Welcome!

Industrial IoT Authors: Stackify Blog, Liz McMillan, Derek Weeks, Elizabeth White, Kevin Benedict

Blog Feed Post

This Week In Computer Security

Verizon

Verizon in the News for Breach Report 2012 and Assisting FCC with Botnet Control

Much of the security news this week revolved around sets of computer security reports and figures released about 2011 — the year best known for the rise of hacktivism into the public eye with such high-profile attacks as Sony’s PSN and the other myriad targets breached by LulzSec and its brethren.  The statistics show some interesting facts which are worthy of attention.  The potential resurgence of Lulzsec, and security posturing of ISP’s also make this week’s list of notable security news as well, due to their effects in shaping the security landscape (minefield?).

Exploit Code Down, Hacktivism Up:

Out of 855 breaches investigated by Verizon, it was reported that hacktivism was responsible for the disclosure of 58% of the confidential information.  This information is typically posted publicly in order to embarrass companies and is quickly scraped and used by online criminals (typically involved in organized crime) and abused.
While hacktivism is on the rise, publicly posted exploits are reportedly on the fall — The total number of exploits in 2011 fell to 778 from 1280 (though it has been noted that this could signal a corresponding upswing this year).  This contrasts with the number of large breaches that were occurring on a regular basis in the latter half of 2011 and the beginning of this year.  Verizon warns that hacktivism is still a very powerful force and that it continues to endanger many organizations.
Read the 2012 Breach Report Here:http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf

Read More about breaches, Exploits: http://www.computerworlduk.com/news/security/3346538/software-exploits-fell-new-low-in-2011-says-trend-risk-report/

 

LulzSec Returns For Another Round:

A new video claiming to herald the return of LulzSec on the 1st of April has surfaced on the internet.  While several of LulzSec’s high-ranking members remain in custody, it may be that the collective has re-grouped its lower-ranking members into another stand.  According to the video, the arrested members were only the “Active Faction” of the group and their hackers are currently planning attacks.  Anyonymous members don’t seem to know if the video is legitimate or not, but (as always) it might pay off to start hardening your web applications now.
Link to The Video: http://www.youtube.com/watch?v=rX6Z9x-W5wI&feature=player_embedded

SQL Injections Perhaps No Longer The Flavour-Of-The-Month:

According to the IBM X-Force Trend and Risk Report, there has been a “2 to 3-fold increase” in shell injection attacks on web applications as the number of SQL injection attacks decreased, likely due to security improvements and programming technique adjustments.  Shell injection and SQL injection attacks require similar conditions to exist, mostly the absence of user-controlled variable sanitization.  Whereas SQL injections attack the interface between the application and the SQL database, command injection attacks the application interfaces with the underlying system or the application itself.

Read More Here:http://business.newsfactor.com/news/IBM-Report-Finds-Progress-on-Security/story.xhtml?story_id=11200AG5XV28

Read The X-Force Report: http://www-935.ibm.com/services/us/iss/xforce/trendreports/

ISPs Agree to Police Users for Botnets:

Many large US internet service providers recently agreed to a code of conduct in order to notify and help users infected by botnet code with the goal of reducing the infections that assist hackers with the production of spam and denial of service attacks.  AT&T, CenturyLink, Comcast, Cox, Sprint, Time Warner and Verizon have agreed to the code of conduct, and some already are providing similar services to their users.  This is good news for infected victims, most of whom have no idea that they are being used in attacks or having their personal information stolen unless their computer is showing overt symptoms of infection.
Read more: http://www.huffingtonpost.com/2012/03/22/internet-providers-botnets_n_1372837.html

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

@ThingsExpo Stories
Intelligent Automation is now one of the key business imperatives for CIOs and CISOs impacting all areas of business today. In his session at 21st Cloud Expo, Brian Boeggeman, VP Alliances & Partnerships at Ayehu, will talk about how business value is created and delivered through intelligent automation to today’s enterprises. The open ecosystem platform approach toward Intelligent Automation that Ayehu delivers to the market is core to enabling the creation of the self-driving enterprise.
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Massive Networks will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Massive Networks mission is simple. To help your business operate seamlessly with fast, reliable, and secure internet and network solutions. Improve your customer's experience with outstanding connections to your cloud.
The question before companies today is not whether to become intelligent, it’s a question of how and how fast. The key is to adopt and deploy an intelligent application strategy while simultaneously preparing to scale that intelligence. In her session at 21st Cloud Expo, Sangeeta Chakraborty, Chief Customer Officer at Ayasdi, will provide a tactical framework to become a truly intelligent enterprise, including how to identify the right applications for AI, how to build a Center of Excellence to ...
Consumers increasingly expect their electronic "things" to be connected to smart phones, tablets and the Internet. When that thing happens to be a medical device, the risks and benefits of connectivity must be carefully weighed. Once the decision is made that connecting the device is beneficial, medical device manufacturers must design their products to maintain patient safety and prevent compromised personal health information in the face of cybersecurity threats. In his session at @ThingsExpo...
From 2013, NTT Communications has been providing cPaaS service, SkyWay. Its customer’s expectations for leveraging WebRTC technology are not only typical real-time communication use cases such as Web conference, remote education, but also IoT use cases such as remote camera monitoring, smart-glass, and robotic. Because of this, NTT Communications has numerous IoT business use-cases that its customers are developing on top of PaaS. WebRTC will lead IoT businesses to be more innovative and address...
Because IoT devices are deployed in mission-critical environments more than ever before, it’s increasingly imperative they be truly smart. IoT sensors simply stockpiling data isn’t useful. IoT must be artificially and naturally intelligent in order to provide more value In his session at @ThingsExpo, John Crupi, Vice President and Engineering System Architect at Greenwave Systems, will discuss how IoT artificial intelligence (AI) can be carried out via edge analytics and machine learning techn...
Everything run by electricity will eventually be connected to the Internet. Get ahead of the Internet of Things revolution and join Akvelon expert and IoT industry leader, Sergey Grebnov, in his session at @ThingsExpo, for an educational dive into the world of managing your home, workplace and all the devices they contain with the power of machine-based AI and intelligent Bot services for a completely streamlined experience.
SYS-CON Events announced today that GrapeUp, the leading provider of rapid product development at the speed of business, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company, specialized in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market acr...
SYS-CON Events announced today that Datera, that offers a radically new data management architecture, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Datera is transforming the traditional datacenter model through modern cloud simplicity. The technology industry is at another major inflection point. The rise of mobile, the Internet of Things, data storage and Big...
In his opening keynote at 20th Cloud Expo, Michael Maximilien, Research Scientist, Architect, and Engineer at IBM, discussed the full potential of the cloud and social data requires artificial intelligence. By mixing Cloud Foundry and the rich set of Watson services, IBM's Bluemix is the best cloud operating system for enterprises today, providing rapid development and deployment of applications that can take advantage of the rich catalog of Watson services to help drive insights from the vast t...
SYS-CON Events announced today that CA Technologies has been named "Platinum Sponsor" of SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business - from apparel to energy - is being rewritten by software. From planning to development to management to security, CA creates software that fuels transformation for companies in the applic...
Recently, IoT seems emerging as a solution vehicle for data analytics on real-world scenarios from setting a room temperature setting to predicting a component failure of an aircraft. Compared with developing an application or deploying a cloud service, is an IoT solution unique? If so, how? How does a typical IoT solution architecture consist? And what are the essential components and how are they relevant to each other? How does the security play out? What are the best practices in formulating...
In his session at @ThingsExpo, Arvind Radhakrishnen discussed how IoT offers new business models in banking and financial services organizations with the capability to revolutionize products, payments, channels, business processes and asset management built on strong architectural foundation. The following topics were covered: How IoT stands to impact various business parameters including customer experience, cost and risk management within BFS organizations.
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
SYS-CON Events announced today that Elastifile will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Elastifile Cloud File System (ECFS) is software-defined data infrastructure designed for seamless and efficient management of dynamic workloads across heterogeneous environments. Elastifile provides the architecture needed to optimize your hybrid cloud environment, by facilitating efficient...
There is only one world-class Cloud event on earth, and that is Cloud Expo – which returns to Silicon Valley for the 21st Cloud Expo at the Santa Clara Convention Center, October 31 - November 2, 2017. Every Global 2000 enterprise in the world is now integrating cloud computing in some form into its IT development and operations. Midsize and small businesses are also migrating to the cloud in increasing numbers. Companies are each developing their unique mix of cloud technologies and service...
SYS-CON Events announced today that Golden Gate University will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Since 1901, non-profit Golden Gate University (GGU) has been helping adults achieve their professional goals by providing high quality, practice-based undergraduate and graduate educational programs in law, taxation, business and related professions. Many of its courses are taug...
SYS-CON Events announced today that Grape Up will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct. 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company specializing in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market across the U.S. and Europe, Grape Up works with a variety of customers from emergi...