Monday, May 15, 2017

Is North Korea Really Responsible for the WannaCry Malware Attack?





According to some of the top cybersecurity researchers, like Symantec, Kaspersky Lab and Google, there seems to be some technical evidence that the WannaCry malware attack that is infecting and wrecking havoc on more than 300,000 computers in over 150 countries, has a connection to the North Korean-run hacking operation known as the Lazarus Group.

The Lazarus Group, which has widely been regarded as a Korean nation-state hacking group, that has been blamed for a recent string of bank heists and well as the 2014 Sony hack.

First Links To Suspicion

Speculation of a possible North Korea connection went live today after Google researcher Neel Mehta posted a cryptic tweet showing similar code elements of the two pieces of malware, with the hashtag #WannaCryptAttribution, and researcher Matthiu Suiche then tweeted a screenshot of the two code families, saying, "Similitude between #WannaCry and Contopee from Lazarus Group ! thx @neelmehta - Is DPRK behind #WannaCry ?"

After the intriguing tweets, Kaspersky Lab late today posted a blog outlining the similarities between the WannaCry and Lazarus Group code. They confirmed that the February ransomware variant is a precursor to the WannaCry attacks this month. "It shares the same the list file extension targets for encryption but, in the May 2017 versions, more extensions were added," they wrote.
"Neel Mehta's discovery is the most significant clue to date regarding the origins of Wannacry," Kaspersky researchers wrote. But they say more research is necessary to more definitively connect any dots.

Source: Researchers Investigate Possible Connection Between WannaCry and North Korean Hacker Group

reuters-wannacry-howitworks-xl

The Link? Shared Computer Code

Apparently, a variant of WannaCry found in February shared some computer code with a hacking tool the Lazarus group used in 2015.

“For now, more research is required into older versions of Wannacry,” Kaspersky Lab said in a blog post. “We believe this might hold the key to solve some of the mysteries around this attack.”

On Monday, security firm Symantec also reported finding clues that may link WannaCry with the shadowy group. It’s found earlier versions of the ransomware on machines that have been compromised by hacking tools used by Lazarus, according to Vikram Thakur, technical director at the company.
“Shortly after these tools were found on these machines, we could see WannaCry files showing up,” he said.
Source: The WannaCry ransomware might have a link to North Korea

Still Just Suspicions, No Smoking Gun...Yet.

Some experts also report that the evidence is very circumstantial. And that it's not uncommon for tools used in other hacks or often leaked on the internet so anyone interested could also use the shared code.

[caption id="attachment_2642" align="alignnone" width="720"]A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017. Courtesy of Symantec/Handout via REUTERS ATTENTION EDITORS - THIS IMAGE WAS PROVIDED BY A THIRD PARTY. EDITORIAL USE ONLY. NO RESALES. NO ARCHIVE.? A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017. Courtesy of Symantec/Handout via REUTERS ATTENTION EDITORS - THIS IMAGE WAS PROVIDED BY A THIRD PARTY. EDITORIAL USE ONLY. NO RESALES. NO ARCHIVE.?[/caption]

Hackers do reuse code from other operations, so even copied lines fall well short of proof.

U.S. and European security officials told Reuters on condition of anonymity that it was too early to say who might be behind the attacks, but they did not rule out North Korea as a suspect.

FireEye Inc (FEYE.O), another large cyber security firm, said it was also investigating a possible link.
“The similarities we see between malware linked to that group and WannaCry are not unique enough to be strongly suggestive of a common operator,” FireEye researcher John Miller said.

Source: Researchers See Possible North Korea Link To Global Cyber Attack


Looks like we have to wait and see if the evidence the cybersecurity researchers come up with can say definitively whether or not who was the real culprit in these attacks. You can, however, rest assured knowing that some of the best and brightest are on the case and will get to the bottom of this.

View our CyberSecurity section for more stories like this and other cybersecurity news.

Thursday, April 20, 2017

New Cybersecurity Tool To Help HR Find Qualified Applicants

What's going on with the CyberSecurity Industry's talent, or lack thereof?

In today's tech climate, not only are there 80,000 Entry-Level, Non-Sexy Tech Jobs that Undergrads Don’t Want, as we saw in yesterday's post, but it looks like when they finally do apply the majority of applicants turn out to be unqualified.
“On average, 59 percent of enterprises get at least five applicants for each open cybersecurity position, but most of these applicants are unqualified,” the report states.

Most organizations surveyed are focused on hiring cybersecurity experts who have hands-on experience and certification rather than formal education. But, according to the report, in a newly burgeoning field, that’s hard to find.

“Almost 27 percent of respondents state that they are unable to fill open cybersecurity positions in their enterprises—with another 14 percent of respondents unaware as to whether their enterprises could fill these positions or not,” the report states.
Source: REPORT: INDUSTRY GROUP RAISES ALARM ABOUT CYBERSECURITY SKILLS GAP

Help is Available

But ISACA is looking to fix that by helping HR departments find the most qualified it pros with their certification platform, which provides a 2-hour test that will report on strength and weaknesses of a candidate as well as offer performance based online training.
“It is all virtual machines, which means in each particular lab you’re talking to a real firewall, a real DMZ, a real web server, a real database server, whatever the configuration happens to be,” Chief Innovation Officer Frank Schettini explained to Associations Now. “And they’re actually up and live up in the cloud, so it is actually a real-time lab.”
Source: NEW TOOL LETS HR TEST APPLICANTS’ CYBERSECURITY SKILLS

Streamlining The Process

It helps HR easily test competencies of a cybersecurity candidate as well as letting managers improve their existing IT employees.
“Now instead of going through a process of blindly hiring someone, you go through the process of having them run the skills assessment test, reading the results, and then deciding whether you want to hire the individual,” Schettini said.

“What this tool allows you to do is … know up front before you hire them what type of training investment you’re going to want to do to bring them on board,” he continued. “So the hiring process becomes much more straightforward—you know what you’re getting, you know what training program you want to set up—and the beauty of the platform is you can leverage the platform any way you want to set up that training program.”

Source: NEW TOOL LETS HR TEST APPLICANTS’ CYBERSECURITY SKILLS
Hopefully, this tool, along with a real concerted effort to teach the much-needed cybersecurity skills to the new crop of it professionals, will help us close our rather large current skills gap.

You can always come here for the latest news for IT and Telecom Professionals

Wednesday, April 19, 2017

The $80,000 Entry-Level, Non-Sexy Tech Jobs Undergrads Don't Want


Ashton Mozano, a cybersecurity professor at the University of San Diego, details how most of the undergrads with a computer science or computer engineering degree, would rather create new products and technologies for Apple and Google than design and operate systems that spot, resist and alleviate a variety of attacks, than work in the non-sexy realm of cybersecurity despite the fact that most of the jobs, pay extremely well with the some of the  lower-level positions paying as much as $80,000 a year. Management positions can top $235,000!
The nation’s colleges and universities are scrambling to add courses to prepare students to fill the huge number of cybersecurity jobs that have arisen due to exponential growth in hacking worldwide. The extent of the problem isn’t clear; analysts say the number of job vacancies ranges from 100,000 to 350,000, with as many as 45,000 positions in California. Ashton Mozano, a cybersecurity professor at the University of San Diego, says there are thousands of $80,000 entry-level jobs available to applicants who have nothing more than an undergraduate degree in computer science or computer engineering. Tons of $80,000 entry-level jobs going ignored - The San Diego Union-Tribune


Check here for more IT Pro news

Monday, April 17, 2017

IT Pros, Are These The Best Reporting Tool Vendors in 2017?


IT Pros and their tools

It's been said that the best investment is in the tools of one's own trade and let's face it, as an IT Professional, there are plenty of tools that are needed to do an effective job.

Tools that help you monitor the network and scan for vulnerabilities, to tools that help you manage, troubleshoot and diagnose your systems and applications.

Here's IT Central Station's list of the Best Reporting Tools Vendors for 2017?

Are These The Best Reporting Tools For IT Professionals in 2017

IT Central Station

Over 202,381 professionals have used IT Central Station research on enterprise tech. Their site lets it pros compare the tools based on product reviews, ratings, and comparisons. All of their reviews and ratings are from real users, validated by their triple authentication process.


#5 IBM Cognos


Cognos Software is IBM's Business Intelligence and Performance Management solution, offering BI, strategy management, financial performance, and data analytics applications. Cognos caters to all levels in an organization with products designed for individuals, workgroups, departments, mid-size companies, and big enterprises.

#4 Microsoft BI


Microsoft BI is a business intelligence solution that turns data into insightful and useful business information that is relevant to all levels of the business.

Microsoft BI combines familiar Microsoft tools - Office, SharePoint, and SQL server, with extra features for end-users, such as Power View and Power Pivot. This powerful product gives businesses a competitive advantage by allowing end-users to better analyze their data, collaborate and better present their data.

#3 Oracle OBIEE


OBIEE is a multifaceted network of tools that can create a more fluid and better-integrated data flow for your business. This service is actually a platform that is made up of six individual elements, rather than a single tool with multiple features. These services include: presentation catalog, BI presentation service, BI scheduler service, BI server service,administration client, and metadata repository.

The purpose of the OBIEE is to have an entire system for all of your enterprising needs. The various tools within the suite can take your data, organize it, analyze it and then glean the pertinent information from it,sending it on to the relevant parties who can then use it for metrics, pattern analysis, and future projections. The essence of the platform is to integrate your current IT together with their tools in order to give you the overall best return on investment with minimal fiscal obligations.

#2 QlikView


QlikView is a Business Intelligence tool that allows you to keep tabs on all of your business-related information in a clean, clear, and easy to access database that is intuitive to build and simple to navigate. It is ideal for business owners who wish to improve overall output by creating the most productive system possible.

#1 Tableau


Tableau is an enterprise analytics platform that enables your organization to explore trusted data in a secure and scalable environment. It gives people access to intuitive visual analytics, interactive dashboards, and limitless ad-hoc analyses that reveal hidden opportunities and eureka moments alike. Get the security, governance, and management you require to confidently integrate Tableau into your business—on-premises or in the cloud—and deliver the power of true self-service analytics at scale.

Did your favorite make the list?

Check here for more IT Pro news

Monday, March 6, 2017

Could ShoreTel acquire 8x8?



There's an unidentified source claiming that:
8x8, a VoIP and cloud service provider focused mainly on business customers, is considering selling the company amidst a growing wave of consolidation in the telecom service provider industry segment. Citing unnamed sources close to the company, Reuters reported that 8x8 has been consulting with Morgan Stanley to gauge the interest of other similar companies and private equity firms.

Report: VoIP, cloud provider 8x8 considers a possible sale | FierceTelecom
Why would ShoreTel even be interested? Well, besides the obvious,
ShoreTel and Vonage have been aggressively expanding their reach via acquisitions. In 2015, ShoreTel acquired Corvisa, a provider of cloud-based communications solutions, for $8.5 million, enhancing its unified communications capabilities.

Report: VoIP, cloud provider 8x8 considers a possible sale | FierceTelecom
With Vonage being just as aggressive, I'm sure they would also like an opportunity to do the same, assuming the claim is true. They've purchased four companies themselves, Nexmo, iCore, SimpleSignal and Telesphere.

Visit us here for more on ShorTel business phone equipment and  news

Thursday, March 2, 2017

ShoreTel Looking to Recover Now that It Is Oversold, Can It?


There is now some hope and optimism that ShoreTel (SHOR) . Over the last 60 days it has been on an upward trend.

The reason is that ShoreTel's RSI reading is 28.49. What is RSI?

According to NASDAQ.com
RSI stands for 'Relative Strength Index' and it is a popular indicator used by technically focused investors. It compares the average of gains in days that closed up to the average of losses in days that closed down; readings above 70 suggest an asset is overbought, while an RSI below 30 suggests undervalued conditions are present.


SHORETEL-rsi-marketvolume_ Source: www.marketvolume.com



That alone would suggest that there is light at the end of that tunnel. But couple that with a #1 Zack Rank and now things are starting to look much more positive for SHOR
If this wasn’t enough, ShoreTel also has a Zacks Rank #1 (Strong Buy) which puts it into rare company among its peers. So, given all of these factors, investors may want to consider getting in on this stock now (or holding on), as there are some favorable trends that could bubble up for this stock before long.

Source: ShoreTel (SHOR) is Oversold: Can It Recover?
Visit us here for more information on Shoretel Business Phones

Wednesday, March 1, 2017

Cisco Welcomes The House Passage of the Email Privacy Act




The House of Representatives unanimously passed the Email Privacy Act, a bill that would reform ECPA ( Electronic Communications Privacy Act) were it to become law on Monday evening.

What is the ECPA and why does it need to be reformed?
In the beginning, ECPA protected Americans’ e-mail from warrantless surveillance — despite ECPA allowing the government to access e-mail without a court warrant if it was six months or older and stored on a third-party’s server. The tech world now refers to these servers as “the cloud,” and others just think of Hotmail, Yahoo Mail, Facebook and Gmail.

ECPA was adopted at a time when e-mail, for example, wasn’t stored on servers for a long time. Instead, e-mail was held there briefly before recipients downloaded it to their inbox on software running on their own computer.

During the Reagan administration, e-mail more than six months old was assumed abandoned, and that’s why the law allowed the government to get it without a warrant. At the time, there wasn’t much of any e-mail for the authorities to acquire because a consumer’s hard drive — not the cloud — hosted their inbox.

Source: Aging ‘Privacy’ Law Leaves Cloud E-Mail Open to Cops




Now with the Email Privacy Act passed it should help to reform the most outdated elements of the ECPA.
In particular, it would newly require government agencies to obtain a warrant before seizing a criminal suspect’s online communications that are more than 180 days old. Under the ECPA’s existing logic, those older communications are considered abandoned, and thus not subject to a reasonable expectation of privacy.

Source: Passing the Email Privacy Act Has Never Been More Urgent
Basically
The legislation would require authorities such as the U.S. Department of Justice and Securities and Exchange Commission to obtain a search warrant to access emails, data in cloud storage and other digital communications more than 180 days old.[4][5]

Under current law—the Electronic Communications Privacy Act (ECPA) of 1986—authorities can obtain such data by issuing an administrative subpoena to an Internet service provider, without the need to obtain judicial approval.[4][5][6] The Congressional Research Service reported in 2015 that: "In recent years, ECPA has faced increased criticism from both the tech and privacy communities that it has outlived its usefulness in the digital era and does not provide adequate privacy safeguards for individuals' electronic communications. In light of these concerns, various reform bills have been introduced in the past several Congresses..."[7]

The Email Privacy Act would codify as federal law the decision of the United States Court of Appeals for the Sixth Circuit in United States v. Warshak (2010). In that case, the Sixth Circuit held that the Fourth Amendment to the United States Constitution requires that the government obtain a warrant before accessing emails stored online (e.g., in the cloud).[6][8][9] The Warshak ruling currently applies only to the Sixth Circuit; the Email Privacy Act would extend its rule nationwide.[6][8]

Source: Wikiepedia Email Privacy Act
Cisco-Logo



Cisco is firmly behind the Email Privacy Act and has stated publicly that they have
..long supported updating the Electronic Communications Privacy Act (ECPA) to better protect customer data and communications stored with third-party providers against unwarranted searches and seizures. We, therefore, applaud the unanimous voice vote in the U.S. House of Representatives to pass the Email Privacy Act (H.R. 387) introduced by Representatives Kevin Yoder (R-KS) and Jared Polis (D-CO).

This bipartisan legislation would require the government to obtain a probable cause warrant before demanding access to customer data in the cloud. We firmly believe that data stored in the cloud must receive equivalent legal protections against search and seizure to those accorded physical papers and electronic data stored on premises.

Source: Cisco Applauds Unanimous House Vote Passing Email Privacy Act
Today the house took a major step forward. Technology has made incredible advances over the years and it was about time the privacy laws catch up.

For more Telecommunications News click here.