Web Gateways: 5 Big Security Challenges

Web Gateways: 5 Big Security ChallengesOverreliance on Web gateways is putting data, users, customers, organizations, and reputation in harm’s way. Once upon a time, organizations primarily used Web gateways to prevent employees from wasting time surfing the Web — or worse, from visiting gambling, adult, and other unauthorized websites.
A few decades later, Web gateways do much more than enforce regulatory compliance and HR policies. Organizations rely on them to thwart Internet-borne threats in three ways:
Advanced URL filtering, which uses categorization, reputation analysis, and/or blacklists to control access to categories of malicious or suspicious websites.
Anti-malware protection, which uses various capabilities (such as antivirus, sandboxing, advanced threat protection, content inspection, etc.), to guard against infections caused by various kinds of malware (including rootkits, worms, Trojans, viruses, ransomware, spyware, adware, etc.).
Application control capabilities, which manage and limit what users are allowed to do in specific applications. 
However, although Web gateways have been around for decades and continue to evolve, they aren’t bulletproof, and overreliance on them is putting data, users, customers, organizations, and reputation in harm’s way. Here are five of the biggest Web gatway security challenges:
1. Filtering out malicious sitesAlthough URL categorization sounds appealing, this approach is actually very limited. To categorize malicious sites with 100% accuracy, Web gateways need to know how to identify even the most advanced threats. Unfortunately, the attackers’ rate of innovation combined with frequent zero-day exploits are leaving Web gateways behind the curve.
To make things worse, it’s also hard to keep up when 571 new websites are created every second, which generates a high volume of domains and increases the chance that some will be missed by security controls. It’s difficult for filters to detect the malicious URLs that attackers use for three reasons: URLs may be triggered only by the target organization and remain stealthy during categorization, they’re short lived (less than 24 hours), and they use dynamic domains that are harder to thwart than static ones.
2. Protecting against uncategorized websites without compromising productivityEmployees need access to information to be productive. However, many organizations block access to uncategorized sites because of security concerns, and in the process they reduce end user productivity. Not only does this practice hinder end users, but security teams are forced to deal with an onslaught of support tickets for users who legitimately need to access information. As a result, security teams find themselves maintaining a growing number of policies and rules. This is a major Web security problem because 1% to 10% of URLs can’t be classified because of a lack of information.

3. Fighting infections from websites considered safeThe belief that infections occur only through websites that are categorized as suspicious or malicious is false. Websense estimates that 85% of infections occur through websites considered legitimate and safe. It’s becoming increasingly common for so-called safe websites to knowingly serve malicious content.
A good example is “malvertizing,” which injects malicious ads into legitimate online advertising networks later served by publishers that don’t know that ads are malicious. These malicious ads may not even require any user interaction to infect unsuspecting victims. A recent example is the large-scale malvertising attacks that occurred in June and July this year against several Yahoo properties. To circumvent ad blockers’ ability to separate banner and display ads, some publishers are integrating ads into their general content. Others, including GQ publisher Condé Nast, insist that users disable their ad blockers in order to access content. 
Then there’s the fact that many seemingly safe websites use common content management systems that are vulnerable to zero-day exploits and can therefore be compromised by attackers to serve malicious content. In July, thousands of websites running WordPress and Joomla — which account for about 60% of all website traffic — served ransomware to all their visitors. And you may remember that back in early 2015, Forbes.com was breached by Chinese hackers who served malicious code via its “Thought of the Day” Flash widget.
4.    Identifying malicious files and keeping them outAlthough some Web gateways integrate antivirus engines and other file-scanning services, antivirus scanners detect only 20% to 30% of malware.
Leveraging sandboxes to detect malware requires time to run and analyze files. To avoid affecting user experience, Web gateways often pass files to users while sandboxes complete their analysis in the background — which essentially means users are exposed to attacks. Moreover, with the proliferation of sandbox evasion techniques and as malware is often target-specific, sandboxes are proving to be less effective.
5.    Neutralizing malware on infected machinesWeb gateways only analyze network traffic, not what users are actually doing. As such, gateways have a hard time differentiating between legitimate and malicious traffic, and detecting and neutralizing malware on infected machines. In fact, some advanced threats can be active for weeks or even months without being detected.
Indeed, recent research has found that 80% of Web gateways failed to block malicious outbound traffic. Remote access Trojans are another example of how Web gateways can’t detect and stop malicious traffic.
Looking Beyond Web GatewaysWeb gateways provide valuable functions inside security architectures and deliver basic security against threats arising from Internet browsing. But although they’ve improved considerably over the years, Web gateways are far from perfect. Their detection-based approach is failing, and as a result users are frustrated by draconian IT policies that block access to important websites. In the foreseeable future, Internet-borne threats will continue to evolve, and the industry must meet the challenge with new Web security defenses that help gateways do the job they were designed to do.
Related Content:
Web Gateways Need Backstops
Why Security Awareness Alone Won’t Stop Hackers
Executable Files, Old Exploit Kits Top Most Effective Attack Methods



100 percent of holiday retailers vulnerable to cyber security issues

With more of us than ever doing our shopping online over the holiday period we want to feel that we can do so safely.
But a new report from security ratings company SecurityScorecard exposes cyber security vulnerabilities across 48 of the biggest US retailers.
The company studied the 48 largest retailers as indicated by the National Retail Federation. It finds that more than 50 percent may have failed to meet the Payment Card Industry’s Security Standards (PCISS). It also uncovered issues including malware infections, use of end-of-life products, weak network security and low security awareness among employees.
Overall 100 percent of the biggest holiday retailers were found to have multiple issues with domain security, which increases the risk of hackers impersonating a retailer’s site and falsifying a checkout form to obtain a user’s credit card information. Over 90 percent have an SPF Record missing, which increases the risk of an email spoofing attack reaching consumers, and nearly 80 percent may not be using intrusion detection or prevention systems to monitor all traffic within the cardholder data environment.
Other findings are that in October 2016, 83 percent had unpatched vulnerabilities and 62percent of were using end-of-life products in the last month, which makes them more susceptible to a number of attacks or exploits. Also 43 percent of major retailers were infected with malware between April and June 2016.

“In my previous role as a Chief Information Security Officer with a large retailer, this time of year is always tough for security professionals. With more consumers, more transactional data, and more credit cards to steal, the holiday shopping season is an ideal time for a hacker to attack,” says Sam Kassoumeh, Co-Founder and COO of SecurityScorecard. “Our analysis indicates the even the most secure retailers could be susceptible to a breach. Additionally, previously installed and dormant malware could be activated during this time of year to capitalize on a larger score. If a hacker decides to take action while organizations scramble to keep up with an uptick in sales activity, attacks are more likely to be successful”.
You see more details of the findings in the full report which is available from the SecurityScorecard website.
Photo credit: mtkang / Shutterstock



‘Rich irony as Facebook blocks extension to highlight fake news

Share on Twitter
Share on Google+
Share on LinkedIn
Share on Reddit
Well, now, this is meta, said the creator of a fake-news labeling extension that Tech Crunch incorrectly identified as a new Facebook extension…
…and which Facebook promptly blocked.
“Yes, the irony is rich,” Tech Crunch’s Taylor Hatmaker said in an update.
Looks like I’m gonna have to add @TechCrunch to the B.S. Detector, cuz uh… no. That’s my extension. https://t.co/EgTqqjPDbn
— daniel sieradski (@selfagency) December 2, 2016
The extension is called BS Detector.
Its creator is Daniel Sieradski, an activist and independent journalist who threw it together in an hour as a proof of concept using dummy data, he said.
Sieradski’s stirred outrage by not vetting the news sources his extension was labelling as either fake news, satire, extreme political bias, conspiracy theory, rumor mill, news from outlets in repressive states, junk science or hate group.
BS Detector was designed to work with Twitter and Facebook, but users reported that it was breaking some sites and slowing down Facebook. As of Monday night, the developer had disabled functionality on all sites except Facebook, according to the Chrome Web Store listing.
Presumably, that note went up before Facebook blocked BS Detector, leaving it working nowhere.
It had been downloaded 27,558 times as of Monday night.
The reviews ranged from contemptuous:
Laura Isabella Noelle Modified 3 days ago
Snowflakes can’t be bothered to critically think for themselves so they need a nanny to keep them safe from “fake news” and “satire”. BS attempts to act as nanny, but who will mind the nanny? Install only if you need handholding and safe spaces to function in the adult world.
…to those from people who see value in such an extension but want more clarity into how a news source’s veracity or lack thereof is determined:
Mindy Tauberg Modified 1 day ago
I’m not having the performance issues earlier raters seem to have had. I tried browsing a variety of liberal and conservative news sites and it seemed generally to accurately identify the more biased sites, though I would probably add some to the list of flagged sites if it were me. I wish it were more clear how it’s determined which sites are reliable and which are not.
Here’s what Sieradski had to say on that subject in an interview with Motherboard’s Vice:
The list of domains has been compiled from various sources around the web. Right now, I and the community of open source contributors to this project are working through the list, classifying sites, removing sites that don’t belong and adding ones that do. Of course, while the process is open, this isn’t the best methodology and so at this time I am reaching out to media watchdog groups that have more concrete methodologies and research to back up their classifications in hopes that we can partner.
When asked if it was, in fact, blocking BS Detector, Facebook on Friday told the BBC that it was looking into the matter.
Sieradski isn’t the first to throw together a fake-news labelling extension in the wake of the furor that’s erupted  in the wake of the US election, with pressure mounting on companies including Google, Facebook and Twitter to do more to fight fake news.
Facebook CEO Mark Zuckerberg has stressed that this is complex stuff, technically and philosophically. Facebook doesn’t want to suppress people’s voices, so that means it errs on the side of letting people share what they want whenever possible. The more people share, the more the ad revenue flows, and it doesn’t matter to ad revenue what people share, be it divine inspiration or drivel.
Sophos Home
Free home computer security software for all the family
Learn More
But over at Princeton University, four college students recently showed the same thing that Sieradski has with BS Detector: that as far as the technical part of the equation goes, these extensions can be thrown together in a jiffy.
Ditto for what came out of a recent hackathon in London that was hosted by the Trust Project – an organization set up to re-establish trust in mainstream media – in partnership with the BBC.
These were the ideas and developments that came out of the event’s hacking teams, according to the BBC:
Mirror Group developed a tool that identifies whether an organization sticks to the Trust Project guidelines as well as information about the author of a news story.
La Stampa developed a tool that identifies the level of trust that the author enjoys by looking at how many similar stories they have written.

WashingtonPost/BuzzFeed developed a tool that scans articles to find links and sources and makes this information visible to readers.
BBC News Labs came up with a way to make the information that journalists collect as they are researching a story visible to readers.
The Guardian: A tool designed to get people out of their filter bubbles, by offering articles that give an opposing view alongside the articles users choose to read.
But just because developers can throw these extensions together in a flash doesn’t mean the extensions are going to get it right. As it is, hackles are going up with what some say is the unfounded labelling of sites:
Perhaps @craigtimberg can let us know when will see this secret report that smeared left sites like @truthout/@Truthdig as Russian fake news
— Adam H. Johnson (@adamjohnsonNYC) November 26, 2016
You have to wonder: with all these plugins plugging in, how long will it be before the sources of fake news come up with their own fake news plugin?
This could blossom into a war similar to that of the adblockers vs. the adblocker blockers. At this rate, we’re going to need a plugin to block the fake fake news plugins.




Watson has gone through school and ready for first internship. IBM today said its Watson cognitive computing system continues its path to become part of a full-fledged cybersecurity service by announcing 40 customers have begun beta testing the technology as an enterprise protection tool.
+More on Network World: IBM Watson/ XPrize open $5 million AI competition for world-changing applications+
Watson has recruited enterprises from auto, banking and insurance realms — including Sun Life Financial, University of Rochester Medical Center, SCANA Corporation, Sumitomo Mitsui Financial Group, California Polytechnic State University, University of New Brunswick, Avnet and Smarttech – to help research and develop new security applications that will use the systems natural language and machine learning techniques.
成都加快建设西部文创中心 做大文创产业
The idea behind the Watson for Cybersecurity project is to automate IT security duties like analyzing the tons of alerts generated daily by security operations. The ultimate goal would be to help automate responses to security problems but that notion is down the road for Watson for now.
+More on Network World: The most momentous tech events of the past 30 years+
更多在网络世界:IBM沃森\/ XPRIZE开万美元智能改变世界的应用竞争




Security vulnerabilities and the cloud redefining software asset management

Latest Software Pricing and Licencing survey from Flexera Software reveals only 29 per cent of enterprises monitor their systems for unauthorised or unlicensed software for security
Maidenhead, UK – Dec. 6, 2016When software is the lifeblood of every enterprise, CIOs must understand whether they are buying too much software, legally using the applications they have, and adequately securing them from exploit by malicious hackers. While Software Asset Management
(SAM) solutions are being widely adopted by enterprises to help, according to a new survey report
published by Flexera Software
, security risks and massive enterprise shifts to the cloud are transforming the definition of SAM and by extension, how SAM solutions must evolve to stay relevant.
“The definition of enterprise software has changed drastically – from an IT asset running on a local physical device – to an asset that is exposed to the risks inherent in the Internet, and is often virtualised or running remotely from a cloud, leveraging cloud infrastructures that carry their own costs and risks,” said R “Ray” Wang, Principal Analyst and Founder at Constellation Research
. “The old definitions of SAM are too limited and must expand to allow businesses to manage costs and risk in this new IT framework.”
The report reveals that enterprises are now largely running a mix of on-premises, virtualised and cloud based applications rendering obsolete, last-generation SAM technology incapable of managing cost and risk across complex desktop, datacenter and cloud environments. Specific survey findings from the report include:
Windows – Here Today
: Almost three quarters (73 percent) of enterprises say the vast majority of their desktop apps (80 percent or more) run on Microsoft Windows.
Gone Tomorrow?
That number will decline to 64 percent within the next two years.
A Virtual Reality
: 39 percent of organisations say a quarter or more of their apps have been virtualised.
Just Say SaaS
: 20 percent of organisations report that more than a quarter of their apps are SaaS-based.
Partly to Mostly Cloudy
47 percent of enterprises say they are running some of their apps in a public cloud.
84 percent report running some of their apps within private clouds.
Insecure Majority
: Only 29 percent of organisations continually monitor their systems to find unlicensed and unauthorised software for security purposes.
“In the old days SAM solutions specialised in optimising spend of desktop applications, but today software can run anywhere such as in the datacenter, on intelligent devices or on hybrid clouds. In addition, applications add to corporate risk such as when software vulnerabilities are exploited by hackers. This forces a rethinking of what Software Asset Management should encompass,” said Tom Canning, Flexera Software’s Vice President of Enterprise Solutions and Strategy. “SAM tools must evolve to provide automation to minimise enterprise cost and risk regardless of the environments in which software runs. SAM providers that have not kept up will be left behind and many are not keeping up.”
# # #
Access the report: Software Asset Management.Next
Learn more about Flexera Software’s solutions:
Software Monetization
Software License Optimization
Application Readiness
Software Vulnerability Management
Related Flexera Software

White Papers
Follow Flexera Software on…
About this Report
The 2016 Key trends in Software Pricing and Licensing survey was conducted by Flexera Software. This annual research project looks at software licensing, pricing and enforcement trends and best practices. The survey reaches out to executives at application producers (software vendors and intelligent device manufacturers) and enterprises who use and manage software and devices. Now in its tenth year, the survey is made available to the industry at large each year.
In total, 489 respondents participated in the survey, including 221 respondents to our enterprise survey and 268 respondents to our application producer survey. 33% of the enterprise respondents were from larger enterprises of $1 billion or more in revenues, and 18% were from companies with $3 billion in revenues or more. Among other places, 56% of respondents were from the United States, and the remainder from 37 countries across all continents.
About Flexera Software
Flexera Software helps application producers and enterprises increase application usage and the value they derive from their software. Our software licensing, compliance and installation solutions are essential to ensure continuous licensing compliance, optimized software investments and to future-proof businesses against the risks and costs of constantly changing technology. Over 80,000 customers turn to Flexera Software as a trusted and neutral source for the knowledge and expertise we have gained as the marketplace leader in licensing, installation and compliance for over 20 years and for the automation and intelligence designed into our products. For more information, please go to: www.flexerasoftware.com
For more information, contact:
Nicola Males/Vidushi Patel
© 2016 Flexera Software LLC. All other brand and product names mentioned herein may be the trademarks and registered trademarks of their respective owners.





1 学历 本科以上,自动化、电气、机电或相关专业毕业
2 工作年限 3年以上
3 精通掌握 安装电柜流程,独立完成电柜安装
4 熟悉西门子和三菱PLC安装调试和软件开发
5 会机械设计,熟练操作Pro/E,AutoCAD等软件
6 书写工整,身体健康
7 公司包餐饮
8 需要不定时出差
9 敢于创业者优先考虑





Share on Twitter
Share on Google+
Share on LinkedIn
Share on Reddit
A system administrator has been sentenced to two years in prison and fined $26,000 (£21,000) after crashing his former employer’s network so seriously the company was unable to operate for a week.
According to the charge sheet, within days of being fired by Harrisburg internet service provider Pa Online in June 2010, Dariusz J Prugar (now 32) used privileged credentials to access the network in order to retrieve software he believed he had written.
根据指控,在哈里斯堡的互联网服务提供商PA在六月发射的日子里riusz J Prugar(现)使用特权凭据来访问网络以检索软件,他相信他所写的。
To maintain covert access, he also planted backdoors and attempted to hide his tracks using scripts that deleted log files.
Unfortunately, doing this caused the company’s systems to crash, leaving several thousand of its residential and business customers without internet or email access.
When the company phoned him up for help, Prugar tried to negotiate his rights to the software in return for co-operation. By now suspicious, the company called in the FBI to investigate, at which point his activity was uncovered.
Sophos Home
Free home computer security software for all the family
Learn More
It’s still not clear how much damage Prugar meant to cause but the end result was a week’s downtime spent rebuilding the network from scratch to avoid future compromise and a lot of unhappy customers. The case took years to come to court and the ISP is no longer in business.

It’s the sort of incident that will send a chill through IT departments. Incidents where lone admins turn on employers often feature the same patterns.
这是事件的排序,将通过IT部门发凉。 事件的地方孤独的管理员打开雇主往往采用相同的模式。
The unsurprising one is that the they turn on employers in the days after being fired. An obvious point perhaps but companies seem unaware that this period represents peak danger.
The second is that they are typically individuals who have been afforded too much power in the first place, or were able to acquire it without anyone noticing.
These days, the industry standard is to operate some kind of privilege management layer that allows admin access to important systems in a temporary, logged way. Privileged access should never be invisible.
This should ideally be backed up by an authentication system (such as a hardware or software token), which is easier to track and revoke. Remote access through a management port secured with a password alone is asking for trouble.
Tales of the admin running amok seem to be getting less common, or at least less publicised.


业内首届ISO 55001资产管理体系主任审核员培训班在京举办







深圳思天下科技有限公司招聘急聘理工类电子商务实习生月薪4K 中介勿扰待遇5k-6.5k


注:签订正式劳动合同、专科应届毕业生起薪4000元、本科生应届毕业生起薪4500元 ,第二年起薪高于6000元/月,平均年薪6-10万元甚至更高。 






适合请投简历 或 联系客服人员 焦经理  18165701383
7、入职后签订劳动就业合同,五险一金+ 双休法定假日,有良好的晋升空间
上班时间 9点-18点 双休
适合请投简历 或 联系客服人员 焦经理13040877708