itwbennett writes: Neutrino is using passive OS fingerprinting to detect visiting Linux machines, according to Trustwave researchers who found that computers they were using for research couldn't make a connection with servers that delivered Neutrino. Daniel Chechik, senior security researcher at Trustwave's SpiderLabs division wrote that they tried changing IP addresses and Web browsers to avoid whatever was causing the Neutrino server to not respond, but it didn't work. But by fiddling with some data traffic that Trustwave's computers were sending to the Neutrino server, they figured out what was going on.
itwbennett writes: If you don't live in Chattanooga, Tenn., you probably aren't aware that the city's municipally owned electric utility, EPB, provides its broadband Internet — nice, fast Internet to boot. And, even if you did happen to know that, you probably don't care. But CIO's Bill Snyder explains why you should take note of AT&T's efforts to block the expansion of EPB's network on the grounds that 'the government should not compete with private enterprise.' At issue is more than a question of whether the greater Chattanooga area can have access to fast broadband because in all areas of the U.S. 'where big ISPs have the market to themselves, consumers often get stuck in the Web's slow lane,' says Snyder.
itwbennett writes: Some rogue do-gooder has 'gained access to some of the servers that cybercriminals use to distribute the Dridex Trojan and replaced it with an installer for Avira Free Antivirus,' writes Lucian Constantin. For those unfamiliar with Dridex, it is 'one of the three most widely used computer Trojans that target online banking users' — and it's resilient: In October, 2015, one month after its administrator was arrested, it was back in full swing.
itwbennett writes: In a lawsuit filed January 8, 2016, Enigma Software, maker of anti-malware software SpyHunter, accuses self-help portal Bleeping Computer of making 'false, disparaging, and defamatory statements.' At issue: a bad review posted by a user in September, 2014. The lawsuit also accuses Bleeping Computer of profiting from driving traffic to competitor Malwarebytes via affiliate links: 'Bleeping has a direct financial interest in driving traffic and sales to Malwarebytes and driving traffic and sales away from ESG.' Perhaps not helping matters, one of the first donations to a fund set up by Bleeping Computer to help with legal costs came from Malwarebytes.
itwbennett writes: Malwarebytes CEO Marcin Kleczynski said in a blog post on Monday that the company has fixed several server-side vulnerabilities that were found by Google security researcher Tavis Ormandy in November, but is still testing a new version of its Anti-Malware product to fix client-side problems. Until the problems are fixed, which could take 3 or 4 weeks, customers can implement a workaround: those using the premium version of Anti-Malware 'should enable self-protection under settings to mitigate all of the reported vulnerabilities,' Kleczynski wrote.
itwbennett writes: CrowdStrike's latest global threat report, which covers attacks by nation states, cybercriminals and hacktivists, finds that 'China is the biggest offender,' said Adam Meyers, vice president of intelligence at CrowdStrike. According to the report, the country is mostly focused on collecting intelligence that supports its economic system. China's next five-year plan is expected to be released in March, but some general information is available now and 'they're focusing on getting Western technology out,' said Meyers. Of particular interest: agricultural technologies, clean energy, high-speed railways, electric cars, computer chips, and defense technologies and operations.
itwbennett writes: According to a Ponemon Institute survey, hackers make less than $15,000 per successful attack and net, on average, less than $29,000 a year. The average attacker conducts eight attacks per year, of which less than half are successful. Among the findings that will be of particular interest to defenders: Hackers prefer easy targets and will call off an attack if it is taking too long. According to the survey, 13 percent quit after a delay of five hours. A delay of 10 hours causes 24 percent to quit, a delay of 20 hours causes 36 to quit, and a majority of 60 percent will give up if an attack takes 40 additional hours. 'If you can delay them by two days, you can deter 60 percent of attacks,' said Scott Simkin, senior threat intelligence manager at Palo Alto Networks, which sponsored the study.
itwbennett writes: Cisco Systems has released a new batch of security patches for flaws affecting a wide range of products, including for a critical vulnerability in its RV220W wireless network security firewalls. The RV220W vulnerability stems from insufficient input validation of HTTP requests sent to the firewall's Web-based management interface. This could allow remote unauthenticated attackers to send HTTP requests with SQL code in their headers that would bypass the authentication on the targeted devices and give attackers administrative privileges.
itwbennett writes: A study from Harvard's Berkman Center for Internet Society, signed by well-known figures, including security expert Bruce Schneier, Jonathan Zittrain of Harvard Law School and Matthew G. Olsen, former director of the U.S. National Counterterrorism Center, acknowledges that while encryption will pose challenges to law enforcement in some instances, by no means will it dictate the landscape of future technology products. The study predicts that the continued expansion of Internet-connected devices — such as smart TVs and vehicles, IP video cameras and more — will offer fresh opportunities for tracking targets. 'There are and will always be pockets of dimness and some dark spots — communications channels resistant to surveillance — but this does not mean we are completely 'going dark',' the study said.
itwbennett writes: Tablets may have ushered in the post-PC age, but the only ones posting a growth in sales are detachables — the ones that are most like PCs and most likely to be PC replacements. This category, which includes Apple's iPad Pro and Microsoft's Surface and Surface Pro, saw 8.1 million devices shipped in the 4th quarter, more than double a year earlier, says research firm IDC. Unfortunately for Microsoft, replacing a PC can also mean replacing Windows. According to IDC the biggest-selling detachable in the fourth quarter was the iPad Pro: it estimates Apple sold just over 2 million of them.
itwbennett writes: Currently, each Windows Server license allows for use of the software on up to two physical processors. Beyond the first license, there's no minimum number that must be purchased per server. But with Windows Server 2016, due later this year, customers will have to purchase licenses based on the number of activated processor cores in each server. Licenses will be sold in packs covering two cores, and customers will be required to purchase enough licenses to cover at least eight cores for each physical processor, regardless of how many cores are actually in their server, warns Christopher Barnett, an associate attorney with Scott & Scott LLP. In a licensing FAQ from December, Microsoft says it's making the changes to align licensing of private and public cloud to 'a consistent currency of cores' and simplify licensing across multicloud environments. 'Microsoft’s auditors likely will have a field day with these new requirements for Windows Server, in the same way that they have used the ever-more-complex licensing rules for SQL Server to increase the company’s audit-based revenue in recent years,' said Barnett.
itwbennett writes: Over the weekend, Brian Krebs reported that Sam Glines, CEO of threat intelligence vendor Norse Corp., was asked to step down by the board of directors and employees were told that they could report to work on Monday, but that there was no guarantee they'd be paid for their work. 'Less than a day after Krebs published his article, Norse Corp.'s website was offline, and attempts to email the company failed,' writes CSO's Steve Ragan. 'The ever-popular Norse attack map was online for some of the weekend, but that too had gone dark by Sunday evening.' In the aftermath of the company's disappearance, the topic of flawed data and assumptions once again resurfaced in a blog post written by ICS expert, Robert M. Lee.
itwbennett writes: According to a new report from Panda Security, more than 84 million new malware samples (27% of all malware ever created) were collected over the course 2015, making it a record year. Luis Corrons, technical director of Panda's PandaLabs unit, attributes the rise to the constant oneupsmanship between hackers and antivirus software makers. 'At the end of the day, it's our fault, in some ways,' he said.
itwbennett writes: In a blog post yesterday, Facebook announced it is shutting down the Parse developer platform as of Jan. 28, 2017, giving developers a year to move off its hosted services. This comes as a bit of a surprise, considering that just last month, Parse launched a set of new tools to help developers work with Apple's watchOS and tvOS last, and at the time, Parse Product Manager Supratik Lahiri promised more updates in the future. Developers who don't want to rewrite their applications to work with a new back-end service provider can follow a migration guide from Parse to make their applications work with an independent MongoDB instance and a new open-source Parse Server that's running on Salesforce-owned developer platform provider Heroku.