[securityintelligence] Why Context is King for Enterprise IT Security

The importance of context in vulnerability management is imperative. However, the role of context goes far beyond the walls of vulnerability management and, in fact, has significant relevance in all areas of enterprise IT security, especially in security intelligence. The core purpose of security intelligence is to gain knowledge in an effort to efficiently secure networks. In both defense and assessment, this means fewer false positives and more relevant findings. Sadly, many security efforts fail to gain these benefits due to a lack of contextual information.

[infosecinstitute] iOS Application Security Part 33 – Writing tweaks using Theos (Cydia Substrate)

In some of the previous articles in this series, we have looked at how we can modify the behaviour of an application by patching it using IDA Pro, Hopper etc. However, doing this hasn’t been quite straightforward always. We can also use Cycript to modify the behaviour of an application by changing some of the method implementations, but the change isn’t permanent. This is where writing tweaks for an application comes in handy. A tweak is nothing but a run-time patch to an application using the Cydia Substrate framework. Cydia Substrate consists of 3 major components: MobileHooker, MobileLoader and safe mode. You can read about these 3 major components here. Saurik has also written a complete series of documentation here. Our main focus here would be not to go in depth and learn how to write tweaks for jailbroken devices but to understand there relevance to application security so we can quickly write our own tweaks when necessary.

[fireeye] The Economics of Security

During many of my customer meetings, I often hear security leaders ask the question: “What technology could I remove to free up budget to enable the implementation of FireEye?”

[defensesystems] Security is on the menu for Joint Information Environment

The Defense Department’s initial push toward its Joint Information Environment began with adoption of DOD Enterprise Email. The next steps will emphasize security, one of JIE’s leaders said Tuesday.

[securityaffairs] WhatsApp flaw allows hackers to steal private Chats on Android devices

A security consultant disclosed a security flaw in WhatsAppwhich can be exploited to gain access to the private chats of Android device owners.   

[securityintelligence] Security Is Not a Technology Problem but a Process and People Problem

The recent AGC and RSA conferences in San Francisco at the end of February proved to be very successful, well attended events around topics facing the security industry. The overall theme of customer comments, keynotes and roundtables centered on cloud adoption—specifically the risks and gaps associated with fragmented, non-standardized security controls that affect visibility into risks across a hybrid, on-premise or cloud architecture. True, the benefits of the cloud are evident, yet without unified visibility into threats that target an entire enterprise, attackers can easily penetrate defenses and move laterally throughout an organization.

[infosecinstitute] Notes On Biometric Template Security

In this article I am going to tell you about biometric template security and current technologies in which researchers are working to improve biometric template security. But this won’t be a normal, traditional article of mine. I am going to write this article in question/answer format. Before reading this article you should already have a basic introduction to biometrics and what types of roles they play in a big enterprise.

[norse-corp] Threat Thursday: The IoT and Security Devices Are the Biggest Culprits in Healthcare Security Breaches

Recent research on the healthcare IT industry, sponsored by Norse and written by SANS using data from the Norse Live Threat Intelligence Platform, has created a fair amount of buzz in the security and the healthcare industries. The data and statistical analysis conducted reveal - and provide concrete backing to - some of the previously expressed fears surrounding the state of IT security in the healthcare industry. What was clear from the data and report is that this is an industry having trouble implementing and maintaining many basic IT security best practices. If the situation is not improved, it is just a matter of time until the industry will face a crisis of confidence from patients and lawmakers alike.

[computerweekly] Security by design still not a reality, says security veteran

In all the great technological innovation the world is seeing, security is still an afterthought, says Jarno Limnell, director of cyber security, Stonesoft, a McAfee Group Company.

[net-security] Four trillion security transactions reveal security highlights

In 2013, CYREN analyzed more than four trillion security transactions worldwide – averaging 10 to 15 billion transactions per day.

[fireeye] Live from RSA USA 2014: Talking Security with Martin Brown, Chief Security Portfolio Architect at BT Security Enterprise

The excitement and buzz at the RSA Conference has everyone talking security and we are no exception. In fact, during the conference, we are gathering up industry leaders and influencers and asking them to provide their perspectives on the biggest issues in cybersecurity in 2014 for our podcast series hosted by FireEye Chief Security Strategist, Richard Bejtlich.

[valverde] Reverse engineering my bank's security token

My current bank, one of Brazil's largest, provides its clients with one of several methods (in addition to their passwords) to authenticate to their accounts, online and on ATMs. I reverse engineered their Android OTP code generator and ported it to an Arduino-compatible microcontroller.

[welivesecurity] Android 4.4 revealed to have VPN security flaw

Researchers as Ben Gurion university in Israel have discovered a vulnerability in Android 4.4 KitKat that allows an attacker to intercept and divert secure virtual private network (VPN) traffic.

[securityintelligence] Learn About New Security Analytics and Fraud Protection Solutions at Pulse 2014

In this series of breakout sessions you can attend live demo’s, panel discussions, and interactive presentations where IBM experts and customers share their real-world security experiences, and solutions for the pressing security business problems of today.  There are a number of sessions you will not want to miss including:

[fireeye] RSA 2014: New Thinking to Narrow the Security Gap

Attacking the gap and preparing for the new frontiers in security is our focus for the 2014 RSA Conference. Around the show floor, in our booth, and in the conference tracks, you’ll hear from FireEye experts on how to address this new frontier. We’ll have updates on the latest threats from our research teams as well as live demonstrations of our new FireEye Security Platform. Find us at our booth and make sure to catch our research team presenting throughout the conference:

[cio] Measuring the Effectiveness of Your Security Awareness Program

CSO — As Yogi Berra put it, "If you don't know where you're going, you'll end up someplace else." Do you know where you're going with respect to your privacy and security awareness programs? How will you know when--or if--you get there?

[securityintelligence] What is Security Intelligence and Why Does It Matter Today?

This is part 1 of an ongoing series of posts that answer “Six Things You Always Wanted to Know About Security Intelligence but Were Afraid to Ask.”

In the introduction to this series, I asserted that people have many questions about Security Intelligence, then made the bold promise to answer six of the most pressing ones.  Let’s start by gaining a common understanding of Security Intelligence.

[rapid7] Security Lessons Learned in 2013 - The Year of Deception Based Attacks

Over the course of the year 2013, the security industry witnessed several high profile mega-breaches, targeting large organizations like Target and Neiman Marcus during the Christmas season, where both activity and spending is at its year-long peak.

The interesting trend from not only these attacks, but many of the other attacks last year? As businesses, corporations, and government agencies get better at using tools and software to protect their own data, hackers are pivoting to capture the data from the weakest links possible…your users.

[zonealarm] How to Prevent Your Home WiFi From Being Burglarized

There is more than one type of burglary that can affect your home. One involves kicking in the door; another involves compromising your computer. And if the intruder in this scenario has compromised your wireless network, you might as well have given them a key to the front door.

[thediplomat] Sochi Threat: Russia-U.S. Need to Cooperate on Cyber Terror

On December 30, 2013, a hacking group called Caucasus Anonymous threatened “cyber war of the largest scale against the Russian government” unless it stopped preparations for the 2014 Sochi Winter Olympics. It was the most visible cyber threat yet in the run-up to the Games. Motivated in part by a 19th century battle near Sochi in which Tsarist Russian forces allegedly massacred one million Circassians (a North Caucasus ethnic group), Caucasus Anonymous vowed to “infect and break servers” in Russia and make good on its mission to get “Pay Back for Sochi.”