eEye Digital Security CTO to Keynote at InfoSec 2011 Nashville Conference
PR Web (press release)
eEye Digital Security, a provider of IT security and unified vulnerability management solutions, will exhibit at the InfoSec 2011 Nashville Conference at the Nashville Convention Center on September 15. The Southeast's leading security conference now ...
Infosec's mega marketing misalignment mishap
Analysts, security engineers and other infosec geeks aim for Swiss-watch precision, because one little mistake means the bad guys win. We want people to take this seriously, right? So why do certain marketing and PR departments spread a load of what my ...
18 infosec fails that let crims win
Today's complex, targeted attacks succeed because companies fail to cover information security basics, according to senior Kaspersky Lab analysts. "Everybody is aware of these things, but now is the time for starting to [pay] attention," said Evgeny ...
Shifting Course on Infosec Post-9/11
On the morning of Sept. 11, 2001, federal IT leader Mark Forman was briefing government chief human resources directors on the president's e-government initiative at a forum at the University of Maryland, a 10-mile drive from his White House office, ...
2011 European Digital Forensics and Incident Response Summit confirms largest ...
Prfire (press release)
... James Lyne, nicknamed the Mcguyver of Infosec by the BBC, and David Stubley, a Director with 7 Elements, a respected security consultancy, taking the roster to 12 influential and highly regarded experts who will be presenting during the event. ...
We didn't leak names of US agents, insists WikiLeaks
WikiLeaks has admitted some sort of unspecified infosec problem while denying suggestions that its cache of US diplomatic cables has been exposed. The whistle-blowing website has published carefully edited extracts of the cables in conjunction with its ...
by Robert Westervelt
SMS-stealing Trojan poses as banking protection but once installed it can intercept text messages, sending them to the attacker’s command and control server.
A new banking Trojan from cybercriminals brandishing the SpyEye toolkit targets users of Android smartphones, tricking victims into installing a malicious application that steals text messages.
The Trojan was first discovered targeting Android phones in July by security researchers at Boston-based Trusteer Inc. It begins as a man-in-the-middle attack on a machine infected with SpyEye malware. A user that browses to the targeted bank is met with a phony message urging them to install a new application on their mobile phone to protect against SMS stealing malware. Once installed, the victim will see no sign of the malicious application running on the device.
“After the compromised user installs the Android application on his/her device, the application named ‘System’ is not visible on the device dashboard,” wrote Ayelet Heyman, a senior malware researcher at Trusteer in the company’s research blog. “It’s not a service, and it’s not listed in any current running applications. In order for a user to determine the existence of this app a bit of searching is required.”
Up until now, similar attacks have targeted BlackBerry and Symbian smartphones, Trusteer said. Security researchers are calling the technique of sniffing SMS messages a Man-in-the-mobile (Mitmo) attack. Often, the attacker requests the victim’s cell phone number and the device’s international mobile equipment identity (IMEI) number when installing the malicious application. Similar attacks were documented in 2010 targeting non-U.S. banks for two factor authentication.
Once the Trojan is installed successfully on the victim’s device, all incoming SMS messages will be intercepted and send to the attacker’s command and control server, Trusteer said.
The good news is, according to Trusteer, that the attack has yet to gain momentum. Security software that protects against man-in-the-middle attacks will help protect against the attack.
by Michael S. Mimoso
Since going public in 2007, network security company Sourcefire Inc., the home of the open source Snort intrusion detection and prevention system, has been busy expanding the breadth of its offerings – and has done so primarily via acquisition. Strategically, it’s a smart move to branch out beyond IDS and into endpoint (Clam AV) and cloud-based protection (Immunet), but the company has admittedly struggled with its identity because of Snort’s tremendous brand.>>>
mpany launched a new campaign promoting what it’s calling Agile Security designed to put the message front and center to the market and customers that Sourcefire is deeper than just Snort. The company, founded by Marty Roesch, wants to position its products as a counter to today’s dynamic attacks.
“Traditional security is static; set-it-and-forget-it security doesn’t help,” said Sourcefire senior VP of marketing Marc Solomon. “Our research shows that 75% of the malware we see on customer environments is seen once. These are polymorphic viruses taking on an average lifespan of less than a day. You can’t throw bodies at it, because you can’t keep up. Attackers are winning.”
Sourcefire says the solution is a mix of automation and intelligence on threats that is applied to enterprise networks to set and enforce policies, and ultimately block rather than alert on attacks if the company so chooses.
“Sourcefire has had trouble articulating its vision; ‘We’re the inventor of Snort.’ That was their tagline. That’s no way to build an enterprise security company,” said Richard Steinnon, founder of IT-Harvest, an analyst firm. Steinnon said Sourcefire’s edge is its context-aware offerings via its RNA product and the attack intelligence gained from its cloud-based Immunet initiative Collective Immunity and the Sourcefire Vulnerability Research Team.
Solomon diagrammed the Agile Security vision in four steps: See, Learn, Adapt and Act. Via RNA, which is being re-branded FireSIGHT, customers will be able to watch network traffic for anomalies as it moves over endpoints, different operating systems, and the network. Networks may then adapt to threats and create rules to either alert or block attacks; an upcoming next-generation firewall is at the heart of this phase of the vision, Solomon said. This automation will enable enterprises to act on intelligence in real time, Solomon said.
|The way the world consumes and shares data will dramatically change in the next five years. Is your network ready to handle the load? Prepare for the future of the network with Cisco.|
Posted by InfoSec News on Sep 13http://www.bankinfosecurity.com/articles.php?art_id=4047
Posted by InfoSec News on Sep 13http://www.domain-b.com/defence/general/20110912_cyber_warfare.html
Posted by InfoSec News on Sep 13========================================================================
Posted by InfoSec News on Sep 13http://www.computerworld.com/s/article/9219930/Certificate_hacker_probably_paid_by_Iran_say_victimized_firms
Posted by InfoSec News on Sep 13http://www.nextgov.com/nextgov/ng_20110912_7347.php
Posted by InfoSec News on Sep 13http://www.jsonline.com/business/129673573.html