Information Security, SSAE 16, ISO 27001, CISA, Cert-IN
As the explosive growth of IoT tech continues; businesses, vendors and consumers all have to confront the issue that the world is more connected than ever before, with potentially gigantic consequences. The central problem with IoT security is that there is no central problem – IoT is a more complicated stack than traditional IT infrastructure and is much more likely to be made up of hardware and software from different sources.
Read the Full Article here: >Computer Security News
Google’s parent company Alphabet today announced the launch of Chronicle, a new cybersecurity company that aims to give companies a better chance at detecting and fighting off hackers. "Chronicle is graduating out of Alphabet’s X moonshot group and is now a standalone company under the Alphabet umbrella, just like Google," TechCrunch reports. From the report: Stephen Gillett, who joined X from Google Ventures and was previously the COO of Symantec, will be the new company’s CEO. To get started, Chronicle will offer two services: a security intelligence and analytics platform for enterprises, and VirusTotal, the online malware and virus scanner that Google acquired in 2012. Gillett writes that the general idea behind Chronicle is to eliminate a company’s security blind spots and allow businesses to get a better picture of their security posture. "We want to 10x the speed and impact of security teams’ work by making it much easier, faster and more cost-effective for them to capture and analyze security signals that have previously been too difficult and expensive to find," writes Gillett. "We are building our intelligence and analytics platform to solve this problem." What exactly this new platform will look like remains to be seen, though. Gillett notes that it will run on Alphabet’s infrastructure and use machine learning and advanced search capabilities to help businesses analyze their security data. Chronicle also says that it will offer its services in the cloud so that they can "grow with an organization’s needs and don’t add yet another piece of security software to implement and manage."
Read more of this story at Slashdot.
Read the Full Article here: >Slashdot: News for nerds, stuff that matters
The PCI Security Standards Council has announced a new PCI Security Standard for software-based PIN entry on commercial off-the-shelf (COTS) devices such as smartphones and tablets.
Stores that offer customers the possibility to purchase things with their payment card usually have a hardware terminal and PIN entry device. But this can be too pricey an option for small merchants in markets that require EMV chip-and-PIN acceptance.
A cheaper option is to get a cost-efficient card reader and connect it to a smartphone or tablet equipped with a secure PIN entry application.
But securing the PIN and account data is of crucial importance, and that’s why the PCI Council has developed this new standard.
The SPoC Standard actually consists of two documents: the Security Requirements and the Test Requirements.
The former document has already been published, and is aimed at entities developing PIN CVM (cardholder verification method) applications, evaluator labs, assessors and organizations managing and deploying PIN CVM solutions.
The Test Requirements, scheduled to be published next month, provide validation mechanisms for payment security laboratories to evaluate the security of software-based PIN Entry solutions.
Solutions that pass the tests will be listed on the PCI SSC website for merchant use.
There are several:
“For the SPoC Standard, we have introduced the requirement for a back-end monitoring system for additional external security controls such as attestation (to ensure the security mechanisms are intact and operational), detection (to notify when anomalies are present) and response (controls to alert and take action) to address anomalies,” adds PCI SSC Chief Technology Officer Troy Leach.
“More and more businesses are now accepting payments with smartphones, tablets and other COTS devices, especially within the small business community. The PCI SSC Software-Based PIN Entry Solution listing will provide these merchants with a resource for selecting PIN entry solutions that have been evaluated and tested by payment security laboratories, and their customers will benefit by having the best available protection for their payment data.”
Read the Full Article here: >Help Net Security – News
Today’s attacks are spreading faster, evolving quicker, and evading even the most widely used security solutions. But that doesn’t mean you can’t fight back. Get practical recommendations for preventing and mitigating the latest attacks with this free checklist.
Get actionable suggestions on how to:
Read the Full Article here: >Help Net Security – News
A critical remote code execution vulnerability has been reported in
—a popular web application framework that powers thousands of widely-used desktop applications including Skype, Signal, WordPress and Slack—that allows for remote code execution.
Electron is an open-source framework that is based on Node.js and Chromium Engine and allows app developers to build cross-platform native desktop applications for Windows, macOS and Linux, without knowledge of programming languages used for each platform.
The vulnerability, assigned as the number CVE-2018-1000006, affects only those apps that run on Microsoft Windows and register themselves as the default handler for a protocol like myapp://.
"Such apps can be affected regardless of how the protocol is registered, e.g. using native code, the Windows registry, or Electron’s app.setAsDefaultProtocolClient API," Electron says in an advisory published Monday.
The Electron team has also confirmed that applications designed for Apple’s macOS and Linux are not vulnerable to this issue, and neither those (including for Windows) that do not register themselves as the default handler for a protocol like myapp://.
The Electron developers have already released two new versions of their framework, i.e. 1.8.2-beta.4, 1.7.11, and 1.6.16 to address this critical vulnerability.
"If for some reason you are unable to upgrade your Electron version, you can append—as the last argument when calling app.setAsDefaultProtocolClient, which prevents Chromium from parsing further options," the company says.
End users can do nothing about this vulnerability; instead, developers using Electron JS framework have to upgrade their applications immediately to protect their user base.
Much details of the remote code execution vulnerability have not been disclosed yet, neither the advisory named any of the vulnerable apps (that make themselves the default protocol handler) for security reason.
We will update you as soon as any details about the flaw come out.
Read the Full Article here: >The Hacker News [ THN ]
A critical remote code execution vulnerability has been reported in
—a popular web application framework that powers thousands of widely-used desktop applications including Skype, Signal, WordPress and Slack—that allows for remote code execution.
Electron is an open-source framework that is based on Node.js and Chromium Engine and allows app developers to build cross-platform native desktop applications for Windows, macOS and Linux, without knowledge of programming languages used for each platform.
The vulnerability, assigned as the number CVE-2018-1000006, affects only those apps that run on Microsoft Windows and register themselves as the default handler for a protocol like myapp://.
“Such apps can be affected regardless of how the protocol is registered, e.g. using native code, the Windows registry, or Electron’s app.setAsDefaultProtocolClient API,” Electron says in an advisory published Monday.
The Electron team has also confirmed that applications designed for Apple’s macOS and Linux are not vulnerable to this issue, and neither those (including for Windows) that do not register themselves as the default handler for a protocol like myapp://.
The Electron developers have already released two new versions of their framework, i.e. 1.8.2-beta.4, 1.7.11, and 1.6.16 to address this critical vulnerability.
“If for some reason you are unable to upgrade your Electron version, you can append—as the last argument when calling app.setAsDefaultProtocolClient, which prevents Chromium from parsing further options,” the company says.
End users can do nothing about this vulnerability; instead, developers using Electron JS framework have to upgrade their applications immediately to protect their user base.
Much details of the remote code execution vulnerability have not been disclosed yet, neither the advisory named any of the vulnerable apps (that make themselves the default protocol handler) for security reason.
We will update you as soon as any details about the flaw come out.
Read the Full Article here: >The Hacker News [ THN ]
A critical remote code execution vulnerability has been reported in
—a popular web application framework that powers thousands of widely-used desktop applications including Skype, Signal, WordPress and Slack—that allows for remote code execution.
Electron is an open-source framework that is based on Node.js and Chromium Engine and allows app developers to build cross-platform native desktop applications for Windows, macOS and Linux, without knowledge of programming languages used for each platform.
The vulnerability, assigned as the number CVE-2018-1000006, affects only those apps that run on Microsoft Windows and register themselves as the default handler for a protocol like myapp://.
“Such apps can be affected regardless of how the protocol is registered, e.g. using native code, the Windows registry, or Electron’s app.setAsDefaultProtocolClient API,” Electron says in an advisory published Monday.
The Electron team has also confirmed that applications designed for Apple’s macOS and Linux are not vulnerable to this issue, and neither those (including for Windows) that do not register themselves as the default handler for a protocol like myapp://.
The Electron developers have already released two new versions of their framework, i.e. 1.8.2-beta.4, 1.7.11, and 1.6.16 to address this critical vulnerability.
“If for some reason you are unable to upgrade your Electron version, you can append—as the last argument when calling app.setAsDefaultProtocolClient, which prevents Chromium from parsing further options,” the company says.
End users can do nothing about this vulnerability; instead, developers using Electron JS framework have to upgrade their applications immediately to protect their user base.
Much details of the remote code execution vulnerability have not been disclosed yet, neither the advisory named any of the vulnerable apps (that make themselves the default protocol handler) for security reason.
We will update you as soon as any details about the flaw come out.
Read the Full Article here: >The Hacker News [ THN ]
Cryptojacking is a relatively new threat on the Internet. It refers to websites abusing computing resources of visitors to mine cryptocurrency.
Internet users notice that something is wrong when the computer they use slows down to a crawl suddenly and when fans speed up in an attempt to cool down components of the device that get hammered.
The main issue with cryptojacking is that it is done behind the backs of users. Sites load cryptomining scripts on load to mine cryptocurrency using the resources of the computer of the user visiting the site. There is no opt-in process or information on what is going on.
Sites run these scripts to generate revenue. One of the advantages of running mining operations in the browser is that it happens in the background. It does not interfere with the site’s layout or content.
Browser extensions may load crypto mining scripts as well. These work in the background just like scripts loaded by sites.
Opera Software was the first browser-making company that implemented anti-crypto mining protections in the browser natively.
While Opera was the first browser, content-blocking lists added cryptomining scripts before Opera did so.
Opera Software engineers created a site that you may visit to test whether you are protected against cryptojacking.
Visit the website and click on the start button on it to run the test. It won’t take longer than a couple of seconds to complete and the result is either that the browser that you are using is protected or unprotected.
Opera Software displays aggregate ratings on the site as well. 73.6% of all users are protected from cryptojackingat the time of writing according to the statistics on the page.
Users who run browsers that are not protected have several options at their disposal to protect their browsers against crypto mining attacks.
Opera tests the protection against a Coin Hive script only which leaves the possibility that the browser is vulnerable to these scripts. It is only a matter of time usually before new scripts or URLs do get blocked though.
Now You: Did you run into cryptomining sites in the past?
Related articles
Summary
Article Name
Test your web browser’s cryptojacking protection
Description
Cryptojacking is a new threat on the Internet. It refers to sites loading scripts that mine cryptocurrency using visitor’s devices. Take the Cryptojacking Test to find out if you are protected.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Read the Full Article here: >Top 100 Network Security Tools
USBPcap is an open-source USB Packet Capture tool for Windows that can be used together with Wireshark in order to analyse USB traffic without using a Virtual Machine.
Currently, the live capture can be done on “standard input” capture basis: you write a magic command in cmd.exe and you get the Wireshark to capture raw USB traffic on Windows.
USBPcapDriver has three “hats”:
As USBPcap captures URBs passed between functional device object (FDO) and physical device object (PDO) there are some USB communications elements that you will notice only in hardware USB sniffer.
These are:
Moreover, you won’t see complete USB enumeration. You will only see the USB control transfer send to device after the device has been assigned its address.
There is also this to check out:
– SnoopyPro – Windows USB Sniffer Tool
You can download USBPcap here:
Windows: USBPcapSetup-1.2.0.3.exe
Source: USBPcap-1.2.0.3.zip
Or read more here.
Read the Full Article here: >Darknet – The Darkside
If a hacker were to gain control of a cloud provider for over three days, businesses could face losses up to a whopping $19 billion, with SMBs carrying the largest economic and insurance losses, according to a new report. In partnership with the American Institutes for Research , insurance market Lloyd’s of London is unveiling a new report detailing the financial impact of a cyberattack on a US cloud provider.
Start the conversation, or Read more at BetaNews.
Read the Full Article here: >Computer Security News