[ISN] Security of Hillary Clinton’s private e-mail server comes under scrutiny

http://www.washingtonpost.com/world/national-security/security-of-hillary-clintons-private-e-mail-server-comes-under-scrutiny/2015/03/10/fcccfb78-c737-11e4-aa1a-86135599fb0f_story.html By Ellen Nakashima The Washington Post March 10, 2015 The private e-mail server used by Hillary Rodham Clinton all but certainly lacked the level of security employed by the government and could have been breached fairly easily by determined foreign intelligence services, national security and cyber experts said. In the wake of last week’s revelation that Clinton used a private e-mail account as secretary of state, critics have questioned whether that decision left sensitive government communications vulnerable to hackers. At a news conference Tuesday, Clinton said the server was set up for her husband, former president Bill Clinton, at their house in Chappaqua, N.Y., which she said was guarded by the Secret Service. “I think . . . the use of the server . . . certainly proved to be effective and secure,” she said. But such assurances have not persuaded technical experts. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] R.E.S.P.E.C.T.: The way for CISOs to get and keep it

http://www.csoonline.com/article/2894037/security-leadership/r-e-s-p-e-c-t-the-way-for-cisos-to-get-and-keep-it.html By Taylor Armerding CSO March 10, 2015 If you’ve got a “C” at the beginning of your professional title, you’re at the top, or pretty close to it. That, at least, is the perception of most people below the “C-suite” in an organization. But, there is a hierarchy in the C-suite as well, and the Chief Information Security Officer (CISO) tends to be stuck at the low end of it, both in influence and respect. That’s the finding of a survey by ThreatTrack Security, reported in a white paper titled, “No Respect: Chief Information Security Officers Misunderstood and Underappreciated by Their C-Level Peers.” More specifically, the survey of 203 C-level executives at U.S. organizations employing a CISO found that a large majority (74%) thought CISOs didn’t even deserve a seat at the C-level table and viewed them primarily as, “a convenient scapegoat in the event of a data breach.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] No, the CIA isn’t stealing Apple’s secrets

http://blog.erratasec.com/2015/03/no-cia-isnt-stealing-apples-secrets.html By Robert Graham blog.erratasec.com March 10, 2015 The Intercept news site by Glenn Greenwald is activism rather than journalism. Their stories don’t reference experts knowledgeable about subjects, but only activists who are concerned about the subjects. This was demonstrated yet against in their piece claiming “The CIA Campaign to Steal Apple’s Secrets”. Yes, the Snowden documents are real, but pretty much everything else is made up. Here’s the deal. Terrorist leaders use iPhones. They are a status symbol, and status symbols are important to leaders. Moreover, since Apple’s security is actually pretty good, terrorists use the phones for good reason (most Android devices suck at security, even the Blackphone). Getting software onto terrorist’s phones, or basebands, is an important goal of intelligence. When CIA drones bomb a terrorist compound, iPhones will be found among the bodies. Or, when there is a terrorist suspect coming out of a dance club in Karachi, a CIA agent may punch them in the face and run away with their phone. However, it happens, the CIA gets phones and wants to decrypt them. Back in 2011 when this conference happened, the process of decrypting retrieved iPhones was time consuming (months), destructive, and didn’t always work. The context of the presentation wasn’t that they wanted to secretly spy on everyone’s phones. The context was that they wanted to decrypt the phones they were getting. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Bain to buy Blue Coat for about $2.4 billion

http://www.reuters.com/article/2015/03/10/us-bluecoat-m-a-bain-idUSKBN0M615V20150310 BY GREG ROUMELIOTIS Reuters.com March 10, 2015 Bain Capital LLC will acquire Blue Coat Systems Inc from fellow private equity firm Thoma Bravo LLC in a deal that the network security company said on Tuesday would value it at about $2.4 billion, including debt. The deal comes amid strong demand for cybersecurity technology following a spate of high-profile breaches that have crippled businesses and rattled conglomerates such as Sony Corp and Target Corp. “This is a land-grab market opportunity, and private equity as well as larger tech players, have a strong appetite for vendors that play in this $15 to $20 billion market opportunity,” said FBR Capital Markets analyst Daniel Ives. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hackers strike healthcare industry again

http://www.healthcareitnews.com/news/hackers-hit-healthcare-industry-again By Erin McCann Managing Editor Healthcare IT News March 9, 2015 Think healthcare is not a target for cyberattacks? Think again. Following a pattern of increasing attack frequency, one Indiana-based hospital is the newest target, after hackers swiped the personal data of thousands. The 508-bed St. Mary’s Medical Center, part of Ascension Health, is notifying some 4,400 of its patients of a data breach following a cyberattack that occurred back in December. Hospital officials say on Dec. 3 they discovered hackers swiped employee email usernames and passwords. After shutting down the affected accounts, they determined those employee email accounts contained personal patient data of 4,400 individuals, including Social Security numbers, names, dates of birth, insurance information and health data. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail