The malware apparently behind the Target breach of approximately 110 million customer credit cards and personal records was known as KAPTOXA, according to a report released today. iSight Partners, which did not specifically identify Target, stated that it had been working since December 18th, 3 days post the Target attack being launched, with the US…
DetailsThere is growing concern over the security of SCADA (supervisory control and data acquisition systems), one of the Internet of Things topics discussed at the Amphion Forum conference recently held in San Francisco. Once upon a time, SCADA systems were based on proprietary operating systems, proprietary protocols and limited connectivity. Now, many of the controls…
DetailsMost organizations are familiar with Mark Monitor, A Thomson Reuters service that continuously scans the Internet for abuses of brands and intellectual property. If a counterfeit website or even a domain is registered Mark Monitor will alert their client’s legal team. Now there is a similar service for your personal brand. Survela is easy to…
DetailsBitcoin was the hot topic of summer 2013. It lost some of its luster when the largest Chinese exchange, BTC, announced it was no longer taking deposits in Yuan, and China’s central bank banned financial institutions from accepting Bitcoin. However, Bitcoin stays in the news as online merchants such as overstock.com announced that they are accepting…
DetailsTarget disclosed today that personal information on some 70 million customers including names, addresses, emails and phone numbers was stolen. This is in addition to the 40 million customers whose credit and debit card information was breached. “I know that it is frustrating for our guests to learn that this information was taken and we…
DetailsTwo publicly traded technology companies have separately announced name changes this week. On Monday, Intel CEO Brian Krzanich said that McAfee Security, which Intel acquired for $7.6 Billion in 2010, will become Intel Security, but will retain the familiar red shield. “The complexity of keeping digital identities safe grows as mobile applications and devices become…
DetailsEmbedded in all Microsoft Windows server operating systems and in its Azure platform as a service offering is Active Directory; a store of information about all the objects and their attributes that are active within a given Windows network domain. This includes printers, network devices, hardware servers and, most importantly, users. This storage of user…
Details[Full disclosure: As an industry analyst I conduct business with RSA, the security division of EMC, including white papers and recording videos of key executives and customers.] Update Jan 12, 2014: The Guardian reports that privacy rights groups are petitioning Stephan Colbert to boycott the RSA Conference. My reaction to the several calls that have been made by well-respected security researchers, most notably…
DetailsSecurity incident handling software company, Co3 Systems, announced today that Bruce Schneier had joined the company as CTO. Schneier is a highly regarded author and cryptographer who writes frequently on topics of privacy and security. Recently he was called on to help interpret documents revealed by Edward Snowden that uncovered the NSA’s subversion of a NIST…
DetailsMost of the press and preliminary analysis of the FireEye acquisition of Mandiant has been exuberant. The New York Times got to break the news just after the first of the New Year although the deal closed December 30, 2013. Of course the coverage contained the usual predictions of industry consolidation. This is not a consolidation play,…
Details