and applications that generate messages throughout the enterprise. With this visibility, IT can better manage and safeguard their email data, often by keeping confidential emails and email-generating systems on-premises while relegating less sensitive messaging to the cloud.

Sentrion REAC is the first commercial email management threat-protection product that supports cloud-based email architectures by enabling enterprises to control and integrate on-premises machine-generated email with human mailboxes and email services that can be moved to the cloud, such as filtering and security solutions.

Sentrion REAC 2.0 is the result of early product testing by a number of Sendmail Fortune 500 customers and is now available as a hard or virtual appliance.

About Sendmail, Inc.

Sendmail simplifies business email complexity and reduces IT infrastructure costs for large enterprises. The company’s solutions ensure global email connectivity, routing, and message delivery between people, systems, and applications located on-premises, in-cloud or on mobile devices. The Sentrion Email Integration Platform performs intelligent email policy and message inspection ensuring all critical communications and content are integrated with business policies, applications and processes. Sendmail is headquartered in Emeryville, CA with offices throughout the Americas, Europe and Asia. For more information, call 1-87-SENDMAIL or email [email protected].

Article source: http://www.darkreading.com/applications/sendmail-sentrion-reac-20-protects-again/240160864

LEBANON, N.H.–Leading network security software provider FlowTraq announced today the availability of FlowTraq Cloud, a secure cloud-based version of its network security and management software, which uses full-fidelity network flow records to provide unified security, monitoring, and forensics.

Hosted on a reliable cloud platform, FlowTraq securely stores network traffic so that organizations can monitor network performance and bandwidth consumption, catalog applications in use, and detect problematic changes in network activity cost effectively and efficiently.

“With FlowTraq Cloud, users can experience all of the benefits of FlowTraq without the hassle of managing a server and by only paying for the number of flow updates they actually use,” said Vincent Berk, co-founder and CEO of FlowTraq. “With FlowTraq Cloud, customer flows are securely separated from other users, essentially giving you a private flow collector and analyzer so that you can better monitor, manage, and secure your network.”

FlowTraq Cloud features include a flow record summary of network communication, which contains details on endpoints, service, and duration, so that organizations can investigate incidents without storing network traffic on a local server. Having access to FlowTraq’s history-long full-fidelity database gives users the data they need to identify attempts to compromise sensitive data and investigate incidents after a compromise has occurred.

The onboarding process is simple. Users can either transmit their flow data directly to the FlowTraq Cloud or install FlowTraq’s free FlowProxy locally in their networks, and securely transmit all their flow records to the FlowTraq Cloud.

FlowTraq Cloud’s pay-per-flow pricing model makes it affordable for organizations of all sizes to monitor their NetFlow or sFlow by scaling the price to fit the exact needs of the user. Additional pricing information can be found here.

FlowTraq supports all major flow formats, including NetFlow, jFlow, CFlow, sFlow, and IPFIX. To learn more about FlowTraq Cloud, visit http://www.flowtraq.com/corporate/product/flowtraq-cloud/features

About FlowTraq

Founded in 2004, FlowTraq develops and markets software solutions that monitor and analyze network security and performance to provide deep insight, high visibility, and valuable understanding of complex network infrastructures. With FlowTraq, users gain an unprecedented level of network situational awareness that facilitates fast and easy monitoring, quick security analysis, and complete forensic recall of any traffic that crosses their network, thus reducing organizational risk. FlowTraq software solutions include FlowTraq, FlowTraq Cloud and FlowExporter. FlowTraq has over 2,600 customers worldwide, including Fortune 500 companies, ISPs, Managed Service Providers, government, schools, and universities. FlowTraq is privately held and headquartered in New Hampshire. For more information, visit http://www.flowtraq.com/corporate/.

Article source: http://www.darkreading.com/flowtraq-announces-availability-of-flowt/240160876

Yesterday Amy Webb wrote a piece for Slate titled We Post Nothing About Our Daughter Online.

In the article, Webb explains why she doesn’t allow photos or personally identifiable information about her daughter online – because “it’s the only way to defend her against facial recognition, Facebook profiling, and corporate data mining”.

Knowing what we do about how digital content and data are being cataloged, my husband and I made an important choice before our daughter was born. We decided that we would never post any photos or other personally identifying information about her online.

Andrew Leonard, who says he posts a lot of information and photos about his children online hit back with an article in Salon.

Social media brings people together, he argues. His sister, who was at the birth of one of Leonard’s children, loves keeping up with how her niece and her siblings are doing. And Leonard says he does the same with his brother’s baby.

In a time when we often live so far from each other, maybe it’s a good thing to share photos and updates because “it helps us stitch our exploded communities back together, and keeps us in closer touch with the people we love”.

We are strengthening the ties that bind a larger community of family and friends together, embedding our stories and lives in contexts that are larger than those of the individual nuclear family or neighborhood street. Some anonymity may well be lost through this process, but something valuable is also gained; a sense of togetherness that is often missing or attenuated by modern life.

But what do you think? Is posting pictures of your children online making a choice for them which should really be their own? Are we really “creating a generation of kids born into original digital sin”?

Or is it inevitable today, with everything and everyone seemingly online?

Please have your say in our poll, and let us know your thoughts in the comments below.

Take Our Poll
Follow @NakedSecurity

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/8c8z0CvJyuA/

Win a Samsung 40-inch LED HDTV with The Reg and HP!

The number of laptops and tablets stolen in one country and recovered in another is on the rise.

Absolute Software’s second annual Endpoint Security Report records that stolen kit that had not been nicked locally had been recovered in an additional eight countries as far afield as Mongolia, Gambia, Vietnam and Zimbabwe. In the EMEA region (Europe, the Middle East and Africa), London is the top theft location, followed by Kampala in Uganda and Pretoria in South Africa.

Across the EMEA region, businesses have become the top device theft hotspot, for both internal and external burglary. This is a change from figures covering 2011, where homes and cars were the top theft location for corporate devices.

Globally, the US came in as the top country for thefts of the kit, with Australia at number two and the UK at number three.

Schools were the single biggest scenes of laptop theft crime in the US but ranked at only number four in EMEA.

The study, based on data from the 6 million devices protected by Absolute’s Computrace software, also reports that enterprises are making increasing use of remote data deletion and sensitive data retrievals from stolen devices.

The number of remote data deletes has risen by 34 per cent, and the amount of devices from which data is being remotely retrieved has increased by 135 per cent, the study said.

Just under 5GB of data was retrieved from stolen devices in 401 file retrievals carried out by Absolute Software during 2012, a figure which compares to 171 data retrieval jobs last year, the report said.

The device theft data in Absolute’s report is compiled from 12,705 theft reports it received during 2012, a figure that compares to 13,818 in its previous annual report, which covered 2011. Data deletion jobs rose from 4,812 in 2011 to 6,442 last year.

The endpoint security and computer management firm notes that organisations are under pressure to adhere to stricter data breach compliance, such as the European data protection laws. As a result, organisations are focusing less on hardware recovery and more on the security of the data itself.

“With reputations on the line, it is no longer simply the cost of the device but the wealth of sensitive data sitting within tablets, laptops and smartphones that is causing IT and business headaches,” explained Derek Skinner, regional director, recovery and investigative services EMEA, Absolute Software.

“It is no surprise therefore that our report reveals a rise in remote data wipes. The sooner an organisation can secure a stolen device and render the data on it unusable to thieves, the easier it is for it to prove there hasn’t been a data breach.” ®

Win a top of the range HP Spectre laptop

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/09/05/laptop_theft_survey/

Win a Samsung 40-inch LED HDTV with The Reg and HP!

A piece of malware linked to attacks against governments and organisations involved in hi-tech industries such as space exploration and nuclear power has been adapted to exploit a recently uncovered Java security flaw.

NetTraveler has been outfitted to exploit a recently patched Java bug as part of a watering-hole-style attack involving compromised websites that redirects victims to an attack site hosting exploit code.

The latest variants of the malware appear, which surfaced over the last few days, appear to be targeting dissident Uyghur activists from China, net security firm Kaspersky Lab warns.

Kaspersky Lab was first to warn about the cyber-nasty back in June but subsequent checks revealed that the malware has been silently doing the rounds since 2004.

NetTraveler (also known as “Travnet”, “Netfile” or Red Star APT) is an advanced persistent threat that has infected hundreds of high profile victims in more than 40 countries. Known targets of NetTraveler include Tibetan/Uyghur activists, oil industry companies, scientific research centres and institutes, universities, private companies, governments and their institutions, embassies and military contractors.

Immediately after the public exposure of NetTraveler’s operations in June 2013, the attackers shut down all known command-and-control systems and moved them to new servers in China, Hong Kong and Taiwan. After the switch, the attacks continued more or less unabated.

Over the last few days, several spear-phishing emails were sent to multiple Uyghur activists. The Java exploit (CVE-2013-2465) used to distribute this new variant of the Red Star APT was only patched by Oracle in June 2013. Earlier attacks have used Office exploits (CVE-2012-0158) that were patched by Microsoft in April 2012.

More details on the evolution of the threat can be found in a blog post by Costin Raiu, director of global research at Kaspersky Lab, in a blog post on Securelist here.

The Uyghur community is an ethnic group who mostly live in Eastern and Central Asia. The community has long desired independence, or at the very least greater autonomy, from Han Chinese rule. ®

Win a top of the range HP Spectre laptop

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/09/05/nettraveler_apt_latches_onto_java_flaw/

In the past, companies could avoid the world’s trouble spots, pulling out of war-torn countries and unstable regions to avoid conflict. Yet, as the world’s citizens become more savvy online, local unrest is quickly transforming into global threats that companies cannot easily evade.

The Syrian Electronic Army’s recent attacks against media firms’ domain-name infrastructure is only the latest example of the escalation of local conflicts to the global digital stage. Over the last year, distributed denial-of-service attacks by the Iranian cyber militia known as the Izz ad-Din al-Qassam Cyber Fighters has cost U.S. and European banks millions of dollars. And, attacks by hackers aligned with North Korea’s interests have hit both South Korean and U.S. servers.

“The threat landscape has expanded in ways that are almost unimaginable,” says Jeffrey Carr, a cyber threat consultant and founder of Taia Global. “You can’t really anticipate all the different threat actors out there that might be interested in your Web site, your IP (intellectual property), or your reputation.”

So far, the impact of such digital attacks have been mild, if embarrassing. While security researchers and providers have warned that vulnerable critical infrastructure could be targeted by attackers with catastrophic results, attacks by purported hacktivist groups and patriotic hackers have been limited to defacements and propaganda. Most groups seem deterred by the potential repercussions of a serious cyberattack, says Dmitri Alperovitch, co-founder and chief technology officer of CrowdStrike, a startup focused on advanced threats

“All these actors are cautious actors, because they don’t want to incur too much of a reaction,” he says. “That is likely to continue unless there is actually a conflict in which the regime decides that a greater level of retaliation is needed.”

The ongoing civil war in Syria and the possible punitive bombing of strategic government sites by the United States and Western nations has increased tensions, however. So far, Western nations have refused to intercede in the Syrian conflict, which has claimed more than 100,000 lives in the last two years and produced more than 2 million displaced refugees, according to tallies kept by the United Nations and the Syrian Observatory for Human Rights. Yet, with the United States and European nations building a case showing that the Syrian government used chemical warfare against rebels, the conflict looks ready to escalate.

The digital side of the conflict, limited to hacktivism and propaganda to this point, could escalate as well. The Syrian Electronic Army has reportedly claimed it would strike back at the United States, if the nation struck at potential chemical weapons storage sites or took other punitive actions.

“We should not be shocked that other countries are using their capabilities to gain whatever advantage they can in the economic sphere or the geopolitical sphere, and that means that the private sector in this country is absolutely a target of these attacks because they are a key part of our infrastructure,” he says.

Knowing that attacks come from Syrian hacktivists or government-sponsored hackers can help companies tune their defenses and implement additional protections around critical data, says Alperovitch. Companies should develop a greater ability to defend their own networks, starting with a good legal framework for what is allowed, he says.

“You are going to have to enable the private sector to allow them to do more in defense of their private networks,” he says. “With these lower-level attacks, we won’t see a response from the U.S. government.”

[Protecting domains requires registry locks as well as other measures, including two-factor authentication and administrative access control. See Domain Security Needs More Than Registry Locks.]

For the government, the issue is complicated by the fact that attributing attacks to actual actors is difficult. Bouncing communications between multiple computers to hide the source of the controller’s system is technically easy, says Raj Samani, chief technology officer for McAfee’s Europe, Middle East and Africa group.

Companies should never assume that hacktivists are who they say they are, he says. The barriers to become a hacktivist are low–anyone with some knowledge, a few free online tools and a flair for dramatic Pastebin posts can create their own hacktivism group or pretend to be one, he says.

“Hitting the mark on attribution is very difficult in the cyber world,” Samani says. “If I attack your PC today, I can come from any computer in the world, and for you to really go after me, you have to go through a very painstaking and laborious process.

For that reason, companies should learn what they can through investigating details of the attack, but not lose focus of the general mission to reduce their attack surface area and harden their systems, says Taia Global’s Carr.

“You will never know everyone out there; you will never be able to plan for every contingency,” he says. “So while it is good to know and keep up with who the threat actors are, you cannot anticipate unknown threats.”

Finally, companies need to not just lock down their own systems, but ensure that their suppliers are doing the same. The recent domain takeover that made the New York Times inaccessible for hours, and in some cases days, happened because the news organization’s supplier of DNS services, MelbourneIT, had a third-party reseller whose credentials where compromised.

“In many cases, it is not a question about security but of transparency,” says McAfee’s Samani. “Do you have transparency about all of the risks in your supply chain? And in most cases, the answer is no.”

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/advanced-threats/worlds-hotspots-mean-escalating-cyber-th/240160851