Welcome!

Blog Feed Post

Barracuda Devices with Backdoors, New Cyber Legislation introduced and more

By

facebookHere are the top cyber news and stories of the day.

  • Symantec CEO on reorg: “our system is just broken” – The new CEO of Symantec, Steve Bennett, outlined a new re-organizational plan for the security firm. Symantec’s Norton offerings are some of the most purchased consumer anti-virus solutions. Their new offerings will be based on in-house R&D, not acquisitions. It will certainly be interesting to see what they can bring to the table. Via Network World, more here.
  • IG: reimbursement irregularities in DOE Smart Grid pilots – The DOE IG has found that their $700M “Smart Grid” pilot program has not been managed well. The recent report states that it is at risk of not meeting its objectives and has an increased risk of fraud, waste and abuse. There are $12.3M in costs which may be the result of poor management or the above issues. Via FierceGovernmentIT, more here.
  • New program looks at how information is connected to stay ahead of the cyber threatDARPA researchers seek a new approach, one that relies on knowing the cyber terrain within the network and understanding how information across the enterprise is connected to find actions associated with an attack buried under or within all the normal data. This program is called the Cyber Target-Attack Analyzer, and it looks to correlate disparate data sources to create a “terrain map” of sorts of cyber networks. Via Phys Org, more here.
  • Create a secure browsing session on any Windows computer - Kanguru’s “Defender DualTrust,” is a USB device that allows any users to plug it in and begin secure browsing sessions. It is also an encrypted data storage capability for the user. While pricing is not available yet, this type of solution could be good for consumers to use, whenever they do only banking or purchases. Via Help Net Security, more here.
  • Facebook’s Graph Search worries security expertsGraph Search, which Facebook introduced this month and is rolling out gradually, lets people use naturally phrased queries, such as “Mexican restaurants my friends like,” and receive personalized results. The service makes a lot more useful information available to people, and it gives Facebook a new venue for selling advertising. So please take a look at your Facebook settings, and protect yourself. Via Computer World, more here.
  • Cyber legislation introduced to new CongressSenators Jay Rockefeller, Tom Carper and Diane Feinstein formally introduced a new cybersecurity bill on Thursday titled “The Cybersecurity and American Cyber Competitiveness Act of 2013.” Last year’s congress’ inability to hunker down and compromise on cybersecurity worried many experts, and led to an executive order in the meantime. It is time congress had a frank, educated discussion of cybersecurity needs as our nation moves to a more connected state. Via FedScoop, more here.
  • UCI develops app that stores DNA info on smartphones – Computer Scientists at the University of California at Irvine have developed an application that can store encrypted pieces of DNA on a smartphone. They believe it has a wide variety of applications, including paternity tests (what’s Maury gonna do?). Via the Daily Pilot, more here.
  • ‘Backdoor’ root log-ins found in Barracuda security, networking gear – The Austrian security firm, SEC Consult Vulnerability Lab, has identified undocumented backdoor superuser access into some Barracuda Networks products. These cannot be disabled in the current firmware of the devices. The backdoors were set to be accessible only from Barracuda internal networks, but in reality are accessible from a variety of places. Via ZDNet, more here.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley, former CTO of the Defense Intelligence Agency (DIA), is Founder and CTO of Crucial Point LLC, a technology research and advisory firm providing fact based technology reviews in support of venture capital, private equity and emerging technology firms. He has extensive industry experience in intelligence and security and was awarded an intelligence community meritorious achievement award by AFCEA in 2008, and has also been recognized as an Infoworld Top 25 CTO and as one of the most fascinating communicators in Government IT by GovFresh.