Thursday, January 18, 2018

GCHQ cyber-chief slams security outfits peddling ‘medieval witchcraft’

It's not Advanced Persistent Threats, it's Adequate Pernicious Toerags Usenix Enigma 2017  The chief technical director of GCHQ's National Cyber Security Centre has rebuked infosec companies for spreading fear, uncertainty and doubt about hackers to sell products.…

Education needed to stop hackers exploiting web users’ ‘scary’ data sharing

More education needs to be provided and at a younger age in order to stop people oversharing data online, thus reducing the risk of hackers being able to exploit publically available information for cyber criminal gains. That's what Darren Dance, Unix technical lead for online transaction firm WorldPay told Computing at Splunk Worldwide Users' Conference 2013 in Las Vegas.WorldPay crunches over 500 GB of data a day and has various measures and protections in place to ensure that its customers' data remains secure, but Dance believes that security begins at home and web users need to ensure they're not giving hackers and cyber criminals an easy ride. "We need to teach kids when they're younger about how easy it is for their stuff to get out online and the amount they're sharing on social media, for example," he said. "You can actually mine data from social networking spaces using a free tool from Splunk, so if you were actually a cyber criminal, you could start to look at people's posts to work out what their pet is called and give you a good idea about them." Dance told Computing that too many people still use simple passwords - such as the nickname of their favourite sports team - and easy to discover information like that is too often shared on the likes of Facebook, something that he argues many don't understand the risk of. "People actually do use simple passwords. People who are Arsenal fans have passwords like ‘Gooner' and things like that! People do stick with what they know and we need to educate people who are a lot younger, and also everyone needs to know a bit more about how risky it is to put anything online," he said. And while those with a better understanding of security, like those working in business, might already be aware of this, Dance argued that it's away from the office where the biggest threat might lie, with users being blasé when it comes to passwords. "Education needs to go to everyone, not just the enterprise, because in the enterprise we have all the processes and controls, but at the end of the day, people's home PCs if they're using weak passwords, they are a threat," he said, adding the amount of information people are happy to share is worrying. "If their PCs get compromised you've got the likes of botnets and it's scary the amount of data that is open to abuse." Dance added that the amount of trust web users put into cross-site authentication is also a worrying trend which needs to be addressed. "People allowing Facebook to do authentication for other sites and linking apps between websites is really scary. "The amount of trust we're happy to put into that kind of thing... yet in other parts of our lives we're really paranoid," he said.

Apple’s Plus plan pays off

Features limited to the iPhone 7 Plus helped boost sales of the larger smartphone, but they were not the only reasons why a higher percentage of customers went big last year, analysts said."The nature of the market is also shifting," said Ben Bajari...

Apple’s iPhone Plus plan pays off

Features limited to the iPhone 7 Plus helped boost sales of the larger smartphone, but they were not the only reasons why a higher percentage of customers went big last year, analysts said."The nature of the market is also shifting," said Ben Bajari...

Verizon offers unlimited data and won’t throttle video (unlike T-Mobile)

Verizon's $80 plan has unlimited phone data and 10GB of 4G LTE tethering.

Yahoo recycled ID users warn of security risk

Users of Yahoo's recycled ID names say they are receiving the former owner's sensitive information through their new accounts. September 24, 2013 12:50 PM PDT (Credit: James Martin/CNET) Yahoo users who got recycled account IDs said they've foun...

House intel bill adds $75 million to NSA budget to stop...

Senate version also adds money to NSA's budget to stop "insider threat."    

Mechs vs. Minions review: Come for the minis… then maybe leave

Incredible box, and promising twist on "programmable" cards, aren't quite enough.

DB Networks Looks to Detect SQL Injection With New Appliance

The new Linux-powered appliance aims to limit the risk for SQL injection attacks. Year after year, in study after study, SQL injection is identified as a leading cause of data breaches and a top security vulnerability.

There are a lot of vendors trying to help solve the problem, one of them being DB Networks, which announced a new security appliance this week designed to help detect the scourge that is SQL injection. DB Networks was founded in 2009 and has raised $7 million in funding to date, Steve Hunt, president and chief operating officer of DB Networks, told eWEEK.

This week, the company is officially launching its new core intrusion detection system (IDS), the IDS-6300 hardware appliance.

The IDS-6300 is a continuous monitoring device for SQL injection detection, according to Hunt. In a SQL injection attack, the attacker injects bad input into a database SQL statement in an effort to gain unauthorized access to the data. Hunt noted that one of the common ways that organizations try to defend against SQL injection is with a Web application firewall (WAF). However, Hunt said, attackers today can hide their attacks in ways that can get around a WAF, which is why the IDS-6300 takes a behavioral approach in contrast with the signature-based approach typically employed on a WAF. The IDS-6300 connects into the network via a Test Access Port (TAP) or Switched Port Analyzer (SPAN) port inside of an organization's existing network switching infrastructure. By using TAP or SPAN, the IDS-6300 is seeing a copy of the data traffic that is generated between the application server and the database server.

As such, the IDS-6300 sits out-of-band on a network and does not impact the performance of the network or the database. "We're modeling the behavior of the application traffic and then using advanced SQL injection behavioral analysis to detect attacks," Hunt said. "We're really looking for the difference between normal behavior and the abnormal behavior." DB Networks' technology also does a deep analysis of the SQL statements that are sent to the database and monitors how they can change over time. "We can see how one statement is generated as a variant of another SQL statement," Hunt explained. "So when you're looking for threats, you can see how statements morph over time and where the threats exist." Technology Currently, the IDS-6300 solution works with Oracle Database as well as Microsoft SQL Server databases. Michael Sabo, vice president of marketing at DB Networks, told eWEEK that there is a road map to add additional databases to the mix, with the next one being Oracle's open-source MySQL database. From a bare metal perspective, the IDS-6300 runs on top of a Linux operating system and is a 2 Rack Unit (19 inches wide by 28 inches deep) appliance.

The appliance includes four Gigabit Ethernet capture ports and can have up to 2TB of archival storage capacity. Blocking SQL Injection While the IDS-6300 can detect SQL injection attacks, the system does not currently automatically block attacks. "One issue we found is that customers don't like blocking; they don't want to be blocking at the database tier because it can have some side effects from not tearing down the session properly,"  Sabo said. "A future feature in this product is a way to communicate forward to whatever perimeter device an organization has, to block the session at the Web tier." Today, after an organization sees an attack, it can manually take the information provided by the IDS-6300 and use it to create a signature for a perimeter device like a firewall, Sabo said. The system can also send data back into an enterprise Security Information and Event Management (SIEM) system to do further correlation and analysis as well as alert notification, according to Hunt. Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

SpeedCast Introduces SIGMA Net

A new standard in cloud-based vessel management with security by design

Sydney, Australia, November 30, 2016 - SpeedCast International Limited (ASX: SDA), a leading global satellite communications and network service provider, today announced the official release of SIGMA Net, the new standard for shipping and remote site network management designed specifically for VSAT and MSS.

SIGMA Net is a small but powerful industrial-grade VSAT and MSS network management device designed for ships and remote sites, providing automated and efficient management of multiple WAN links. Cyber security is at the heart of SIGMA Net, which incorporates a stateful firewall and Virtual Private Networking between the vessel and the Internet plus unique methods to regulate Internet access, including rejection of update services to Windows or mobile devices. Voice calling across multiple satellite equipment is simplified via SIGMA Net’s integrated VoIP server, allowing a caller to choose the outbound call route via a prefix. National numbers can also be allocated, allowing for cost-effective calling from shore to a vessel. Feature and performance enhancements are automatically applied, ensuring that the SIGMA Net’s software is always kept up to date.

SIGMA Net offers flexible crew services, including innovative pre-paid PIN-based BYOD (Bring Your Own Device) Internet and voice calling services, allowing for simplified voucher generation and management from shore. SIGMA Net provides managed network segmentation between business critical, crew or M2M networks at the remote location.

The cloud-based SIGMA Net Portal brings a vessel or remote site closer to IT management through its innovative and secured portal. The browser-based SIGMA Net Portal provides remote management and configuration of SIGMA Net from shore. Any configuration changes made from the portal are instantly replicated to one or more SIGMA Net terminals, with full auditing of amendments recorded. Reliability and redundancy is a primary feature of SIGMA Net, with its configuration securely synchronized and stored to the portal. The portal also presents fully-featured and interactive reporting of all data transferred via the SIGMA Net WAN links onboard.

“SIGMA Net has introduced a new degree of connection and network management to the Danaos fleet,” said Mr V Fotinias, Vessel IT Manager at Danaos Shipping, Greece. “The SIGMA Net Portal provides a web interface that enables remote configuration of SIGMA Net terminals across our fleet. The reporting provided by the SIGMA Net Portal gives us full visibility on traffic sent and received via the WAN links. Our vessel IT support team is able to easily and quickly resolve problems on board via SIGMA Net. The Danaos crew are extremely happy with the SIGMA Net prepaid vouchers for Internet access or crew calling.”

Danaos Shipping is one of the world’s largest containership owners, with a modern fleet of 59 container ships operating globally.

“SIGMA Net is a robust and secure cloud-based management platform that will both revolutionize and simplify vessel IT administration, both for shore-based support staff and a vessel’s crew,” said Dan Rooney, Maritime Product Director for SpeedCast. “The highly-configurable and flexible prepaid voucher services allow for time-consuming administrative tasks such as voucher generation to be managed centrally, rather than relying upon the Captain.”

About SpeedCast International Limited
SpeedCast International Limited (ASX: SDA) is a leading global satellite communications and network service provider, offering high-quality managed network services in over 90 countries and a global maritime network serving customers worldwide. With a worldwide network of 42 sales and support offices and 39 teleport operations, SpeedCast has a unique infrastructure to serve the requirements of customers globally. With over 5,000 links on land and at sea supporting mission critical applications, SpeedCast has distinguished itself with a strong operational expertise and a highly efficient support organization. For more information, visit

Social Media: Twitter | LinkedIn | Facebook

SpeedCast® is a trademark and registered trademark of SpeedCast International Limited. All other brand names, product names, or trademarks belong to their respective owners.

© 2016 SpeedCast International Limited. All rights reserved.

For more information, please contact:
Clara So
SpeedCast International Limited
Tel: +852 3919 6800

About Danaos Corporation
Danaos Corporation is one of the largest independent owners of modern, large-size containerships. Our current fleet of 59 containerships aggregating 353,586 TEUs, including four vessels owned jointly with Gemini Shipholdings Corporation, is predominantly chartered to many of the world's largest liner companies on fixed-rate, long-term charters. Our long track record of success is predicated on our efficient and rigorous operational standards and environmental controls. Danaos Corporation's shares trade on the New York Stock Exchange under the symbol "DAC". Please visit for more information.

Ransomware Targets HR Depts With Fake Job Apps

GoldenEye is a variant of the Petya ransomware. Image: Check Point Cybercriminals are posing as job applicants as part of a new campaign to infect victims in corporate human resources departments with GoldenEye ransomware -- and they're even providing ...