Tag: security

Cisco rules the security appliance roost

ciscologoWhile there was only moderate growth for security appliances in EMEA during the second quarter of this year, Cisco has the most market share.

That’s according to technology market research company IDC, which said the market in Q2 was worth $654.80 million, a rise compared to the same quarter in 2013 of 6.2 percent.

Cisco has 20.2 percent revenue share, up one percent year on year.

The runners up in shipments during the quarter were Check Point (17.5%), Fortinet (8.5%), McAfee (6%) and Juniper (5.5%), with the others commanding 42.3 percent.

However, McAfee’s growth between Q2 2013 and Q2 2014 was a massive 66.9 percent, IDC said.

Unified threat management (UMT) was the fast growing security appliance product category – that’s the eighth consecutive quarter and UTM appliances account for 48.4 percent of total vendor revenue.

Cisco throws weight behind firewall

Cisco FirewallNetworking giant Cisco claims it has introduced the first threat focused firewall.

Cisco ASA with FirePOWER Services uses contextual awareness and controls to automatically assess threats, provide intelligence and improve defences to protect network.

Aimed at large enterprises, it includes Sourcefire’s Advanced Malware Protection and Next Generation Intrusion Prevention Systems.

The software management gives authorised users dashboards and drill down reports of discovered hosts, dodgy applications, threats and indicators of compromised systems.

Cisco claims its firewall is enterprise class, and supports VPN, advanced clustering and granular application layer and risk based controls.  Open source integration with Snort, OpenAppID and ClamAV let companies customise security.

No details of pricing are available.

Doom for hacked printer

doom_sprite_wallpaper_by_bobspfhorever78-d6lij4oIn what has to be the best proof of concept hacking of a printer, Context Information Security analyst Michael Jordon managed to get a Canon Pixma printer to run the game Doom.

Jordon said that Canon Pixma wireless printers have a web interface that shows information about the printer, for example the ink levels, which allows for test pages to be printed and for the firmware to be checked for updates.

He found that the interface doesn’t need any sort of authentication to access and while you would think that the worst that anyone could do is print off hundreds of test pages and use up all of the printer’s ink, Jordon found a hacker could do a lot more damage.

The interface lets you trigger the printer to update its firmware. It also lets you change where the printer looks for the firmware update.

A hacker could create a custom firmware that spies on everything that printer prints, it can even be used as a gateway into the network.

To show what was possible Jordon got the printer to run Doom.

Canon offers very little protection against this. If you can run Doom on a printer, you can do a lot more nasty things. In a corporate environment, it would be a good place to be.

Who suspects printers?  Well other than Nigel from accounts and he thinks aliens are trying to take over the coffee machine.

Canon has promised that it is working on a fix and is taking a chainsaw to the problems highlighted by Contecxt.

“All PIXMA products launching from now onwards will have a username/password added to the PIXMA web interface, and models launched from the second half of 2013 onwards will also receive this update, models launched prior to this time are unaffected,” Canon said.

 

Majority of mobile apps are insecure

SmartphonesA Gartner report claimed that 75 percent of mobile applications fail the most basic security tests.

That poses threats for corporations, it said.  Enterprise employees download apps and also use mobile apps to access business networks. Such apps can violate enterprise policies and expose enterprises to threats.

Dionisio Zumerle, a principal analyst at Gartner said: “Enterprises that embrace mobile computing and bring your own device (BYOD) strategies are vulnerable to security breaches unless they adopt methods and technologies for mobile application security testing and risk assurance  Most enterprises are inexperienced in mobile application security. Even when application security testing is undertaken, it is often done casually by developers who are mostly concerned with the functionality of applications, not their security.”

He claimed that vendors supplying static and dynamic application testing can prevent problems on the enterprise.  And a new test, called behavioural analysis, is emerging for mobile apps.

He added: “Today, more than 90 percent of enterprises use third-party commercial applications for their mobile BYOD strategies, and this is where current major application security testing efforts should be applied,” said Mr Zumerle. “App stores are filled with applications that mostly prove their advertised usefulness. Nevertheless, enterprises and individuals should not use them without paying attention to their security. They should download and use only those applications that have successfully passed security tests conducted by specialized application security testing vendors.”

Often the biggest problem is misconfiguring devices, so for example by misusing personal cloud service through apps on smartphones and tablets.

Pishing Eskimo twitches to steal Steam Wallet

Greenland in the 19th century - picture Wikimedia CommonsA new piece of pishing malware has taken over Twitch’s user pool tempting users to go into a fake sweepstake or lottery, so that it can nick cash from their Steam Wallets.

For those who came in late, Twitch is a video game-centric website on which people show live streams of game play to others. Amazon bought the site and it has about 50 million users, paying $970 million in cash.

Dubbed Eskimo, the malevolent bot does not look out of place to usual visitors to the streaming site — live streamers, who earn cash via viewer subscriptions, frequently use bots in the chat area of their channels to push donations, inspire supporters and run promotions.

However one of the bots has been cleaning out Steam inventories, which might hold rare digital collectibles, and Steam Wallets, which are source by real-world funds to purchase games on Valve’s admired distribution platform.

F-Secure said Eskimo can wipe your Steam wallet, armory, and inventory dry. It even dumps your items for a discount in the Steam Community Market. Earlier variants were selling items with a 12 percent discount, but a recent sample showed that they changed it to 35 percent discount — to sell the items faster.

According to F-Secure, Eskimo requests users to track a link to fill out a form for a raffle, which it claims provides them an opportunity to win digital weapons and collectibles for Counter-Strike: Global Offensive.

As it has the right to use a Steam account, will get screenshots, add new friends on Steam, accept friend requests, deal with new friends, buy items with Steam funds, send trade offers and accept trades, F-Secure says Eskimo. Once all of a user’s money has been used to purchase collectibles, the malware will trade all of the victim’s digital items to their new “friends.”

F-Secure says, “It might be helpful for the users if Steam were to add another security check for those trading several items to a newly added friend and for selling items in the market with a low price based on a certain threshold. This will help in lessening the damages done by this kind of threat.”

 

LTE poses security threat

locksThe rise of the internet of things, which is likely to mean billions of devices are connected to LTE has security fallibilities that need to be quickly addressed.

That’s according Dr Martin Nuss, chief technical officer of Vitesse Semi, speaking to an audience at 4G World.

Nuss said that small cells are an integral part of LTE, LTE-A deployments and Carrier Heterogenous Networks. Their accessibility makes them easy to hack, he said.

Even though LTE networks are far more secure than wi-fi hotspots, but small cell based stations using LTE and located at street level is a new security risk.

Small cell backhauls are also likely to happen over third party access provider networks that don’t have the same standards as wireless operators.

Nuss also warned of timing security. Small cell susceptibility t GPS jamming and spoofing is another problem.

By 2018, he said, small cells will be everywhere and so implementing them is a matter of careful network planning and awareness of the risks.

Scientists develop malware tool

Malware, Wikimedia CommonsA team of researchers at the Universidad Carlos III de Madrid (UC3M) claims to have developed a tool to analyse numbers of apps to trace the origin and family of malware.

Guillermo Suarez de Tangil, a researcher at the computer science department at the university, said malware can be in smartphones and even in washing machines.

“The amount of malware is constantly increasing and it is becoming more intelligent for that reason,” he said.  “Security analysts and market administrators are overwhelmed and cannot afford exhaustive checking for each app.”

The tool is called Dendroid and will track down the family and nature of the malware.  “Developers generally reuse components of other malwares, and that precisely is what allows us to construct this genetic map,” he said.

He said antivirus software used in smartphones use detection engines based on signatures and its effectiveness is questionable, largely because smartphone resources are limited compared to a PC.

Storage software gets boost

emcRevenues from the worldwide storage software market rose by 6.3 percent in the second quarter of this year, according to figures from IDC.

It said revenues during Q2 2014 came to nearly $3.8 billion.

The leaders in the pack were  EMC, IBM and Symantec which had markt shares of 25.9 percent, 16 percent and 13.3 percent respectively.

Data protection and recovery software showed bigger growth, up 10.2 percent in the quarter, compared to the same quarter in 2013.  Revenues for those totalled $1.45 billion. storage infrastructure sales amounted to $448 million.  Storage and device management software sales rose by 4.1 percent to stand at $708 million.

Eric Sheppard, research director of storage software at IDC said there was broad growth over most markets.

”Sales of data protection and recovery software accounted for almost 60 percent of the spending during the quarter, driven by a market wide move to improve application resiliency, continued uptake in appliance based offering and healthy attach rates within the integrated systems market”, he said.

Homes to be packed with gizmos

chateauIn just eight years time, ordinary family homes will be bursting with technology.

That’s a prediction market research firm Gartner is making for 2022.  Its report said a home in affluent societies, at least, could have over 500 smart devices.

So what are these devices to be?  It estimates a wide range of domestic equipment will become “smart”, inasmuch as they’ll include some level of sensing and intelligence and the ability to communicate wirelessly.

And such vacuum cleaners and washing machines won’t cost more to have “smartness”, with semiconductor economies of scale meaning that a chip won’t cost more than about one US dollar.

Your cooker will be smart, your TVs will be smart, your fitness equipment will be smart, your security will be smart, your toaster will be smart. Everything will be smart as the internet of things starts to cast its spell over our world.

But it won’t be all plain sailing, because ordinary people might not want all this “smartness”.  Products which incorporate intelligence must be easy to use and not require a degree in geekiness. And if smartness can’t be relied upon and start failing – well your house might not be such a home.

HP beefs up security

HPAccessData and HP are to get closer to each other by increasing security assessment and quick fixes for global organisations.

HP’s service arm, Rapid Incident Respons Services is intended to help corporations quickly investigate what’s gone wrong after a hack and provide forensic evidence of incidents.

HP will now provide further services using AccessData’s Resolution One to give advance warning of security threats and provide alerts to prevent networks, endpoints, mobile devices and applications being compromised.

AccessData claims its ResolutionOne offering will extend HP’s own service with capabilities including root cause analysis, full packet capture network forensics, data on hardware, assessment of malware, and auditing across enterprises.  ResolutionOne also lets security and response teams collaborate in real time with automated batch processing to eradicate threats.

AccessData says it has over 130,000 users in law enforcement, at law firms, government agencies and corporations.

Apple iPhone is favoured by thieves

Apple_iPhone_5_white-330x330A report from the UK Home Office said that thieves are brand conscious and prefer stealing Apple iPhones compared to the rest of the pack.

The report said over 50 percent of all phones stolen between January 2012 to January 2014 were iPhones.  Other brands appealing to thieves are Blackberry and Samsung devices. People who have had their phones stolen believe the value of the personal data to be more than £760.

While vendors have made improvements to security that appear to have put off some thieves, the report analyses their effectiveness in some detail.

It suggests that the introduction of Apple iOS7 this time last year “has affected the black market value of some stolen iPhones”.  An analysis based in London suggests reduction in thefts because of iOS7.

phonechart

Samsung’s intro of Find my Mobile and the Reactivation Lock have also probably reduced thefts.

People worried about losing their mobile phones should register their mobile devices at no cost at immmobilise.com, use PIN locks, don’t leave your phone hanging about, install a tracker app.  If a phone is stolen, it should be reported to the network straight away, and report it to your local cop shop.

Apple wakes up to security

blue-appleApple’s CEO, Tim Cook, has admitted to the Wall Street Journal that it needs to improve security on its users accounts.

But Cook said that it wasn’t Apple’s fault that hackers had broken into iCloud.  He said the hackers used various methods to get passwords for iCloud accounts but none of the material came from Apple servers.

He did, however, promise to do something to beef up security.  He told the Journal that Apple will now tip people off if someone changes a password, or when a new device attempts to access the iCloud.

That’s going to be carried out within two weeks, said Cook.

Apple has been widely criticised for its laissez faire attitude towards the recent hacking, and no doubt Cook has agreed to do an interview to defuse a situation that might spoil the launch of  yet another iPhone next week.

Apple agrees to add alerts to iCloud

lawrrenceAfter denying that its iCloud security was as good as a tent flap, Apple has agreed to warn users when their privacy is being invaded.

Jobs’ Mob hit the news this week after numerous beautiful celebs had their iCloud accounts hacked and naked pictures posted online.

Apple denied that its security was below parr but saw its share price tumble as people failed to believe it.

Now it seems that Apple is planning additional steps to keep hackers out of user accounts and will encourage users to take stricter security measures.

CEO Tim Cook told the Wall Street Journal that Apple will alert users through email and push notifications when someone tries to change an account password, restore iCloud data to a new device, or when a device logs into an account for the first time, the report said.

He added that Apple will broaden its use of the two-factor authentication security system to avoid future intrusions and  aggressively encourage people to turn on the two-factor authentication in the new version of iOS.

However, Apple is still insisting that celebrities’ iCloud accounts were individually targeted, and that none of the cases it investigated had resulted from a breach of its systems. [Who is that woman you keep throwing into these Apple cloud stories, Nick? Ed.]

Security experts said that Apple was to blame for failing to make its devices and software easier to secure through two-factor authentication, which requires a separate verification code after users log in initially.

Half of users share their passwords

face-palmMore than half of users risk their computer being hacked because they share their passwords or sign up for automatic log on to mobile apps and services.

Research by security outfit Intercede said that while more than half of users thought security was important they putting their personal data at risk by sharing usernames and passwords with friends, family and colleagues.

The survey of 2,000 consumers also questioned whether these passwords are strong enough to protect consumers’ applications and the data they hold.

Half of respondents stated that they try and remember passwords rather than writing them down or using password management solutions, suggesting that consumers are relying on easy to remember combinations and using the same password across multiple sites and devices.

Richard Parris, CEO of Intercede said that we need so many passwords today, for social networking, email, online banking and a whole host of other things, that it’s not surprising consumers are taking shortcuts with automatic log ins and easy to remember passwords.

The research revealed that consumers are not only sharing passwords but also potentially putting their personal and sensitive information at risk by leaving themselves logged in to applications on their mobile devices, with over half of those using social media applications and email admitting that they leave themselves logged in on their mobile device.

Parris said that consumers are also compromising their bank and credit card details by selecting ‘Remember me’ or ‘Keep me signed in’ options.

Of those that use Amazon and other shopping sites, 21 per cent said they were automatically logged in, while the figures stood at 16 per cent for mobile banking and 12 per cent for PayPal.

Don’t plug an iPhone into a PC

Apple_iPhone_5_white-330x330Security experts at the Georgia Institute of Technology have discovered that Apple’s already dismal record on security on its iPhone is made worse when the shiny toy is plugged into a  computer.

The attack takes advantage of design problems in iOS in which for some reason the Apple geniuses believed that they should trust anyone who connects to the phone with a USB,

Tielei Wang, a co-author of the study and research scientist at the institute said that Apple overtrusted the USB connection.

It all started when Wan and his team developed some malware called Jekyll, an iPhone application with well-masked malicious functions that passed Apple’s inspection and briefly ended up on its App Store.

However, that was not good enough, as it was pointed out that no one could see his or her malware in the huge App store.

Wang said they set out to find a way to infect a large number of iOS devices and one that didn’t rely on people downloading their malicious app.  The attack required the use of “botnet herders” to install malware onto PCs.

Apple requires a person to be logged into his account in order to download an application from the App Store. Wang and the researchers developed a man-in-the-middle attack that tricked the Apple device that’s connected to a computer into authorising the download of an application using someone else’s Apple ID.

As long as the application still has Apple’s digital signature, it does not even need to still be in the App Store and can be supplied from elsewhere.

To stop Apple refusing to publish the malware on its App store Wang’s team found they could sneak a developer-provisioning file onto an iOS device when it was connected via USB to a computer.

This allows a self-signed malicious application to be installed. Legitimate applications could also be removed and substituted for look-alike malicious ones. All this can be done without a user knowing.

While it sounds convoluted, it is worthwhile if you are attempting to take over a large number of iOS devices.

It is also worthwhile if you are state-sponsored hackers wanting to carry out a targeted attacks aimed at just a few users.

Apple has known about the problem for nearly a year now and is yet to fix it.  At the moment, Wang said, the best advice is to not connect your phone to a computer, especially if you think the computer might be infected with malware.