Cybersecurity
Securing Today’s ‘Elastic Attack Surface’
Security pros today feel overwhelmed by the current cyberthreat environment and the deluge of security solutions on the market. Given the rapid adoption of cloud, BYOD, IoT, and DevOps, many lack confidence in their ability to accurately assess exposure and risk. What the world needs is a modern approach to understanding threats and exposures across the entire enterprise, based on visibility and driving understanding. I call that the “elastic attack surface.”
Ken Mills Of Dell EMC Recognized With 2016 SIA Chairman’s Award
The Security Industry Association (SIA) salutes Ken Mills, General Manager, Surveillance and Security, Dell EMC, with the 2016 SIA Chairman?s Award for his leading work on cybersecurity initiatives in the security industry. With his service on the SIA Board of Directors and the SIA Cybersecurity Advisory Board, Mills has been a highly visible proponent of cybersecurity measures for physical security devices on networks as well as the rapidly developing Internet of Things. SIA Chairman Denis Hebert will present the SIA Chairman’s Award to Mr. Mills at The Advance, SIA’s annual membership meeting, scheduled to occur on Tuesday, April 4, 2016, during ISC West.
Dahua Devices Dangerously Exposed To Cybersecurity Hack
Dahua, the world?s second-largest maker of ?Internet of Things? devices like security cameras and digital video recorders (DVRs), has shipped a software update that closes a gaping security hole in a wide range of its IP-cameras and DVRs. The vulnerability allows anyone to bypass the login process for these devices and gain remote (and direct) control over vulnerable systems. Adding urgency to the situation, there is now code available online that allows anyone to exploit this bug and commandeer a large number of IoT devices.
Shamoon Malware Spawns Even Nastier ‘StoneDrill’
Researchers following up on last November’s re-emergent Shamoon malware attacks have found something even nastier. A new, more dangerous malware called StoneDrill has been detected by Kaspersky Labs as they were studying Shamoon malware that has hit the energy sector in the Middle East initially. It is a data destroying code that sits in a victim’s browser, and wipes any physical or logical path accessible with the target user’s privileges.
D-Link’s Alleged Security Failures Achieve FTC Lawsuit: D-Link Responds
In its latest enforcement action in the realm of the Internet of Things, the Federal Trade Commission filed suit against D-Link Corporation, a Taiwan-based computer networking equipment manufacturer and its U.S. subsidiary, alleging that the defendants failed to employ adequate security measures for their wireless routers and surveillance cameras. Although D-Link promoted the security of its routers with claims like “EASY TO SECURE” and “ADVANCED NETWORK SECURITY,” the company neglected to take easy steps to avoid security flaws, the agency asserted in its California federal court complaint. According to the agency, D-Link accepted hard-coded login credentials and the use of “command injection,” which allowed remote attackers to take control of routers by sending commands over the Internet.
Hackers Hit D.C. Police Surveillance Camera Network, City Officials Disclose
Hackers infected 70 percent of storage devices that record data from D.C. police surveillance cameras eight days before President Trump?s inauguration, forcing major citywide reinstallation efforts, according to the police and the city?s technology office. City officials said ransomware left police cameras unable to record between Jan. 12 and Jan. 15.
New Q4 Threat Intelligence Report from NTT Security Finds Attacks on Organizations Becoming More Targeted, Sophisticated
NTT Security today issued its quarterly Threat Intelligence Report, which underscores the need for more advanced tools to protect organizations? data and networks from the evolving tactics, techniques and procedures (TTPs) used by cyber-attackers. A topic of considerable public attention is the ability to determine the source of cyber-attacks to determine their credibility and motivation.
NY Appeals Court Decision Signals Cybersecurity Whistleblowing Implicates Corporate Theft
Most people don?t think about what whistleblower laws may protect them until they need them. Many information security professionals may be surprised to learn that they are protected by the […]
Johnson Controls And DHS Sign Cooperative R&D Agreement On CyberSecurity
In an effort to improve cyber-threat information sharing and analysis, Johnson Controls, a global leader in energy efficiency, integrated solutions and building controls, announces a Cooperative Research and Development Agreement (CRADA) with the U.S. Department of Homeland Security (DHS), Office of Cybersecurity and Communications. The agreement will help secure our nation?s critical infrastructure from those with malicious intent.
Milestone XProtect 2016 R3 Advanced VMS Announced With Focus On Total Cost Of Ownership, Performance, And Cybersecurity
Milestone Systems, the open platform company in networked video management software (VMS), is announcing a new version of the market-leading XProtect VMS product suite for partners and customers. XProtect 2016 R3 marks the third release this year of Milestone?s award-winning VMS. Milestone?s commitment to bi-monthly device pack releases supporting third-party camera interoperability, in addition to the multiple VMS releases, is an aggressive schedule designed to be flexible for addressing market needs.
Global Heavyweight Enters Security Business: Meet NTT Security Corp
NTT Security Corporation (abbreviated to NTT Security; Head Office: Minato-Ku, Tokyo; Chief Executive Officer: Jun Sawada) has started its operations as a specialized security company of NTT Group on August 1st, 2016, bringing together NTT?s advanced analytics technologies, threat intelligence and security experts. NTT Security delivers industry-leading Managed Security Services (MSS) and specialized security professional services that support the Full Security Life Cycle. These services will be taken to market globally, and client engagement will be managed by NTT operating companies Dimension Data, NTT Communications and NTT Data.