Comfortable illusions about how security is working are crippling the ability of government and industry to fight the threat, a former member of the FBI’s netsec team has told the B-Sides San Francisco security conference. Society is operating under the illusion that governments and corporations are taking rational choices about computer security, but the fact of the matter is that we’re drowning under a sea of false positive, bad management, and a false belief in...
Read moreDetailsIntel Security released its second annual cloud security report, “Building Trust in a Cloudy Sky,” at RSA Conference 2017. The report outlines the current state of cloud adoption, the primary concerns with private and public cloud services, security implications, and the evolving impact of Shadow IT of the more than 2,000 IT professionals surveyed. View full story ORIGINAL SOURCE: Help Net Security
Read moreDetailsFord is moving full speed ahead with its self-driving cars. The company aims to have its fully autonomous cars on the road in a commercial setting, such as a ride-sharing program, by 2021. Ford, though, isn't the only company trying to bring self-driving cars to market during the next five years. There's a number of automakers and tech companies developing autonomous vehicles working within the same timeline, if not sooner. While there's certainly growing pressure for these companies...
Read moreDetailsThe Internet of Things (IoT) is disrupting businesses, governments, and consumers and transforming how they interact with the world. Companies are going to spend almost $5 trillion on the IoT in the next five years — and the proliferation of connected devices and massive increase in data has started an analytical revolution. To gain insight into this emerging trend, BI Intelligence conducted an exclusive Global IoT Executive Survey on the impact of the IoT on companies around the world. The study...
Read moreDetailsLinux sysadmins with a sense of adventure: Tokyo-based developer Hector Martin has put together a set of scripts to replace an in-use Linux system over SSH. Over at GitHub, Martin's Takeover.sh is the kind of no-safety-net we imagine El Reg's readers will love. Takeover.sh is: “A script to completely take over a running Linux system remotely, allowing you to log into an in-memory rescue environment, unmount the original root filesystem, and do anything you want, all without rebooting. Replace...
Read moreDetailsAdministrators of Hadoop Distributed File System (HDFS) clusters have evidently not heeded warnings that surfaced last month about securing software with insecure default settings. Attacks on Hadoop clusters have wiped the data of at least 165 installations, according to GDI Foundation security researchers Victor Gevers, Niall Merrigan, and Matt Bromiley. The trio report that 5,300 Hadoop clusters are presently exposed to the internet, some of which may be vulnerable. View full story ORIGINAL SOURCE: The Register
Read moreDetailsGoogle's Gmail spam filters may block the bulk of spam from hitting your inbox, but according to one researcher it won't filter spam from a spoofed @gmail.com address. No one likes spam and for the most part Google does a great job of keeping inboxes free of it. For Safer Internet Day, Google highlighted the "geeky detective work" it does to ensure the average Gmail inbox has less than 0.1 percent spam. View full story ORIGINAL...
Read moreDetailsYesterday, ProofPoint posted about their discovery of a new ransomware called Serpent that is being distributed via SPAM emails. It was further determined that this ransomware appears to be a new variant of the HadesLocker and Wildfire ransomware family. Below I have given a brief recap of the distribution methods discovered by ProofPoint as well as detailed information on what I have learned about how Serpent runs based on its source code. Unfortunately, at this time there is no way to decrypt...
Read moreDetailsHackers are menacing Apple Mac users with Word documents laced with malicious macros that install malware. Security researchers spotted a rash of poisonous files doing the rounds earlier this week, one of which was titled "U.S. Allies and Rivals Digest Trump's Victory – Carnegie Endowment for International Peace.docm." Apple fans who opened the document on a Mac are prompted to enable macros. View full story ORIGINAL SOURCE: The Register
Read moreDetailsIndia's new mass surveillance project, dubbed Centralised Monitoring System (CMS), will reportedly be fully operational by the first quarter of 2017, according to a draft Universal Periodic Review (UPR) report, which is due to be reviewed by the UN in the coming months. Concerns have been raised by privacy experts over the programme potentially expanding the government's control over internet rights and freedoms. View full story ORIGINAL SOURCE: International Business Times
Read moreDetails