Welcome Guest | Sign In
LinuxInsider.com
Privacy as a Service Advocates Promise Better Data Protection
January 14, 2016
There's been a lot of wailing and gnashing of teeth about the Sisyphean task of protecting privacy in the Digital Age, but that hasn't stopped innovators from searching for ways to preserve it. One of the latest ideas to emerge in the field is Privacy as a Service. As with many emerging technologies, the definition of "PaaS" (not to be confused with Platform as a Service) is in flux.
Black Duck Intros Container Scanning
January 13, 2016
Black Duck Software on Tuesday announced it has added to its Hub software container-scanning capabilities that let users map open source security flaws for applications, Linux distros, and other software in Docker and other Linux containers. Adding a containerized scanner to a Docker host enables automatic identification of known open source vulnerabilities in all layers of containers on the host.
Administration, Silicon Valley Bigs Meet to Strategize on ISIS
January 13, 2016
Obama administration officials last week met with senior executives from several leading Silicon Valley firms in a summit on how to combat the proliferation of terrorist communications on social media networks. Attorney General Loretta Lynch, FBI Director James Comey, and John Carlin, assistant attorney general for national security, represented the DoJ.
US Army Marches to the Cloud
January 13, 2016
The U.S. Army may be in the walking phase of its plan to shift major portions of its information technology resources to the cloud, but a recent contracting initiative could move the service up to a jogging pace by the end of the year. The Army's progress in migrating much of its IT capabilities to the cloud was characterized as a crawl during 2015.
Microsoft Puts Legacy IE Browsers Out to Pasture
January 12, 2016
Microsoft has ended technical support for the older versions of its legacy Internet Explorer browser, placing at risk millions of users who -- despite extensive warnings -- have not upgraded to the latest version of Internet Explorer or the free install of Windows 10. The support expiration means that customers using IE 8, 9 and 10 no longer will receive technical support and security updates.
ProPublica Launches News Site on Dark Web
January 12, 2016
ProPublica last week reportedly launched what's believed to be the first major news site on the dark Web. The site's purpose reportedly is to maximize the privacy of readers. The Tor hidden service goes beyond SSL in that visits to sites are hidden from eavesdroppers and ISPs. Anyone monitoring Tor nodes can track visitors who use a Tor browser to view ProPublica's regular site.
Taxpayer Advocate Blasts IRS' Planned Customer Service Revamp
January 8, 2016
The Taxpayer Advocate Service has released its annual report to Congress. Among other things, it warns that a five-year plan to revamp IRS operations may result in a substantial reduction in telephone and face-to-face interactions with taxpayers. "TAS has been left with the distinct impression that the IRS's ultimate goal is to get out of the business of talking with taxpayers," the report states.
Major Security Flaw Found in Silent Circle's Blackphone
January 7, 2016
Security researchers at SentinelOne on Wednesday revealed a vulnerability they discovered in the Blackphone. The flaw -- an obscure socket -- lets an attacker take over and control communications on the Blackphone, a highly secure Android smartphone Silent Circle developed and marketed in reaction to news of government surveillance of people's communications.
Iranian Cyberattack on American Dam Viewed As Rarity
January 7, 2016
Just days before Christmas, a rare event occurred: the report of a successful intrusion into America's infrastructure by overseas hackers. The event -- penetration of the control system of a dam 20 miles from New York City -- happened more than two years ago but wasn't made until last month. Cloaking such incidents in secrecy is standard operating procedure for industries that use control systems.
FTC Debates Cybersecurity Injury Standard
January 5, 2016
The U.S. Federal Trade Commission is engaged in an internal struggle over how it should assess the effect on consumers when businesses fail to provide proper e-commerce security. The outcome of the debate will have a significant impact on the FTC's ability to initiate cybersecurity violation cases. The legal issue could spill over to federal courts or even Congress for resolution.
Security Execs Sweat Insider Threats
December 31, 2015
Insider threats are becoming increasingly worrisome to corporate security executives. That is one of the findings in a survey of C-level businesspeople Nuix released last week. "The insider threat seems to be a bigger concern this year than it was in previous years," said Nuix's Keith Lowry. "People are recognizing that it is a significant weakness that has yet to be fully addressed."
Backspace Flaw Enables Linux Zero-Day Attack
December 28, 2015
Researchers last week revealed a zero-day flaw that lets attackers take over a Linux system by pressing the backspace key repeatedly. Pressing backspace 17 to 20 times will overwrite the highest byte of the return address of the grub_memset() function, ultimately causing a reboot by redirecting control flow to the 0x00eb53e8 address, according to the Cybersecurity Group at the Universitat Politecnica de Valencia.
Major Challenge to FTC's Cybersecurity Authority Evaporates
December 28, 2015
The U.S. Federal Trade Commission and Wyndham Worldwide earlier this month reached a settlement over allegations that the company violated federal law regarding the protection of customer records. The settlement could have a significant impact on e-commerce in that it ended a major legal challenge to the FTC's extension of its authority into the realm of cybersecurity.
All Security Pros Want for Christmas: Smarter Users, Decoy Networks
December 24, 2015
People like to see gifts from their wish lists under the Christmas tree, and security pros are no exception. Here are things some cyberwarriors would like old St. Nick to deliver to them. "It's probably never going to happen, but it would be fantastic to get smarter users who are less susceptible to social engineering," said Proofpoint's Ryan Kalember.
10 Things on an Apple Fan's 2016 Wish List
December 22, 2015
When your favorite consumer tech company is also the best consumer tech company in the world, and said tech company is generally a magnet for hyperbole and blind customer loyalty -- while also producing more products at higher levels of quality than ever before -- what's left to really wish for? Plenty, it turns out. I'm not talking about a new Apple car or even any special new product category.
Apple's Cook Goes to the Barricades on Encryption
December 22, 2015
Apple CEO Tim Cook brought the encryption battle between the high-tech industry and the nation's law enforcement authorities to prime time TV Sunday in an interview on the CBS news program 60 Minutes. During the interview, Charlie Rose asked Cook about the need for law enforcement agencies to access data that has been encrypted on Apple phones. There's all kinds of sensitive information on smartphones today, Cook noted.
Juniper Networks Shortens ScreenOS Threat List
December 21, 2015
Juniper Networks on Sunday informed customers that recent security threats to its ScreenOS were not as widespread as initially believed. The company last week issued an alert following its discovery in ScreenOS of unauthorized code that could allow an attacker to gain administrative control of devices using Netscreen or to decrypt a VPN. The two issues are unrelated to each other.
Congress Passes Budget Bill With Controversial Cybersecurity Provision
December 18, 2015
Congress on Friday passed an omnibus budget bill that included the Cybersecurity Information Sharing Act, or CISA. The Senate earlier this year passed CIS, which many conservative and liberal politicians, high-tech firms, and privacy and civil liberty advocates oppose. The latest version includes amendments that will allow corporations to share customers' information with the government.
MacKeeper Loses Control of User Data
December 17, 2015
Kromtech this week revealed a vulnerability in the data storage system of its MacKeeper software. Security researcher Chris Vickery, who alerted the company to the problem with its server, pegged the number of MacKeeper users affected at about 13 million. Kromtech posted a security alert about the breach on MacKeeper's website. The company fixed the error within hours of its discovery, it said.
Feds Give Commercial Off-the-Shelf IT a Closer Look
December 17, 2015
Federal information technology purchasing often involves large amounts of money based on the small print of acquisition requirements. Arcane procurement language seemingly can have a big impact on transactions. For IT vendors, provisions of recent legislation are prime examples of why it pays to scrutinize every line of the laws and regulations pertaining to federal acquisition programs.
Creating Rules of War for Cyberspace
December 17, 2015
The idea of a "Cyber Geneva Convention" has gained steam in the last five years. Based on the original Geneva Convention, it would ensure that certain types of attacks and specific targets would remain off-limits in a cyberwar. The concept of rules dictating what shouldn't be allowed in war came about after Henry Dunant visited wounded soldiers during the Second Italian War of Unification.
UK Police Pinch Suspect in VTech Hack
December 16, 2015
UK police have arrested a 21-year-old man as part of their investigation into last month's hack on VTech's systems. The man was arrested in Bracknell, 30 miles west of London, on suspicion of unauthorized access to a computer to facilitate the commission of an offense and suspicion of causing a computer to perform functions to secure or enable unauthorized access to a program or data, police said.
Twitter Alerts Users to State-Sponsored Cyberattack Threat
December 15, 2015
Twitter last week began warning some of its members that they may be the target of a state-sponsored attack on their accounts. Coldhak posted to its Twitter account a copy of the warning it received. It's among a small number of accounts that state-sponsored actors may be targeting in an attempt to obtain information such as email addresses, IP addresses and phone numbers, Twitter warned.
Hot Hacker Targets in 2016: Fantasy Sports, Professional Services
December 15, 2015
As 2016 approaches, it's time to get the crystal ball out and predict next year's cybersecurity trends. Here are some predictions from security pros TechNewsWorld interviewed. Fantasy sports sites in 2015 caught the attention of states' attorneys general, who wanted to treat the outfits as gambling enterprises. In 2016, the sites will get attention from another quarter: hackers.
FBI Chief: High-Tech Firms Need to Rethink Encryption Stance
December 11, 2015
FBI Director James Comey on Wednesday told members of a U.S. Senate committee that high-tech companies may need to adopt a new business model regarding encryption in order to get on the same page with law enforcement. "Encryption is getting in the way of our ability to have court orders effective to gather information we need in our most important work," he told the Senate Judiciary Committee.
Apple Tweaks Music, Mail, News in iOS Update
December 10, 2015
Apple on Tuesday released a new version of iOS, and while it was largely a maintenance release of the mobile operating system, the upgrade included some treats for music and news enthusiasts. The release, iOS 9.2, improved Apple Music, the company's streaming music service, in a number of ways. For example, users can create new playlists when adding a song to a playlist.
Federal IT Opportunities: Steady Funding, Constant Challenges
December 9, 2015
The good news for federal information technology managers -- and the vendor community -- is that government IT budgets will remain stable for the next few years in terms of projected spending. An additional potential benefit is that a recent budget agreement will support agencies for two years. The spending stability doesn't mean federal IT procurement will remain boringly routine, however.
Gadget Gives Passwords Pocket Protectors
December 9, 2015
Denis Clermont and Jérôme Jadot last month launched a Kickstarter campaign for the OdyOne digital identity manager. As much as many Web travelers and security experts would like usernames and passwords to disappear from use, the pesky credentials aren't going away anytime soon. That's why password managers are seen as a way to make the best of a bad situation.
Social Media Firms Face Quandary Over Terror Prevention
December 8, 2015
Following the recent terrorist attacks in Paris and San Bernardino, Calif., social media companies are coming under increased pressure, both internally and externally, to protect their networks from being used as platforms for operational planning and propaganda. "We should build tools to help de-escalate tensions on social media," wrote Google Executive Chairman Eric Schmidt in an op-ed.
VTech Hires Mandiant to Shore Up Security for Kids
December 4, 2015
VTech on Thursday revealed it has hired FireEye's Mandiant to help improve security after reaction from parents around the world over news that its servers were hacked. It also is cooperating with law enforcement agencies worldwide to investigate the incident and has temporarily shut down several websites, its Learning Lodge app store, and its Kids Connect service.
See More Articles in Cybersecurity Section >>
Facebook Twitter LinkedIn Google+ RSS
What is your reaction to the rumored
4-inch iPhone?
I'm in -- I'd love to have a smaller iPhone.
I prefer a larger iPhone, but it's good to have more options.
I expect innovation from Apple -- seems it's running out of ideas.
I'm not interested in an iPhone of any size.