Archive for April, 2015:

Twitter may turn to Apple to help distribute tweets

Twitter may turn to Apple to help distribute tweets

Tweets might appear in Spotlight searches on Apple devices, Twitter CEO Dick Costolo says

Soon, when you do a search on your iPhone for someone’s contact info, a recent tweet from them might also pop up.

Twitter is working with Apple to incorporate Twitter content and accounts into Apple’s Spotlight search feature, Twitter CEO Dick Costolo said during the company’s quarterly earnings call on Tuesday. Spotlight search is a feature in Apple’s iOS mobile system, and OS X on Macs, that generates results from content stored on the devices and from other content such as Safari Web results and mail from Apple’s Mail app.

Representatives from Twitter and Apple did not immediately respond to requests for comment.

Should such a deal come to fruition, it could help Twitter distribute its content to a wider audience, which would align with the company’s larger efforts to attract new users and thus improve Twitter’s ability to serve them ads.

Apple’s Spotlight search pulls much of its data from Apple-owned products and services, but also from outside sources like Wikipedia and Microsoft’s Bing.

Tweets are already appearing in more places outside of Twitter, like in Google’s search results. Earlier this year, Twitter struck a new deal with Google to give the search giant access to Twitter’s firehose of content, making relevant tweets appear in people’s Google search results.

Tweets will start appearing in Google search results next month, Twitter’s Costolo said during the call.

Twitter reported on Tuesday it had 302 million users who log in monthly as of the end of last quarter. That’s up 18 percent from a year earlier, but still less than a quarter of the size of Facebook.

Twitter’s monthly user count is only one piece of how it views its potential user base. The company is also going after people who may not be logged in to Twitter or even have accounts, but who may see Twitter content like tweets elsewhere on the Web or in mobile apps. That’s where deals like the one with Google, or conceivably one with Apple, would come into play.

Twitter syndication efforts also include publishing tweets from advertisers in Flipboard, a mobile news app.

Twitter faces challenges in growing its ads business among people who do not hold Twitter accounts. Currently, much of Twitter’s ability to deliver targeted ads comes from the data it holds on how people use its site, and it tries to divine what they’re interested in through their activities on Twitter.


 

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

 

 

Posted in: Apple

Continue Reading

Detecting advanced threats with user behavior analytics

Using big data and machine learning to assess the risk, in near-real time, of user activity

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Day after day, an employee uses legitimate credentials to access corporate systems, from a company office, during business hours. The system remains secure. But suddenly the same credentials are used after midnight to connect to a database server and run queries that this user has never performed before. Is the system still secure?

Maybe it is. Database administrators have to do maintenance, after all, and maintenance is generally performed after hours. It could be that certain maintenance operations require the execution of new queries. But maybe it isn’t. The user’s credentials could have been compromised and are being used to commit a data breach.

With conventional security controls there’s no clear cut answer. Static perimeter defenses are no longer adequate in a world where data breaches increasingly are carried out using stolen user credentials. And they have never been of much use against malicious insiders, who abuse their privileges. Today’s BYOD environment can also leave a static perimeter in tatters as new rules have to be continually added for external access.

A new approach called User Behavior Analytics (UBA), can eliminate this guesswork using big data and machine learning algorithms to assess the risk, in near-real time, of user activity. UBA employs modeling to establish what normal behavior looks like.

This modeling incorporates information about: user roles and titles from HR applications or directories, including access, accounts and permissions; activity and geographic location data gathered from network infrastructure; alerts from defense in depth security solutions, and more. This data is correlated and analyzed based on past and on-going activity.

Such analysis takes into account — among other things — transaction types, resources used, session duration, connectivity and typical peer group behavior. UBA determines what normal behavior is, and what constitutes outlier or anomalous activity. If one person’s anomalous behavior (i.e., midnight database queries) turns out to be shared by others in their peer group, it is no longer considered medium or high risk.

Next, UBA performs risk modeling. Anomalous behavior is not automatically considered a risk. It must first be evaluated in light of its potential impact. If apparently anomalous activity involves resources that are not sensitive, like conference room scheduling information, the potential impact is low. However, attempts to access sensitive files like intellectual property, carries a higher impact score.

Consequently, risk to the system posed by a particular transaction is determined using the formula Risk = Likelihood x Impact.

Likelihood refers to the probability that the user behavior in question is anomalous. It is determined by behavior modeling algorithms.

Meanwhile, impact is based on the classification and criticality of the information accessed, and what controls have been imposed on that data.

Transactions and their computed risks can then be associated with the user who is making the transactions, to determine the risk level. The calculation of user risk typically includes additional factors, such as asset classification, permissions, potential vulnerability, policies, etc. Any increase in these factors will increase the risk score of that user.

Custom weighting values can be used for all the factors in these calculations, to automatically tune the overall model.

In the end, UBA collects, correlates, and analyzes hundreds of attributes, including situational information and third-party threat information. The result is a rich, context-aware petabyte-scale dataset.

UBA’s machine learning algorithms can not only weed out and eliminate false positives and provide actionable risk intelligence, but also revise norms, predictions, and overall risk scoring processes based on the information collected.

Changes in information classification as well as operational changes (such as new departments, new job codes, or new locations) are automatically incorporated into the system’s datasets. For example, if an IT administrator is temporarily granted a higher level of system access, their risk scores will be altered during that period of time. UBA can also, in automated fashion, determine what custom weighting values have the most operational significance in reducing false positives.

The resulting intelligence can be mined off-line for insights into the enterprise’s security posture, often uncovering unsuspected vulnerabilities, such as the provisioning of more user groups than users, the presence of unused credentials, or users with significantly more or fewer access privileges than they should.

Less obvious malicious behavior, such as sabotage, the theft of an enterprise’s trade secrets, or longer-term activity like financial fraud, will also produce patterns of anomalous behavior that a UBA system can detect.

Finally, if a user is found to pose a significant risk, the system can react accordingly, from blocking further access to imposing risk-based adaptive authentication that will challenge them for a second form of identification. The user’s post-login activities may also be restricted.

UBA is transforming security and fraud management because it enables enterprises to detect when legitimate user accounts/identities have been compromised by external attackers or are being abused by insiders for malicious purposes.

Gurucul is a provider of identity-based threat deterrence technology. The author is a recognized expert in information security, identity and access management, and security risk management. Prior to founding Gurucul, Saryu was a member of the founding team at Vaau, an enterprise role-management start-up acquired by Sun Microsystems. She has held leadership roles in product strategy for security products at Oracle and Sun Microsystems and spent several years in senior positions at the IT security practice of Ernst & Young.


 

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com


Continue Reading

Google to pull Chrome plug on Windows XP at year’s end

Another browser on XP bites the dust

Google on Thursday announced it will shut down support for Chrome on Windows XP at the end of the year.

“We will continue to provide regular updates and security patches to Chrome on XP through the end of 2015,” said Mark Larson, Chrome’s director of engineering, in a short blog post Thursday.

A year and a half ago, Larson pledged to support Chrome on the even-then-aged operating system until “at least April 2015.”

“We know that not everyone can easily switch to a newer operating system,” Larson said of Google’s decision to continue supporting Chrome on XP after the latter’s retirement. “Millions of people are still working on XP computers every day [and] we want those people to have the option to use a browser that’s up-to-date and as safe as possible on an unsupported operating system.”

But enough was apparently enough.
Microsoft called it quits on Windows XP a year ago Tuesday, when it issued the final scheduled security updates for the 2001 OS. (The company made a one-time exception shortly thereafter when it shipped an emergency patch for its Internet Explorer (IE) browser.)

Because Microsoft halted security fixes for IE on Windows XP on April 14, 2014, security professionals urged the OS’s users to switch to another browser. Dropping IE for Chrome, Mozilla’s Firefox or Opera Software’s Opera was one way to minimize — but not eliminate — risk, they said.

Neither Mozilla or Opera have publicized end-of-support dates for their browsers on Windows XP.

According to Web metrics vendor Net Applications, approximately 18.5% of all Windows PCs ran XP in March, slightly more than half the 34.5% the OS accounted for in October 2013, when Larson set Chrome’s earliest support demise at this month.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

 


Continue Reading

The things end users do that drive IT teams crazy

To protect users from public embarrassment their identities have been withheld in these true stories of failures to follow security protocol.

Dumbfounded
There are times as a security professional you can only put your head in your hands and cry. The things people do that put the company at risk can sometimes amaze you. Here are some real-life scenarios provided by CISOs.

Turn your machine on?
I overheard a call that came into the help desk and was amazed how angry and abusive this guy (internal staffer) was to the help desk. I stepped in and tried to remedy the situation. I walked through all of the issues with his desktop that would not start up. He was convinced that he had been hacked. Then he mentioned that the power light on his monitor was yellow. I paused, took a deep breath and asked him what color the light on his computer was. He responded “there are no f*** lights”. I asked him to turn his computer on and he paused…cleared his throat…thanked us and hung up. He had a long chat with HR after.

At least they didn’t use “password”
When an investigative team informed one user that his account had been compromised, someone knew his password and he needed to change it, this person complied but in a totally ineffective way. Say his password was trustno1, he just made it trustno2. As if the hacker that stole his password in the first place wouldn’t be bright enough to try one number higher. Little tip everyone: hackers are generally pretty smart and are certainly smart enough to try all variations on a theme like this.

Who put this email in quarantine?
We had a phishing attack against our enterprise, and did a lot of communication to our employees to inform them to be careful when clicking on links. We also tuned our mail-filtering tools to ensure those emails were quarantined. We had a user who actually went into his quarantined email, released the email from quarantined email, and then went back into his inbox, so he could click on the link – thus infecting his machine with malware.

I won, I won … I lost my job
We had a system administrator who wanted to win a $1,000 prize by submitting an online technology video. So he carried a video camera into our secure data center and filmed some very sensitive cages of equipment belonging to customers. Our customer called us to report that they’d seen their cage online. It wasn’t difficult to figure out who made the video. The system administrator lost a $90,000 job, in an attempt to win a $1,000 prize!

I’ll just leave this USB device in a safe place
We had a policy against copying sensitive company data to non-company systems. We caught an executive copying sensitive company data to a personal USB device. She said she needed to have a backup of her data, in case her laptop was stolen from her car or lost/stolen while traveling. I asked her if she kept the USB locked up in her office or at home. She said, “no”, she keeps her USB device in her laptop bag, with her laptop! Theft from her car (the most likely scenario) would have likely resulted in the USB device being stolen also!

New employee dropped?
We had an executive who joined the company, and on his second day, he installed Dropbox and synchronized proprietary sensitive information from his prior company onto his new company laptop. Against our policy and could have opened us up to a lawsuit!

Out the window it goes
An employee was ready to leave the company and he decided to take customer data with him. He copied a large amount of data to a USB stick. The company’s DLP solution caught the large data copy and gave him a message on his screen, informing him of the policy for using USB devices. He panicked and threw the USB stick out the window. We never were able find the USB stick and unfortunately it was a data breach.

Secure Wi-Fi
A company executive explained, rather matter of fact like, that his wireless traffic was encrypted because the Wi-Fi used a password to connect.

I have the program at home, why not?
A compliance officer couldn’t open a file that contained 500,000 credit card numbers. Knowing that her home computer had the program that could open the file, she emailed it to herself.

Never trust those inlaws
The CEO of a company received an email thought to be from an inlaw. He opened what turned out to be a phishing message, which took his Google credentials and subsequently phished the other CEO at the same company. The victim did not find it odd when Google asked him to re-authenticate. The perpetrator subsequently tried to trick the CEO’s assistants to transfer money to an account.


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Posted in: TECH

Continue Reading

How Connecticut set itself up to be the first gigabit state

Connecticut is moving ahead with a statewide gigabit broadband initiative after resolving a surprisingly simple, but common, issue standing in the way of fiber deployment.

Connecticut needed this. Lately, the only noteworthy contribution my home state has made to the national news is Aaron Hernandez, an apparent psychopath who earned millions of dollars playing football while (allegedly) murdering anyone who looked at him the wrong way.

But it looks like the third smallest state in the country is on its way to becoming the first to offer ubiquitous 1-Gigabit internet to its residents. The website EfficientGov.com has a pretty comprehensive breakdown on the project: 46 municipalities that make up about half of the state’s population have agreed to endorse a plan for public/private partnerships to expand 1-Gig broadband internet access.

The “pubic/private partnerships” part of the plan likely makes it more achievable. In other areas, attempts at municipal-run broadband projects have created mountains of debt in their worst cases and have led to heated legislative battles in their best.

Chattanooga, Tennessee, is a good example of how difficult municipal broadband can be. The city’s broadband is among the fastest in the country, and its network was built and operated by the city after it had difficulty attracting investment from private ISPs. When the city looked to expand its 1-Gig service to other regions, state lawmakers imposed strict regulations, ultimately culminating in the state of Tennessee filing a lawsuit against the FCC late last month.

The Connecticut State Broadband Initiative attempts to side step the messy political issues by paving the way for private companies to lay the fiber throughout the state and allowing ISPs to use it to provide services.

“It’s like building the road — and anyone can drive their cars on it,” Connecticut’s consumer counsel Elin Katz recently told Backchannel.

It’s not always that simple, though. What’s different about the Connecticut plan is how it handled what Backchannel contributor Susan Crawford called “the unbelievably difficult issue of attaching wires to poles.” She briefly explained how Connecticut addressed this issue:

“Rather than letting pole owners hold up every requestor by creating delays and making demands for special payments (seriously: pole-attachment scuffles are the long-running soap operas of telecom), Connecticut requires pole owners to obey a Single Pole Administrator, adhere to uniform pricing agreements, and act to make way for new wires in a set time. Dramatic stuff. And Connecticut already had passed a statute giving municipalities the right to use a part of a pole, or ‘gain,’ for any purpose. These two elements made Connecticut an extremely attractive place to string a network.”

In fact, the obstacles that pole owners can create for projects like fiber deployment have been well-documented. An article published last May at BroadbandLawAdvisor.com provides detailed instructions on how to deal with pole owners who maybe imposing “fees and charges that are not permitted or exceed permitted regulated levels.”

The FCC’s National Broadband Plan includes a section that warns that “delays can also result from existing attachers’ action (or inaction) to move equipment to accommodate a new attacher, potentially a competitor.” Basically, those who own the utility poles can levy fees on any company or organization that tries to work on them, or they can just flat out deny access. The FCC acknowledged that reform is needed in how access to poles is handled.

Connecticut may be an example of how to implement this reform. A Request for Qualifications issued in September explained how the state accomplished this:

“All the utility poles across the state are subject to the central statutory jurisdiction of the Connecticut Public Utilities Regulatory Authority,” the RFQ read, according to BroadbandAndBreakfast.com. “The established and firm timelines for the entire pole attachment process that the Connecticut regulator has ordered and manages … thus facilitat[es] the deployment of broadband.”

Of course, Connecticut faces the same kinds of pushback seen in the states that are embroiled in legal battles over municipal broadband, i.e. lobbyist groups highlighting the risks and occasionally stepping into propaganda territory to sway public opinion. But, as Backchannel’s Crawford pointed out, the initiative has already garnered majority support in the state, and it is designed to facilitate competition between private companies, rather than to threaten competition from the state. When pro-business lobbyists argue against a pro-business plan, few people are going to bother listening.


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com


Continue Reading

What can you do when the insider threat is IT itself?

IT pros are not always the good guys, and when they go bad, the damage is immense.

IT is charged with keeping threats at bay, from both traditional external hackers and, increasingly, company insiders. One insider that is too often overlooked is IT itself. Look around your IT department – can you trust every single person there?

It turns out that a notable portion of insider breaches come from technical staff: 6% from developers and another 6% from admins, according to the latest Verizon Data Breach Investigations Report. The report shows that many of these breaches come from privilege abuse, although there are still plenty of other techniques IT staffers use. Great importance should be given to the moral character of your IT admins, after all, they do hold a lot of power at their fingertips, especially when a sizeable chunk of the business goes through IT systems.

In a recent Infoworld column, Roger A. Grimes offered a few war stories and some bits of advice on how to hire truly trustworthy IT pros and spot the bad seeds.

“When someone you admired, trusted, and invested yourself in ends up embezzling from the company, illegally accessing private emails, or using customer credit card data to buy computer equipment for their home, your incorrectly placed trust in that person will haunt you,” Grimes wrote. One person he hired had not disclosed that he had a criminal record, and only after a background check had he learned. By then, the person had already been employed.:

“The one employee I kept on after they committed this transgression ended up stealing thousands of dollars in computer equipment from the company,” he wrote. “I found out when he asked me to drop by his house to help diagnose possible malware on his home computer. When I entered his abode, I saw that he had a multi-thousand-dollar computer rack, computers, and networking equipment identical to what we had at work. When he realized I recognized the equipment, his expression was clear. It had been a mistake to invite me to his house, at least without first hiding the stolen equipment.”

Grimes suggests that background checks are very important when hiring IT staff, and he warns against hire candidates who have been found to have lied, or those who always have something bad to say about their previous employers. Grimes also recommends keeping an eye out for current employees who know too much about things they probably shouldn’t.

Some years back, I covered this topic in a 2006 cover story for Redmond magazine: IT Gone Bad. The stories came straight from IT pros themselves and gave a good overview of what goes on behind the curtain of admin privileges.

“We have a network guy who monitors everyone’s Internet usage. Most employees don’t know this because our boss tells everyone that there’s no one monitoring the Internet and that he doesn’t want to know anyway, but this network guy always seems to know what everyone is surfing for. He even talks about it with other employees,” said an IT pro interviewed for the article.

In another case, a school district IT director and a co-worker conspired to defraud the system.

“They had a computer consulting business they ran on the side and would leave the district several times a day to work on client computers without taking vacation time,” an IT source revealed. “They discovered the program eBlaster, which records everything you do on the computer and attaches key logs, screenshots, Internet usage and a lot of other info in an email and sends it to a specified address for review. This was initially used to monitor users suspected of spending too much time surfing the Internet or inappropriate email. It was put on the CFO, COO, and superintendent’s computer. It’s also suspected that it was put on a few of the school board members’ computers.”

This was done in order to advance their career by either blackmail or through special knowledge they gained from all the information they harvested.

With so many businesses relying on tech as a means of communication, the computer network can be a treasure trove of sensitive data, easily accessible by IT admins. Trust is of utmost importance, but what else can you do, and how does Verizon suggest you block breaches, including those from the inside?

“The first step in protecting your data is in knowing where it is and who has access to it,” the report reads. “From this, build controls to protect it and detect misuse. It won’t prevent determined insiders (because they have access to it already), but there are many other benefits that warrant doing it.”

That’s good advice, and I take it to mean that even IT should fall under strict data access privilege policies, and all network activity, including that from IT, should be tracked for security threats.


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

 

 

Posted in: TECH
Tags:

Continue Reading

Follow Us

Bookmark and Share


Popular Posts