Protecting Hadoop Clusters From Malware Attacks

Cloudera Engineering

Two new strains of malware– XBash and DemonBot –are targeting Apache Hadoop servers for Bitcoin mining and DDOS purposes. This blog post describes the mechanism this malware uses and offers specific actions to protect your Hadoop-based clusters. A History of Hadoop Malware.

Google Play is an ‘order of magnitude’ better at blocking malware

The Parallax

During a month that’s seen Android malware new and old plague the world’s most popular mobile operating system, Google says its Play Store is becoming more civilized and less like the Wild West. READ MORE ON ANDROID SECURITY. Parallax Primer: Why are Androids less secure than iPhones?

Triaging modern medicine’s cybersecurity issues

The Parallax

Hackers often talk about practicing good “cybersecurity hygiene” : making sure that basic standards, such as using unique passwords for each log-in, are met. ”—Jacki Monson, chief privacy and information security officer, Sutter Health. READ MORE ON MEDICAL SECURITY.

Are you ready for state-sponsored zombie malware attacks?

CTOvision

In hindsight, the blog post should have been titled “Are you ready for state-sponsored zombie malware attacks?” Zombie malware combines the most deadly aspects of malware and zombie computers into one horrible mess. Typically malware gets […]. Artificial Intelligence CTO Cyber Security Cyber Threats Internet of Things News Robots Cybersecurity Malware

Trojan malware is back and it’s the biggest hacking threat to your business

CTOvision

Trojan malware attacks against business targets have rocketed in the last year, as cybercriminals alter their tactics away from short-term gain and in-your-face ransomware attacks towards more subtle, long-term campaigns with the aim of stealing information including banking information, personal data, and even intellectual property. Figures from security company Malwarebytes Labs in a new report suggest […].

Interview on Automated Malware Removal

CTOvision

Three Questions on Automated Malware Removal with Bob Gourley, Cognitio Corp and CTOVision. While there’s still an emphasis – and related spending – on malware detection, most incident response teams are actually overwhelmed by vast number of security alerts they receive.

Dell Data Protection Protected Workspace & Malware Prevention

CTOvision

The video below explores DDP Protected Workspace and uniquely addresses healthcare regulations related to malware prevention. Individuals take malware and obtain the characteristics pertaining to the individual and find ways to get around the malware inspections in place.

Israel’s cybersecurity industry is a unicorn. Here’s why

The Parallax

Fewer attendees, perhaps, expected him to reference the Hollywood action movies of Jean-Claude van Damme, who happened to be sitting in the front row for the highest-profile speech of Israel’s largest cybersecurity conference. Cybersecurity is a true blood sport,” Netanyahu quipped.

What Can You Do About Malware In The Cloud?

CTOvision

Malware exists even there - and it spreads fast. And like any system with a physical backend, the cloud can easily be subject to a wide range of vulnerabilities - including malware. Most talks on cloud security revolve around preventing a hacker from gaining access, or protecting yourself from a data leak. But malware on the cloud is a very real, and very present threat. If you’re prepared for this new era of malware, you’ve nothing to fear. Rachel Gillevet.

Our Views On Automating Cyber Defense Including Malware Removal and Return to a Known Good State

CTOvision

With changes in technology, enterprise cyber security professionals can now leverage automated in-line response and recovery to enhance security. We believe this is the only way to reduce the impact of malware and breaches in a cost effective way. By Bob Gourley.

2017 in cybersecurity and privacy news

The Parallax

From rampant ransomware to the Equifax breach to geopolitical machinations, it’s hard not to be a cynic about the past 12 months of security and privacy news. And not all federal cybersecurity decisions this year were necessarily harmful to consumers.

White Paper: Automating Your Cyber Defenses Including Malware Removal

CTOvision

With changes in technology, enterprise cyber security professionals can now leverage automated in-line response and recovery to enhance security. We believe this is the only way to reduce the impact of malware and breaches in a cost effective way. By Bob Gourley.

Nearly 500,000 routers infected by Russian malware, Apple’s privacy portal, New LocationSmart scandal

CTOvision

Cyber firms, Ukraine warn of planned Russian attack Cisco's Talos cyber intelligence unit says 500K+ routers in dozens of countries have been infected by Russia-linked malware and could be used to attack Ukraine. CTO Cyber Security Cyber War NewsCisco Systems Inc warned on Wednesday that hackers have infected at least 500,000 routers and storage devices in dozens of countries with [.].

PcTechmate: Automating repair of malware ridden systems

CTOvision

Signature based solutions are being bypassed by malware every day. The pervasiveness and sophistication of modern malware is damaging computers to a point where expert int. Company Security Companies Problem: Everyone is in agreement that today’s antivirus software alone is no longer a viable solution by itself. The most recent reports from Symantec and McAfee have publicly said “Do not rely solely on our products to protect your computer.”

UPS Data Breach

CTOvision

Sensitive information at eBay was recently compromised as well, and the re. Company Cyber Security Trends Cybersecurity Data breach Data security Information security Malware Target Corporation United Parcel Service UPS Data breaches have captured the attention of the American media several times this year.

Media 61

Best of TechBeacon 2018: Security shifts left

TechBeacon

Enterprise security is about a lot more than malware, hackers, and data breaches. Much of what goes into managing enterprise cyber risk is also about secure development practices, regulatory compliance, and the ability to harness emerging artificial intelligence (AI) and machine-learning methodologies to bolster security. Security, Application Security, Information Security (Info Sec), Application Security Testing (AST), Data Security, DevOps Security

Mueller’s indictment of election hackers a cybersecurity ‘wake-up call’

The Parallax

As Dave Aitel, former NSA cybersecurity analyst and the current chief security technical officer of cybersecurity company Cyxtera tells The Parallax, the details of the indictment indicate the high level of confidence the Justice Department has in its charges. Regardless of U.S.

30 network security Twitter feeds to follow

TechTalk

Twitter is where information is updated within seconds, especially in the information technology industry. Tech Zone email security hacking infosec malware network security network security Twitter feeds patch management

Lastline: Stop Evasive Malware, Persistent Threats and Zero Days

CTOvision

Lastline Enterprise and Analyst deliver protection against targeted attacks, advanced persistent threats (APTs), zero-day exploits, and other advanced malware that bypass traditional signature-based controls and sandbox-based analysis systems. Company Security Companies

Prepare for The Cyber Threat : What Executives Need to Know to Manage Risk

CTOvision

Cybersecurity is one of the most high-profile topics for organizations today and one of their biggest sources of risk. Available data suggest that 84% of corporations have malware on their networks. Compliance: Do we understand the difference between compliance and security?

I'm joining the fight against malware and ransomware with SentinelOne

Jeremiah Grossman

In this case, malware and ransomware. Intersection of security guarantees and cyber-insurance Explosion of Ransomware Vulnerability remediation Industry skill shortage Measuring the impact of SDLC security controls The only problem on the list I haven’t gotten the chance to work on is ransomware, an incredibly effective and fast-growing form of malware that’s taking over. Yes, that’s right, I said LESS secure. Today is a big day for me.

Time for Transformational Cybersecurity Part II

CTOvision

The last post, Transformational Cyber Security Part I, discussed exciting inventions that turn cybersecurity upside-down by preventing malware from freeloading CPU instructions in a properly configured software defined data center (SDDC), thereby rendering on-premise cyber attacks null and void. CTO Cyber Security News

Hidden inside Dark Caracal’s espionage apps: Old tech

The Parallax

Its success was predicated not on “zero-day” vulnerabilities or new forms of malicious software, but rather on older, known malware delivered via an all-too-familiar method: phishing. The malware included hacked versions of end-to-end encrypted communication apps Signal and WhatsApp.

FBI’s router reboot call reminds us why to check for updates

The Parallax

On May 25, the FBI issued a clarion call to a broad swath of Wi-Fi router owners: To clear out a potential botnet malware infection, reboot your router. How to secure your home Wi-Fi. The actors used VPNFilter malware to target small office and home office routers.

AI brings speed to security

O'Reilly Media - Ideas

Survey results indicate incident response times improve with AI-based security services. Twenty percent of IT professionals who rely on traditional security measures said their teams can detect a malware infection or other attack within minutes, according to the survey.

WannaCry vs. the ER doc: On the front lines of a ransomware outbreak

The Parallax

He’ll tell you right off the bat that he’s no expert in cybersecurity. The damage could have been worse, had a British hacker not discovered and used a “kill switch” bug in the ransomware, many cybersecurity experts believe. There is no perfect security,” he says. TEL AVIV—Dr.

Cybersecurity Protocols to Implement in an Always-Connected Workforce

CTOvision

The problem with being able to access your data from anywhere, though, is that other people can find ways to access that data, too—people you don’t want going through customer information, company financial records, and other secure data. Install malware protection software.

Web’s most annoying ads no longer welcome in Chrome

The Parallax

READ MORE ON BROWSER SECURITY. Slowly but surely, browsers are becoming more secure. As browsers accelerate, innovation outpaces security. Web browser security through the years (timeline). Change these 5 settings to improve your browser security.

Video Shows What To Do When Your Cyber Adversaries Are Automating

CTOvision

The video at this link and embedded below provides an overview of conclusions from CTOvision research into ways to automate the removal of cyber threats (including malware) from your enterprise. By Bob Gourley.

Video 80

Cybersecurity: Is AI Ready for Primetime In Cyber Defense?

CTOvision

In a recent interview with Charlie Rose, he stated that machine learning showed great promise for cybersecurity, but that the necessary technology was probably five years out. If machine learning is currently so successful in other areas of society, why isn’t it ready for cybersecurity?

Tapping Global Threat Intelligence To Secure Enterprise Networks

CTOvision

Tapping Global Threat Intelligence To Secure Enterprise Networks. Cyber Security Symposium. On July 9, 2014, the Cybersecurity Information Sharing Act (CISA) passed the Senate Intelligence Committee in a 12-3 vote. The legislation encourages threat information sharing between government and the private sector. Dr. Sameer Bhalotra, former Senior Director for Cybersecurity at the White House. By Bob Gourley.

Karamba’s bold quest to secure connected cars

The Parallax

That’s the scenario Karamba Security is trying to prevent. Hackable software in the driver’s seat: The current state of connected car security. How Uber drives a fine line on security and privacy. ”—Tim Brom, senior security researcher, Grimm. “If

Game Change: Three Reasons Why #SonyHack Will Change Security

CTOvision

The White House declares it’s a national security issue and leaks intelligence that North Korea is behind the attack. See the interview here: Tactics Not Malware Are the Story. Most corporate hacks we see are focused on either customer data (credit cards, medical records, social security numbers, passwords, bank account information, email addresses) or company proprietary documents. This is not to say the exploits or the malware were sophisticated — they are not.

Games 73

The Importance of an Online Encryption Policy

CTOvision

IBM’s latest Cyber Security Intelligence index report shows that: 1.5 There is a 12% year-to-year increase in security events to educate and inform organizations. There are 91,765,453 security events annually. It covers the systematic data management of the company and can also be referred to as information security policy standards when working in an on-premise, cloud, or a hybrid-computing environment.

5 Cybersecurity Need-to-Knows When Preventing Expensive Data Breaches

CTOvision

Security breaches can happen to any organization. As more and more companies utilize mobile technology to access and connect with resources the threat of a security breach increases exponentially. 1 - Security breaches can happen anywhere and anytime. CTO Cyber Security

Kicking the Tires: Verisign DNS Firewall

CTOvision

Our bottom line conclusion: Integration of the Verisign DNS Firewall into an existing environment couldn’t be more seamless, configuration and management are a breeze, and it delivers immediate benefit to the security posture of any environment. Verisign also serves the cybersecurity community through the highly regarded cyber intelligence services of its iDefense team. For more information on the DNS Firewall and other Verisign Security Services check out their website: [link].

Why a Reactive Security Strategy Costs Companies Millions Each Year

CTOvision

With each new threat, digital security companies are learning to react more quickly and put out countermeasures for these malicious programs, but in the time between a piece of malware’s release into the wild and the release of the solution, it can cost companies a staggering amount of money.

Ransomware attacks against hospitals: A timeline

The Parallax

Hospitals and health care systems, now in the business of collecting patient data as a side effect of treating physical maladies, struggle to keep that information secure. Cybersecurity researchers at Cylance estimated that the number of ransomware attacks tripled in 2017.

Ransomware Evolves: Entire Hospital Including Emergency Rooms Disrupted

CTOvision

Cybersecurity and business risk professionals have watched ransomware evolve from a minor nuisance to a major threat capable of holding multiple systems at risk. The typical organization already has firewalls, anti virus solutions, encrypted data solutions, data backups, network monitoring and security information management tools to hold data on how all that is working. But still the malware gets in. The malware gets in. Bob Gourley.

Even North Korea has an antivirus program—but it’s used for spying

The Parallax

Malware and antivirus software usually go together like tacos and pickles. READ MORE ON SECURITY AND GEOPOLITICS. They also discovered that it was programmed to ignore a malware programming characteristic that even decade-old Trend Micro code would have flagged as malicious.