Welcome!

Machine Learning Authors: Yeshim Deniz, Peter Silva, Carmen Gonzalez, Bob Gourley, Liz McMillan

Blog Feed Post

Hackers go phishing with Obamacare, NSA goes on the record about Tor attacks and more

By

NSAHere are the top cyber news and stories of the day.

  • Hackers go phishing with Obamacare – It is possible that using the new HealthCare.gov site will open up users to more vulnerabilities and more. Because users are likely to be confused by the new system, they are more vulnerable to well targeted and researched spearphishing attacks. Via Security Info Watch, more here.
  • Reactions from the security community to the Adobe breach – “Hackers have breached Adobe’s network and have made off with personal, account, and encrypted financial information of nearly 3 million Adobe customers, as well as the source code for Adobe Acrobat, ColdFusion, ColdFusion Builder and other Adobe products.” Follow the link to hear what many professionals had to say about this unfortunate action. Via NetSecurity.org, more here.
  • Adobe Says Hackers Stole Source Code, 2.9M Customers’ Info – “Adobe Systems Inc. (ADBE), the biggest maker of graphic-design software, said hackers broke into its networks and stole personal data on 2.9 million customers and source code for popular products including Acrobat and ColdFusion.” The theft of the source code could be extremely dangerous to Adobe and jeopardize the future of their products. Via Bloomberg, more here.
  • Mobile Malware Hits the 1M Mark – “Android-based mobile malware and high-risk apps have reached the one million mark, according to a study from Trend Micro.” The vast majority of this malware is available on nonstandard appstores or just out in the wild. Keeping your downloads to your the Google Play Store will offer some (strong) measure of protection. Via InfoSecurity, more here.
  • Most unauthorized data access goes undetected – “With a focus primarily on large enterprise organizations, a Vormetric study of 700 IT security decision-makers indicates that there are major gaps between existing security processes and the technologies currently in place to address insider threats.” Via Net Security.org, more here.
  • NSA goes on the record about Tor attacks – ‘“The intelligence community is only interested in communication related to valid foreign intelligence and counterintelligence purposes and that we operate within a strict legal framework that prohibits accessing information related to the innocent online activities of U.S. citizens,” James Clapper, director of national intelligence, said in an Oct. 4 statement on the IC on the Record blog.’ Via FedScoop, more here.
  • Security After the Death of Trust – ‘Security has to reboot. What has passed for strong security until now is going to be considered only casual security going forward. As I put it last week, the damage that has become visible over the past few months means that “we need to start planning for a computing world with minimal trust.”’ To read more, continue on the Forbes website, here.
  • Shutdown undermines cybersecurity – “With fewer eyeballs monitoring the government’s networks for malicious activities and an increasing number of federal systems sitting idle during the shutdown, security experts fear it could create a perfect storm for insiders and hackers looking to do agencies harm.” Via Federal Times, more here.
  • Hackers Target AT&T to Vodacom in SIM-Card Scam – “At wireless carriers such as AT&T Inc. (T) and South Africa’s Vodacom Group Ltd. (VOD), a new hacking threat has emerged involving the illicit swapping of SIM cards, the plastic chips that authenticate customers on mobile networks. Criminals call users and impersonate the companies to glean personal information, which they use to hijack the chips and customer accounts, paving the way for online banking fraud and international calling theft.” Via Bloomberg, more here.
  • U.S. Indicts 13 Anonymous Members – “Between September 2010 and January 2011, Anonymous carried out Operation Payback in retaliation for the Pirate Bay takedown and in support of one of its favorite people: WikiLeaks founder Julian Assange. The initiative took down websites for the Recording Industry Association of America, Motion Picture Association of America, the United States Copyright Office of the Library of Congress, Visa, MasterCard and Bank of America.” Via InfoSecurity, more here.
  • Redefining the Insider Threat – “Randy Trzeciak has an answer, but he and his colleagues at Carnegie Mellon University’s CERT Insider Threat Center are working to broaden the definition of the inside r threat to incorporate not just the risk to information and technology but to facilities and people, too. The CERT Insider Threat Center, part of CMU’s Software Engineering Institute, defines insiders as those who pose a substantial threat by virtue of their knowledge of, and access to, their employers’ systems and databases. Insiders – current and former employees, contractors and trusted business partners – can bypass existing physical and electronic security measures through legitimate means.” Via GovInfoSecurity, more here.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

@CloudExpo Stories
Both SaaS vendors and SaaS buyers are going “all-in” to hyperscale IaaS platforms such as AWS, which is disrupting the SaaS value proposition. Why should the enterprise SaaS consumer pay for the SaaS service if their data is resident in adjacent AWS S3 buckets? If both SaaS sellers and buyers are using the same cloud tools, automation and pay-per-transaction model offered by IaaS platforms, then why not host the “shrink-wrapped” software in the customers’ cloud? Further, serverless computing, cl...
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin, ...
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain.
With the proliferation of both SQL and NoSQL databases, organizations can now target specific fit-for-purpose database tools for their different application needs regarding scalability, ease of use, ACID support, etc. Platform as a Service offerings make this even easier now, enabling developers to roll out their own database infrastructure in minutes with minimal management overhead. However, this same amount of flexibility also comes with the challenges of picking the right tool, on the right ...
“We're a global managed hosting provider. Our core customer set is a U.S.-based customer that is looking to go global,” explained Adam Rogers, Managing Director at ANEXIA, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Security, data privacy, reliability and regulatory compliance are critical factors when evaluating whether to move business applications from in-house client hosted environments to a cloud platform. In her session at 18th Cloud Expo, Vandana Viswanathan, Associate Director at Cognizant, In this session, will provide an orientation to the five stages required to implement a cloud hosted solution validation strategy.
China Unicom exhibit at the 19th International Cloud Expo, which took place at the Santa Clara Convention Center in Santa Clara, CA, in November 2016. China United Network Communications Group Co. Ltd ("China Unicom") was officially established in 2009 on the basis of the merger of former China Netcom and former China Unicom. China Unicom mainly operates a full range of telecommunications services including mobile broadband (GSM, WCDMA, LTE FDD, TD-LTE), fixed-line broadband, ICT, data communica...
"We host and fully manage cloud data services, whether we store, the data, move the data, or run analytics on the data," stated Kamal Shannak, Senior Development Manager, Cloud Data Services, IBM, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Zerto exhibited at SYS-CON's 18th International Cloud Expo®, which took place at the Javits Center in New York City, NY, in June 2016. Zerto is committed to keeping enterprise and cloud IT running 24/7 by providing innovative, simple, reliable and scalable business continuity software solutions. Through the Zerto Cloud Continuity Platform™, organizations can seamlessly move and protect virtualized workloads between public, private and hybrid clouds. The company’s flagship product, Zerto Virtual...
As businesses adopt functionalities in cloud computing, it’s imperative that IT operations consistently ensure cloud systems work correctly – all of the time, and to their best capabilities. In his session at @BigDataExpo, Bernd Harzog, CEO and founder of OpsDataStore, will present an industry answer to the common question, “Are you running IT operations as efficiently and as cost effectively as you need to?” He will expound on the industry issues he frequently came up against as an analyst, and...
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, looked at differ...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
IoT offers a value of almost $4 trillion to the manufacturing industry through platforms that can improve margins, optimize operations & drive high performance work teams. By using IoT technologies as a foundation, manufacturing customers are integrating worker safety with manufacturing systems, driving deep collaboration and utilizing analytics to exponentially increased per-unit margins. However, as Benoit Lheureux, the VP for Research at Gartner points out, “IoT project implementers often un...
SYS-CON Events announced today that Technologic Systems Inc., an embedded systems solutions company, will exhibit at SYS-CON's @ThingsExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Technologic Systems is an embedded systems company with headquarters in Fountain Hills, Arizona. They have been in business for 32 years, helping more than 8,000 OEM customers and building over a hundred COTS products that have never been discontinued. Technologic Systems’ pr...
SYS-CON Events announced today that IoT Now has been named “Media Sponsor” of SYS-CON's 20th International Cloud Expo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
SYS-CON Events announced today that WineSOFT will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Based in Seoul and Irvine, WineSOFT is an innovative software house focusing on internet infrastructure solutions. The venture started as a bootstrap start-up in 2010 by focusing on making the internet faster and more powerful. WineSOFT’s knowledge is based on the expertise of TCP/IP, VPN, SSL, peer-to-peer, mob...
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and containers together help companies achieve their business goals faster and more effectively. In his session at DevOps Summit, Ruslan Synytsky, CEO and Co-founder of Jelastic, reviewed the current landscape of Dev...
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @CloudExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
The security needs of IoT environments require a strong, proven approach to maintain security, trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industries, for example, healthcare, consumer devices, and manufacturing. In his session at @ThingsExpo, Lancen LaChance, vic...