11.5 C
Sunday, October 22, 2017

Questions left unanswered about Yahoo malware attack

Yahoo says that mostly non-mobile Windows users in Europe were attacked, but hasn't provided any public guidance on the number of affected users or what they should do. January 5, 2014 4:47 PM PST (Credit: CNET) On Saturday, Fox IT, a security f...

The county sheriff who keylogged his wife

Oh, you mean this keylogger?

FireEye’s $1B Mandiant Buyout: Is the Price Too High or Too...

NEWS ANALYSIS: When you understand that you can't stop all attacks, but you can detect and remediate them before they do serious harm, the value proposition of Mandiant becomes apparent. Security is one of the great market segments of the technology world as it's not typically driven by seasonality or cyclical demands. Security needs are constant and evolving. Simply put, no enterprise on the planet can afford not to invest continuously in security—for fear of being attacked and embarrassed in a public breach. It's in that context that security vendor FireEye acquired security firm Mandiant this week for the sky-high sum of $1 billion in stock and cash. On the surface, $1 billion seems like an absurdly high price for a company that has only 500 customers. It's also somewhat ridiculous that FireEye, a company that generated $160 million in revenue for all of 2013, is paying so much and has the ability to do so. Looking into the details of the transaction, FireEye will pay $106.5 million in cash and issue 21.5 million shares and options to Mandiant, so in a very real sense, Mandiant employees are buying into FireEye, as well. It's also important to remember that when it comes to company valuations, it's the future value and earnings potential that is paramount, rather than just simply looking at current revenue. Mandiant's "secret sauce" is a combination of threat-intelligence capabilities as well as the ability to understand how and where a company has been breached. During a call with financial analysts Jan. 2 to discuss the deal, Mandiant founder Kevin Mandia said that he started the company in 2004 on the premise that security breaches are inevitable. Although that premise wasn't widely accepted in 2004, in 2014 it is, and that's why Mandiant is a valuable commodity. When you understand that you can't stop everything, but you can detect and remediate attacks before they do serious harm, the value proposition of Mandiant becomes very apparent. What's also interesting to note is the connection between Kevin Mandia and FireEye CEO Dave DeWalt. Prior to founding Mandiant, Mandia was a director at Foundstone, which in its day was an influential security vendor. Foundstone was acquired by McAfee in 2004 for $86 million in cash. Coincidentally, DeWalt served as the CEO of McAfee from 2007 until 2012. In some respects, Foundstone can be seen almost as a precursor to Mandiant.

As such, it's incredible to see the amazing jump in valuation over the last decade for such technologies from $86 million in 2004 to $1 billion in 2014. In the modern threat economy, time is money and so is intelligence. As nation-states, hacktivists and cyber-criminals all continue to attack targets big and small, the value of security technologies and the vendors that build, support and service them will only grow in the years ahead. Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.  

Yahoo users exposed to malware attack

Some users visiting Yahoo.com are redirected to sites armed with code that exploits vulnerabilities in Java and installs a variety of different malware. January 4, 2014 6:48 PM PST (Credit: CNET) Yahoo.com visitors over the last few days may hav...

Cisco, Dell, Others Push Back at NSA Spying

Officials with the networking giant are investigating allegations that the U.S. spy agency compromised its products. Cisco Systems was one of several top-tier tech companies to respond to reports that the National Security Agency had compromised various systems—from network switches to smartphones—to help with its spying activities, promising to investigate the allegations that first arose in a report Dec. 30 in Germany's Der Spiegel publication. The Der Spiegel report said that for years, the NSA's Tailored Access Operations (TAO) group had taken advantage of security holes in the systems and used backdoors and other techniques to monitor and collect data from a wide range of electronic and computing devices, including iPhones from Apple, networking routers from Cisco, software from Microsoft and hard drives from Western Digital.

Other vendors mentioned include Juniper Networks, Samsung, Dell, Seagate and Huawei Technologies. In the days that followed, officials from many of the companies named in the report publically came out against any NSA intrusion and denied working with any government agencies in efforts that would compromise the security of their customers' data. In a post on the company blog site, John Stewart, senior vice president, chief security officer and head of Cisco's Threat Response, Intelligence and Development organization, said the company's Product Security Incident Response Team (PSIRT) was investigating the allegations. "We are deeply concerned with anything that may impact the integrity of our products or our customers' networks and continue to seek additional information," Stewart wrote. "We are committed to avoiding security issues in our products, and handling issues professionally when they arise." Cisco officials don't know of any new vulnerabilities in company products, and will address any issues that arise, he said. "As we have stated prior, and communicated to Der Spiegel, we do not work with any government to weaken our products for exploitation, nor to implement any so-called security 'back doors' in our products," Stewart wrote. On the company's Security Response site, Cisco officials said they have requested leaked documents cited in the Der Spiegel report, though they have yet to receive any. In addition, they encourage customers to sign up to receive notifications regarding vulnerabilities in Cisco products. Other tech vendors came out against the TAO and its program. In a post on the company blog, John McClurg, vice president and chief security officer for Dell Global Security, said the vendor's top priority is protecting customer data. "We take very seriously any issues that may impact the integrity of our products or customer security and privacy," McClurg wrote. "Dell does not work with any government—United States or otherwise—to compromise our products to make them potentially vulnerable for exploit.  This includes 'software implants' or so-called 'backdoors' for any purpose whatsoever." Dell's statement echoed those of other vendors.

Apple officials said in a statement that the company "has never worked with the NSA to create a backdoor in any of our products, including iPhone.

Additionally, we have been unaware of this alleged NSA program targeting our products." Microsoft officials said that the software giant "does not provide any Government with direct or unfettered access to our customers' data. We would have significant concerns if the allegations about Government actions are true." A spokesman for Huawei, which has found itself under suspicion by U.S. lawmakers for its alleged close ties to the Chinese government, told The Wall Street Journal that the NSA allegations could lead to fractures in the tech industry along geopolitical lines. "There's a very real concern for political or geography-based balkanization, which is in nobody's best interest," Bill Plummer, vice president of external affairs for Huawei, told the news site, adding that the company is "conducting audits of its products to determine if any compromise has occurred." U.S. lawmakers in a report in October 2012 said Huawei and fellow Chinese company ZTE represented national security threats because of close ties with the Chinese government, which U.S. officials feared would use Huawei and ZTE equipment to compromise U.S. systems.

The U.S. government cautioned telecommunications companies from doing business with the Chinese companies, both of which denied the allegations. Huawei executives have since said they are no longer trying to sell networking gear into the U.S. market. Other tech vendors coming out with statements against the NSA program include Hewlett-Packard and Juniper Networks. Tech companies worry the reports like the ones in Der Spiegel and others stemming from the leaks from Edward Snowden could affect customer trust in their products. Tech officials met with President Obama last month to talk about these issues.  

Drug overdose caused death of hacker

ATM hacker Barnaby Jack's death was an accidental drug overdose, said San Francisco's medical examiner's office. January 3, 2014 4:38 PM PST Barnaby Jack discusses the ramifications of his ATM hack on the first day of Black Hat 2010. (Credit: Se...

BlackBerry sues Ryan Seacrest firm over iPhone case that looks like...

Last seen with Miley Cyrus on New Year's, Seacrest was unavailable for comment.

Securing Sensitive Personal Data in Cloud Services: 10 Best Practices

We're only three days into 2014, and already two major online service hacks that compromised user data have hit the headlines.

The usernames and passwords for 4.6 million Snapchat users have been compromised and posted online. Skype, the Microsoft-owned VOIP service, was also reportedly breached, though at this point, it's believed that the attacks are unrelated.

The Syrian Electronic Army, a group of hackers that support the regime of Syrian President Bashar al-Assad, has taken responsibility for the Skype hack.

And just last month, hackers broke into the computer databases of Target, one of the world's largest retailers, stealing millions of credit card numbers and encrypted PIN numbers during the holiday shopping rush, forcing cardholders to scramble to replace their cards and guard their credit accounts.

Unfortunately, there's no simple solution for people to protect their identities and credit data on all the online services and with all the retailers they do business with. But there are a number of things people can do to at least limit their chances of getting hit hard by a data breach.

This slide show covers some of the techniques Web users can employ to improve their online security. Securing Sensitive Personal Data in Cloud Services: 10 Best Practices By Don Reisinger Get the Password Manager Going Nowadays, both mobile and desktop users can use password managers designed to house all-important credentials in one spot and create difficult passwords for sensitive sites.

All a user needs to do is remember the password for actually getting into the application, like 1Password or Password Manager, and he or she has full access to important accounts. Such password managers are important: They act as a repository for credentials, they create strong passwords, and they can populate password fields whenever the user goes to a particular site. Definitely check them out. Aim for Two-Factor Authentication Two-factor authentication is a key component in keeping data safe in the event of a breach. Let's say, for example, that hackers have obtained passwords for a site's entire user base.

If that site employs two-factor authentication, like sending a code to the user's mobile phone in addition to requiring a password, the impact might not be as great. It's an extra step, but it's an important one. That's probably why companies like Google and Bank of America use the technology in their online services. Switch Up Passwords There's no reason to keep passwords going for years and years. In fact, critical passwords should be changed on a regular basis. Some security experts say passwords should be changed at least every 90 days on all sites.

If you're not doing that, you could potentially put your many accounts across the Web at risk once hackers get just one credential. Just ask LivingSocial users who had their passwords stolen last year. Remember the Beauty of VPNs Virtual private networks deserve more credit for providing users with a higher level of security. VPNs allow users to find their way to critical sites through a secure connection and hopefully improve their security a bit. VPNs aren't the panacea to end all security woes, but it'd be nice to see them put into practice a bit more both in the enterprise and in the consumer space. Don't Trust Social Networks Social networks have become a breeding ground for potential security problems. In fact, a study last year from security firm Sophos revealed that social sites are swimming with major threats. So, while surfing through the sites, be sure to not click on unknown links.

And as Snapchat proved, believing that just because a site or service is big and popular it won't get hacked is pure folly.

Always be on the defensive when using social networks. Use Only Fraud-Secured Credit Cards Credit card numbers are being shared across the Web at an increasing rate.

And in many cases, hackers are intentionally going after those services that keep credit card information on file. So those who are going to share credit card information online should only be using plastic that has fraud protection. Those cards allow for any stolen money to be credited back to an account, safeguarding owners from any possible financial issues. It seems obvious, but it's an important consideration before buying a product online. Don't Link Online Accounts It's common practice now for Websites and operating systems to ask users to link their accounts with other services. Such a practice is great for the sites, which can get some free promotion, but it can unleash a world of hurt on consumers.

If a site is hacked and user credentials are stolen, it's possible that the linked accounts on other sites could become compromised as well. Beware. Stick to a Few Reliable Retail Sites Hitting the Web with a credit card in hand can be a risky move. That's why consumers should buy products from as few sites as possible. Granted, saying such a thing could hurt smaller retail sites, but this is about security.

And the best way to be secure on the Internet is to have a small footprint. Saving profiles and credit card information on dozens of retail sites around the Web is a bad idea that only increases the number of places information could be exposed. Stick with a few trustworthy e-commerce sites. Consider a Site's Security Not all sites are created equal when it comes to their devotion to safety and security of your information. Many sites have been overrun with malware and are just waiting for an unsuspecting user to come along and get hit. In other cases, some sites and site categories, especially adult content sites, are naturally dangerous. Staying on safe, reputable sites is always a good idea. Don't Be Late on the News When news breaks and a hack has occurred, the last thing you should want to be is late to the game. To ensure data is kept safe, users must respond quickly to a breach, change passwords across the Web and keep a close eye on the events as they unfold.

There's no excuse for ignorance anymore—the Internet is a dangerous place, and we must all accept that. Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis' Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.

Yelp’s new political action committee set to lobby Congress

Site's PAC will push bills on patent, copyright, and anti-SLAPP reform.

Multiple gaming platforms hit with apparent DDoS attacks

Outages could be collateral damage in swatting attack on streamer.

Security Horizon: Mobile Malware Up, U.S.-Based Infections Down

Separate studies from security vendors Kaspersky and Sophos evaluate the security events and exploits that were center stage in 2013 and will, no doubt, set the scene for this year.

A key trend observed during 2013 was the continued risk from botnets a...

FireEye acquires Mandiant in $1bn deal

Security firm FireEye has bought Mandiant in a deal worth more than $1bn, making it one of the largest acquisitions in the cyber security industry. The deal brings together two highly complementary companies, FireEye said in a statement. FireEye pioneered the use of virtual machine technology in security, while Mandiant specialises in endpoint security, incident response, and remediation. Under the terms of the acquisition, FireEye will issue an aggregate of 21.5 million shares and options with a current value of about $900m to buy shares of FireEye stock. In addition, it will pay approximately $106.5m of net cash in the transaction to the former Mandiant security holders and certain performance-based retention equity incentives. Mandiant shot to prominence in February 2013 when it published a report that said a secretive branch of China's military had stolen data from at least 141 organisations around the world. FireEye said the acquisition, which closed on 30 December 2013, recognises the ever-increasing intensity of cyber attacks and follows almost two years of collaboration. The company believes the deal will create a security company “with the ability to find and stop attacks at every stage of the attack life cycle”. FireEye shares rose 24% in after-hours trading in New York as news of the deal was made public only after the close of the markets, according to the BBC. Silicon Valley-based FireEye went public in 2013, and currently has a market valuation of more than $5bn, reports the International Business Times. “In my conversations with customers I have heard many of you express a desire to simplify the number of vendors and service providers you work with to protect yourself from advanced threats,” said David DeWalt, chief executive officer of FireEye. “We believe that by joining forces with Mandiant we have taken a significant step towards that goal,” he said in a statement. DeWalt said that together, the size and global reach of FireEye and Mandiant will enable faster innovation to deliver unmatched and comprehensive security. Kevin Mandia, Mandiant's founder and chief executive officer, was appointed as the chief operating officer of FireEye prior to the acquisition. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners.

If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com