Kaspersky discovers supply-chain attack at NetSarang

While investigating suspicious DNS requests for a financial institution, researchers at Kaspersky discovered backdoor in recently updated copies of software released by NetSarang, a developer of management tools for servers and clients.

Kaspersky linked the backdoor to the ShadowPad family of malware, and alerted the software firm, who then pulled the hijacked releases and alerted customers.

Kaspersky says they discovered the ShadowPad malware while working with a financial institution on an investigation into a number of suspicious DNS requests.

Once every eight hours, the embedded malware in the NetSarang software would call out to specific domains with information about the system (username, domain, host, etc.). The domains used will change monthly, and Kaspersky says that domains have been registered to cover July though December, 2017.

Posted in Kaspersky | Comments Off on Kaspersky discovers supply-chain attack at NetSarang

Security Platform Provider Verodin Brings In Former Symantec Exec …

Verodin, a developer of technology for measuring the effectiveness of business security environments, on Tuesday said it has hired former Symantec executive Rob Potter as its first chief revenue officer.

The move from Symantec to Reston, Va.-based Verodin offered an opportunity to work with technology that adds value to existing security environments, including businesses working with his former employer, Potter (pictured) told CRN.

“This is innovative technology,” he said. “But we’re not playing in the same swim lanes as other vendors. Customers are really challenged to know how their security products align with their expectations. It’s important to look at what technologies can address their needs, and ensure there’s no drift in how the technology impacts their environments.”

[Related: QA: Symantec CEO On DigiCert Deal And Partner Growth With Platform Security]

Potter left Symantec in early July during that company’s leadership transition, and joined Verodin in late July, he said.

Verodin provides Potter a way to use his years of security experience at Symantec, and before that at RSA and EMC, to help customers who have already invested in security manage the technologies they’ve invested in.

“Our ability to measure the effectiveness of security solutions, to see if they are failing and how they are failing, all help determine how to improve the security environment,” he said. “We’re not a security company. We’re a business platform.”

The Verodin platform provides the instrumentation to determine the efficacy of customers’ security environment, and see how that environment is impacted by removing a security technology, or moving from an on-premises technology to the cloud, Potter said. “Our technology looks at how such changes might impact their security, and looks at new ways to enhance their security,” he said.

Verodin can integrate with and measure the efficacy of endpoint security, proxies, firewalls and more, Potter said.

“We have the ability to act as both the attacker and the defender inside the firewall to look at how the environment reacts to an attack, what alerts are sent, and how security people respond,” he said. “It’s not a traditional product to block or detect something. Instead, it looks at if products already in the environment protect and defend as they are expected to.”

“Everybody is looking for outcomes,” said Todd Weber, vice president of partner research and strategy at Optiv Security, a Denver-based security-focused solution provider and Verodin channel partner. “Buying technology for the sake of technology may be fun, but customers need outcomes. We take customers through the buying process by saying these products solve certain problem, but if you don’t have this problem, don’t buy it.”


Article source: http://www.crn.com/news/security/300090601/security-platform-provider-verodin-brings-in-former-symantec-exec-as-new-chief-revenue-officer.htm

Posted in Symantec | Comments Off on Security Platform Provider Verodin Brings In Former Symantec Exec …

JOHN McAFEE: Here’s why you can’t call bitcoin a ‘bubble …

John McAfee
John McAfee

John McAfee’s MGT Capital recently announced it is
mining for cryptocurrencies

There are innovations peppered throughout history that have
changed human culture beyond recognition. One such innovation was
the adoption of agriculture.

Prior to this adoption, the great thinkers within society
struggled with how to determine when to break camp and move to
more fruitful lands, how to limit the size of a village so that
sheer numbers did not quickly deplete the available food in a new
area, and how to design lodging so that could be quickly
dismantled for a sudden move.

Imagine how these great thinkers must have struggled to
comprehend a world in which the village never moved; where the
size of the village was inconsequential; and where lodging was
constructed of immovable stone. There would be nothing in their
contextual understanding of their culture that would allow them
to comprehend the end product of the emerging new world.

I believe that the blockchain is, even now, ushering in a new
economic and social paradigm that will rival, if not exceed, the
impact that agriculture had in human society.

The idea that has clouded the waters for many is the idea of
“decentralization.” There has been much hype for dozens of years
about the mind bending potential of decentralization but little
if nothing has come of it. The reason is that no-one has been
able to solve the problem of distribution required to power these
decentralized system.

Distributed, decentralized systems have an inherent power that
literally obsoletes centralized systems. this is obvious even to
the most casual observer. We have known this for decades. It was
not until the arrival of the blockchain, however, that we had a
tool capable of melding “decentralized” and “distributed” into a
single unit within which no central authority whatsoever was
necessary. The distributed ledger, maintained by no-one,
accessible to all and validated by consensus is the tool the
world has been waiting for.

Those who understand this tool see immediately the absurdity of
words like “bubble,” “investment,” etc. when applied to
cryptocurrencies. These thought leaders use bitcoin to buy and
sell and those who use bitcoin exclusively as a currency and use
no other currency – and I personally know dozens who do so –
could care less about what bitcoin is worth in dollars.

These people see, and have seen for some time, that the old
paradigm constructs are meaningless in this new world.

It is like the first pueblo cultures being warned by their past
sages that they will perish in their stone houses when it is time
for the village to move. They understood that the concept of
“moving” had no meaning in their new world.

Likewise, what people see as a bitcoin “bubble,” from the
perspective of the new paradigm, is merely the predictable and
systematic devaluation of fiat currencies that will continue,
with obvious ups and downs, until all fiat currencies reach the
zero point.

As the relative value of bitcoin temporarily drops, they will
point to this as proof if their understanding. It won’t matter.
The reality if this new world is what it is. Those who understand
will be the leaders of this new world.


Get the latest Bitcoin price here.

Article source: http://www.businessinsider.com/bitcoin-price-john-mcafee-not-a-bubble-2017-8

Posted in McAfee | Comments Off on JOHN McAFEE: Here’s why you can’t call bitcoin a ‘bubble …