Tag Archives: car

My latest Gartner research: Market Insight: Security Market Transformation Disrupted by the Emergence of Smart, Pervasive and Efficient Security

1 February 2017  |  …fits into/addresses these situations. Analysis by Perry Carpenter and Lawrence Pingree Technologies such as cloud, software-defined networking (SDN), network…or managed services. Analysis by Ruggero Contu, Perry Carpenter and Lawrence Pingree By 2020, integrated security models, such as…

Gartner clients can access this research by clicking here.


My latest Gartner research: Vendor Rating: Huawei

Huawei has established itself as a solid provider of ICT infrastructure technologies across consumer, carrier and enterprise markets worldwide. CIOs and IT leaders should utilize this research to familiarize themselves with Huawei’s “all-cloud” strategy and ecosystem development….

Gartner subscribers can access this research by clicking here.


[ISN] IoT risks raise concerns among IT specialists in central and eastern Europe

www.computerweekly.com/news/4500272253/IoT-risks-raise-concerns-among-IT-specialists-in-CEE By Krzysztof Polak ComputerWeekly.com 04 Feb 2016 The internet of things (IoT) has gone from an industry buzzword to a highly promising phenomenon in central and eastern Europe – but IT specialists are concerned about how to protect networks from the extra strain of new connected devices. The driving force behind IoT is the desire to gain knowledge and insights about, for example, buildings, cars, industrial installations, healthcare, aviation and civil infrastructure, using smart and connected devices. But according to Sylwester Chojnacki, director, enterprise business group at Huawei CEE, the designers of IoT equipment have not learned the lessons from the early years of internet development. “They do not pay sufficient attention to the safety of devices and applications,” he said. IoT devices are often the first target in cyber attacks, leading to intrusions into computer systems and large databases. […]


[ISN] Word up: BlackEnergy SCADA hackers change tactics

www.theregister.co.uk/2016/01/28/blackenergy_tv_station_attack/ By John Leyden The Register 28 Jan 2016 A new BlackEnergy spear-phishing campaign is targeting more Ukrainian firms, including a television channel. A spear-phishing document found by Kaspersky Lab analysts mentions the far-right Ukrainian nationalist political party “Right Sector” and appears to have been used in an attack against a popular television channel in Ukraine. Ukrainian TV station “STB” was previously named as a victim of the BlackEnergy Wiper attacks in October 2015. The Russian-speaking BlackEnergy APT group are notoriously blamed for malware-based attacks against utilities that led to short power outages in the days before Christmas. The BlackEnergy APT group has been actively using spear-phishing emails carrying malicious Excel documents with macros to infect computers in a targeted network since the middle of last year. However, in January this year, Kaspersky Lab researchers discovered a new malicious document which infects the system with a BlackEnergy Trojan. Unlike the Excel documents used in previous attacks, this was a Microsoft Word document. […]


[ISN] Cloud security roadmap essential for healthcare as off-site threats persist, experts say

www.healthcareitnews.com/news/cloud-security-roadmap-essential-healthcare-site-threats-persist-experts-say By Jack McCarthy Health IT News January 28, 2016 The onset of cloud computing brought with it an information technology revolution, allowing organizations to have their IT resources hosted off site, reducing their costs and simplifying operations. Unfortunately, the move to the cloud did not mean organizations could forget about requirements for a successful security profile. Healthcare organizations making the move to a cloud-centric strategy can’t lower their guard on security defenses, said Chris Bowen, founder and chief privacy and security officer of ClearDATA, a healthcare cloud computing company. “People may think that by offloading security responsibility to the cloud, they won’t have to worry, but that’s not the case,” Bowen said. “We know that threats exist in the cloud.” Bowen will discuss this issue at HIMSS16 along with J. Gary Seay, senior vice president and CIO of Community Health Systems, Bowen will give a presentation entitled, “Developing a Cloud Security Roadmap.” […]


[ISN] CarolinaCon-12 – March 2016 – FINAL ANNOUNCEMENT

Forwarded from: Vic Vandal CarolinaCon-12 will be held on March 4th-6th, 2016 in Raleigh NC. For the cheap price of $40 YOU could get a full weekend of talks, hacks, contests, and parties. Regarding the price increase to $40, it was forced due to ever-rising venue costs. But we promise to provide more value via; great talks, great side events, kickass new attendee badges, cool giveaways, etc. We’ve selected as many presentations as we can fit into the lineup. Here they are, in no particular order: – Mo Money Mo Problems: The Cashout – Benjamin Brown – Breaking Android apps for fun and profit – Bill Sempf – Gettin’ Vishy with it – Owen / Snide- @LinuxBlog – Buffer Overflows for x86, x86_64 and ARM – John F. Davis (Math 400) – Surprise! Everything can kill you. – fort – Advanced Reconnaissance Framework – Solray – Introducing PS>Attack, a portable PowerShell attack toolkit – Jared Haight – Reverse Engineer iOS apps because reasons – twinlol – FLOSS every day – automatically extracting obfuscated strings from malware – Moritz Raabe and William Ballenthin – John the Ripper sits in the next cubicle: Cracking passwords in a Corporate environment – Steve Passino – Dynamic Analysis with Windows Performance Toolkit – DeBuG (John deGruyter) – Deploying a Shadow Threat Intel Capability: Understanding YOUR Adversaries without Expensive Security Tools – grecs – AR Hacking: How to turn One Gun Into Five Guns – Deviant Ollam – Reporting for Hackers – Jon Molesa @th3mojo – Never Go Full Spectrum – Cyber Randy – I Am The Liquor – Jim Lahey CarolinaCon-12 Contests/Challenges/Events: – Capture The Flag – Crypto Challenge – Lockpicking Village – Hardware Hack-Shop – Hacker Trivia – Unofficial CC Shootout LODGING: If you’re traveling and wish to stay at the Con hotel here is the direct link to the CarolinaCon discount group rate: www.hilton.com/en/hi/groups/personalized/R/RDUNHHF-CCC-20160303/index.jhtml NOTE: The website defaults to March 3rd-6th instead of March 4th-6th and the group rate is no longer available on March 3rd. So make sure that you change the reservation dates to get the group rate. ATTENTION: The discount group rate on Hilton hotel rooms expires THIS weekend on JANUARY 31st 2016, so act quickly if you plan on staying at the hotel for all of the weekend fun and you want the group rate. CarolinaCon formal proceedings/talks will run; – 7pm to 11pm on Friday – 10am to 9pm on Saturday – 10am to 4pm on Sunday For presentation abstracts, speaker bios, the final schedule, side event information, and all the other exciting details (as they develop and as our webmaster gets to them) stay tuned to: www.carolinacon.org ADVERTISERS / VENDORS / SPONSORS: There are no advertisers, vendors, or sponsors allowed at CarolinaCon….ever. Please don’t waste your time or ours in asking. CarolinaCon has been Rated “M” for Mature. Peace, Vic


[ISN] What are Top HIPAA Compliance Concerns, Obstacles?

healthitsecurity.com/news/what-are-top-hipaa-compliance-concerns-obstacles By Elizabeth Snell Health IT Security January 25, 2016 Maintaining HIPAA compliance should always be a key area for leaders in the healthcare industry, but as technology continues to evolve, there are numerous factors coming into play that could affect how organizations keep patient data secure. But what type of obstacles are standing in provider’s’ way? Are there certain difficulties when it comes to HIPAA compliance? We’ve previously discussed the legal perspective on HIPAA regulations, and various experts in the field have claimed that “it’s not a matter of if, but a matter of when” a data breach will take place. Recent OCR HIPAA settlements not only show that size is not a factor when it comes to enforcement, but that organizations need to be mindful of everything from physical safeguards to conducting regular risk assessments. Technical advancements have also proven to be potentially beneficial to covered entities. Whether an organization is looking to implement secure messaging options or potentially invest in cloud storage, privacy and security issues cannot be overlooked. […]


[ISN] Flint hospital hit with cyber attack after hacker group Anonymous promises action on water crisis

www.healthcareitnews.com/news/flint-hospital-hit-cyber-attack-after-hacker-group-anonymous-promises-action-water-crisis By Mike Miliard Health Care IT News January 25, 2016 Flint, Michigan-based Hurley Medical Center was targeted with a cyber attack this past week, soon after the hacktivist group Anonymous released a video promising “justice” for the city’s ongoing water crisis. The attack was confirmed by the hospital on Jan. 21. “Hurley Medical Center has IT systems in place, which aid in detecting a virus or cyber attack,” spokeswoman Ilene Cantor said, according to MLive. “As such, all policies and protocols were followed in relation to the most-recent cyber attack on our system. Patient care was not compromised and we are closely monitoring all systems to ensure IT security is consistently maintained.” Anonymous’ posted a video online launching what it dubbed the #OpFlint campaign. […]