Talk about Ramblinaround…I was definitely rambling on a bit in this one. In this video, I describe a technique that can be used to protect yourself, and th… Read More….
View full post on Hip Hop Security
Posts Tagged ‘push’
Mark Rockwell Top Priority Sector: cyber_security Image Caption: Jane Holl Lute The White House pushed hard to get a key Cyber security proposal approved in the hours before the Senate voted to cut off debate on the legislation on Aug. 2. The Senate fell eight votes short of the 60 votes needed to force a [...]
View full post on The Cyber Wars
SpywareLady: Illinois lawmakers push for online privacy protection http://t.co/mcrmJEuO
View full post on Twitter / SpywareLady
View full post on National Cyber Security
Reuters – The White House proposed on Thursday a “privacy bill of rights” that would give consumers more control over their data but relies heavily for now on voluntary commitments by Internet companies like Google Inc and Facebook.
View full post on Yahoo! News: Security News
View full post on National Cyber Security
ForeScout Technologies has launched ForeScout Mobile – plug-in modules for Android and iOS which allow enterprises to keep control as a plethora of devices access corporate resources in the BYOD era.
ForeScout’s access control technology is device agnostic, but with the addition of the Mobile Security Module the company adds more extensive features for Android and iOS.
ForeScout can collect hardware, software and configuration information for each iPhone or Android-based smartphone and reports the data to a central appliance. It can see whether a device has been jailbroken, or doesn’t use password protection. That then allows the IT department to determine the security level on each device, and block or limit network access based on device type, device ownership, time of day, and device compliance, according to ForeScout.
The IT department can also take actions to protect enterprise resources. For example, the camera on an iPhone can be turned off when the user is in the office.
The ForeScout Mobile Security Module for Android consists of a plug-in and an app, while the module for the iPhone and iPad natively supports iOS devices, by using the Apple Mobile Device Management API (application programming interface) and the Apple Push Notification service, according to ForeScout.
Choosing to focus on Apple’s iPhone and iPad along with Android-based devices was a “no-brainer,” according to Hanan Levin, vice president of product management at ForeScout, whose biggest wish is that the same APIs could be used on both OSes.
Today, Apple’s APIs work well, but you can’t do anything outside of what they support, Levin said. On Android, “the sky is the limit”, but you have to do all the work yourself and integrate with OS, Levin added.
The company has also launched the Mobile MDM Module, a product that can integrate with existing management platforms and adds more access control features.
ForeScout Mobile costs from $2,800 (around £1,785) for 100 devices. The ForeScout Mobile Security Module for Android and iOS are in beta test and will be available in April. The ForeScout Mobile MDM Module will start shipping in the third quarter.
View full post on National Cyber Security » Computer Hacking
Android malware writers are taking advantage of the controversy surrounding Carrier IQ’s smartphone tracking software in order to distribute a premium SMS Trojan, security researchers from Symantec warn.
“Android.Qicsomos is a modified version of an open source project meant to detect Carrier IQ on a device, with additional code to dial a premium SMS number,” said Symantec malware analyst Irfan Asrar.
The Carrier IQ controversy began in November 2011, when security researcher Trevor Eckhart published a detailed analysis of a monitoring agent developed by the company and preloaded by many mobile carriers on devices sold to customers.
The Carrier IQ software is designed to collect usage data from smartphone devices in order to provide carriers with statistics about dropped calls, service interruptions, battery usage and similar information. However, Eckhart claimed that the software can also be used for more privacy-intrusive purposes, leading some users to look for ways to remove it from their devices.
The premium SMS Trojan detected by Symantec masquerades as a tool for detecting the presence of the Carrier IQ agent, which some people are considering a rootkit, a surreptitious application with low-level system access.
The version analysed by the security vendor’s researchers was localised in French and its icon was similar to the logo used by Orange, one of Europe’s largest telecom operators.
The Trojan does not appear to be spread from the Android Market, so distribution is most likely done through some form of spam messages that claim to originate from mobile operators, Asrar said.
Upon installation, the rogue software displays a window that contains some information about the device and claims that the Carrier IQ rootkit was not found. Users are then presented with a button to uninstall the app.
However, when this button is pressed, the Trojan sends an unauthorised SMS message to a premium-rate number registered by the malware’s creators, earning them money in the process.
An interesting aspect of this Trojan is that its code is signed with a certificate obtained from the Android Open Source Project (AOSP). While the majority of manufacturer-supplied Android builds don’t trust this certificate by default, some older community-built versions might. Because the code is signed with a trusted certificate, users of such unofficial versions might not even see the permissions notification prompt when the Trojan is installed.
Some users might be understandably skeptical of the bleak predictions regarding mobile threats that were put forth in recent months by security vendors. “But to any skeptics out there, I can assure you some concerns, such as this threat, are not without merit,” Asrar said.
View full post on National Cyber Security » Computer Hacking
HTCS1: A Congressional cyber security bill gets a big push from one lawmaker. Read what he’s doing at http://t.co/emYiuL3W
View full post on Twitter / HTCS1
Researchers in Germany have demonstrated weaknesses in the W3C XML encryption standard used to secure websites and other Web applications.
<img alt="Researchers break W3C XML encryption algorithm, push for new standard, Blog, encryption, Researchers, push, break, standard, algorithm"height="0" width="0" border="0" style="display:none" src="http://segment-pixel.invitemedia.com/pixel?code=TechBiz
&partnerID=167&key=segment”/><img alt="Researchers break W3C XML encryption algorithm, push for new standard, Blog, encryption, Researchers, push, break, standard, algorithm"height="0" width="0" border="0" style="display:none" src="http://pixel.quantserve.com/pixel/p-8bUhLiluj0fAw.gif?labels=pub.30034.rss.TechBiz
.38006,cat.TechBiz
.rss”/>
View full post on SearchSecurity: Security Wire Daily News
View full post on National Cyber Security
Trapped between budget constraints and security fears, government agencies are increasingly opting for private clouds.
<img alt="Breach fears push federal cloud computing initiative to private cloud, Blog, Federal, cloud, breach, private, push, fears, computing, initiative"height="0" width="0" border="0" style="display:none" src="http://segment-pixel.invitemedia.com/pixel?code=TechBiz
&partnerID=167&key=segment”/><img alt="Breach fears push federal cloud computing initiative to private cloud, Blog, Federal, cloud, breach, private, push, fears, computing, initiative"height="0" width="0" border="0" style="display:none" src="http://pixel.quantserve.com/pixel/p-8bUhLiluj0fAw.gif?labels=pub.30034.rss.TechBiz
.38006,cat.TechBiz
.rss”/>
View full post on SearchSecurity: Security Wire Daily News
View full post on National Cyber Security