Security

EU security think tank ENISA looks for IoT security, can’t find any • The Register

http://www.theregister.co.uk/2017/05/23/enisa_proposes_internet_of_things_security_standards/ European network and infosec agency ENISA has taken a look at Internet of Things security, and doesn’t much like what it sees. So it’s mulling a vendor’s nightmare that the US and UK dared not approach: security regulation – at least the minimal regulation of testing and certification. IoT security needs bottom-to-top baseline requirements,

The Future of Ransomware – Schneier on Security

https://www.schneier.com/blog/archives/2017/05/the_future_of_r.html Ransomware isn’t new, but it’s increasingly popular and profitable. The lessons for users are obvious: Keep your system patches up to date and regularly backup your data. This isn’t just good advice to defend against ransomware, but good advice in general.  But it’s becoming obsolete. Needed solutions aren’t easy and they’re not pretty. The

It’s not just Windows anymore: Samba has a major SMB bug | ZDNet

http://www.zdnet.com/article/its-not-just-windows-anymore-samba-has-a-major-smb-bug/ The other week, Microsoft got its security teeth kicked in when an old SMB security hole was exploited by the WannaCry ransomware attack. This week, it’s the turn of Samba, the popular open-source SMB server. Like the WannaCry security hole, the good news is the Samba file-sharing bug has already been fixed. The bad news is you

Fight ransomware: Run Windows in Linux as a virtual machine

http://www.pcworld.com/article/3197628/linux/fight-ransomware-by-running-windows-in-linux-as-a-virtual-machine.html Running Windows as a virtual machine in Linux may seems like unnecessary work until something like the Wannacry ransomware scare comes along.  Despite its headaches, desktop Linux rarely is the target of malware. (When it is, it can generally present a smaller attack surface.)  And if you need to run applications in Windows, run

Arrow IoT Summit to 18.5.2017

http://iotsummit.fi/ Arrow Electronics today organized a IoT Summit event focusing on the Internet in Helsinki. According to Andrew Bickley, who is responsible for marketing the company’s IoT solutions in Europe, IoT is moving from management speeches to implementation. And usually, customers need ready-made solutions. – companies that develop IoT-based services that do not understand the

Web Developer Security Checklist – Simple Security

https://simplesecurity.sensedeep.com/web-developer-security-checklist-f2e4f43c9c56 Developing secure, robust web applications in the cloud is hard, very hard. If you think it is easy, you are either a higher form of life or you have a painful awakening ahead of you. Think twice before you launch your “proto-product”. Acknowledge that you are skipping many of critical security issues. At the very minimum, be honest with

Managing passwords and security on your Linux server | Opensource.com

https://opensource.com/business/16/6/managing-passwords-security-linux?sc_cid=7016000000127ECAAY Managing password and security related issues in Linux is important, but there are some simple steps you can take to make your system more secure.  We’ve seen that there can be a large number of attempts to log on to a publicly accessible system. So, what can we do? There are a few things

An NSA-derived ransomware worm is shutting down computers worldwide

https://arstechnica.com/security/2017/05/an-nsa-derived-ransomware-worm-is-shutting-down-computers-worldwide/ A highly virulent new strain of self-replicating ransomware is shutting down computers all over the world. The malware, known as Wanna, Wannacry, or Wcry, has infected at least 57,000 computers, according to antivirus provider Avast. AV provider Kaspersky Lab said organizations in at least 74 countries have been affected. Wcry uses weapons-grade exploit published by the