Tag Archives: security product

[ISN] NSA staffers rake in Silicon Valley cash

http://thehill.com/policy/cybersecurity/233740-nsa-staffers-rake-in-silicon-valley-cash By Cory Bennett The Hill 02/24/15 Former employees of the National Security Agency are becoming a hot commodity in Silicon Valley amid the tech industry’s battle against government surveillance. Investors looking to ride the boom in cybersecurity are dangling big paydays in front of former NSA staffers, seeking to secure access to the insider knowledge they gained while working for the world’s most elite surveillance agency. With companies desperate to protect their networks against hackers, many tech executives say the best way to develop security products is to enlist the talents of people who have years of experience cracking through them. “The stories he could tell,” venture capitalist Ray Rothrock recalled about his meetings with a former NSA employee who founded the start-up Area 1 Security. “They come with a perspective that nobody in Silicon Valley has.” […]


[ISN] About the infosec skills shortage

http://3vildata.tumblr.com/post/109188919632/about-the-infosec-skills-shortage By https://twitter.com/addelindh and https://twitter.com/0xtero http://3vildata.tumblr.com/ Jan 26th, 2015 Today I got into an argument on Twitter that started with me saying something sarcastic in reference to a recent statement by a vendor and ended with a discussion about the skills shortage in security. Twitter can be a difficult medium sometimes and I don’t really feel that I got my point across, so this is my attempt to correct that. Before I start I would like to point out that in no way do I think that this is the only reason there is a skills shortage in security, but that I do consider it a large contributing factor. In the beginning, there was firewalls Enterprise investment in security has traditionally been in products such as firewalls, anti-virus, IPS/IDS, and so on. Security products has in turn been marketed and sold as “solutions” rather than tools; heavily automated and not really much to work with. Because of this, they have been considered as infrastructure components rather than applications, you just install and configure them and then let them do their magic. Automation is great, until it isn’t The thing about buying automated solutions is that it removes the incentive to invest in knowledge of the problem the solution was supposed to solve. Why pay money so that someone can learn how to solve a problem that has already been solved, right? For an enterprise, this makes perfect sense, and for a while it worked. […]


[ISN] Attend Cyber Security EXPO

http://www.infosecnews.org/event/cyber-security-expo/ October 8-9, 2014 Brand new for 2014, Cyber Security EXPO is the new place for everybody wanting to protect their organisation from the increasing commercial threat of cyber attacks Co-located with IP EXPO Europe, Cyber Security EXPO has been designed to provide CISOs and IT security staff the tools, new thinking and policies to meet the 21st century business cyber security challenge. At Cyber Security EXPO, discover how to build trust across the enterprise to securely manage disruptive technologies such as: * Cloud computing mobile * Bring your own device (BYOD) * Social media * Identity and access * Encryption * GRC * Analytics * Data The event delves into business issues beyond traditional enterprise security products, providing exclusive content on behaviour trends and business continuity. As well as providing the opportunity to meet top tier industry vendors you can hear presentations from the likes of Mikko Hypponen, Eugene Kaspersky and many more. Cyber Security EXPO will also host the first “Cyber Hack” a live open source security lab. In the lab, you’ll be able to share ideas with White Hat hackers, security gurus, Cyber Security EXPO speakers and fellow professionals. For more information or to register: http://bit.ly/1lBuUGi


[ISN] Malware infections tripled in late 2013, Microsoft finds

http://www.computerworld.com/s/article/9248166/Malware_infections_tripled_in_late_2013_Microsoft_finds By Jeremy Kirk IDG News Service May 7, 2014 A three-fold increase in Microsoft Windows computers infected with malicious software in late 2013 came from an application that was for some time classified as harmless by security companies. The finding comes as part of Microsoft’s latest biannual Security Intelligence Report (SIR), released on Wednesday, which studies security issues encountered by more than 800 million computers using its security tools. In the third quarter of 2013, an average of 5.8 Windows computers out of every 1,000 were infected with malware, said Tim Rains, director of Microsoft’s Trustworthy Computing division, which tracks security trends targeting the company’s widely used products. That jumped to about 17 computers per 1,000 for the last quarter of the year. Rains attributed the rise to malware called “Rotbrow.” The program masquerades as a browser add-on called “Browser Protector” and is supposedly a security product, Rains said by phone Wednesday. Rotbrow was found on about 59 of every 1,000 computers using its security products, he said. […]


[ISN] TDL4 rootkit can be modified to pwn any security product, Bromium researchers discover

http://news.techworld.com/security/3513668/tdl4-rootkit-can-be-modified-pwn-any-security-product-bromium-researchers-discover/ By John E Dunn Techworld 28 April 2014 Kernel mode rootkits are more viable than has been realised and could be used to bypass more or less any security product in existence, researchers at Bromium have discovered after conducting a proof-of-concept attack using a modified variant of in the infamous TDL4 malware. Due to be presented in more detail by the firm at this week’s Security BSides event in London, the research involved ‘tweaking’ the TDL4 variant that had appeared to take advantage of the Windows kernel privilege zero day (CVE-2013-3660), discovered in June last year. With a new payload, what this created was something lethal enough to overcome a variety of security layers the team tested against it such as antivirus, sandboxes and intrusion prevention, making it a sort of “Swiss Army knife” attack hiding behind ring zero. “While many were aware of the discovery of the TDL4 rootkit rumoured to be using kernel exploit code at the end of last year, few paid it any serious attention. And that was a huge error of judgement,” said Bromium’s head of security, Rahul Kashyap. […]


My latest Gartner research: Market Share Analysis: Unified Threat Management (SMB Multifunction Firewalls), Worldwide, 2014 Update

The market consolidates with the Dell acquisition of SonicWALL and Cassidian CyberSecurity acquiring NetASQ. Recent market entrant Huawei disrupts some of the UTM market with new products. Providers such as Dell, with comprehensive portfolios beyond security products, make it more …

Gartner customers may access this research by clicking here.


[ISN] Managed security service providers face $40M liability exposures

http://www.networkworld.com/news/2013/101413-managed-security-service-providers-face-274805.html By Ellen Messmer Network World October 14, 2013 Managed security service providers get paid by enterprise customers to stop malware or other kinds of cyberattacks, but if they fail, they face what’s often a multi-million-dollar liability. Forty million in potential liabilities are normal in SLAs, says Matthew Gyde, global general manager, security at Dimension Data, now part of NTT Group, based in Singapore, who addressed the topic at a panel discussion at the recent McAfee Focus Conference in Las Vegas. If there’s a virus outbreak on the customer’s network, for example, there is a limited timeframe to respond to meet the legal requirements of that SLA. “We have timeframes we have to respond to, perhaps 30 seconds,” said Gyde. There’s a need at a minimum to define what’s under attack and find the source. The two other managed security service providers on the panel, Digital Hands based in Florida and Lumenate based in Texas, indicated that $40 million in liability is typical in their SLAs, too. All three managed service providers (MSPs) support McAfee security products in addition to those from other vendors. They say enterprise customers typically hire a managed service provider in lieu of hiring perhaps 20 or so security staff. Mark Geary, chief services officer at Digital Hands, said a situation might require shutting down an infected PC on a network segment, for example, in a matter of seconds. Failing to do specific actions in certain timeframes triggers the potential for liability. […]


My latest Gartner research: Forecast Overview: Information Security, Worldwide, 2Q13 Update

Gartner expects demand for security products and services to be driven by the persistent threat landscape and influenced by the increasingly targeted and evolving attack patterns. Organizations globally face a growing threat landscape originating from economically, as well as politically, …

Gartner customers can access this latest research by clicking here.