OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com
The Connected Car, Part 3: No Shortcuts to Security
August 19, 2014
The connected car is becoming a reality, but the gadget-filled roadways it travels will be paved with several options for in-car technologies. These choices pose challenges for carmakers. Whichever technology wins the race, one of the biggest concerns for OEMs is their electronic security. The Linux Foundation wants an open source platform in the pole position.
Mobile App Attacks: No Malware, No Problem
August 19, 2014
Traditional attack methods, like those used with the recent mobile online banking Trojan Svpeng, involve the installation of malware on the device to steal information and commit fraud. However, new techniques are emerging that would enable an attacker to compromise a device and steal private information from the owner -- for example, the typical copycat app on a third-party app store.
Twitter to Review Toothless Policies on Cyberharrassment
August 15, 2014
A deluge of hateful tweets after the suicide of actor Robin Williams earlier this week forced his daughter Zelda to publicly quit Twitter and Instagram. "We will not tolerate abuse of this nature on Twitter," Del Harvey, the company's vice president of trust and safety, said in a prepared statement. Twitter has suspended "a number of accounts related to this issue for violating our rules."
The Bitcoins Are Coming, the Bitcoins Are Coming
August 13, 2014
The United States Consumer Financial Protection Bureau has issued an advisory warning consumers about the risks of bitcoin and other virtual currencies. The bureau "is working to identify and understand potential consumer protection concerns raised by these emerging technologies to determine what action, if any, may be necessary to protect consumers," said spokesperson Moira Vahey.
Yahoo, Google Team Up to Fight Email Snoops
August 13, 2014
Yahoo and Google last week announced they'd be teaming up to secure their Web mail systems with encryption by the end of next year. "Our goal is to make end-to-end encryption fully available in 2015," said Yahoo Vice President of Information Security Alex Stamos. Yahoo will be releasing the code for its encryption solution to the open source community.
Smartphone Kill Switch Law Reaches California Governor's Desk
August 12, 2014
California is poised to enact a consumer-friendly law requiring smartphone manufacturers to install "kill switches" -- that is, antitheft technology that would be activated by the carrier when a consumer alerts it that a device has been stolen or lost. The technology not only wipes the device of personal data but also renders it inoperable. The state legislature passed the bill on Monday.
Carrier Software Flaws Imperil Smartphones: Report
August 08, 2014
Wireless carriers pose a threat to mobile phone security, researchers have disclosed. Mathew Solnik and Marc Blanchou of Accuvant this week told an audience at the Black Hat security conference in Las Vegas that Android, BlackBerry and some iOS devices are vulnerable. The problem lies in a device management tool using the OMA Device Management Standard, which carriers embed into mobile devices.
Secure Sites to Get the Google Bump
August 07, 2014
Google on Wednesday announced that it has begun factoring websites' use of HTTPS into its search rankings, resulting in more favorable results for those that use the security-minded protocol. Use of the protocol still is considered just a minor factor, though, affecting fewer than 1 percent of global queries and carrying less weight than high-quality content.
Russian Cybergang Stockpiles 1.2B Unique Stolen Credentials
August 07, 2014
A Russian cybercriminal gang so far has stolen 4.5 billion credentials, of which 1.2 billion appear to be unique, Hold Security has announced. The credentials belong to more than 500 million email addresses. Two reports released Tuesday may help explain why the cybergang was so successful. About 92 percent of the 800 top consumer websites evaluated failed the OTA's 2014 Email Integrity Audit.
WiFi Insecurity: Crying Wolf or Big Bad Wolf?
August 07, 2014
Can a hacker take over a passenger jet by sneaking in through its WiFi or in-flight entertainment system? The possibility of that occurring, as suggested by cybersecurity firm IOActive, has security experts hot under the collar. Ruben Santamarta, principal security consultant at IOActive, is scheduled to present the team's findings Thursday at the Black Hat security conference.
Retailers Harassed by Backoff Malware
August 05, 2014
The U.S. Department of Homeland Security last week sounded an alarm warning retailers of a family of malicious programs aimed at compromising point-of-sale systems. Attackers used such software last year in massive data breaches that nicked millions of consumer records at Target and Nieman Marcus. Variants of the Backoff family have turned up in at least three forensic investigations.
Russia Cites Surveillance Concerns in Apple, SAP Source Code Demands
July 31, 2014
Russia wants Apple and SAP to turn over their source code in yet another instance of fallout resulting from leaks about NSA surveillance activities. The suggestion reportedly came last week, when Communications Minister Nikolai Nikiforov met with executives of the two companies: Peter Nielsen, Apple's general manager in Russia; and Vyacheslav Orekhov, SAP's managing director in Russia.
Hackers Back to Their Old Tricks
July 30, 2014
Old tricks that have helped hackers penetrate computers for months or longer worked again last week at Goodwill and Stubhub. Taking a page from the gang that pillaged payment card and personal information from Target last year, hackers clipped payment card information from an undisclosed number of Goodwill Industries International customers. It's believed point-of-sale systems were compromised.
Android's Fake ID Could Put Millions in Jeopardy
July 30, 2014
An Android vulnerability that exists in every version from v2.1 Eclair to v. 4.3 Jelly Bean could expose millions of users, Bluebox Security has warned. The flaw lets attackers fake the certificates of specially privileged parties, such as Adobe and Google Wallet, and serve them up with malware that bypasses detection by Android. Attackers then can take over every app running on an Android device.
BlackBerry Picks Secusmart to Tighten Mobile Security
July 29, 2014
BlackBerry on Tuesday announced plans to acquire Secusmart, a developer of high-security voice and data encryption and anti-eavesdropping technologies. Mobile devices increasingly are being used for more critical tasks and to store more critical information, noted CEO John Chen. "The acquisition of Secusmart underscores our focus on addressing growing security costs and threats."
Failure to Communicate Hamstrings Cyberdefenders
July 23, 2014
A failure to communicate between security pros and company brass may be contributing to the inability of a significant number of organizations to reduce the risk of cyberattacks on their systems. Thirty-one percent of the nearly 5,000 respondents surveyed for a recent study said their cybersecurity team never met with the executive team about cybersecurity.
iOS Insecurity - Designed by Apple?
July 22, 2014
The long-held belief that Android is the least secure of mobile OSes was shattered by security researcher and expert iOS hacker Jonathan Zdziarski over the weekend. Zdziarski unveiled a host of iOS vulnerabilities, the scope of which was staggering. They include undocumented services that bypass backup encryption and can be accessed both via USB and wirelessly.
Gameover Zombies on the March Again
July 17, 2014
The Gameover botnet is back, more or less, only six weeks or so after the Justice Department announced that an FBI-led multinational effort had disrupted it. Still, the botnet's downtime was longer than expected -- the UK's National Crime Agency had warned that the people running it would regain control within two weeks. Sophos this week spotted a new version of the malware.
Google's Project Zero Cybersecurity Watch: No Excuses
July 15, 2014
Google on Tuesday announced Project Zero, an effort to speed up the security bug-fixing process. A team of cybersecurity experts will go after vulnerabilities in any and all software, notify the vendors, and then file bug reports in a public database so users can track the issuance of patches. The Project Zero team has promised to send bug reports to vendors in as close to real-time as possible.
Your Abandoned Smartphone May Betray You
July 09, 2014
Doing a factory reset to wipe the data off smartphones does not work, and the data can be recovered, warned Avast. The company recovered tons of data, including more than 40,000 stored photographs, from 20 used Android phones purchased from eBay. Device owners need to overwrite their files to make them irretrievable, Avast said, touting one of the applications it offers.
Report: Malware Poisons One-Third of World's Computers
July 09, 2014
Nearly one-third of the world's computers could be infected with malware, suggests a report released last week by the Anti-Phishing Working Group. Malicious apps invaded 32.77 percent of the world's computers, a more than 4 percent jump from the previous quarter's 28.39 percent, it estimates. The increase in infected computers has come hand-in-hand with a jump in the appearance of malware samples.
Google Aims to Defrag Android Universe
July 01, 2014
As any Android user knows, the version you're using can vary widely because it depends on parties other than Google. That's why nearly two-thirds of users are running a version of Android introduced in 2012 or earlier. With Android making the leap to wearables and the Internet of Things, however, Google is aiming to make that kind of fragmentation a thing of the past.

See More Articles in Consumer Security Section >>
Facebook Twitter LinkedIn Google+ RSS