MAY QUESTION TO OUR EXPERT PANEL MEMBERS: What are the main reasons for private cloud failure and how can we overcome such failures RESPONSES Lori MacVittie | F5, Sr Product Manager | @lmacvittie: One of the reasons many organizations indicate a preference for private cloud is the lack of security inherent in public cloud. That may be just perceived or it may be real, depending on the type of security being discussed. Either way security is still a significant driver to opt for private cloud implementations. Unfortunately, many of those implementations are failing. Pundits have a variety of reasons as…
Author: ISBuzz Team
ESET uncovers new threat attacking routers, performing fraud on social networks and stealing network traffic. ESET researchers caught Linux/Moose, a malware family primarily targeting Linux-based consumer routers, but also known to infect other Linux-based embedded systems. Once infected, the compromised devices are used to steal unencrypted network traffic and offer proxying services for the botnet operator. You can read more on this phenomenon in an in-depth security research paper titled ‘Dissecting Linux/Moose’ now available on ESET Ireland’s blog. In practice, these malicious capabilities are used to steal HTTP cookies to perform fraudulent actions on Facebook, Twitter, Instagram, YouTube and other sites,…
Comments below in response to news that the proposed $19 million data breach settlement between Target and MasterCard is voided after the agreement failed to attract support from 90 percent of banks affected by the breach. Brad Taylor, CEO, Proficio (www.proficio.com): “We are seeing the massive and rampant increases of breaches in the retail sector over the past 12 months are highlighting the major difference between being compliant and being secure. Executives are realizing one does not equal the other. All the breached retailers of the past year were compliant and still got breached. A new paradigm for security monitoring,…
USMobile launches Scrambl3 mobile app to the public; the world’s most secure cellphone service, developed for Top Secret Classified Communication, now available at Google Play™ Store Free public beta requires only an e-mail address and an Android phone “Cloaking” (Dark Internet Tunnels™) architecture is a game changer to protect mobile privacy Software Defined Mobile Network design creates disruptive technology for Enterprises to quickly and inexpensively deploy a Top Secret grade mobile communication network on private IBM z Systems™ and Power Systems™ servers USMobile (USmobile.me), a developer of private mobile phone services, today launched Scrambl3 (Scrambl3.com, pronounced “scramble”), a smartphone app…
PacketWatch extends value of Lancope StealthWatch® System for context-aware security analytics and advanced cyber threat defense Lancope, Inc., a leader in network visibility and security intelligence, is unveiling its new PacketWatch™ solution for intelligent packet capture this week at Infosecurity Europe 2015. With the PacketWatch solution, large enterprises can obtain deeper network visibility and more granular security context for streamlined incident response and forensics – at a fraction of the cost of full packet capture. “Full packet capture solutions create massive volumes of data, making it difficult and costly to store all of the information, and also challenging to find…
Richard Blech, CEO and Co-Founder of Secure Channels, commented on the NJ hospital patient data breach: “This breach, like many of the others that have occurred, are going to continue with the same pattern and results so long as these institutions that hold consumer sensitive data treat the protection of said data as an afterthought. The insider threat is now commonplace as a result of pure economics. The black market value of stolen customer data is fluid and high, and the payoff for the insider is just too tempting. Institutions know this, yet believe that they either don’t need to protect…
As a result of new and advanced technology, significant transformation has been made to the way enterprises operate. Business units, particularly software and web development teams, but also marketing, HR and finance, want to take advantage of the new generation of cloud services, meaning that an interest in cloud technology is no longer solely the domain of the IT team. The consequence of this is that every business unit leader has their own IT solution in mind, rather than waiting for the CIO to deliver against a set of requirements. This is leading to the CIO and IT department losing…
ESET has discovered over 30 scareware applications available for download from the Google Play store. The malicious applications, which pretended to be cheats for the popular Minecraft game, have been installed by more than 600.000 Android users. It’s not easy to slip a malicious application into Google’s official Play Store these days. Google’s automated application scanner, Bouncer, helps in reducing the number of malware on the official app store. Yet, some baddies do occasionally get by, as demonstrated by our recent discovery of over 30 scareware applications that have been uploaded to the Play store in the course of the…
You may be aware that the British Standards Institution has now published a set of standards to support developers creating health and wellness apps. These standards outline a set of principles which app developers should follow in order to make sure that their products and services can be trusted by healthcare professionals and the public. This code of practice for developing health and wellness apps for potential use in the NHS was developed with the support of the government’s technology organisation Innovate UK. Increased technology uptake in the healthcare sector provides the potential to improve quality of life for millions…
As a result of the NSA surveillance, organizations are increasingly moving towards the use of encryption technologies. It turns out however that encryption is not easy to get right, Heartbleed is only about a year old but other vulnerabilities like FREAK or POODLE have also surfaced in that time frame. This time, a new attack named LogJam is targeting the cryptographic component named Diffie-Hellman, a means of securely exchanging cryptographic keys over a public channel. First, an explanation of Diffie-Hellman (DH for short). It’s a key that’s known to two parties with no other prior knowledge of one another, and that…