OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com
Report: Top Endpoint Security Packages Perfectly Foil Drive-By Attacks
May 5, 2015
Drive-by attacks on the Internet are a particularly pernicious form of online threat, especially for individual Web surfers. On the corporate level, though, a company with good endpoint protection software can foil the malicious practice. A drive-by occurs when an infected website automatically downloads malware onto a Net traveler's computer. Endpoint solutions can thwart those kinds of attacks.
Our Bodies, Our Security: Biometrics vs. Passwords
May 4, 2015
Text-based usernames and password pairs should be replaced with biometric credentialing, such as vein recognition and ingestible security tokens, suggests Johnathan LeBlanc, PayPal's global head of developer evangelism. Celebrities have been mortified, Sony Pictures Entertainment brought to its knees, and Home Depot sent scrambling to EuroPay Mastercard Visa's chip and pin earlier than mandated.
Steer Clear of iOS 8's Infinite Loop
May 1, 2015
A flaw in iOS 8 allows hackers essentially to crash apps that perform SSL communications whenever they like. Skycure reported the bug at the RSA security conference held last week, advising owners of iOS devices to upgrade to iOS 8.3. Apple this week confirmed that iOS 8.3 addresses the vulnerability. An attack would involve specially crafting an SSL certificate to regenerate a bug.
Apple Watch Could Be a Password Alternative
April 30, 2015
With password tolerance levels at an all time low, alternatives to the pesky and insecure authenticators are beginning to abound. One of those alternatives could be the Apple Watch. Even before Apple's latest gadget began shipping last week, MicroStrategy announced it was extending its Usher enterprise security solution to the Apple Watch. Usher on the Apple Watch allows it to act as a digital key.
House Passes Cybersecurity Bills Despite Privacy Fears
April 24, 2015
Two cybersecurity bills approved this week by the U.S. House of Representatives pose a threat to citizens' privacy, according to opponents of the measures. Both bills aim to improve sharing of cybersecurity information between businesses and government agencies. "'Information sharing' is a misnomer," said Gabriel Rottman, legislative counsel for the American Civil Liberties Union.
Government Surveillance: What to Do, What to Do?
April 21, 2015
The CIA has been trying to hack into iOS for years. British and American agencies reportedly have collaborated to create a map of the Internet and Web users. The United States National Security Agency has, together with the UK's GCHQ, reportedly stolen SIM card encryption keys from Gemalto. The FBI is frothing at the mouth over Google's and Apple's encryption of their mobile OSes.
Opening Windows Source Code Could Improve Security
April 16, 2015
Microsoft Technical Fellow Mark Russinovich raised a few eyebrows at ChefCon earlier this month, when he aired the possibility of Windows becoming an open source program. Sure, Microsoft's attitude toward the open source movement has mellowed over the years, but the prospect of the company rubbing elbows with the likes of Linux overloads the imagination.
Heartbleed Threat Won't Fade Away
April 9, 2015
This week marks the first anniversary of the Heartbleed vulnerability that caused a panic across the Internet last year. While the flaw appears to have faded from the recollections of Net denizens, it still poses danger at many sites in cyberspace. Heartbleed was discovered in April 2014 in an open source library, OpenSSL, used by the SSL protocol.
FTC Upgrades IT to Protect Consumer Privacy, Data Security
April 8, 2015
The FTC, which is at the forefront of regulating the impact of information technology on consumers, is bolstering its technical resource capabilities through a new Office of Technology Research and Investigation. The FTC is concerned about the failure of commercial entities to make adequate disclosures or to properly address data breaches and privacy issues.
The Futility of the Strong Password Solution
March 31, 2015
After experiencing a data breach, most companies take a number of measures to strengthen security, including advising users to change their passwords and to make them strong. Although it stopped short of confirming anything, Amazon-owned Twitch last week notified users that its network might have been hacked and that some user account information might have been exposed.
Compliance Mindset Can Lead to Epic Security Fail
March 30, 2015
The recent data breach at Premera Blue Cross -- in which the personal information of some 11 million customers was compromised -- raises questions about how effective government regulators are at ensuring that healthcare providers adequately protect their patients' data. There have been abundant warnings that compliance with government regulations alone would not be adequate.
Optimizing the Brick-and-Mortar Customer Experience
March 27, 2015
The retail industry has finally awakened to what customers always have known -- they don't distinguish too much between channels. Modern shoppers are happy to embrace the immediacy and experience of the physical store while also benefiting from the informed and personalized ease of shopping online. Retailers should translate the smartest online strategies into their in-store experience.
Amazon Fires 1st Shot in Storage Price War
March 27, 2015
Amazon on Thursday announced two new plans for unlimited storage in its Cloud Drive service. The Unlimited Photos plan includes 5 GB of additional storage for videos or other documents and files. It costs $11.99 per year. The Unlimited Everything option provides limitless cloud storage of photos, videos, movies, music and files for $59.99 per year. Both plans come with a free three-month trial.
CAPTCHAs May Do More Harm Than Good
March 26, 2015
If an annoyance contest were held between passwords and CAPTCHAs, passwords would probably win, but not by much. CAPTCHA -- Completely Automated Public Turing Test To Tell Computers and Humans Apart -- was created to foil bots attempting to mass-create accounts at websites. Once created, those accounts could be exploited by online lowlifes for malicious ends, such as spewing spam.
How Secure Is the Apple Watch?
March 19, 2015
Apple typically has impeccable timing for its new product introductions, but that may not be the case with its new smartwatch. In a gala event last week, the company announced model and pricing details -- but that came just six days after questions were raised about the security of Apple Pay. Those questions haven't gone away, and now they're also being asked about the Apple Watch.
Windows Hello Waves Off Passwords
March 18, 2015
Microsoft on Tuesday announced Windows Hello, a feature that allows users to access computers and devices running Windows 10 via face recognition, iris identification or fingerprint matching. In addition, the company raised the curtain on Microsoft Passport, a programming system that IT managers, software developers and website authors can use for signing in to websites and applications.
Talking Barbie Says Hello, Parents Say Goodbye
March 18, 2015
It's not so much Hello Barbie's talking -- it's her listening that has parents up in arms. Here's how Hello Barbie works: A kid presses on the doll's belt buckle and speaks into a microphone in the doll's necklace. An AI system processes and analyzes that speech in the cloud. Responses are then streamed back to the doll, who replies to the kid -- all over a secure WiFi connection to the Internet.
No Need to Waste Brain Space on Yahoo Passwords
March 16, 2015
The way to permanently cure someone's headache is to cut off their head, and that appears to be the principle Yahoo has adopted with a new security policy announced Sunday. Users of Yahoo Mail no longer have to rack their brains to remember passwords, said Chris Stoner, director of product management. Instead, they can opt for on-demand passwords after signing in to their Yahoo.com account.
Apple's Researchkit Could Be Gold Mine for Hackers
March 13, 2015
Apple earlier this week announced ResearchKit, an open source framework that will let medical and health researchers gather data through iPhone apps. ResearchKit will be released in April. Apps to monitor asthma patients and for studies on breast cancer survivors, cardiovascular health and Parkinson's Disease, already have been developed using ResearchKit.
The CIA Has Been Hacking iOS for Years: Report
March 12, 2015
The CIA for years has been working to break iOS security, according to a report published Tuesday. The allegations are based on documents provided by NSA whistle-blower Edward Snowden. Researchers working with the CIA have presented their tactics and achievements at Trusted Computing Base Jamborees, secret annual gatherings that have been going on for nearly a decade.
Mobile Wallets as Credit Card Killers
March 9, 2015
Years have spent trying to oust the credit card as the ultimate payment method. Publications and pundits have been quick to hail new technologies as "credit card-killers," and they're not without justification. The credit card has lost whatever futuristic luster it may have once had. Magnetic stripes wear out, plastic snaps in half, and the incessant manual inputting of 16-digit numbers becomes tiresome.
Windows Caught in Path of FREAK Security Storm
March 6, 2015
Microsoft on Thursday issued a security advisory acknowledging a vulnerability in all versions of Windows that could allow FREAK exploits. Windows systems previously were thought to be immune to FREAK attacks. "The vulnerability could allow an attacker to force the downgrading of the cipher suites used in an SSL/TLS connection on a Windows client system," the advisory reads.
Bracing for the Cyberthreat Deluge
March 6, 2015
Almost 17,000 malware alerts surface every week, the Ponemon Institute recently found. Only 4 percent of alerts were investigated, and traditional antivirus products missed nearly 70 percent of malware in the first hour, researchers discovered in a recent Damballa study. Rescanning led to identification of 66 percent of the malware in 24 hours and 72 percent after seven days.
Apple Pay Cybercrime Burns Banks
March 4, 2015
Identity thieves are using Apple Pay to defraud banks of what could amount to millions of dollars. Due to weak authentication procedures at the institutions issuing the cards, fraudsters are able to use stolen cards to make purchases through Apple Pay. Before cards can be added to Apple Pay, they must be approved by the card issuer. Criminals are finding that process easy to game.

See More Articles in Consumer Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Are tablets over?
No - Mine is a prized possession.
No - Heavy laptops are over.
No - I don't have one yet, but I want one.
Maybe - They're good for kids, though.
Yes - Large smartphones make them redundant.
Yes - I won't replace mine.
Yes - Don't have one, don't want one.
Tech News Alerts from ECT News Network