Friends of Penn State authentication service upgrade March 7, 8
Penn State IT will upgrade the Kerberos authentication service for Friends of Penn State (FPS) accounts on Tuesday, March 7, during the 5-7 a.m. maintenance window. During this time, users will not be able to create new accounts or change passwords. Accounts will be unable to be locked or unlocked, and the Service Desk will […] more…How Security Products are Tested – Part 1
The demand for tests appeared almost simultaneously with the development of the first antivirus programs – in the mid-to-late 1990s. Demand created supply: test labs at computer magazines started to measure the effectiveness of security solutions with the help of self-made methodologies, and later an industry of specialized companies emerged with a more comprehensive approach […] more…Eating an Elephant: How the ESM 10 UX team reenergized SecOps
The first of a two-part series For some reason, elephants figure frequently in our conversations – “seeing different parts of the elephant”, “memory like an elephant,” and now, “eating an elephant.” This phrase, definitely meant as an analogy, expresses the lengthy, enormous, and daunting task that our development team faced in reimagining the user experience […] more…Change, embrace it – Why you need to change the way you look at security
Change. “There is a time appointed for everything and a time for every purpose—” Imagine trying to change a cowboy wagon to upgrade its performance to make it comparable to a Ferrari? Crazy right? We’d never try right? Because the wagon has a fundamentally different architecture and was built for a different purpose. So merely upgrading the […] more…Spam and phishing in 2016
The year in figures According to Kaspersky Lab, in 2016: The proportion of spam in email flows was 58.31%, which is 3.03 percentage points more than in 2015. 62.16% of spam emails were no more than 2 KB in size. 12.08% of spam was sent from the US. Trojan.Win32.Bayrob was the most popular malware family […] more…Mobile apps and stealing a connected car
The concept of a connected car, or a car equipped with Internet access, has been gaining popularity for the last several years. The case in point is not only multimedia systems (music, maps, and films are available on-board in modern luxury cars) but also car key systems in both literal and figurative senses. By using […] more…Large Healthcare Company Standardizes on McAfee ENS 10.5 and McAfee MOVE AntiVirus to Protect 100,000+ Physical and Virtual Endpoints
Security Engineer Scott M. knows that for organizations like his, a large North American healthcare company, information security defenses must continually adapt to face new threats and to accommodate business or industry changes—else risk dire consequences. That is why his company is beefing up its endpoint defenses by migrating from another vendor’s endpoint protection solution […] more…Oversharing: Passwords, but not Toothbrushes!?
Potentially significant security risks from your employees’ significant others What would you be more likely to share with your partner? Your toothbrush? Or your work password? Only about 10% of people polled are willing to share their toothbrush, but twice as many are willing to share their work password! People share a lot with their […] more…What’s In Shodan? Analyzing Exposed Cyber Assets in the United States
By Numaan Huq, Stephen Hilt, and Natasha Hellberg The United States is home to millions of unsecured and exposed cyber assets. By “unsecured” and “exposed” we don’t necessarily mean that these devices have already been compromised. Rather, this means they are vulnerable to cyber attacks due to inadequate security or poor configuration. Some cyber assets may […] more…Intel report suggests that self-service IT is a huge security risk
Ever since cloud computing was introduced a decade or so ago, there has been much gnashing of teeth and wailing about the security risks that the cloud introduced. Back in the old days, these arguments were pretty simple and revolved around control. Since then, however, as cloud adoption has become more widespread, we have had […] more…A look into the Russian-speaking ransomware ecosystem
It is no secret that encryption ransomware is one of the key malware problems today, for both consumers and corporate users. While analyzing the attack statistics for 2016, we discovered that by the end of the year a regular user was attacked with encryption ransomware on average every 10 seconds, with an organization somewhere in […] more…Ransomware soars in 2016, while malware declines
A global cyberthreat report released Tuesday found that 2016 was a mixed bag: malware was down slightly, but ransomware attacks soared, up 167 times the number recorded in 2015. In addition to that huge increase in ransomware, 2016 saw a new line of cybercrime from a large-scale DDoS attack through internet of things devices. The […] more…Connected Relationships: A Love Affair with Technology
Love is in the air, and in our technology as well. At least, that is what the survey says—specifically, a survey of over 13,000 adults in relationships that use digital devices daily. We recently conducted this survey around today’s “connected relationships,” to better understand how online behavior affects real world relationships. The results proved that […] more…The Security Advantage of Dynamic Endpoint
The escalation and sophistication of cyber threats is very real. So are the challenges associated with having too many siloed security tools. Rather than compounding complexity and inefficiency by using products that don’t work in unison or communicate with each other, Intel Security made a fundamental shift in how we engineer solutions, moving from point […] more…Mission Made Possible: The Open Integration Time Machine
A fast-forward button for integration to a unified security architecture. One of the reasons why the Mission Impossible premise has resonated across the generations is that all of us, at one time or another, are handed projects that seem to come with that label. Unfortunately, if you’re like me, you feel more like Wile. E. […] more…Hackers use streaming devices to make radio stations play ‘FDT’
Vulnerabilities in the Internet of Things can have odd results, as we witnessed last year when radio stations suddenly started playing archived clips from a furry podcast. More recently, unknown hackers have exploited the Barix IP streamers some stations use to syndicate content for another purpose: playing YG’s song “FDT.” According to the Associated Press, […] more…More information
- Google Releases New XSS Prevention Tools
- Enterprises Warned About Zix-Themed Credential Phishing Attacks
- News in brief: Africa gets its own TLD; smart jacket launch pushed back; humans not required
- A guide to getting first-party data from your customers
- Security’s Last Refuge of Scoundrels: Infrastructure Upgrades
- Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack
- Apple CEO Backs Privacy Laws, Warns Data Being ‘Weaponized’
- Apple AirTag jailbroken already – hacked in rickroll attack
- Fugitive nabbed after posting selfies from Mexico
- Kids Obsessed with YouTube? How to Help Them Stay Balanced, Safe This Summer