Tag Archives: behavior

My Latest Gartner Research: Enterprise Firewall and Unified Threat Management Products Impact End-User Buying Behavior

This document helps product developers and managers of security providers prepare enterprise firewall and unified threat management products for the impact of digital business, mobile and the Internet of Things on end-user buying behavior….

Gartner Subscribers can access this research by clicking here.




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Massive leak reveals Hacking Team’s most private moments in messy detail

http://arstechnica.com/security/2015/07/massive-leak-reveals-hacking-teams-most-private-moments-in-messy-detail/ By Dan Goodin Ars Technica July 6, 2015 Privacy and human rights advocates are having a field day picking through a massive leak purporting to show spyware developer Hacking Team’s most candid moments, including documents that appear to contradict the company’s carefully scripted PR campaign. “Imagine this: a leak on WikiLeaks showing YOU explaining the evilest technology on earth! :-),” Hacking Team CEO David Vincenzetti wrote in a June 8 e-mail to company employees including Walter Furlan, whose LinkedIn profile lists him as the international sales engineer of the spyware developer. “You would be demonized by our dearest friends the activists, and normal people would point their fingers at you.” Other documents suggested the US FBI was among the customers paying for software that allowed targets to be surreptitiously surveilled as they used computers or smartphones. According to one spreadsheet first reported by Wired, the FBI paid Hacking Team more than $773,226.64 since 2011 for services related to the Hacking Team product known as “Remote Control Service,” which is also marketed under the name “Galileo.” One spreadsheet column listed simply as “Exploit” is marked “yes” for a sale in 2012, an indication Hacking Group may have bundled some sort of attack code that remotely hijacked targets’ computers or phones. Previously, the FBI has been known to have wielded a Firefox exploit to decloak child pornography suspects using Tor. Security researchers have also scoured leaked Hacking Team source code for suspicious behavior. Among the findings, the embedding of references to child porn in code related to the Galileo. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Evil Wi-Fi captive portal could spoof Apple Pay to get users’ credit card data

http://arstechnica.com/security/2015/06/evil-wifi-captive-portal-could-fool-users-into-giving-up-apple-pay-data/ By Sean Gallagher Ars Technica June 4, 2015 Researchers at Wandera, a mobile security company, have alerted Apple to a potential security vulnerability in iOS that could be used by attackers to fool users into giving up their credit card data and personal information. The vulnerability, based on the default behavior of iOS devices with Wi-Fi turned on, could be used to inject a fake “captive portal” page that imitates the Apple Pay interface. The attack leverages a well-known issue Ars has reported on in the past: iOS devices with Wi-Fi turned on will attempt by default to connect to any access point with a known SSID. Those SSIDs are broadcast by “probe” messages from the device whenever it’s not connected to a network. A rogue access point could use a probe request capture to masquerade as a known network, and then throw up a pop-up screen masquerading as any web page or app. The Wandera attack uses this behavior to get a mobile device to connect and then presents a pop-up portal page—the type usually used when connecting to a public WiFi service to present a Web-based login screen—that is designed to resemble an Apple Pay screen for entering credit card data. The attack could be launched by someone nearby a customer who has just completed or is conducting an Apple Pay transaction so that the user is fooled into believing Apple Pay itself is requesting that credit card data is reentered. An attacker could loiter near a point-of-sale system with an Apple Pay terminal and continuously launch the attack. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] What enterprises should do when helpless employees lose hope in fighting cyber attacks

http://www.csoonline.com/article/2926718/security-awareness/what-enterprise-should-do-when-helpless-employees-lose-hope-in-fighting-cyber-attacks.html By David Geer CSO May 28, 2015 Hit too many times with successful attacks and compromises, an enterprise’s human resources can develop a victim mentality, a.k.a. learned helplessness. When this happens, employees who feel they are helpless to do anything effective to fight cyber attacks lose hope. CSO looks at the symptoms of the victim mentality in the enterprise, how it comes about, and what enterprises can do technically and psychologically to avoid it. The victim mentality and its symptoms In the field of psychology, professionals also refer to the victim mentality as learned helplessness. “Learned Helplessness is a pattern of behaviors that develop in people when they are in a situation where they feel they have no power or control and they essentially give up,” says Steven Salmi, PhD, LP, President and CEO, Corporate Psychologists. Learned helplessness can surface in the corporate world where constant and extreme information security threats flourish. “If people feel stuck in a situation where no available choice will get them out of it, they can start to shut down,” says Salmi. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Security Experts Hack Teleoperated Surgical Robot

http://www.technologyreview.com/view/537001/security-experts-hack-teleoperated-surgical-robot/ MIT Technology Review Emerging Technology From the arXiv April 24, 2015 A crucial bottleneck that prevents life-saving surgery being performed in many parts of the world is the lack of trained surgeons. One way to get around this is to make better use of the ones that are available. Sending them over great distances to perform operations is clearly inefficient because of the time that has to be spent travelling. So an increasingly important alternative is the possibility of telesurgery with an expert in one place controlling a robot in another that physically performs the necessary cutting and dicing. Indeed, the sale of medical robots is increasing at a rate of 20 percent per year. But while the advantages are clear, the disadvantages have been less well explored. Telesurgery relies on cutting edge technologies in fields as diverse as computing, robotics, communications, ergonomics, and so on. And anybody familiar with these areas will tell you that they are far from failsafe. Today, Tamara Bonaci and pals at the University of Washington in Seattle examine the special pitfalls associated with the communications technology involved in telesurgery. In particular, they show how a malicious attacker can disrupt the behavior of a telerobot during surgery and even take over such a robot, the first time a medical robot has been hacked in this way. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] How hackers could attack hard drives to create a pervasive backdoor

http://arstechnica.com/information-technology/2015/02/how-hackers-could-attack-hard-drives-to-create-a-pervasive-backdoor/ By Sean Gallagher Ars Technica Feb 18, 2015 News that a hacking group within or associated with the National Security Agency compromised the firmware of hard drive controllers from a number of manufacturers as part of a 14-year cyber-espionage campaign has led some to believe that the manufacturers were somehow complicit in the hacking—either by providing source code to controller firmware or other technical support. But it’s long been established that hard drive controllers can be relatively easily reverse-engineered without any help from manufacturers—at least, without intentional help. Despite keeping hardware controller chip information closed, hard drive manufacturers’ use of standard debugging interfaces makes it relatively simple to dump their firmware and figure out how it works—even inserting malicious code that can trigger specific behaviors when files are accessed. Reverse-engineering it to the point of creating a stable alternative set of firmware for multiple vendors’ hard disk controllers that also includes persistent malware, however, is a significant feat of software development that only the most well-funded attacker could likely pull off on the scale that the “Equation group” achieved. Hard drive controller boards are essentially small embedded computers unto themselves—they have onboard memory, Flash ROM storage, and a controller chip that is essentially a custom CPU (usually based on the ARM architecture). They also generally have diagnostic serial ports, or other interfaces on the board, including some based on the JTAG board debugging interface. Using software such as Open On Chip Debugger (OpenOCD), you can even dump the “bootstrap” firmware from the controller and analyze it with an ARM disassembler. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Startup finds malware intrusions by keeping an eye on processor radio frequencies

http://www.networkworld.com/article/2875517/security0/startup-finds-malware-intrusions-by-keeping-an-eye-on-processor-radio-frequencies.html By Tim Greene Network World Jan 26, 2015 PFP Cybersecurity, a startup with roots in academia and the military, seeks out malware by analyzing the performance of hardware – not software and not the behavior of devices on the network. PFP’s system compares ongoing radio-frequency output from processors to a baseline that is established when the device is known to be performing legitimate tasks. When it detects anomalies that might represent malicious activity, it triggers alarms. Then it’s up to other tools to figure out what exactly is behind the problem. The system could be used to keep an eye on a large number of similar devices all performing the same task, such as those found in supervisory control and data acquisition (SCADA) networks that support power grids, chemical plants and the like. Savannah River National Laboratory is considering the gear for to protect its smart-grid relays. The system could also be used to check new devices as they are delivered from the plants where they are made in order to find faulty ones or ones that have been tampered with, the company says. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Student Spins Double Life Among Spanish Elite

http://www.nytimes.com/2014/10/22/world/student-spins-double-life-among-spanish-elite.html By RAPHAEL MINDER The New York Times OCT. 21, 2014 MADRID — How is it that a baby-faced, 20-year-old university student skates his way into the coronation celebration of the new king, passes himself off as a government adviser to reportedly broker a lucrative business deal, and avoids traffic jams by flashing a fake police light? That is the question members of Spain’s security services are asking themselves after the student, Francisco Nicolás Gómez Iglesias, was arrested last week and quickly gained prominence as the country’s most notorious gate-crasher. The answer, disturbingly enough, is that he did it by falsifying police and secret service documents and pretending to hold several government and other official posts, Spain’s national police say. The judge in charge of the case, Mercedes Pérez Barrios, was as incredulous as many other Spaniards at the extent of Mr. Gómez Iglesias’s double life. In her report, she wrote that she could “not understand how a young person of 20, using only his word and apparently under his own identity, could have access to conferences, places and events without his behavior alarming anybody.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail