OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com
Data Breach Law Tops Obama Privacy Initiatives
January 12, 2015
A proposed national data breach reporting law, aimed primarily at protecting consumer privacy, headlined several initiatives the Obama administration announced Monday. The Personal Data Notification & Protection Act clarifies the obligations of companies when there's been a data breach. It includes a requirement to notify customers within 30 days of the discovery of a breach.
Fingerprint Theft Just a Shutter Click Away
January 07, 2015
Ever since smartphone makers started incorporating fingerprint scanners as a means of unlocking mobile phones, the Chaos Computer Club has attacked the technology with vigor. Not long after Apple added Touch ID to its iPhones, the German hackers demonstrated how to lift prints from a surface and create a flexible pad containing the print that could be used to break into a phone.
Google Outs Unpatched Windows 8.1 Kernel Flaw
January 06, 2015
Microsoft got a fiery start to 2015 when Google last week publicized a kernel vulnerability in Windows 8.1 Update. Google Project Zero's James Forshaw, who discovered the flaw, ranked it as a high-severity issue. Although Forshaw reported it to Microsoft last September, the company had not yet fixed the problem when Google published it. The vulnerability lets people falsely pose as administrators.
Writers Worldwide Chilled by Government Surveillance
January 06, 2015
Concern over government surveillance has been so heightened by confidential information leaked by former intelligence hand Edward Snowden that writers in free countries are as worried as those in autocratic nations, according to a new report. Three-quarters of writers in countries classified as "free" told researchers they were "worried" or "somewhat worried" about surveillance.
Yikes! Ransomware Could Take Over Your Hard Drive
January 05, 2015
Malware is running rampant on the Internet, affecting smartphones, tablets and PCs. Relatively new malware allows bad guys to encrypt devices until a ransom is paid. Usually the ransom is required in bitcoin, rather than U.S. currency, as it cannot be traced. What are the legal and other risks associated with ransomware? Ransomware is largely directed at personal devices and small businesses.
Hackers Give Touch ID the Finger
December 29, 2014
Hacker Jan Krissler, aka "Starbug," this weekend told attendees at the 31st Chaos Computer Club convention that he had replicated the fingerprints of German Defense Minister Ursula von der Leven using a standard photo camera and commercially available software. Krissler used a close-up of a photo of the minister's thumb and other pictures taken at different angles during a press event in October.
Misfortune Cookie Crumbles Millions of Security Systems
December 29, 2014
Check Point Software Technologies recently revealed a flaw in millions of routers that allows the devices to be controlled by hackers. The company detected 12 million Internet-connected devices that have the flaw. The vulnerability, which Check Point dubbed "Misfortune Cookie," can be found in the code of a commonly used embedded Web server, RomPager from AllegroSoft.
The Big Tech Stories of 2015
December 29, 2014
Last week, we looked back at the largely untold, or under told, stories of 2014. This week, let's look ahead to some of the stories that are coming in 2015. We'll have robots, self-driving cars, armed autonomous drones, the professional proliferation of head mounted cameras, some scandals, and some interesting political implications. I'll close with my product of the year, which even surprised me.
Flaws in Ancient Standard Enable Wireless Eavesdropping, Spying
December 23, 2014
Vulnerabilities in Signaling System 7, telephony signaling protocols used by carriers worldwide, allow third parties to listen to people's cellphone calls and intercept text messages despite encryption, The Washington Post reported last week. German cybersecurity researchers Tobias Engel of Sternraute and Karsten Nohl of Security Research Labs separately discovered these vulnerabilities.
Boeing Picks BlackBerry to Brace Black's Security
December 22, 2014
Boeing has enlisted BlackBerry to help bolster the security of its Black smartphone by providing "secure mobile solutions for Android devices utilizing their BES-12 platform," said Boeing spokesperson Andrew Lee. BES 12 provides cross-platform enterprise mobile management that gives organizations strict control of devices, while letting users keep personal data private.
US Mulls Response to Sony Hack
December 19, 2014
Department of Homeland Security Secretary Jeh Johnson on Thursday said the United States "is actively considering a range of options" to take in response to the Sony hack. The hack is "very serious," Johnson said, though he refused to label it as a terrorist attack. There has been widespread suspicion that North Korea engineered the hack. The FBI is investigating.
Terrorist Threats May Blow Up 'The Interview's' Box Office
December 17, 2014
The now-notoriously controversial action comedy The Interview, which was expected to deliver profits of $90-$95 million for Sony, may have become a financial black hole. The movie's Thursday premiere in New York has been cancelled, and several movie theater chains have scrapped plans to screen it, following a hacker message referencing 9/11 and threatening physical attacks on theaters.
FIDO Pursues Vision of a Password-Free World
December 17, 2014
A group of some 150 companies last week moved closer to eliminating the bane of many an online user: the ubiquitous password. The FIDO Alliance, which counts among its members Microsoft, PayPal, Google, Bank of America, Visa and MasterCard, released version 1.0 of its open specifications for strong authentication on the Internet without the use of passwords.
No Respite for Sony
December 12, 2014
Since the hacker group calling itself "Guardians of Peace" announced its attack on Sony Pictures Entertainment late last month, things have gone downhill for the company. After confidential documents were leaked to the Internet over several days, a denouement of sorts was reached last week, when a security company examining the stolen data discovered nearly 50,000 Social Security numbers.
FIDO Alliance Launches 'Password Killer' Spec
December 11, 2014
The Google-supported FIDO Alliance this week achieved a key milestone in its mission to end the use of passwords by releasing version 1.0 of its namesake open standard. "Today, we celebrate an achievement that will define the point at which the old world order of passwords and PINs started to wither and die," said Michael Barrett, president of the alliance. FIDO stands for "Fast IDentity Online."
Dashlane, LastPass Promise Easy Password Changing
December 10, 2014
Two password manager makers on Tuesday announced new features that allow their users to minimize the hassle of resetting passwords. One of the first things online users are advised to do after a data breach -- and there have been more than few of those lately -- is to change their passwords. Few users act on that advice, though, because password changing is too onerous.
Turla Trojan Unearthed on Linux
December 09, 2014
Turla, a Trojan that has infected hundreds of 32- and 64-bit Windows computers at government institutions, embassies, military installations, educational institutions, and research and pharmaceutical companies over the years, has been found on Linux systems, Kaspersky Lab reported. The company has discovered two variants of the malware running on Linux.
Sony's Cyber-Whodunit Is a Page-Turner
December 05, 2014
Who breached Sony Pictures' network and why continues to be a puzzle a week after news of the hack first emerged. Some speculate it was an inside job. A few have pointed fingers at North Korea, which returned its own one-finger salute in response. Others discount that possibility. In the meantime, the FBI has issued a warning stating destructive malware is on the loose.
Google Releases Consumers From the Scourge of CAPTCHA
December 04, 2014
Google on Wednesday announced the no-CAPTCHA reCAPTCHA, a kinder, gentler way of distinguishing human Web surfers from bots. The new system requires that users confirm their humanity by checking a box to the left of the statement "I'm not a robot." A privacy statement is displayed on the right. If checking the box doesn't work, a window containing distorted text will pop up.
Iran Raises Its Cyberfist to the World
December 04, 2014
Iran, which for decades has locked horns with the United States, is emerging as a cyberwarfare power that's threatening the world, Cylance warned in its Operation Cleaver report, released Tuesday. Cylance has been tracking one team of roughly 20 hackers called "Tarh Andishan," which means "thinkers" or "innovators" in Farsi. The group is suspected to be Iranian.
Cybersecurity Threats 2015: More Espionage, More Apple Malware
December 03, 2014
Cyberspies will flourish and hackers will target Apple devices more often in 2015. Until now, Russia, China and the United States have dominated the cyberespionage scene, but their success will start to attract new players to the practice. "We can expect some of the developing economies ... to engage in these activities to protect their growth status," said Websense's Carl Leonard.
'Elegant' Regin Malware Linked to Brits, NSA
November 25, 2014
A sophisticated malware program called "Regin" has been used in systematic spying campaigns against a range of international targets since at least 2008, Symantec reported. Regin is a backdoor-type Trojan with a structure that displays a degree of technical competence rarely seen in malware. "It's a beautiful piece of architecture," said Scott Borg, CEO of the U.S. Cyber Consequences Unit.
Wristband Heads Off Password Headaches
November 25, 2014
Has software glut got you down? Do you reuse passwords because creating unique ones for all your online accounts would cause a memory overload? If so, you may be interested in a bit of jewelry called the "Everykey," by a startup with the same name. Everykey is a wristband that removes the need to remember the countless log-in credentials we use every day.
EFF Spearheads Safer Web Initiative
November 24, 2014
The Electronic Frontier Foundation has announced a nonprofit organization that will aim to secure the entire Web. Let's Encrypt, starting in summer 2015, will offer free server certificates to help websites transition from HTTP to the more secure HTTPS protocol. EFF is partnering with Akamai, Mozilla, Cisco, iDenTrust and University of Michigan researchers.

See More Articles in Cybersecurity Section >>
Facebook Twitter LinkedIn Google+ RSS
Do you plan to buy an Apple Watch?
Yes, I can't wait!
Yes, but I'll wait a while.
Not sure, I'll have to see it in person.
No, I like it but it's too expensive.
No, but I might buy a different brand.
No, I already have a smartwatch.
No, I don't want any smartwatch.