Welcome Guest | Sign In
LinuxInsider.com
Failure to Communicate Hamstrings Cyberdefenders
July 23, 2014
A failure to communicate between security pros and company brass may be contributing to the inability of a significant number of organizations to reduce the risk of cyberattacks on their systems. Thirty-one percent of the nearly 5,000 respondents surveyed for a recent study said their cybersecurity team never met with the executive team about cybersecurity.
iOS Insecurity - Designed by Apple?
July 22, 2014
The long-held belief that Android is the least secure of mobile OSes was shattered by security researcher and expert iOS hacker Jonathan Zdziarski over the weekend. Zdziarski unveiled a host of iOS vulnerabilities, the scope of which was staggering. They include undocumented services that bypass backup encryption and can be accessed both via USB and wirelessly.
Gameover Zombies on the March Again
July 17, 2014
The Gameover botnet is back, more or less, only six weeks or so after the Justice Department announced that an FBI-led multinational effort had disrupted it. Still, the botnet's downtime was longer than expected -- the UK's National Crime Agency had warned that the people running it would regain control within two weeks. Sophos this week spotted a new version of the malware.
Google's Project Zero Cybersecurity Watch: No Excuses
July 15, 2014
Google on Tuesday announced Project Zero, an effort to speed up the security bug-fixing process. A team of cybersecurity experts will go after vulnerabilities in any and all software, notify the vendors, and then file bug reports in a public database so users can track the issuance of patches. The Project Zero team has promised to send bug reports to vendors in as close to real-time as possible.
Your Abandoned Smartphone May Betray You
July 09, 2014
Doing a factory reset to wipe the data off smartphones does not work, and the data can be recovered, warned Avast. The company recovered tons of data, including more than 40,000 stored photographs, from 20 used Android phones purchased from eBay. Device owners need to overwrite their files to make them irretrievable, Avast said, touting one of the applications it offers.
Report: Malware Poisons One-Third of World's Computers
July 09, 2014
Nearly one-third of the world's computers could be infected with malware, suggests a report released last week by the Anti-Phishing Working Group. Malicious apps invaded 32.77 percent of the world's computers, a more than 4 percent jump from the previous quarter's 28.39 percent, it estimates. The increase in infected computers has come hand-in-hand with a jump in the appearance of malware samples.
Google Aims to Defrag Android Universe
July 01, 2014
As any Android user knows, the version you're using can vary widely because it depends on parties other than Google. That's why nearly two-thirds of users are running a version of Android introduced in 2012 or earlier. With Android making the leap to wearables and the Internet of Things, however, Google is aiming to make that kind of fragmentation a thing of the past.
Card Fraud Hits 1 in 4 Consumers Worldwide: Report
June 25, 2014
As many as a quarter of the world's consumers were victimized by card fraud in the past five years, and financial institutions are losing customers as a result, suggests a new study. ACI Worldwide and the Aite Group, which jointly surveyed more than 6,100 customers in 20 countries, found that 23 percent of consumers hit by card fraud changed financial institutions because they were dissatisfied.
To Pay or Not to Pay - That's the Ransomware Question
June 24, 2014
Ransomware is a growing problem for consumers and businesses alike. In Symantec's most recent quarterly security report, the company's researchers found all targeted attacks -- including ransomware -- grew 91 percent year-over-year. That's raising a big question for those targeted by cyberextortionists: Should the ransom be paid? Security experts generally say no, but some insert a caveat or two.
Researchers Find Android Security on Par With iOS
June 18, 2014
The open source mobile operating system Android long has been considered by security experts to be the mobile OS most vulnerable to security threats, but iOS is just as vulnerable. However, the two OSes expose users to different types of threats. The perceived greater security of iOS rests on Apple's control of app distribution rather than on any inherent superiority of the OS over Android.
Target Customers Broadcast Epic Checkout Fail
June 16, 2014
Target's customers jumped en masse onto social media Sunday night after technical malfunctions at its stores around the country resulted in long checkout lines and, in some cases, inability to make purchases with store-branded credit cards. The episode struck a nerve with customers, not only because of the inconvenience, but because it was a reminder of another Target point-of-sale glitch.
Godzilla Foreshadows Trouble for Internet of Things
June 16, 2014
The Internet of Things has come under attack by pranksters in recent days. The events could signal tumultuous things to come as more and more everyday objects connect to the Internet. Homeland Security has advised the customers of digital sign maker Daktronics to "take defensive measures" following a series of cyberpranks on the company's traffic signs.
Cupid Fires Arrow at OpenSSL's Heart
June 10, 2014
As if the discovery of the Heartbleed flaw weren't enough woe for OpenSSL, more than half a dozen additional defects have been discovered in the code used to protect communication on the Web. Among them is one dubbed "Cupid" by its discoverers. The flaw can be used to compromise enterprise networks. Like Heartbleed, Cupid uses a malicious heartbeat packet to compromise a TLS connection.
Google Releases Email Encryption Tool Alpha
June 06, 2014
Google this week released the alpha version of source code for End-to-End, a Chrome browser extension that encrypts email. End-to-End uses the OpenPGP standard to encrypt, decrypt, digitally sign and verify signed messages within the browser. "We're just sharing the code today so that the community can test and evaluate it, helping us make sure that it's as secure as it needs to be," Google said.
US-Led Posse Scatters GameOver Zeus Botnet
June 04, 2014
A worldwide operation led by the U.S. involving law enforcement, private sector cybersecurity firms and software vendors has disrupted the GameOver Zeus botnet for now. The U.S. also has filed criminal charges in Pittsburgh, Penn., and Omaha, Neb., against Russian national Evgeniy Mikhailovich Bogachev, and has charged a number of other suspects in the Russian Federation and the Ukraine.
Spammers Quick to Exploit eBay Breach
June 03, 2014
If you're a spammer, big news like the recent breach of eBay's computers is like striking oil in your back yard. Spammers live for headline-grabbing events that they can use to separate gullible Web wanderers from their money, so the eBay breach is a perfect vehicle for a scam. In this case, they try to convince recipients their eBay credentials could be used to give them a criminal record.
PCI 3.0, Part 4: Documenting Your Compliance
June 03, 2014
Summer is almost here, and that means many of you probably have made significant headway laying the groundwork for your 2015 PCI audit. However, one important aspect of 3.0 preparations that doesn't always get the attention it should is documentation. If you've tackled PCI compliance in the past, this is probably an area where you'll have a few questions.
Heartbleed-Weary Tech Firms Show OpenSSL a Little Love
May 30, 2014
Remember Heartbleed? Several weeks ago, the exposure of this security bug chilled the Internet, highlighting once again that even the seemingly unbreakable can be hacked. In the case of the Heartbleed vulnerability, encrypted data was at risk of theft. Sites potentially vulnerable to Heartbleed -- from Canada's Revenue Agency to AWS to Yahoo to Reddit -- urged users to change their passwords.
Destination Cloud: Are We There Yet?
May 29, 2014
There is growing interest in the cloud. It sounds absolutely perfect for both consumers and businesses. Some are jumping in -- so why isn't everyone? There are many pros and cons. Many use it successfully to build and manage their growing business, but many others fall victim to problems. What, exactly, is the cloud? "The cloud" is a general term that means many different things.
Con Artist Harasses Aussie Apple Customers in Ransomware Attempt
May 28, 2014
Apple on Tuesday aimed to calm anxiety among its iCloud users with reassurances that the service hadn't been breached in a ransomware-style attack. "Apple takes security very seriously and iCloud was not compromised during this incident," reads a company statement. The referenced "incident" is a collection of reports on Apple forums by iPhone users, most of them in Australia.

See More Articles in Consumer Security Section >>
Facebook Twitter LinkedIn Google+ RSS