BlackBerry launches free tool for reverse engineering to fight cybersecurity attacks

blackberry-launches-free-tool-for-reverse-engineering-to-fight-cybersecurity-attacks

One of the first announcements at BlackHat USA 2020 is an open-source tool to fight malware that BlackBerry first used internally and is now making available to everyone.

Image: iStockphoto/solarseven

At BlackHat USA 2020, BlackBerry announced on Monday that its open-source internal tool PE Tree is now available for all security professionals to use for reverse engineering malware. 

This tool allows reverse engineers to view Portable Executable (PE) files in a tree view using pefile and PyQt5. This makes it easier to dump and reconstruct malware from memory while providing an open-source PE viewer code-base. The tool integrates with Hex-Rays’ IDA Pro decompiler to allow for easy navigation of PE structures, as well as dumping in-memory PE files and performing import reconstruction. 

SEE: SSL Certificate Best Practices Policy (TechRepublic Premium)

PE Tree was developed in Python and supports the Windows, Linux, and Mac operating systems. It can be installed and run as a standalone application or an IDAPython plugin, allowing users to examine any executable Windows file and see what its composition is. 

Eric Milam, vice president of research operations for BlackBerry, said in a press release, “As cybercriminals up their game, the cybersecurity community needs new tools in their arsenal to defend and protect organizations and people. We’ve created this solution to help the cybersecurity community in this fight, where there are now more than one billion pieces of malware with that number continuing to grow by upwards of 100 million pieces each year.”

Reverse engineers use several tools to deconstruct malware, including disassemblers, debuggers, PE viewers, and network analyzers.  

Later this week at  Black Hat USA 2020, Kevin Livelli, BlackBerry’s director of threat intelligence, will be presenting on Decade of the RATs on August 5 at 11-11: 40 am PT. BlackBerry will also be presenting a sponsored webinar about its partnership with Intel to stop cryptojacking malware, and this session will drill down into BlackBerry Optics AI-based EDR technology for Linux.

Cybersecurity Insider Newsletter

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered Tuesdays and Thursdays



Sign up today

Also see

Red Hat launches online option for 4 certifications

red-hat-launches-online-option-for-4-certifications

A remote proctor will monitor exams for system admins, engineers, and OpenShift administrators and developers.

Image: Red Hat

Linux professionals can now take four Red Hat certification exams from home instead of traveling to a designated test site. A remote proctor observes the testing, and the remote exams are delivered using a live environment running on candidates’ X86_64, Fedora-compatible systems and cloud-based environments. All four exams count on the certification path to achieving the company’s top certification level, Red Hat Certified Architect.

SEE: Top 5 programming languages for systems admins to learn (free PDF) (TechRepublic)

 The four new remote exams are:

  • Red Hat Certified System Administrator (RHCSA) exam: This exam tests knowledge in areas of system administration common across a range of environments and deployment scenarios. The skills tested in this exam are the foundation for system administration and cover all Red Hat products. 
  • Red Hat Certified Engineer (RHCE) exam: This exam tests knowledge and skills in managing multiple systems using Red Hat Ansible Engine and executing common system administration tasks across a number of systems with Ansible. Ansible is the automation framework used by multiple Red Hat products, so Red Hat Certified Engineers have a head start on automating other products beyond Red Hat Enterprise Linux.
  • Red Hat Certified Specialist in OpenShift Administration exam:
    Containers

    and
    Kubernetes

    are emerging as the dominant deployment paradigms in today’s enterprise IT organizations. This exam tests the knowledge, skills, and ability to create, configure, and manage a cloud application platform using Red Hat OpenShift Container Platform. 

  • Red Hat Certified Specialist in OpenShift Application Development exam: This exam tests the ability to deploy existing applications in a Red Hat OpenShift Container Platform environment. 

Ken Goetz, vice president, training and certification, Red Hat, said this shift was prompted by the
coronavirus

pandemic but will help everyone interested in certifications as well. 

“Our ability to provide remote exams will not only address current challenges, but will also open up opportunities to reach more IT professionals who may not have been able to take an in-person exam in the past,” Goetz said in a press release.

Red Hat offers a learning subscription with three tiers that include early access to technology that hasn’t been released to the public yet, training units, cloud-based labs, and testing.

The 2018 Open Source Jobs Report from the Linux Foundation and Dice found that hiring open source talent is a priority for 83% of hiring managers, an increase from 76% in 2017.

The report also found that 57% of hiring managers are looking for IT professionals who have containers expertise, up from only 27% last year.

Open Source Weekly Newsletter

You don’t want to miss our tips, tutorials, and commentary on the Linux OS and open source applications.
Delivered Tuesdays



Sign up today

Gap launches B2B face mask program using Salesforce Commerce Cloud

gap-launches-b2b-face-mask-program-using-salesforce-commerce-cloud

The company also partnered with Capgemini to create a custom website for the initiative in less than five weeks in response to the pandemic.

Image: Gap

Gap announced earlier this month the creation of its new B2B product program powered by Salesforce Commerce Cloud. In partnership with Capgemini, Gap created a website in less than five weeks that offers large organizations high-quality reusable, non-medical grade cloth face masks to help employees returning to the office. 

SEE: Return to work: What the new normal will look like post-pandemic (free PDF) (TechRepublic)

“It started in the context really with the onset of the pandemic back in March. Gap Inc. responded to the call initially by sourcing millions of nonmedical grade masks and other personal protective equipment (PPE) to the healthcare community,” said John Strain, chief digital and technology officer at Gap Inc.  

“Shortly thereafter, the company’s family brands saw the opportunity and responded to demand from consumers that they were looking really just for their everyday personal use,” Strain said. “So our brands quickly created a bunch of designs and prototypes and got them into production, with our first mask going on sale for customers within a matter of weeks.”

However, this initiative was furthered when the company realized the demand on the enterprise-side. 

“As a result of the success of the consumer masks, we quickly started hearing from companies who wanted to be able to supply their employees with masks as they began to hopefully safely welcome them back to work,” Strain said. 

“We leveraged our deep supply chain relationships and agile operations, and quickly came up with a solution that provides companies in both private and public sectors with high-quality, reusable, nonmedical grade cloth face masks,” Strain added.

To date, the B2B product program has sold about 10 million face masks to employers including the City of New York, State of California, and Kaiser Permanente. This execution wouldn’t have been possible, however, without the help of Salesforce Commerce Cloud and Capgemini, Strain noted.

How Salesforce Commerce Cloud and Capgemini helped

“Salesforce Commerce Cloud has a B2B offering that is ideally suited to be able to help provide companies that are going to the B2B space—a set of templates, a starting framework against which they can quickly get to live,” Strain said.

“I saw Rich Lyons of the Lyons Group as part of Capgemini solution they presented last year at a conference that I was at. And he talked a lot about how the speed to market was so critical and how they really worked on a quick-start solution in partnership with Salesforce. So it was natural for us to reach out,” he said.

Since Gap has had a long-standing partnership with Salesforce, the transaction was pretty simple, Strain said.

“Salesforce as an eCommerce engine is one of the premier providers in the space, and it’s everything from being able to pull together just the product catalog so that you can enable people to browse, to captur[ing] the product information, to present[ing] that in a way that makes logical sense, then to really consummate the transaction,” Strain said. 

“In our initial deployment, we’re actually setting it up so that we can create the price list and be able to do quoting and generate a purchase order in a really seamless way,” Strain said. “It gives us an opportunity to build a relationship on an ongoing basis to enable companies to come back and reorder in a clean, easy way.”

One of the biggest challenges for Gap was the speed in which they needed to create the program.

“You want to be able to get out there while there’s still a demand. We wanted to be able to get to market in the way that we could help our partners safely welcome back their employees to work. Speed-to-market was absolutely critical, and making sure you do it with quality when you’re moving that quickly was part of the challenge,” Strain said. 

“This is where it’s nice to work with professionals–the internal teams, but also Capgemini and Salesforce are really total pros,” he added.

“The site currently helps us manage purchase orders, deliver information about the program, and engage with other business tech partners,” Strain said. “We’re excited to bring the workforce back in a safe manner and love being able to supply our face masks to consumers, our store employees, our headquarters employees, and now other employers for everyday use.”

For more, check out The top face masks business pros can buy online on TechRepublic.

Tech News You Can Use Newsletter

We deliver the top business tech news stories about the companies, the people, and the products revolutionizing the planet.
Delivered Daily



Sign up today

Also see 

Zoom launches Hardware as a Service with multiple vendor options

zoom-launches-hardware-as-a-service-with-multiple-vendor-options

The program boosts communication by allowing companies and consumers to use Zoom Rooms- and Zoom Phone-equipped hardware at scale.

Image: Zoom

Zoom Video Communications announced the launch of its first ever Zoom Hardware as a Service (HaaS) in the US on Tuesday. Zoom HaaS provides technology equipped with Zoom Rooms and Zoom Phone, making the products more accessible and scalable, which is especially critical during the evolving enterprise landscape.

SEE: IT hardware procurement policy (TechRepublic Premium)

“Hardware as a Service is even more important in our current situation, with people in a lot of states in a hybrid environment,” said Jeff Smith, head of Zoom Rooms. 

“Some [professionals] are heading back to the office, but a lot of people are still remote… Video conferencing becomes more and more important,” Smith said. “And in this environment, it was very difficult to plan for, so Hardware as a Service becomes a way for companies to access video conferencing equipment without the need for the upfront cost and planning ahead.”

Video conferencing platforms have exploded in usage amid the coronavirus pandemic, with professionals and consumers turning to tech as a way to both conduct business and stay connected. 

Zoom, in particular, witnessed significant growth, with the highest growth rate of 552% between February and April 2020, Aternity found. This latest announcement allows for even easier and more cost-effective access to the platform. 

“This was breaking new ground on a lot of fronts for Zoom. We have evolved for years and years in the hardware ecosystem with conference room equipment, as well as phones, but this was definitely a step forward for us,” Smith said. “The ecosystem can be complex to navigate. Here’s a real streamline way that they can both procure equipment and understand what they should get.”

Major features of Zoom HaaS

The whole concept of “as a service” tech has grown in recent years. As a service programs allow companies or individuals to pay for the product as they go. With Zoom HaaS, for example, customers are able to Zoom video or phone calls with various hardware options at a fixed monthly price. 

“Our program is a multi-vendor program, so we have high quality equipment from DTen, Neat, Poly, as well as Yealink,” Smith said. “Competitive programs tend to be limited. What we’ve tried to do is give the customers choice.

The program promises low upfront costs, predictable budgets, scalable end-to-end device management via the Zoom Admin Portal, streamlined procurement through a single invoice, and simple tech upgrades. 

Customers are able to refresh their equipment as frequently as every three years, keeping both rooms and phones up to date with the latest tech. 

Zoom Video equips users with video conferencing hardware that allows professionals in conference rooms to easily video call with partners or clients on any device. With Zoom Phone, users receive the same device flexibility and frictionless transfers between desk phones to smartphones to computers. 

All hardware options are fully supported by Zoom, covering any initial troubleshooting, refreshes, and Return Merchandise Authorization (RMA) associated with its devices, Smith said. 

“When a customer purchases equipment or when they call support, they’re not going to get handed off to different places. During the process, they’ll see the tracking of the shipment in their Zoom portal,” Smith said. “They don’t deal with logistics companies. They don’t deal with the manufacturer. They just deal with us, and we take all the complexity out of it.”

Through Zoom’s hardware partners, Zoom Phone and Zoom Room subscribers can choose from eight and seven different devices, respectively. 

The technology is helpful for customers across industries and locations, whether working for a big company in offices, or a smaller team from home, or a hybrid, Smith noted.

“It is very broadly applicable, but some verticals that come to mind are healthcare and education. [We’re] talk[ing] to a lot of higher-ed universities that are looking to enable their classroom for students for the fall school year,” Smith said. 

For instructors attempting to teach from home, for example, the video bar is a great hardware option because it can be used right in the instructor’s living room, turning the home into a classroom, Smith added. 

“We also talked with a number of hospitals that are trying to deal with quarantine-type use cases,” Smith said. “A touch screen, kiosk-style deployment, where I can have a triage station outside of the lobby so that people don’t have to come in and mill around in close proximity. These are fantastic cases that have come up and ways that technology can help in the current situation.” 

Zoom’s HaaS program has been available for customers since July 1, 2020, Smith said, but the company made the formal announcement to the public on Tuesday. 

For more, check out How to use Zoom’s advanced sharing options to share more than just your screen on TechRepublic.

Tech News You Can Use Newsletter

We deliver the top business tech news stories about the companies, the people, and the products revolutionizing the planet.
Delivered Daily



Sign up today

Also see 

Ericsson launches standalone 5G on existing hardware with a single software update

ericsson-launches-standalone-5g-on-existing-hardware-with-a-single-software-update

All Ericsson radio system equipment deployed since 2015 is capable of transitioning to standalone 5G New Radio starting now.

5G Telecommunication tower antenna in morning sky Evening sky

Image: sarayut, iStockphoto

Networking Hardware manufacturer Ericsson has released a software update that will allow existing Ericsson hardware manufactured since 2015 to transition to standalone 5G New Radio (NR). 

SEE: Hiring Kit: 5G Wireless System Engineer (TechRepublic Premium)

Most current 5G deployments have been hampered by the need to use 4G LTE as an under layer (non-standalone, or NSA 5G). Standalone 5G, on the other hand, eliminates the need for an LTE backbone and should increase speeds and 5G reach as a result.

“This will allow service providers to add 5G NR to existing 4G sites with a simpler architecture, or deploy 5G independently in new areas such as factories, to support enterprise applications and services,” Ericsson said in a press release

The software update for existing Ericsson devices is designed to improve low-latency networking applications, like AR and VR, autonomous vehicles, and smart factories. “With a super-fast response time, a standalone 5G NR device can connect six times faster to a standalone 5G network than a device operating in NSA mode,” Ericsson said.

Ericsson’s highlighting of business applications of standalone 5G isn’t accidental: This software update allows existing Ericsson hardware to operate on two out of three bands of 5G, low and medium, but doesn’t include high band.

5G’s three bands are designed for different applications, and as such deliver varying speeds and coverage radii. According to networking industry organization GSMA, the three 5G bands all have important, but differing, roles to play:

  • Low-band 5G have wide area coverage, enabling edge computing and Internet of Things (IoT) systems in rural environments or in large cities. The trade-off for low-band 5G is that it’s not nearly as fast.

  • Mid-band 5G encompasses most current or planned 5G networks, and operates in a happy medium of speed and range. Speeds of mid-band 5G networks can vary between 100 and 400 Mbit/s.

  • High-band 5G, also known as mmWave, typically only has around a 1,500-foot range. The trade off for the shorter coverage radius is super fast speeds, with current mmWave systems able to reach up to 1.8GB/s.

High-band 5G will likely be more useful as a last-mile service or in urban 5G cellular deployments where radios can be close to each other to prevent drops in signal strength. Ericsson’s new update, on the other hand, makes its existing hardware perfect for getting edge computing and highly reliable 5G networks off the ground in suburban and rural locations.

SEE: 5G smartphones: A cheat sheet (free PDF) (TechRepublic)

“We are taking the next step in the evolution of 5G by making generally available the software to support standalone 5G NR networks. These standalone capabilities will enable even more use cases and applications,” said Ericsson’s head of product area networks Per Narvinger.

Cellular providers T-Mobile and Telstra have both deployed Ericsson’s standalone 5G NR on their networks, and Ericsson ecosystem partners Qualcomm and MediaTek have already been through interoperability projects that will allow them to start releasing standalone 5G products later in 2020.

Smart Cities and IoT Newsletter

Stay informed about smart cities tech, which includes innovations in IoT, 5G, security, data analytics, mobile apps, and more.
Thursdays



Sign up today

Also see

Non-profit launches new programs to increase diversity in cybersecurity industry

non-profit-launches-new-programs-to-increase-diversity-in-cybersecurity-industry

Cybersecurity group pivots from speaking engagements and scholarships to analyzing skill gaps and connecting candidates with employers.

The International Consortium of Minority Cybersecurity Professionals is helping women and Black people get more training and speaking engagements to bring more diversity to cybersecurity.

Image: Julief514/Getty Images/iStockphoto

Larry Whiteside Jr. wants to solve the talent shortage in cybersecurity and open up economic opportunities to women, Black people, and Latinx people. Whiteside was introduced to cybersecurity as an officer in the US Air Force and has held security roles with Lynx Technology Partners, LCRA, and Greenway Health. As the latest president of the International Consortium of Minority Cybersecurity Professionals, he has a new list of priorities for the non-profit.

When he co-founded the organization in 2014, the focus was holding events and giving scholarships. After several years of listening to the cybersecurity industry talk about diversity but make little progress, he realized it was time for a new agenda.

“From my perspective we’re not moving the needle fast enough, and our mission in its most basic form is butts in seats: More minorities and women in cybersecurity,” Whiteside said. “We also don’t want to forget about people already in the field and help them get to senior levels.”

SEE: Zero trust security: A cheat sheet (free PDF) (TechRepublic)

Whiteside also sees ICMCP as a mechanism to close the wealth gap between white people and Black people which has not changed for more than 50 years.

“What we’re doing is going to help make the field better and change the narrative related to the socio-economic injustices going on and the economic gap,” he said. “In cybersecurity, you make really good money and  have a comfortable life.”

According to a June 2020 article in The Washington Post, you would have to combine the net worth of 11.5 Black households to get the net worth of a typical white U.S. household. As of 2016, the median household wealth for a white family was $149,703 and for a Black family it was $13,024.

Whiteside is developing three programs to bring more diversity to the cybersecurity industry and  to start closing that wealth gap.

Gap assessment and training

The first project is an assessment tool for students and professionals to identify skill gaps and get the appropriate training to level up.

“We have a tool that aligns to the NICE Cybersecurity workforce framework from NIST so people will be able to pick a role and do a skills assessment to see if they need training for a particular job,” he said.

ICMCP is working with training organizations to offer discounted courses for a range of technical skills. Some classes will be free, depending on the topic, and ICMCP is developing two pricing models, one for professionals working in the field and one for students.

“We’ll also have webinars about soft skills such as how to speak and how to write and other things that you need in the security field,” he said.

Creating a speaker’s bureau

Instead of hosting an annual conference to highlight ICMCP members, Whiteside wants to switch the focus to getting members on stage at other conferences looking for diverse talent.

“We’re going to compile a list of minorities and women who can speak on cybersecurity,” he said. “We want events to pick somebody based on their credentials and expertise.”

The ICMCP site will have a speakers bureau to help members win speaking engagements. Members also can submit posts to the ICMCP blog to highlight their expertise.

Building local chapters

The final element of the new strategy is local chapters. ICMCP now has chapters in New York, Columbus, Chicago, Atlanta, and the Bay Area. Whiteside plans to expand to six more cities this year and to build relationships with high schools and universities. The goal is to make ICMCP the best source for cybersecurity professionals for companies looking to hire women and people of color.

“We want to build the pipeline for companies and universities and groom candidates for positions that will exist locally,” he said.

Whiteside is recruiting corporate sponsors to support this networking and offering co-branding on ICMCP webinars and access to the non-profit’s job board.

“We are helping companies understand how to support the mission of what we’re doing as we’re building these new programs,” he said.

Cybersecurity Insider Newsletter

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered Tuesdays and Thursdays



Sign up today

Also see

Puppet launches public beta of Relay tool to automate DevOps tasks

puppet-launches-public-beta-of-relay-tool-to-automate-devops-tasks

Relay promises to automate key processes from a range of cloud-based apps and services, including GitHub, Datadog, Jira, Terraform, and Slack.

Devops for software continuous operations and development or programming concept, multi color arrows pointing to the word Devops at the center of black cement chalkboard wall

Image: Getty Images/iStockphoto

DevOps engineers often struggle to manage and complete all the tasks that come their way, especially as organizations transition more to cloud-based applications. Faced with an overflow of disparate tools and technologies, engineers have to either manually try to accomplish each task or build their own tools to juggle all the work. Another option worth trying is Relay, a tool from Puppet that aims to automate the workflow thrown at developers, DevOps engineers, and site reliability engineers (SREs).

SEE: Implementing DevOps: A guide for IT pros (free PDF) (TechRepublic) 

Now available as a public beta, Relay is able to connect to dozens of cloud-based platforms, tools, and APIs already used by DevOps engineers and developers, according to Puppet. Some of the supported services include PagerDuty, GitHub, Datadog, Jira, Terraform, and Slack. By listening to certain triggers from these tools and platforms, Relay can automatically handle a variety of different tasks.

“Without a way to manage and automate the flood of events and hundreds of APIs developers use, time, money, and mental capital are being thrown away,” Puppet CTO Deepak Giridharagopal said in a press release. “Many engineers try to create their own one-off automation tools or integration hubs, but this is inefficient and risky. Relay replaces this home-grown digital duct tape with reusable, proven, automated workflows. It’s like IFTTT (If This, Then That), but for DevOps.”

As some examples, a Relay workflow could listen for alerts from PagerDuty, query metrics from DataDog, reconfigure infrastructure with Terraform, and send a notification via Slack. Relay can manage tasks across a range of specialities, according to Puppet, including the following:

  • Security. Enforce security controls across your infrastructure, such as ensuring that cloud storage buckets are secured, volumes are encrypted, or that unused SSH keys are removed from an account.
  • Cost optimization. Proactively delete underutilized cloud resources across AWS, Azure, and GCP such as unattached volumes, unused load balancers, and untagged instances.
  • Incident response. When a new incident occurs, Relay extends PagerDuty or VictorOps by automatically remediating known issues or running diagnostic actions with Bolt.
  • Continuous delivery. You can connect Relay to Docker Hub or GitHub to automatically provision cloud infrastructure with Terraform or Pulumi and deploy the latest versions of your microservices to Kubernetes, Google Cloud Run, AWS Lambda, and other platforms.
  • Operations. Delete old snapshots, alert on quota usage, and report on resource utilization.

You can populate Relay with your own workflows or use any of the built-in examples. For more information on the Relay beta, check out Puppet’s blog post. To try Relay, sign up at the beta site, and you can start using the tool immediately.

http://www.techrepublic.com/

Developer Essentials Newsletter

From the hottest programming languages to the jobs with the highest salaries, get the developer news and tips you need to know.
Weekly



Sign up today

Also see