US Interior Dept extends drone grounding over foreign hacking fears

Now can’t be an easy time to be a professional drone pilot working for the US Department of the Interior (DOI).

After years of enthusiastic expansion, in November 2019 the agency announced the temporary grounding of its fleet of Unmanned Aircraft Systems (UAS) over hacking fears unnamed sources claimed were connected to their manufacture in China or use of Chinese parts.

This week, the DOI doubled down on that order, with Secretary of the Interior David Bernhardt signing a follow-up that will keep the agency’s drones on the ground for another 30 days until a more in-depth security review is completed.

It’s not clear what prompted the need for additional checks beyond a sense of caution. The statement simply noted:

In certain circumstances, information collected during UAS missions has the potential to be valuable to foreign entities, organizations, and governments.

Grounding drones for another month would give the agency time to carry out a cybersecurity assessment to make sure this can’t happen, it continued.

Until the issue is resolved, the only DOI drone flights allowed will be those connected to emergencies – monitoring wildfires and floods, both uses that underscore the importance of drones to the agency’s work.

Investigating drone cybersecurity sounds like a good idea even if how the agency might go about this remains open to speculation.

Drone Utopia

In a separate development last November, the US Department of Justice (DOJ) recommended that drones used by government departments be subjected to a thorough security assessment before use. The latest order is explicit that it’s the foreign dimension the agency is worried about when it specifies:

UAS manufactured by designated foreign-owned companies or UAS with designated foreign-manufactured component.

Easier said than done. In common with almost any other product one might think of, drones are built from a complex mix of hardware and software from across the world.

Much of it might come from China, but not all of it. And even the stuff that doesn’t might involve supply chains that lead who knows where. What’s certain is that many components will not be designed or manufactured in the US.

One answer might be to certify platforms in the same way the US Government does for other types of hardware. However, doing this for a relatively small fleet of drones used by one department would inevitably make them a lot more expensive and less likely to keep up with innovation.

The alternative is for the US to repurpose specialised drone platforms used by the US military but that could be beyond the budget of a department as small as the DOI.

The practical reality is that while engineers can peer at the software code used by drones, achieving absolute certainty about their underlying design is probably Utopian.

More achievable might be to take a leaf from mainstream cybersecurity and develop or adopt an open source platform which could be studied by the wider security community for security issues.

While complex proprietary technologies such as 5G equipment don’t lend themselves to this approach, drones are another matter.

The DOI seems unlikely to scrap or permanently ground its current drone fleet. At some point they will start flying again. But the hiatus is the perfect moment to reassess the flawed ‘fly and hope’ security approach that has shaped current drone use.

---

Latest Naked Security podcast

LISTEN NOW

Click-and-drag on the soundwaves below to skip to any point in the podcast.

from Naked Security https://ift.tt/2RHygSX

Financial tech firms disagree on ban of customer data screen-scraping

For years, financial technology (fintech) companies have used screen-scraping to retrieve customers’ financial data with their consent. Think lenders, financial management apps, personal finance dashboards, and accounting products doing useful things: like, say, your budgeting app will use screen-scraping to get at the incoming and outgoing transactions in your bank account, using the information to power its analysis…

…putting your privacy, passcode and other security information in danger of getting lost along the way.

Because of those potential dangers to people’s privacy and data, many in fintech are urging the Australian government to follow in the footsteps of the European Union (EU) and to ban screen-scraping. But the call is far from unanimous, with some saying that smaller companies just can’t afford the alternatives to get at customer data.

On Thursday, representatives of companies in the fintech industry met with Australia’s Senate Committee of Financial Technology and Regulatory Technology to chime in.

As ZDNet reports, one of the calls for a ban came from Lisa Schutz, founding director of The Regtech Association and CEO of Verifier, who said that her company could use screen-scraping, but it’s chosen not to. That’s because they don’t want to step on her customers’ toes, privacy-wise, she said. Instead, Verifier abides by the 12 principles of Australia’s Privacy Act to access data: the “long way to get the right outcome,” she said, but worth it:

It comes back to what is the 2050 Australia that we want to live in.

The question of banning screen-scraping has come to pass thanks to the UK’s Open Banking initiative – a new, more secure way for consumers, including small businesses, to share information. It’s created a standardized way to share data and collect customer consent.

It’s an important security upgrade: one that means that, unlike with screen-scraping, passwords aren’t shared with third-party fintech service providers.

Some in the fintech industry want to ban screen-scraping outright, but not all. In fact, some argue, the only other option is to develop APIs – a prohibitively expensive proposition for the companies, some of which are pretty small.

Astrid Raetze, general counsel for one of those small companies – Raiz Invest – said that you’ve got the banks on one hand, demanding that screen-scraping be banned, while on the other hand, you’ve got fintechs that aren’t affiliated with banks that have no other alternative but to develop APIs under open banking to access data.

That would entail a lot of resources that they don’t have, she said:

[What it] doesn’t take into consideration is the disparity of resources between the two camps.

If you switch on open banking and turn off screen-scraping […] what you will do is hamstring the fintech industry.

Raetze said that if her company was forced to develop APIs because of a ban on screen-scraping, they’d be looking at development costs that have been estimated to run between a minimum of AU$1 million to AU$2 million and would require 6-12 months to complete.

But, the committee asked her, how can she confidently claim that screen-scraping puts customers and their data at “no risk?”

Because our security is solid and there are no transactions taking place, she said:

We have the same level security and we do not transact on your account, so there is no risk to you.

Another from the pro-screen-scraping camp was Luke Howes, managing director of Illion, who said that a ban on screen-scraping would be “simplistic and misguided”.

I have never seen, in six years, any consumer harm, because it’s safe. Banning it will cripple millions of users and businesses who rely on it. If you ban it, you’ll send an industry back five or 10 years.

But just because smaller fintech startups haven’t bungled data yet doesn’t mean they won’t, the big banks have been saying for years. Jim Routh – MassMutual chief information security officer, former CISO for Aetna, and former global head of application and mobile security for JPMorgan Chase – said back in 2014 in a conversation with American Banker:

Protecting credentials isn’t necessarily high on their priorities.

…a problem, he said, that’s worsened by data aggregators that collect marketing data, such as the device a consumer is using, to understand their behaviors across channels.

---

Latest Naked Security podcast

LISTEN NOW

Click-and-drag on the soundwaves below to skip to any point in the podcast.

from Naked Security https://ift.tt/2uPFjQq

Microsoft invites gamers and researchers to new Xbox bug bounty program

Gamers, security researchers, and technologists have been invited to identify security vulnerabilities in Xbox network and services and report them to Microsoft. Bounty rewards will range from $500 to $20,000 USD.

Why?

Microsoft runs a number of bug bounty programs and has now decided that their Xbox offerings need extra attention from security researchers.

“The bounty program supplements our existing investments in security development and testing to uncover and remediate vulnerabilities which have a direct and demonstrable impact on the security of Xbox customers,” said Chloé Brown, Program Manager, Program Manager at the Microsoft Security Response Center.

“Public bounty programs are a valuable approach which combine with ongoing internal testing, private programs and knowledge shared by partners to produce a secure ecosystem to play in.”

The Xbox bug bounty program at a glance

Microsoft is looking for reports on a wide variety of bugs: from cross site scripting (XSS) and cross site request forgery (CSRF) to injection vulnerabilities, server-side code execution flaws and weaknesses arising from significant security misconfiguration.

The reward amounts depend on the quality of the report and on what these vulnerabilities may allow attackers to do:

As you can see, Microsoft is not interested in bugs that could cause Denial of Service, and they also explicitly warned participants not to undertake any kind of DoS testing.

They also prohibit performing automated testing of services, attempts to gain access to any user data, and social engineering attacks against Microsoft employees or Xbox customers.

To be eligible for a bounty, discovered bugs must exist in the latest, fully patched version of Xbox Live network and services and reports must include “clear, concise, and reproducible steps, either in writing or in video format.”

Out of scope vulnerabilities include flaws in Microsoft game studios, Mixer, GamePass, xCloud, Xbox.com, other Microsoft products, and more.

from Help Net Security https://ift.tt/2GHFEra

Facebook to pay $550m to settle face-tagging suit

A class-action lawsuit against Facebook for scanning a user’s face in photos and offering tagging suggestions looks like it’s finally done churning through the courts.

The upshot: it will pay $550 million to settle the suit, Facebook disclosed in its quarterly earnings report on Wednesday.

Filed in 2015, plaintiffs had claimed that the platform violated the strictest biometric privacy law in the land – Illinois’s Biometric Information Privacy Act (BIPA) – with its tag suggestions tool.

Facebook started using that tool in 2015 to automatically recognize people’s faces in photos and suggest to their friends that they tag them. It’s done so without users’ permission and without telling them how long it would hang on to their biometrics, the suit contended, squirreling faceprints away in what Facebook has claimed is the largest privately held database of facial recognition data in the world.

In September 2019, Facebook said that it was dumping tag suggestions in favor of the multi-purpose “face recognition” setting, which it made available to all users, along with an opt-out option.

The New York Times referred to the $550 million hit as a “rounding error” for Facebook, which reported that revenue rose 25% to $21 billion in the fourth quarter, compared with a year earlier, while profit increased 7% to $7.3 billion.

Jay Edelson, a lawyer for the Facebook users named in the facial recognition class action, told the Times that the settlement underscored the importance of strong privacy legislation:

From people who are passionate about gun rights to those who care about women’s reproductive issues, the right to participate in society anonymously is something that we cannot afford to lose.

Facebook got off easy. BIPA requires companies to get written permission before collecting a person’s biometrics, be they fingerprints, facial scans or other identifying biological characteristics. It also gives Illinois residents the right to sue companies for up to $5,000 per violation: a fine that could potentially add up to billions of dollars in payouts for tech companies that don’t settle and go on to lose lawsuits filed under the legislation.

Facebook has fought this lawsuit tooth and nail. In 2016, it tried – and failed – to wriggle out of it, saying that its user agreement stipulates that California law would govern any disputes with the company. Besides, Facebook said in its motion, BIPA doesn’t apply to Facebook’s facial tagging suggestions for photos.

The judge’s response: nope, squared. Going by Illinois law is just fine, and of course BIPA covers faceprints, like it covers all biometrics.

After backlash from Canadian and EU citizens and regulators, Facebook in 2012 had turned off its first incarnation of the tag suggestion feature in Europe and deleted the user-identifying data it already held.

The US has long trailed the EU when it comes to beating Facebook’s facial recognition into submission. However, last year, the country did a bit of catchup when the Federal Trade Commission (FTC) fined Facebook $5 billion for losing control of users’ data.

As part of the new 20-year settlement order, Facebook agreed to delete any existing facial recognition templates and to provide “clear and conspicuous notice” about any new facial recognition uses. The FTC’s order requires Facebook to give clear notice of how it uses facial recognition data and requires that it get consumers’ express consent before “putting that data to a materially different use.”

In September 2019, when Facebook ditched tag suggestions, it introduced face recognition designed to deliver an actual, bona fide opt-in choice for using our faceprints. And if you don’t yet know how to turn it off or on, here’s how:

How to turn face recognition on or off

In Facebook, go to Settings & Privacy > Settings > Under ‘Privacy’ tap Face recognition and select Yes or No next to the prompt ‘Do you want Facebook to be able to recognise you in photos and videos?’

---

Latest Naked Security podcast

LISTEN NOW

Click-and-drag on the soundwaves below to skip to any point in the podcast.

 

from Naked Security https://ift.tt/2teBT9s

New infosec products of the week: January 31, 2020

Swimlane 10.0: Reducing mean time to detect and response for security incidents

The newest release has yielded up to 35X performance improvement in alarm ingestion rates and up to a 60X improvement in search query response and display rates. Both achievements set new benchmarks for SOAR platforms, significantly reducing mean time to detect and response for security incidents.

RiskSense Ransomware Dashboard automatically reveals exposure to specific attacks

RiskSense announced a Ransomware Dashboard that automatically reveals an organization’s exposure to specific attacks including the ransomware family name, vulnerabilities they exploit, the assets at risk and remediation steps to prevent an infection.

Cisco launches IoT security architecture to deliver enhanced visibility across IoT and OT environments

Cisco introduced an IoT security architecture that provides enhanced visibility across both IT and OT environments, and protects industrial processes. Cisco’s new solutions enable the collection and extraction of data from the IoT edge so organizations can increase efficiencies to make better business decisions and accelerate digitization projects.

Magnet Forensics unveils new solution that simplifies remote forensics investigations

Magnet Forensics released Magnet AXIOM Cyber, an innovative new solution purpose-built for organizations that need to perform remote acquisitions as well as collect and analyze evidence from cloud sources, computers and mobile devices.

from Help Net Security https://ift.tt/2RFTIaR

80% of successful breaches are from zero-day exploits

Organizations are not making progress in reducing their endpoint security risk, especially against new and unknown threats, a Ponemon Institute study reveals.

68% IT security professionals say their company experienced one or more endpoint attacks that compromised data assets or IT infrastructure in 2019, an increase from 54% of respondents in 2017.

Zero-day attacks continue to increase in frequency

Of those incidents that were successful, 80% were new or unknown, zero-day attacks. These attacks either involved the exploitation of undisclosed vulnerabilities or the use of new malware variants that signature-based, detection solutions do not recognize. Zero-day attacks continue to increase in frequency and are expected to more than double this year.

These attacks are also inflicting more bottom-line business damage. The study found that the average cost per endpoint breach increased to $9M in 2019, up more than $2M since 2018.

“Corporate endpoint breaches are skyrocketing and the economic impact of each attack is also growing due to sophisticated actors bypassing enterprise antivirus solutions,” said Larry Ponemon, Chairman of Ponemon Institute.

“Over half of cybersecurity professionals say their organizations are ineffective at thwarting major threats today because their endpoint security solutions are not effective at detecting advanced attacks.”

The third annual study surveyed 671 IT security professionals responsible for managing and reducing their organization’s endpoint security risk.

Increasing vulnerability during patch gaps

In addition to expressing concern over zero-day threats, respondents noted increasing vulnerability during patch gaps. In fact, 40% of companies say it’s taking longer to patch, with an average patch gap of 97 days due to the number of patches and their complexity.

Patch exploits will continue to be a hot-button issue in 2020 as the last remaining organizations upgrade to Windows 10 on the heels of Windows 7 end of life, and patch frequency increases.

An extra layer of security added to antivirus solutions

The shift to Windows 10 is also ushering in new enterprise security strategies that can be effective in thwarting more advanced threats. With Windows Defender AV built into the Windows 10 operating system, 80% of organizations report using or planning to use Defender AV for savings over their legacy antivirus solution.

Cost savings are being reallocated towards an added layer of advanced threat protection in endpoint stacks and an increase in IT resources. 51% of cybersecurity professionals say they’ve added an extra layer of security to their antivirus solutions.

Furthermore, since 2017 the number of IT departments reporting they have ample resources to minimize endpoint threats has increased from 36% to 44%.

EDR adoption

The study found that half of the companies who have adopted EDR cite costly customization (55%) and false-positive alerts (60%) as significant challenges.

In addition, of IT departments that haven’t adopted EDR yet, 65% say lack of confidence in the ability to prevent zero-day threats and 61% note security staffing limitations as the top reasons to avoid adoption.

from Help Net Security https://ift.tt/37HVIox

Secure 5G networks: EU toolbox of risk mitigating measures

EU Member States have identified risks and vulnerabilities at national level and published a joint EU risk assessment. Through the toolbox, the Member States are committing to move forward in a joint manner based on an objective assessment of identified risks and proportionate mitigating measures.

Toolbox measures and supporting actions

“Europe has everything it takes to lead the technology race. Be it developing or deploying 5G technology – our industry is already well off the starting blocks. Today we are equipping EU Member States, telecoms operators and users with the tools to build and protect a European infrastructure with the highest security standards so we all fully benefit from the potential that 5G has to offer,” said Thierry Breton, Commissioner for the Internal Market.

Coordinated implementation of the toolbox

While market players are largely responsible for the secure rollout of 5G, and Member States are responsible for national security, 5G network security is an issue of strategic importance for the entire Single Market and the EU’s technological sovereignty.

Closely coordinated implementation of the toolbox is indispensable to ensure EU businesses and citizens can make full use of all the benefits of the new technology in a secure way.

5G will play a key role in the future development of Europe’s digital economy and society. It will be a major enabler for future digital services in core areas of citizens’ lives and an important basis for the digital and green transformations.

With worldwide 5G revenues estimated at €225 billion in 2025, 5G is a key asset for Europe to compete in the global market and its cybersecurity is crucial for ensuring the strategic autonomy of the Union.

Billions of connected objects and systems are concerned, including in critical sectors such as energy, transport, banking, and health, as well as industrial control systems carrying sensitive information and supporting safety systems.

At the same time, due to a less centralized architecture, smart computing power at the edge, the need for more antennas, and increased dependency on software, 5G networks offer more potential entry points for attackers.

Cyber security threats are on the rise and become increasingly sophisticated. As many critical services will depend on 5G, ensuring the security of networks is of highest strategic importance for the entire EU.

Secure 5G networks: EU toolbox conclusions

The Member States, acting through the NIS Cooperation Group, have adopted the toolbox. The toolbox addresses all risks identified in the EU coordinated assessment, including risks related to non-technical factors, such as the risk of interference from non-EU state or state-backed actors through the 5G supply chain.

In the toolbox conclusions, Member States agreed to strengthen security requirements, to assess the risk profiles of suppliers, to apply relevant restrictions for suppliers considered to be high risk including necessary exclusions for key assets considered as critical and sensitive (such as the core network functions), and to have strategies in place to ensure the diversification of vendors.

While the decision on specific security measures remains the responsibility of Member States, the collective work on the toolbox demonstrates a strong determination to jointly respond to the security challenges of 5G networks.

This is essential for a successful and credible EU approach to 5G security and to ensure the continued openness of the internal market provided risk-based EU security requirements are respected.

The Commission will support the implementation of an EU approach on 5G cybersecurity and will act, as requested by Member States, using, where appropriate, all the tools at its disposal to ensure the security of the 5G infrastructure and supply chain:

• Telecoms and cybersecurity rules
• Coordination on standardization as well as EU-wide certification
• Foreign direct investment screening framework to protect the European 5G supply chain
• Trade defense instruments
• Competition rules
• Public procurement, ensuring that due consideration is given to security aspects
• EU funding programs, ensuring that beneficiaries comply with relevant security requirements.

from Help Net Security https://ift.tt/2RHaFS9

93% of attempted mobile transactions in 2019 were fraudulent

93 percent of total mobile transactions in 20 countries were blocked as fraudulent in 2019 according to a report on the state of malware and mobile ad fraud released by Upstream.

The number of malicious apps discovered in 2019 rose to 98,000, up from 63K in 2018. These 98,000 malicious apps had infected 43 million Android devices.

Android is the most vulnerable OS

With Android devices now accounting for an estimate 75-85% of all smartphone sales worldwide Android is by far the most dominant mobile OS. At the same time it is the most vulnerable due to its open nature, making it a favorite playground for fraudsters.

While it is always a good rule of thumb for consumers to only download mobile applications from Google’s official storefront, Google Play, thanks to its scale and set up, rogue apps are still getting through its defenses.

Of the top 100 most active malicious apps that were blocked in 2019, 32 percent are reported still available to download on Google Play. A further 19 percent of the worst-offending apps were previously on Google Play but have since been removed, while the remaining 49 percent are available through third-party app stores.

Fraudulent mobile transactions: Most targeted apps

Fraudsters appear to target some app categories more than others. Ironically, apps designed to make a device function better and make everyday life easier are the ones most likely to be harmful with 22.32 percent of malicious apps for 2019 falling under the Tools / Personalization / Productivity category globally.

The next most popular categories cybercriminals target are Games (18.97 percent) and Entertainment/Shopping (15.76 percent).

Indicating scale, in the course of only a few months in 2019, Secure-D reported on the suspicious background activity of five very popular Android apps: 4shared, a popular file-sharing app, Vidmate, a video downloader, Weather Forecast a preinstalled app on Alcatel devices, Snaptube, another video and audio app, and ai.type, an on-screen keyboard app.

With a total of nearly 700 million downloads, these were or had been at some point available on Google Play. In these five cases alone, 353 million suspicious mobile transactions were detected and blocked preventing $430 million in fraudulent charges.

“Mobile ad fraud is a criminal enterprise on a massive scale. Though it may seem that it is only targeted at advertisers, it greatly affects the whole mobile ecosystem. Most importantly it adversely impacts consumers; eating up their data allowance, bringing unwanted charges, messing with the performance of their device, and even targeting and collecting their personal data,” said Dimitris Maniatis, CEO of Upstream.

“It is more than an invisible threat, it is an epidemic, calling for increased mobile security that urgently needs to rise up in the industry’s priority list. Left unchecked, ad fraud will choke mobile advertising, erode trust in operators and lead to higher tariffs for users.”

The effects of mobile ad fraud are particularly damaging in emerging markets where data costs are significantly higher. As evidenced from detailed data presented from five such markets including Brazil and South Africa fraud rates in most cases exceed the 90% mark.

Consumers in emerging markets more vulnerable to digital fraud

As the report highlights consumers in emerging markets are more vulnerable to digital fraud; they are unaware of the dangers as they often go online for the first time via their mobile devices and data depletion caused by malware has a much greater effect on them due to the high cost of data in their countries.

In Africa 1 GB of data costs prepaid mobile subscribers the equivalent of 16 hours of work at minimum wage.

“A key part of successfully tackling mobile fraud is awareness”, explains Maniatis, “something that the whole industry, surprisingly, lacks. With all indicators pointing that its value will grow in the hundreds of billions in the next three years, we cannot afford to remain idle. This is the main reason we steadily and openly share all our findings with the whole community.”

“Mobile ad fraud remains a hidden threat for most consumers. It usually goes undetected and is not high on people’s agendas when choosing apps. However, aas the industry delays its response, consumers should take steps to stay safe from mobile ad fraud in 2020.”

from Help Net Security https://ift.tt/3aWyBbP

Researchers develop new optical stealth encryption technology

The first all optical stealth encryption technology that will be significantly more secure and private for highly sensitive cloud-computing and data center network transmission, has been introduced by BGN Technologies.

Time is running out on security and privacy

“Today, information is still encrypted using digital techniques, although most data is transmitted over distance using light spectrum on fiber optic networks,” says Prof. Dan Sadot, Director of the Optical Communications Research Laboratory, who heads the team that developed the technology.

“Time is running out on security and privacy of digital encryption technology, which can be read offline if recorded and code-broken using intensive computing power. We’ve developed an end-to-end solution providing encryption, transmission, decryption, and detection optically instead of digitally.”

How does the optical stealth encryption technology work?

Using standard optical equipment, the research team essentially renders the fiber-optic light transmission invisible or stealthy. Instead of using one color of the light spectrum to send one large data stream, this method spreads the transmission across many colors in the optical spectrum bandwidth (1,000 x wider than digital) and intentionally creates multiple weaker data streams that are hidden under noise and elude detection.

Every transmission – electronic, digital or fiber – has a certain amount of “noise.” The researchers demonstrated that they can transmit weaker encrypted data under a stronger inherent noise level that cannot be detected.

The solution also employs a commercially available phase mask, which changes the phase of each wavelength (color). That process also appears as noise, which destroys the “coherence” or ability to recompile the data without the correct encryption key. The optical phase mask cannot be recorded offline, so the data is destroyed if a hacker tries to decode it.

“Basically, the innovative breakthrough is that if you can’t detect it, you can’t steal it,” Prof. Sadot says. “Because an eavesdropper can neither read the data nor even detect the existence of the transmitted signal, our optical stealth transmission provides the highest level of privacy and security for sensitive data applications.”

Zafrir Levy, senior vice president for exact sciences and engineering at BGN, says, “The novel, patented method invented by Prof. Sadot and his team is highly useful for multiple applications, such as high-speed communication, sensitive transmission of financial, medical or social media-related information without the risk of eavesdropping or jamming data flow. In fact, with this method, an eavesdropper will require years to break the encryption key.”

“Every data center has 100G and 400G lines, and part of those lines are encrypted end-to-end,” Prof. Sadot adds. “There is the need for non-digital encryption for customers who require the most advanced security possible.”

from Help Net Security https://ift.tt/2RIjaNa

Kanguru Remote Management Console: Managing and monitoring encrypted USB devices

Managing sensitive data in today’s environment can be a daunting task for IT Security Administrators and organizations. Kanguru Remote Management Console (KRMC) offers a robust solution for IT Security Admins looking to meet high-end security demands by allowing administrators to easily manage and monitor their encrypted USB devices containing sensitive data around the world.

Organizations from diverse industries have trusted Kanguru’s secure solutions for over 25 years. KRMC is ideal for protecting data, enabling administrators to set policies, disable or delete lost/stolen drives, track and monitor secure USB drives worldwide, generate reports, and much more.

Latest KRMC enhancements include:

• Support for Kanguru’s new fingerprint encrypted USB flash drive
• Whitelisting domains for SSPM – (Self-service password management)
• Event logging – (Splunk & Graylog support)
• SSO (single sign-on) integration
• Automatic software updates for managed drives

KRMC now fully supports Kanguru’s new biometric flash drive, the Defender Bio-Elite30 Fingerprint Encrypted Flash Drive, a flexible fingerprint USB device that allows users to simply tap to authenticate and access their encrypted files.

SSPM provides end-users with a password reset flow for their encrypted drives, eliminating associated administrative overhead. Administrators can whitelist up to 10 company domains, restricting resets using undesired domains (like private email addresses).

Event Logging exports captured events in real-time for audit and analysis; for example, User and Administrative logins/logouts, plug-in activity including location, time and date, etc. KRMC can export to industry-leading SIEM software like Splunk and Graylog for compliance.

Administrators can then build security rules based on this information to enforce their organization’s security policy.

KRMC now supports SSO integration with some common SAML-based identity providers, allowing KRMC Administrators to conveniently login to KRMC using the company SSO.

KRMC also supports automatic software updates for managed drives. A typical update may contain a range of functionality updates, recent OS compatibility updates, general bug fixes, and more.

Keeping up-to-date application versions on the encrypted drives helps to improve the overall account’s security hygiene and protects drives from outdated policies/settings.

from Help Net Security https://ift.tt/2tWifzD

Slice Labs’ new services help insurers protect carriers, businesses, and consumers from risk

Slice Labs, the first on-demand insurance platform, announced four new AI-powered Slice Mind services enabling insurers to more proactively and intelligently protect carriers, businesses, and consumers from risk.

Industry prediction

It represents the first commercialized approach in the insurance industry using data driven technology to enable insurers to classify client business activity that serves as the foundation for evaluating potential risk.

The business context service provides classification based on a website, keywords, or a single sentence. The offering can return NAICS or SIC codes, and can be custom-trained on internal classification systems.

Additionally, the service can classify businesses working across multiple industries, which permits precise definition of complex business risk for insurance. This tool is available on Slice’s website for anyone curious to see it in action.

Cyber risk modeling

It’s a comprehensive cyber risk service that provides actionable recommendations on ways to reduce exposures and improve cyber posture for businesses in real-time. Insurers can leverage these insights to introduce gamification into client relationships with progression, accomplishment, and recognition for improved cyber risk management.

Geographic scoring

It helps insurers make ongoing pricing, underwriting, and claim settlement decisions with continuous adjustments using data based on geographic distribution of risk.

The service facilitates evidence-based decision-making and up-to-date insights into geographic risks and environmental hazards. This is especially valuable for managing risks in regions prone to natural disasters, fires, and flooding.

Claims fraud prevention

It’s a service that monitors insurance customer claims behavior using sophisticated machine learning models to uncover potentially fraudulent activity. The offering continually learns and adapts to customer behavior and industry trends to protect insurers.

Insights gleaned from the Slice Mind services can serve as the foundation for new on-demand insurance products on the Slice Insurance Cloud Services (ICS) platform that carriers can create to help customers avoid risk and celebrate good behavior.

“Slice is committed to demystifying hype around the potential for AI, ML, and analytics in on-demand insurance,” said Stuart Baserman, Chief Technology Officer and Co-founder.

“Our data science experts have the acumen and confidence on how to effectively connect data with the real-world use cases so insurers have clarity on how to leverage AI and data in meaningful ways.

“A major value-add of these new services for insurers is that our expertise is available within minutes compared to having to build an internal team of machine learning specialists and data scientists.”

The new services are available by subscription and can be used individually or combined for optimal management of insurance customer needs.

“The innovation present in these services represents a major shift in how insurers should think about managing customer relationships and risk,” said bestselling author Rob Galbraith of The End of Insurance As We Know It.

“The Slice Mind services are a step in the right direction for the industry in correcting three issues of expense, complexity, and inconvenience that has plagued our industry for too long.”

The Slice Mind services are also available to any company outside of traditional insurers that are seeking to better understand customer risk. Additionally, products built in Slice ICS have consistently been created within a few months of a hackathon.

from Help Net Security https://ift.tt/2GCHdGX

myDevices’ new panic button technology eliminates the dead zone problem

In 2018, the American Hotel & Lodging Association (AHLA) announced a new workplace safety initiative designed to provide emergency communications and location-based services for employees in the hospitality industry.

Backed by major hotels – including Marriott International, InterContinental, Hilton, and Hyatt – the 5-Star Promise has committed to providing panic buttons to hospitality workers across the United States.

Unfortunately, while 4G LTE signals from all carriers freely propagate in open areas, inside buildings, it’s severely limited by heavy building material that blocks, absorbs, reflects, and degrades cell and Wi-Fi signals – limiting coverage and creating dead zones.

These dead zones are an inconvenience for travelers but can lead to catastrophic outcomes if a panic button fails to connect.

myDevices’ No Dead Zone panic button technology eliminates the dead zone problem by combining cellular, Wi-Fi, Bluetooth, and LoRaWAN protocols to provide comprehensive coverage across the entire property no matter how challenging the physical environment.

In particular, the integration of the LoRaWAN technology into the panic button solution makes it possible to send long range, low power, and low data bandwidth transmissions from hard to reach locations like underground, in concrete, or dense urban environments.

Moreover, the myDevices solution is highly secure, affordable, installs in less than a day, it’s easy to use, and provides floor and room level accuracy as well as outdoor GPS tracking on the property.

Unlike other panic button solutions, this technology does not require the use of a mobile phone to request assistance in an emergency. It also includes other significant advancements such as floor hopping algorithms and incident reports that automatically get generated when the panic button is pushed.

Furthermore, myDevices’ IoT solutions have been developed from edge to cloud to meet the highest security standards. Combining the built-in security of the LoRaWAN protocol with Microsoft’s Azure IoT Hub, the No Dead Zone panic button solution provides secure and reliable communication between the IoT application and the devices it manages with per-device authentication, built-in device management, and scaled provisioning.

“The current crop of cellular/Wi-Fi panic buttons simply don’t meet all the requirements for employee safety,” said Kevin Bromber, CEO / Founder of myDevices.

“The whole point of a panic button solution is that a lone worker can push the button when they don’t feel safe, and their exact location is transmitted to security or administration for help.

“These personal safety buttons need to work in elevators, stairwells, basements, parking garages, and other dead zones because critical situations don’t happen in select open areas, they can happen anywhere at any time.”

“We evaluated several other well-known panic button solutions for our 227-room hotel before choosing the myDevices’ technology,” said Bret Esbrandt, GM of Moody National Companies, a major hotel in Lyndhurst, NJ.

“Quite frankly, we were surprised that the myDevices’ panic button solution was more affordable than the competition, yet the features were superior. Most importantly, we now provide our staff with buttons that work throughout the property, including the dead zones, enhancing their safety.”

from Help Net Security https://ift.tt/2u4bY4N

Keysight’s new PROPSIM channel emulator verifies radio links critical for aerospace applications

Keysight Technologies, a leading technology company that helps enterprises, service providers and governments accelerate innovation to connect and secure the world, announced a new PROPSIM channel emulation solution that enables the aerospace industry to efficiently verify radio links critical to satellite communications, earth observation, security surveillance, mapping and navigation.

Keysight’s new channel emulation capabilities address a rapidly expanding satellite market projected to generate more than $2B by 2030, according to a report published in July 2019 by BIS Research.

The solution’s enhanced fading capabilities support advanced performance validation of communication links between radios, radios and satellites, as well as between satellites.

Reliable satellite communications links are essential to the transmission of data in applications used by commercial and government organizations. Keysight’s expanded satellite communications portfolio addresses government-sponsored space programs worldwide, which is forecasted by Euroconsult to reach $84.6 billion by 2025.

“Keysight’s advanced performance validation solutions enable the aerospace industry to capitalize on opportunities that will help establish commercial success and deliver new technology breakthroughs in space exploration, scientific research and satellite communications,” said Dan Dunn, vice president and general manager for Keysight’s aerospace and defense business.

Satellite communication systems also support 5G new radio (NR) non-terrestrial networks, which help extend rural coverage, support profitable 5G coverage deployments and provide cost-effective mobile wireless backhaul.

A growing number of base stations will be satellite-enabled, which will lead to new business models, extend connectivity, and drive growth in both aerospace and commercial communications.

Keysight’s channel emulation solutions flexibly support use cases for satellite and terrestrial technologies such as 5G, creating seamless connectivity and end-user experiences.

Keysight’s PROPSIM FS16 and PROPSIM F64 channel emulation solutions enable users to create real-world radio channel conditions including dynamic multipath propagation in a laboratory environment to deliver realistic, advanced and cost-effective performance assessment of satellite and ground networks.

These solutions offer radio frequency (RF) performance, which enables users to confidently design, deploy and operate robust communication systems for any aerospace application.

Keysight’s PROPSIM FS16 supports ultra-wide bandwidths and up to 16 radio frequency (RF) channels to flexibly address a wide range of test scenarios in frequencies from 3MHz to mmWave. PROPSIM F64 supports a leading number of fading channels and wide signal bandwidths for Massive MIMO and MESH-network testing.

from Help Net Security https://ift.tt/2uOUXvg

Semtech releases LoRa-based Asset Tracking Reference Kit

Semtech, a leading supplier of high performance analog and mixed-signal semiconductors and advanced algorithms, announced the release of its Asset Tracking Reference Kit to accelerate the adoption of asset tracking solutions based on LoRa devices and the LoRaWAN protocol, and facilitate the confirmation of the business value of such solutions.

According to IHS Markit LPWAN market report 2019, worldwide connections in asset management have grown from 15 million in 2017 to more than 50 million in 2019, and are expected to reach almost 500 million in 2023.

Despite the continued growth of IoT for asset tracking, the highly technical nature of IoT serves as a barrier to entry for many potential businesses. As preferred IoT solutions, LoRa devices offer a proven feature set for enabling a wide range of asset tracking solutions that meet customer needs and deliver real return on investment.

Asset tracking often requires sensors to be installed in industrial environments minimizing the impact on the production. LoRa devices’ unique ability to provide cost-effective infrastructure for both indoor and outdoor coverage with geolocation combined with multiple year battery life make the platform the preferred technology for asset tracking projects.

“For companies that need indoor presence detection and outdoor geolocation, the Semtech Asset Tracking Reference Kit illustrates how easily LoRaWAN private network coverage can be achieved in combination with geolocation,” said Pierre Gelpí, Director of Vertical Marketing for Logistics Asset Tracking in Semtech’s Wireless and Sensing Products Group.

“System integrators will be able to start customer projects expeditiously and enterprise users will be able to evaluate the value of LoRaWAN-based solutions for their business processes without needing to have extensive knowledge of IoT technologies.”

The Semtech Asset Tracking Reference Kit allows users to locate outdoor assets around a specific location, including performing a regular automated inventory of assets that are available on site.

With the data generated by the trackers, customers can evaluate the possible benefits of tracking their assets with an out-of-the box kit. The reference kit will demonstrate the key benefits and capabilities of a LoRaWAN-based tracking solution by applying the trackers to specific assets and having the ability to access the data by a web-based dashboard.

The kit consists of LoRa-based sensors and gateways that are available on the market. Once the customer has seen the value of implementing a LoRa-based solution for asset tracking, they are able to deploy a commercial solution with any of the manufacturers in the LoRa ecosystem, providing sensors, gateways, network software, and connectivity.

The Semtech Asset Tracking Reference Kit comes complete with six industrial LoRaWAN-based GPS trackers and one outdoor LoRaWAN-based gateway including a preconfigured SIM card for Cellular backhaul. The data from the GPS trackers is collected via the LoRaWAN network without the need of a license or subscription fee.

The user can configure some parameters of the trackers and access the data through a secure portal. Depending on the gateway placement, the coverage will vary from hundreds of meters around the location to several kilometers.

from Help Net Security https://ift.tt/36JH9iW

Concentric launches with a deep learning approach to fixing broken file permissions

Concentric announced the availability of a new approach to the most significant security challenge facing the enterprise today – business-critical unstructured data, stored on-premises or in the cloud, that is impossible to identify and protect manually.

Enterprise customers using Concentric have already found millions of unprotected or inappropriately shared documents accessible by thousands of employees, which could have led to data breaches and costly fines.

To combat this significant threat, Concentric is the first company to leverage deep learning capabilities to identify and autonomously quantify risk by developing an accurate and detailed semantic understanding of all data.

The company uses these insights to efficiently and effectively protect business-critical data and meet security, compliance and privacy mandates.

Concentric is also announcing that it has raised $7.5 million from Clear Ventures, Engineering Capital, Homebrew and Core Ventures.

The fact is, today’s organizations lack insight into risks associated with business-critical information like contracts, financial documents, payroll, M&A plans, product roadmaps and source code, to name a few.

A report published by the company, based on live data analyzed by Concentric’s Semantic Intelligence solution, reveals the composition and risks found in a typical organization’s unstructured data:

• An average business has nearly 10 million documents, with 1.2 million documents deemed business critical. Of those business-critical documents, over 15% are at risk because of improper sharing with users and groups or inadequate/incorrect data classification.
• On average, non-C-Suite employees had access to 90% of business-critical documents.
• Of these business-critical documents, approximately 200,000 files in an enterprise are overshared (translating to around 40 files per employee).

The Concentric Semantic Intelligence solution uses powerful deep learning technology to autonomously develop an unparalleled semantic understanding of each document to deliver the industry’s most complete, detailed and accurate risk-oriented view into business-critical information.

When the solution finds at-risk files, Concentric’s native remediation capabilities proactively and automatically remediate the document’s risk factors to protect them effectively and efficiently.

Existing approaches like static, predefined rules produce mediocre results at best, delivering documents that may or may not be business critical. And asking employees to categorize documents requires extensive training and constant vigilance to make sure everyone is doing their part to categorize accurately.

Likewise, these methods also can’t fully evaluate a document’s true meaning, making it difficult to assess risk.

Semantic Intelligence not only uncovers, categorizes and classifies the documents, but it also allows IT and security teams to easily monitor data security with up-to-the-second information and powerful risk visualizations that drill down into the at-risk documents to explore in more granular detail.

The solution also integrates with major third-party security and data stores to help customers leverage the security investments they already have in place.

“Concentric is an essential part of Cadence’s data security portfolio. We use it to identify all the business-critical data – product documentation, finance reports, contracts, etc.,” noted Sreeni Kancharla, CISO Cadence Design Systems.

“Legacy solutions don’t work autonomously, and we’re forced to review flagged documents and fix security violations manually. Concentric gives us a critical layer of data security intelligence on top of the data protection solutions we already use.”

The stakes are high for financial institutions to keep sensitive information protected, but at the same time, to allow the needed flexibility for companies to conduct ongoing business activities efficiently.

One use case that can be extremely costly is enforcing information walls in financial services organizations that fall under oversight from the Securities and Exchange Commission (SEC).

Firms rely on information walls to separate key conflicting areas of the business, for example, separating the investment banking department from the trading desk, to prevent the potential sharing of sensitive information with another department that could act on the insights for illegal purposes, such as insider trading.

Improper sharing permissions on a highly confidential document can allow the document to fall into the wrong hands and the steep fines and substantial damage to the firm’s reputation can be crippling.

“Businesses understand the importance of protecting their critical assets, and yet, despite their best efforts, an extreme amount of data is left unsecured, unidentified, misclassified and at risk,” said Concentric CEO and Co-founder, Karthik Krishnan.

“Unstructured data is currently copious and dispersed, and it includes an alarming amount of business-critical information. It’s a target for cybercriminals and can be a pitfall for regulatory compliance, but securing it is incredibly difficult. It’s the data challenge of our digital generation that we’re laser-focused on solving.”

“Unstructured data is now the industry’s primary threat surface because it’s highly dispersed and comes in all forms, and it’s tough to protect business-critical content,” said Chris Rust, founder and managing partner, Clear Ventures.

“Concentric solves this problem with fundamentally new, autonomous capabilities that find, monitor, and secure an enterprise’s most valuable assets.”

Concentric was founded by Krishnan, CTO and vice president of engineering Shankar Subramaniam and Chief Data Scientist Madhu Shashanka.

The founding team has an extensive background in networking and security at several successful companies such as Juniper Networks, PGP Corporation (acquired by Symantec), Symantec, HPE, Aruba Networks (IPO), Niara (acquired by HPE) and Andiamo Systems (acquired by Cisco).

from Help Net Security https://ift.tt/2GCJqSz

Univa Navops Launch 2.0 helps enterprises easily extend HPC workloads to the cloud

Univa, a leading innovator of enterprise-grade workload management and optimization solutions, announced the general availability of Navops Launch 2.0, its flagship cloud-automation platform, designed to help enterprises simplify the migration of HPC and AI workloads to their choice of cloud.

The GA release helps enterprises easily extend HPC workloads to the cloud, boosting efficiency and productivity, and dramatically improving cloud ROI while reducing cloud-related spending by 30-40 percent.

Navops Launch 2.0 achieves these substantial efficiency gains by right-sizing cloud resource selection, automating hybrid cloud operations, and monitoring key process indicators to ensure optimal resource utilization and full visibility and control over cloud spending.

Recent research from HPC analyst firm Hyperion Research shows a dramatic 60 percent increase in cloud spend from just under $2.5 billion in 2018 to approximately $4 billion in 2019 and projects HPC cloud revenue will reach $7.4 billion in 2023, a 24.6% CAGR.

Navops Launch 2.0 directly addresses this critical shift, helping enterprises extend compute-intensive operations to the cloud with a solution production-proven at leading Univa enterprise hybrid cloud customers.

Navops Launch can deploy and manage hybrid and dedicated HPC clusters for thousands of applications, including AI, machine learning, life sciences, manufacturing, and transportation, while delivering capabilities for cost control and budgeted cloud-spend management.

Navops Launch 2.0 brings powerful new features for workload and resource automation that can be used in conjunction with any combination of cloud providers, including AWS, Google Cloud Platform and Microsoft Azure.

Automation applets help organizations automate decisions based on real-time cloud and workload-related metrics to scale and manage multi-cloud infrastructure, workloads and data.

Users can auto-scale cloud resources based on workload demand using regular or spot cloud instances and other tiered cloud offerings to maximize flexibility and scale while keeping infrastructure costs to a minimum.

Navops Launch also addresses data gravity issues related to cloud migration by automating and optimizing data migration together with workload placement.

With HPC cloud on the rise, cloud spend management becomes critical

A recent InsideHPC survey sponsored by Univa found that while 84% of HPC organizations see value in cloud spend management, fully 76% of respondents have no automated solution to track and manage spending, despite rapid growth in the use of cloudi.

Navops Launch 2.0 solves this problem with powerful cloud spend management features, enabling users to monitor and manage cloud spending by user, group, project, and cost center across multiple clouds.

“With 9 out of 10 enterprises transitioning HPC workloads to the cloud, customers need proven solutions that simplify the migration of on-premise workloads to their choice of cloud,” said Rob Lalonde, Vice President and General Manager, Cloud, Univa.

“Navops Launch 2.0 answers this call – Enterprises can use it for both dedicated and hybrid cloud environments, improving productivity, efficiency, and achieving a better ROI from cloud expenditures, regardless of workload complexity or scale.”

from Help Net Security https://ift.tt/2Od8vru

Fusion Risk Management unveils Fusion Connector for Everbridge Risk Intelligence

Fusion Risk Management, a leading provider of business continuity and risk management software and services, announced the launch of its Fusion Connector for Everbridge Risk Intelligence – powered by NC4, further extending its long-time partnership with Everbridge, the global leader in critical event management.

The Connector provides a managed integration between Fusion’s risk management, business resilience, and crisis management SaaS solution and Everbridge’s Risk Intelligence Monitoring Center (RIMC), formerly NC4.

The result for enterprise crisis management and business resilience professionals is greater visibility, streamlined work processes, and faster response and recovery from critical business disruptions.

“The threats that organizations are facing across the world are continually evolving, meaning that staying informed of critical events that may have an adverse effect could be the difference between business success or failure,” said Cory Cowgill, Chief Technology Officer at Fusion Risk Management.

“It’s no secret that when an incident occurs, seconds count and organizations need the most up-to-date and accurate information to properly assess and initiate a plan.

“The new Fusion Connector with Everbridge will not only strengthen our partnership but bring valuable critical event management technology and real-time insight to organizations so they can determine the best course of action to address impacts fast.”

With worldwide incidents continually changing the landscape and presenting evolving threats, having the most up-to-date and accurate information integrated seamlessly into an enterprise risk management and business resilience program is vital to rapidly assessing and successfully managing comprehensive response.

Fusion customers and users can now access their Everbridge incident data, checked by Everbridge’s Risk Intelligence Monitoring Center analysts, to support the management of their safety, security and incident measures in the Fusion Framework® System™.

The Fusion Connector for Everbridge enables enterprise organizations to:

• View Everbridge RIMC alerts in Fusion Framework System incident maps to establish situational awareness across all assets, resources, and third-parties located in defined regions
• Quickly evaluate critical business processes throughout the enterprise impacted by disruptive events, and initiate relevant incident response activities based on dynamic contingency plans maintained in the Fusion Framework System
• Generate comprehensive real-time and after-action reporting to fully evaluate response time and effectiveness, business impacts and recovery processes

“We look forward to the evolution of our partnership with Fusion and building on the success of the past two years to assist organizations in further automating business continuity plans and incident response processes during critical events,” said Karl Kotalik, Vice President and General Manager for Everbridge Risk Intelligence.

“By combining the strength of Everbridge’s real-time threat intelligence, powered by NC4, with the agility and flexibility offered by Fusion Framework to plan for and manage any situation, organizations will be able to access timely and actionable information to mitigate the impact of external incidents and risks.”

Fusion and Everbridge have been in partnership since 2015, working together to deliver integrated critical communications for enterprise organizations.

In August 2019, Everbridge announced the acquisition of NC4, a leading global provider of threat intelligence solutions that help businesses, government organization, and communities better manage and mitigate the impact of critical events.

from Help Net Security https://ift.tt/31dTjjg

ThreatStack partners with Tevora to streamline cloud security and compliance initiatives

Threat Stack, the leader in cloud security and compliance for infrastructure and applications, announced a partnership with Tevora, a specialized management consultancy focused on cybersecurity, risk, and compliance services.

Together Threat Stack and Tevora will help customers seamlessly migrate and scale in the cloud without increasing risk or sacrificing compliance.

Tevora works closely with Chief Information Security Officers (CISOs) across industries to help them secure their organizations’ digital assets and equip them with the information, tools, and guidance they need to proactively reduce risk and respond to threats in sophisticated cloud environments.

In addition to reducing risk, Tevora provides customers with the tools and guidance they need to adapt compliance programs as their cloud environments evolve and grow over time.

The Threat Stack Cloud Security Platform extends security observability across the cloud management console, host, containers, and application layers to help customers understand the full picture of their cloud environment, quickly respond to incidents, and proactively reduce risk.

With Threat Stack’s pre-built compliance rulesets and continuous monitoring combined with Tevora’s hands-on consultancy, joint customers will be able to streamline their cloud security and compliance processes with access to the industry’s leading security telemetry at their fingertips.

“Tevora specializes in supporting clients by helping them stay ahead of shifting regulations and sophisticated cyber criminals,” said Steve Stumpfl, Executive Vice President of Sales for Tevora. “The in-depth cloud security telemetry and pre-built compliance rulesets provided by Threat Stack will be a huge benefit for our customers.”

“Threat Stack is dedicated to providing our customers with full stack security observability,” said Brian M. Ahern, CEO, Threat Stack.

“Our partnership with Tevora will put that information at the fingertips of security and compliance consultants who can help CISOs and security teams reduce risk and maintain compliance without slowing down the pace of business.”

from Help Net Security https://ift.tt/2U9Wzur

ServiceNow acquires Passage AI to advance deep learning AI capabilities

ServiceNow, the company making work, work better for people, announced it has signed an agreement to acquire Passage AI, a Mountain View, Calif.-based conversational AI platform company.

The transaction will advance ServiceNow’s deep learning AI capabilities and will accelerate its vision of supporting all major languages across the company’s Now Platform and products, including ServiceNow Virtual Agent, Service Portal, Workspaces and emerging interfaces.

“Work flows more smoothly when people can get things done in their native language,” said Debu Chatterjee, senior director of AI Engineering at ServiceNow.

“Building deep learning, conversational AI capabilities into the Now Platform will enable a work request initiated in German or a customer inquiry initiated in Japanese to be solved by Virtual Agent.

“Passage AI’s technology will enable us to accelerate our vision of empowering great employee and customer experiences by delivering great workflow experiences. ServiceNow believes in making work flow more smoothly across the enterprise, in all major languages.”

Passage AI’s conversational AI platform is built on deep learning models that can be trained to understand text in all major languages. Bringing together Passage AI’s conversational AI capabilities with it’s Now Platform and digital workflow capabilities,

ServiceNow will expand its chatbot support for non-English languages and empower organizations to better understand the meaning behind work requests so they can take action to get the job done.

As a strategic partner to the world’s largest enterprises, ServiceNow is focused on enabling digital transformation and driving customer success. The Now Platform includes powerful AI and machine learning capabilities, which enable customers to deliver great employee and customer experiences and unlock productivity.

This deal builds on ServiceNow’s previous AI acquisitions, including transactions with Loom Systems, Attivio, Parlo, FriendlyData, Qlue and DxContinuum.

Passage AI was founded in 2016 by CEO Ravi N. Raj, CTO Madhu Mathihalli and CTO Mitul Tiwari.

ServiceNow expects to complete the acquisition by the end of Q1 2020. Financial terms of the deal were not disclosed.

from Help Net Security https://ift.tt/319mdAL

Omnitracs to further support the work of Truckers Against Trafficking

Omnitracs, the global pioneer of fleet management solutions to transportation and logistics companies, announced an event dedicated to supporting the mission of Truckers Against Trafficking (TAT), a non-profit organization that educates, equips and empowers truck drivers to recognize and report instances of human trafficking.

Created by Advocates for Women in Technology (AWT), the Omnitracs women’s employee resource community, and in partnership with TAT, the goal of Human Trafficking Awareness Day is to raise awareness in the community, educate attendees on how to look for and properly report suspected human trafficking activities, and inspire them to become involved in the fight.

During the event, Omnitracs will host a joint codefest where software engineers will volunteer their time to improve the user experience of the TAT mobile app. The planned enhancements will increase both the usability and scalability of existing applications while allowing for more effective communication and deeper connections to their audience.

“Truck drivers and other transportation professionals operate across state lines and in areas that are more conducive to human trafficking, which positions them to recognize and report these offenses,” said Ray Greer, Chief Executive Officer at Omnitracs.

“We are proud to continue our support of Truckers Against Trafficking and to bring more advanced technology to this important initiative. This special event will raise awareness in our community while enabling the additional functionality needed to deliver more effective communication with drivers, and ultimately, help save lives.”

Human Trafficking Awareness Day will also provide attendees with the opportunity to experience the effects of human trafficking through the Freedom Drivers Project, TAT’s mobile museum and learn more about the open source technology used to help enhance the TAT app. Additional activities include music, food trucks, and giveaways.

As the transportation industry continues its digital transformation, it’s important for truckers to have access to technology that can help make a difference. The TAT mobile app helps drivers report suspicious activity as they spot it on the road, or at truck stops.

It also educates drivers about human trafficking, providing informative material about red flag indicators, and best practices around how they can help.

from Help Net Security https://ift.tt/317AXjT

Arceo appoints Mike Convertino as CSO

Mike Convertino, the former CISO of Twitter, Crowdstrike and F5 Networks as well as CTO of the Security Product Group at F5, has joined Arceo as Chief Security Officer and he is on a mission.

Mike, and a growing tribe of CISO’s from major enterprises, have begun a self-styled “CISO Revolution” not only to change how CISOs themselves are treated, but also fundamentally to alter the way companies perceive and support cyber security.

Collectively, the global cyber security market is expected to reach approximately $150 billion in 2020 – but hacks and breaches continue unabated and CISO’s are unfairly treated in the process. There are forces coming together that are giving rise to a CISO Revolution:

• The need to discern fact from fiction in a world where few vendors’ products truly measure up to the hype.
• There is a lack of acknowledgement of the inevitability of attacks – regardless of good security posture. New attacks form faster than new technologies, yet CISO’s are expected to bring immunity from attacks. This is not realistic.
• CISO’s have a minimal voice in managing enterprise risk. Knowing that attacks will happen, CISO’s are best placed to define and refine the correct investment in risk management and transfer for their companies – yet are, at best, on the sidelines of the insurance conversation.
• CISO’s are often unfairly scapegoated when an attack happens. In the majority of cases the CISO has planned well and deliberately pursued the right policies to protect the company, but will still be dismissed after a breach, causing an unwarranted blight on their career.
• Many CISO’s now believe that insurance should be a key element in their security stack, representing at least 5 percent of the security budget. This would effectively double the cyber insurance market from the projected 2020 market value of $7.5 Billion to $15 Billion.
• CISO’s want smart policies that are tied to the risks that they foresee and want a fair and accurate assessment of their company’s risk profiles.

“Tackling cyber risk requires cooperation between the security and insurance sectors – they’ve tried it alone – and neither solution is working,” said Mike Convertino, Chief Security Officer of Arceo.ai.

“CISO’s are in the cross-hairs and they are starting a revolution of sorts, demanding that if they are going to be held accountable, then they need the commensurate authority to drive cyber hygiene and cyber resilience.”

“Mike Convertino has seen first-hand from inside major US companies, the vendor community and the US military, why we need to crack the problem of finding real solutions to manage cyber risk. We are thrilled that Mike has joined us at Arceo on our mission to provide real value to insurers and end enterprises alike,” said Vishaal Hariprasad, CEO of Arceo.

Mike will partner with Arceo’s Insurance carriers, brokers and companies to provide insurance strategies that maximize a company’s resilience in the face of an attack, decrease damage to the business, and reduce losses.

“To assess risk properly there is a need for a fast and scientific approach to understanding an organizations’ exposure,” said Convertino.

“CISO’s are often only engaged in insurance coverage when it comes to filling out a long and meaningless questionnaire. It’s a one-size-fits-all practice that does not take into account the macro threat environment.

“Arceo is the only technology company that I have found with the ability to automatically and continually assess both micro and macro risk for a true risk assessment.”

In his most recent role with Twitter, Mike led the team that protected the company’s infrastructure and users from hacking and other types of compromises. He was an early employee at Crowdstrike and created Falcon Overwatch, Crowdstrike’s managed security service (MSSP) that protected clients from attacks in real time.

Like many in the security arena, Mike is a military veteran and served as the Commander of the US Air Force’s only Information Operations unit whose mission was to provide the US asymmetric cyber advantages.

from Help Net Security https://ift.tt/2S4weev

O’Reilly and Formulatedby announce new conference about smart cities and mobility industries

O’Reilly, the premier source for insight-driven learning on technology and business, and Formulatedby announced a new conference focused on how machine learning is transforming the future of urban communities and mobility industries around the world.

Rapid technological advancements are challenging cities and the mobility industry with new business models, methodologies in development and manufacturing, unprecedented levels of automation, and the need for new infrastructure.

From predictive analytics to policy, the Smart Cities & Mobility Ecosystems conference examines the role of governments, enterprises, and individuals in driving positive change as communities become increasingly connected.

“How we plan, build, and improve our cities has fundamentally changed, driven by powerful new technologies that can make life better for all the constituencies cities hope to serve,” said Roger Magoulas, VP of Radar at O’Reilly and chair of the Smart Cities & Mobility Ecosystems conference.

“This conference helps take the pulse of what we expect to change and what is possible for communities and mobility over the coming years.”

The focused event brings together enterprise practitioners, technical experts, and executives to discuss how data, artificial intelligence (AI), machine learning, and cutting-edge technologies impact the future of our communities.

Attendees can also workshop real-world applications of deep learning, sensor fusion, data processing and AI, automotive camera technology and computer vision algorithms, and reinforcement learning.

“The conversation around AI and ML has moved mainstream in applications like Smart Cities and Mobility Ecosystems,” said Anna Anisin, founder and CEO at Formulatedby.

“We’re excited to collaborate with O’Reilly to connect our audience of ML practitioners and executives with the policymakers and stakeholders who will participate in taking this technology to the next level to improve lives at scale.”

from Help Net Security https://ift.tt/36L7Wvf

Daniel Kollberg joins SentinelOne as VP of EMEA

SentinelOne, the autonomous endpoint protection company, announced the appointment of Daniel Kollberg as Vice President EMEA. The appointment supports SentinelOne’s record growth across the globe on the journey of becoming the next great cybersecurity company, through helping organizations use AI to defend against every attack at every stage.

Over the last six months, SentinelOne has more than tripled its EMEA business fueled by enterprise wins in Southern Europe, the United Kingdom, and the Middle East.

Serving hundreds of Global 2000 enterprises and three of the Fortune 10, key EMEA public references include Aston Martin, Casino, Monoprix, Savencia, About You, and Berlitz – each of which has replaced legacy antivirus for SentinelOne’s EPP and EDR platform.

Daniel Kollberg will play an integral role in further growing and scaling the company’s growth across EMEA.

Daniel brings over 25 years of leadership experience in cybersecurity and IT solutions to SentinelOne. Prior to joining the company, Daniel was most recently VP, EMEA Service Providers at Palo Alto Networks, where he helped dramatically grow and scale the company over the past five years.

At SentinelOne, Daniel will work closely with the executive leadership team to execute aggressive growth plans across EMEA.

“SentinelOne is differentiated in its ability to secure the region’s largest enterprises against the widest spectrum of attacks,” said Daniel Kollberg, VP EMEA, SentinelOne.

“In SentinelOne, I see the industry’s gold-standard unified EPP & EDR solution, with unprecedented innovation in IoT and cloud workload protection, all in a single platform. SentinelOne epitomizes innovation and customer success.”

“Daniel has distinguished himself as a visionary when it comes to growing and scaling cybersecurity solution sales,” said Nicholas Warner, COO, SentinelOne.

“We’ve already proven our market impact as the first company to unify EPP and EDR in a single autonomous agent, the first to stand behind our solution with a cyber warranty, and the first to take AI-based protection to the edge encompassing IoT devices and cloud workloads.

“The EMEA market is more ready than ever before to replace legacy antivirus for AI-powered EPP and EDR across all attack surfaces. We welcome Daniel in playing a key role in the next phase of SentinelOne — achieving our goal of becoming the next great cybersecurity company.”

As the fastest growing cybersecurity company in EMEA and across the globe, SentinelOne converges two historically separate spaces – EPP (protection) and EDR (detection and response) – without compromise. Its single platform uses patented behavioral and static AI models to deliver autonomous capabilities with the lowest performance impact.

The platform predicts and protects endpoints, IoT devices, containers, and cloud workloads from malicious activities at any stage of the attack chain – from the successful exploit to the last payload operation – all at machine speed.

“In order to protect our workstations and servers from any possible interruption of service, we needed to reinforce our historical protection systems with a solution adapted to today’s modern threat landscape.

“We selected SentinelOne for its efficiency and modernity as a state-of-the-art technology,” said David Garcia, Information Systems Security Director, Groupe Casino.

“Thanks to SentinelOne, Monoprix owns a solution that leverages Artificial Intelligence to enhance endpoint security with no performance impact, while being easy to manage,” said Vincent Cotteaux, CIO, Monoprix.

from Help Net Security https://ift.tt/2S6NZK2

If You Can't Edit H.265 Videos on Your Android Phone, Try This Fix

Which do you prefer: Saving space on your Android device or being able to edit your videos on your smartphone? Right now, you get one or the other—a funky Android bug that appeared, then disappeared, and has now reappeared is making it impossible to take full advantage of H.265/HEVC encoding on your device.

As a number of Android users have reported on the Google Photos help forums (since October of last year), videos shot using the H.265 codec on various Android devices cannot be edited in the Google Photos app. If you’re trying to trim something you just shot, for example, tapping on “Save copy” gives the illusion that something is happening:

But nothing actually happens, save for this annoying and generic error message:

To get around this, you’ll have to disable H.265 encoding for the time being. That means your videos will take up more room on your device, but at least you’ll be able to trim them in Google Photos. On a Pixel, this is as easy as pulling up your camera app’s Settings, scrolling down a bit, tapping on Advanced, and disabling “Store videos efficiently.”

On other Androids, look for the setting (if applicable) in a similar place, though the steps to get there might have slightly different names.

Otherwise, you can also use a third-party app like Adobe Premiere Rush, Inshot’s video editor, or KineMaster to trim your H.265 videos. You’ll likely have to pay for the app, though (or suffer annoying advertising or watermarks), so here’s hoping Google gets this annoying issue fixed sometime soon. Otherwise, you can always download your video from Google Photos (on the web) and edit it from there using a variety of free tools. It won’t be as portable of a solution, but it won’t cost you anything, either.

[Android Police]

from Lifehacker https://ift.tt/38N2iKw

Collating Hacked Data Sets

Two Harvard undergraduates completed a project where they went out on the Dark Web and found a bunch of stolen datasets. Then they correlated all the information, and then combined it with additional, publicly available information. No surprise: the result was much more detailed and personal.

"What we were able to do is alarming because we can now find vulnerabilities in people's online presence very quickly," Metropolitansky said. "For instance, if I can aggregate all the leaked credentials associated with you in one place, then I can see the passwords and usernames that you use over and over again."

Of the 96,000 passwords contained in the dataset the students used, only 26,000 were unique.

"We also showed that a cyber criminal doesn't have to have a specific victim in mind. They can now search for victims who meet a certain set of criteria," Metropolitansky said.

For example, in less than 10 seconds she produced a dataset with more than 1,000 people who have high net worth, are married, have children, and also have a username or password on a cheating website. Another query pulled up a list of senior-level politicians, revealing the credit scores, phone numbers, and addresses of three U.S. senators, three U.S. representatives, the mayor of Washington, D.C., and a Cabinet member.

"Hopefully, this serves as a wake-up call that leaks are much more dangerous than we think they are," Metropolitansky said. "We're two college students. If someone really wanted to do some damage, I'm sure they could use these same techniques to do something horrible."

That's about right.

And you can be sure that the world's major intelligence organizations have already done all of this.

from Schneier on Security https://ift.tt/37FiUE9

Here’s How to Max Out Your Nintendo Switch's Battery Life

The Legend of Zelda: Breath of the Wild

Screenshot: Nintendo

If there’s one thing that sucks about the Nintendo Switch, it’s the battery. Yeah, yeah, you can play Zelda on the road. But is that really a selling point if you can only do so for, like, two hours? That doesn’t even cover the train ride from New York to New Haven! And if you’re facing a longer trip—or, worse, heading to the airport—you can forget about trusting the thing to last the whole journey.

Officially, Nintendo claims the battery life of the original model can last anywhere from 2.5 to 6.5 hours. But anyone who regularly plays on-the-go can tell you that the reality is frustratingly closer to the 2.5-hour mark. And even though the House of Mario released a juiced-up model last year—one with a purported nine-hour battery life—plenty of gamers still picked up the low-charge original, thanks in no small part to a $300 bundle that included a download code for the “excellent” Mario Kart 8 Deluxe. In fact, according to The Verge, more than 800,000 people snagged that bundle during Black Friday week alone. (For those consumers: the only road you’re likely playing your Switch on is Rainbow Road.)

Not all hope is lost. By making the most of a few tried-and-true tactics—beyond simply “turn down your brightness”—you can get more mileage out of your machine. In some cases, you could hypothetically double it. Here’s how.

Actually power-down the console between sessions.

Screenshot: Nintendo (Kotaku

When you tap the Switch’s power button, a menu prompts you to put it in “sleep” mode. The display will shut off, but the console will still burn some gas (albeit at a much reduced rate). But shutting the whole thing down will ensure it consumes no battery whatsoever. To do so, just hold down the power button for three seconds. When the menu pops up, select “Power Options.” A “turn off” option should pop up.

Invest in a high-end battery pack.

Fact: If you have room to carry around an entire Switch, you have room to carry around a battery pack. For example, take a look at Anker’s dedicated Nintendo Switch battery pack. It’s light (just 9 ounces) and, at full charge, can extend your console’s battery life by 1.7 times. Bonus: Though it generally sells for $70 (or more!), it’s currently available on Amazon for $65.

Play low (or lower) fidelity games.

It’s no secret that big-budget games, with all their snazzy graphics, use a lot of processing power—and battery life, too. When you play something like Fire Emblem: Three Houses, for example, you can literally feel the console go into overdrive as it heats up in your hands. But if you play a comparatively smaller game, like, say, Baba Is You, your console doesn’t have to work as hard—and doesn’t have to burn as much battery in the process.

To put some numbers to it, I’ve been able to push my Switch—a 2018 model—to run Three Houses for 2.5 hours or so before needing a charge. On the other hand, I’ve had no trouble running Baba Is You five hours or more (even if I’ve desperately wished for the console to power-down and put me out of my puzzle-induced misery).

Unplug your Switch when it’s fully charged.

Yes, this may sound counterintuitive, but unplugging your console can help preserve its lifespan. See, the Switch is equipped with a lithium ion battery. When a device with a lithium ion battery hits full charge, leaving it plugged in reduces efficacy in the long-term. That means, when you go to play undocked in the future, your total battery life will be shorter and shorter over time. Whenever your Switch hits that 100-percent charge—be it through the dock or a cable—unplug it.

Exchange it.

As Kotaku’s Ethan Gach pointed out, you can identify which Switch model you have by looking at the model number on the back of the console. The older model—the one that was part of that Mario Kart 8 Deluxe bundle—can be identified by the model number HAC-001, while the newer one—the one with an actually useful battery—is marked by HAC-001(-01). If you’re willing to sacrifice the free game, head back to where you bought it and swap for a new one. Since the standalone model is the same price as the bundle, you won’t lose a penny.

Thankfully, most big-box retailers run extended return periods during the holidays. Target has a generous 90-day blanket return policy. Walmart, too. Even if you picked your model up all the way back during Black Friday, you’re within that time frame.

from Lifehacker https://ift.tt/2RAseDv