Kenneth Geers – WindowsTechs.com

The Wassenaar Arrangement’s latest language is making security researchers very happy

Posted on December 20, 2017 by Shaun Waterman

Security researchers are saying rewritten language that includes hacking tools in a treaty that regulates the global trade in weapons technology, saying it fixes rules that, if implemented in the U.S., would have outlawed much of the daily commerce of the cybersecurity industry. The recent agreement, reached at the annual plenary session of the Wassenaar Arrangement — a 42-nation arms control treaty to which the U.S. is a signatory — was broadly welcomed by policy makers, industry sources and security researchers. “We applaud the hard work of the U.S. interagency and our partners in industry, the research community, and foreign governments to clarify software and technology controls that could have had a negative impact on legitimate cybersecurity,” Rob Joyce, White House Cybersecurity Coordinator, told CyberScoop. The changes provide exemptions to the export control requirements the treaty imposes on hacking tools. Cyber defenders and white hat security researchers engaged in vulnerability disclosure and […]

The post The Wassenaar Arrangement’s latest language is making security researchers very happy appeared first on Cyberscoop.

Continue reading The Wassenaar Arrangement’s latest language is making security researchers very happy→

The endless hunt: Looking for patterns in malware data

Posted on July 25, 2017 by Shaun Waterman

“No research is ever really finished,” observes Kenneth Geers, senior research scientist for Comodo. He’s talking about the second massive set of data he’s crunched in two weeks: The Comodo Threat Labs Q2 2017 report. It was only a week ago that Geers released Comodo’s Q1 data — the first time the company sought to leverage the huge amounts of information about malware attacks gathered by the 90 million installs of its software across the world. This time around, the dataset is four times as large — more than 97 million malware incidents — and Geers told CyberScoop the analysis he’s been able to do on it so far is “just scratching the surface.” “I’m going to be working all week,” he said, preparing for a presentation at DEF CON Saturday. In Q1, he demonstrated that “different malware types map against [national] GDP per capita.” The more advanced types of malware, like backdoors, make up a greater […]

The post The endless hunt: Looking for patterns in malware data appeared first on Cyberscoop.

Continue reading The endless hunt: Looking for patterns in malware data→

Despite its hacking prowess, Russia appears to have very messy networks

Posted on July 17, 2017 by Shaun Waterman

Russia’s hackers may be among the best, but its computer networks are the most malware-ridden in the world, according to new data from security vendor Comodo. Russia also has a high proportion of more primitive forms of malicious software, the data show, suggesting the security of its IT networks is in a parlous state. The data, which comes from computers all over the world loaded with Comodo software, and covers the first quarter of 2017, is analyzed by the company’s Comodo Threat Research Labs. “It’s a very bad sign” said Comodo Senior Research Scientist Kenneth Geers of the Russia numbers. “It suggests the networks are poorly managed … the software is pirated or out of date.” “The networks [there] are riddled with malware that’s taking advantage of all the low-hanging fruit” in the form of poorly secured IT equipment, he added. “Probably many countries are spying on Russia pretty easily.” The 90 million […]

The post Despite its hacking prowess, Russia appears to have very messy networks appeared first on Cyberscoop.

Continue reading Despite its hacking prowess, Russia appears to have very messy networks→

NATO expert: Russians have it right — it’s information security not cyber

Posted on February 17, 2017 by Shaun Waterman

In international discussions about cybersecurity, there’s a long-recognized disconnect on vocabulary: The U.S. and its Western allies conceive of cybersecurity as a technical issue — the protection of software against malicious code. Russian officials talk about information security, and it’s a much broader concept of ensuring the integrity of their political and social structures by controlling the […]

The post NATO expert: Russians have it right — it’s information security not cyber appeared first on Cyberscoop.

Continue reading NATO expert: Russians have it right — it’s information security not cyber→