Retailers: Provide More E-Commerce Payment Options to Help Reduce Shopping Cart Abandonment
Welcome Guest | Sign In
LinuxInsider.com
From the Olympic Non-Robbery to Ford Getting Out of Cars, to Evil NSA: A Strange Week
August 22, 2016
There were three stories that caught my eye last week that I think deserve some additional discussion. One is the alleged robbery of U.S. Olympians followed by questions of whether it really happened because their phones weren't stolen. There may be a legitimate reason for that, and it's one that suggests a lot of folks will be getting huge cellphone bills next month.
To Protect Enterprise Data, Secure the Code
August 20, 2016
Responsibility for securing enterprise applications has been moving down the development lifecycle, and for good reason. It not only makes the enterprise more secure, but also saves companies time and money. For example, the average time to fix a vulnerability in IBM's application security solution has dropped from 20 hours to 30 minutes, according to Forrester Consulting.
Russian Gang Suspected of Hacking Oracle's POS System
August 20, 2016
Oracle has been investigating a point-of-sale system breach that may be the work of Russian cyberthieves. Hackers compromised at least 700 computers on the MICROS POS system, used by hundreds of thousands of hotels, restaurants and retail outlets worldwide to process credit card transactions, Krebs on Security reported earlier this month. More than 330,000 cash registers worldwide use MICROS.
Edward Snowden Sheds Light on Shadow Brokers
August 18, 2016
Edward Snowden has injected himself into an escalating cyberstruggle that could affect the U.S. presidential election. The reported hack of The Equation Group might have been a warning shot from Russia, Snowden claimed. The group, which is widely believed to be a front operation for the NSA, apparently was hacked over the weekend by a previously unknown outfit called the "Shadow Brokers."
Super-Sophisticated Spyware Spotted After 5-Year Run
August 16, 2016
Symantec and Kaspersky Lab last week separately announced the discovery of a highly sophisticated APT that had eluded security researchers for at least five years. A previously unknown group called "Strider" has been using Remsec, an advanced tool that seems to be designed primarily for spying. Its code contains a reference to Sauron, the main villain in The Lord of the Rings.
TCP Flaw Opens Linux Systems to Hijackers
August 11, 2016
A flaw in the RFC 5961 specification the Internet Engineering Task Force developed to protect TCP against blind in-window attacks could threaten Android smartphones, as well as every Linux computer on the planet. The flaw is described in a paper a team of researchers presented at the 25th Usenix Security Symposium, ongoing in Austin, Texas, through Friday.
Russia Plays the Cybervictim Card
August 11, 2016
Russia's FSB recently reported that it found a cyberspying virus in the computer networks of more than 20 state authorities and defense contractors. The claim that malware has infected various government and defense companies came in the midst of a flurry of accusations that Russia has engaged in cyberattacks against U.S. targets in an effort to impact the presidential election.
DARPA Rewards Best Bug-Bombing Bots
August 11, 2016
The code warriors of the future literally might be computer code acting as warriors to defend against attackers on computer networks. DARPA gave us a glimpse into that future last Sunday, when it announced the winners of its Cyber Grand Challenge at DEF CON. Seven teams participated in the challenge to create systems that used bots to find and fix software problems without human intervention.
Apple to Enlist the Aid of a Few Good Hackers
August 6, 2016
Apple has introduced its first bug bounty program, set to launch in September. Ivan Krstic, head of Apple security engineering and architecture, announced the program at the Black Hat security conference in Las Vegas. The focus reportedly is on an exceptionally high level of service, and on quality over quantity. Participation in the program initially will be by invitation only.
Linux Botnets on a Rampage
August 5, 2016
Linux-operated botnet Distributed Denial of Service attacks surged in this year's second quarter, due to growing interest in targeting Chinese servers, according to a Kaspersky Lab report released this week. South Korea kept its top ranking for having the most command-and-control servers. Brazil, Italy and Israel ranked among the leaders behind South Korea for hosting C&C servers, according to Kaspersky Lab.
Old Tech Can Create New Security Woes
August 3, 2016
"Patch your systems in a timely manner" is a mantra of security experts, but what happens when the patch well runs dry because a product's maker no longer supports it? That is a situation facing many large enterprises, and it's one that poses security risks. Between 30 percent and 50 percent of the hardware and software assets in the average large enterprise have reached their end-of-life date.
Gadget Ogling: Pokémon Go Drones, New Old Nintendo, and Snowden-Secured Smartphones
August 2, 2016
Pokémon Go, the augmented-reality smartphone game that's been eating away at the fabric of society in recent weeks, is enormously fun. I enjoy the mechanics, and that it pushes me to go on longer walks. That's all well and good in the nicer weather, but when there's two feet of snow, I don't really want to traipse around so much. That's why Pokédrone might be my new favorite thing.
Federal Agencies Seek Cyberdefenders
August 2, 2016
The U.S. government is in the process of hiring a small army of IT specialists to bolster its efforts to protect data held at federal agencies from cybersecurity threats. The feds hired 3,000 new cybersecurity and IT professionals in the first six months of the current fiscal year. The hiring spree is just one component of a "first ever" Federal Cybersecurity Workforce Strategy.
Clinton Campaign Latest Target of Hackers Linked to Russia
July 30, 2016
The campaign of Democratic presidential nominee Hillary Clinton is the latest possible victim of a series of hack attacks some cybersecurity experts have linked to the Russian government. Campaign officials reportedly acknowledged that an analytics program it uses, which is maintained by the DNC, was accessed in a breach discovered earlier this month.
KeySniffer Follows the Scent of Cheap Wireless Keyboards
July 29, 2016
A vulnerability in inexpensive wireless keyboards lets hackers steal private data, Bastille reported this week. The vulnerability lets hackers use a new attack the firm dubbed "KeySniffer" to eavesdrop on and capture every keystroke typed from up to 250 feet away. The stolen data is rendered in clear text. It lets hackers search for victims' credit card information, passwords and more.
Trump Tries to Walk Back Comments on Clinton Emails
July 28, 2016
Republican presidential nominee Donald Trump on Thursday attempted to walk back some of his remarks at a Wednesday morning press briefing during the Democratic National Convention, including his suggestion that Russian intelligence services should look for more than 30,000 deleted emails belonging to former Secretary of State Hillary Clinton and reveal them to the world.
BlackBerry Offers Android Users a Secure New Smartphone
July 27, 2016
BlackBerry on Tuesday made a play for security-conscious Android users with the announcement of its new DTEK50. Running Android 6.0 Marshmallow and BlackBerry security software, the new unit is the "most secure Android smartphone" in the world, the company claimed. Many Android users have concerns about the their phone's security, according to a recent survey.
FBI Launches Probe Into DNC Email Hack
July 26, 2016
The FBI on Monday confirmed it has opened an investigation into allegations that the Wikileaks email dump of nearly 20,000 DNC emails over the weekend might be linked to the Russian government. Hackers connected to Russian intelligence agencies allegedly have been working to help tilt the U.S. presidential election. "The FBI is investigating a cyber intrusion involving the DNC," the agency said.
Civil Rights Office Issues Ransomware Guidance
July 22, 2016
Ransomware infections are on the rise, and healthcare organizations are ripe targets, which may be why the federal government addressed the subject last week. Ransomware attacks have risen from about 1,000 a day last year to 4,000 a day this year, Symantec has reported. Many of those attacks are for small change, but some of the larger ones have been directed at healthcare providers.
Snowden Puts His Mind to Designing Spy-Proof Smartphone Cases
July 21, 2016
NSA whistle-blower Edward Snowden and noted hacker Andrew "Bunnie" Huang on Thursday published a paper on their collaboration to design a smartphone case that will protect user privacy. The pair developed a prototype compatible with the 4.7-inch iPhone 6, as it's "driven primarily by what we understand to be the current preferences and tastes of reporters," the paper states.
The Internet of Medical Things, Part 3: Safety First
July 20, 2016
Though quick to capitalize on connected health devices and the coming Internet of Medical Things, hardware manufacturers may be moving too slowly when it comes to building the necessary protections into the back end. The National Security Agency last month told participants in a defense technology summit in Washington that it was looking into hacking connected medical devices.
Congressional Committee Report Finds Something Rotten at FDIC
July 18, 2016
Officials at the U.S. Federal Deposit Insurance Corporation, which insures deposits in U.S. banks, made false statements to Congress and failed to make timely notification of serious cybersecurity breaches, according to a U.S. House of Representatives Committee on Science, Space and Technology's interim staff report. FDIC CIO Lawrence Gross has created a toxic work environment, it also says.
Facebook Lets Messenger Conversations Go Dark
July 13, 2016
Facebook last week said it would begin testing long anticipated end-to-end encryption capabilities in its Messenger app, enabling users to have secret conversations. The new level of security means that a message will be visible only to the sender and the recipient -- Facebook won't even be able to read it. Users can set a timer to limit the amount of time that a message remains visible.
Google Dabbles in Post-Quantum Cryptography
July 12, 2016
Google has launched an experiment with post-quantum cryptography in Chrome. A small fraction of connections between Google's servers and Chrome on the desktop will use a post-quantum key-exchange algorithm in addition to the elliptic-curve key-exchange algorithm already being used. The idea is that large quantum computers eventually might be able to break current security algorithms retroactively.
Parsing the Clinton Email Scandal
July 11, 2016
I've been watching the Clinton email scandal closely, because I not only have been in and out of law enforcement and security for much of my early life, but also was an internal auditor for IBM and one of the leading email experts in the 1990s. I think this is the only time I've seen an investigator channel a prosecutor and give someone a pass without addressing why crimes were committed.
Mobile Ransomware Has Mushroomed: Report
July 8, 2016
The number of mobile ransomware victims across the globe has increased fourfold compared to a year ago, suggests a Kaspersky Lab report. Kaspersky software protected 136,532 users targeted by ransomware from April 2015 to March 2016 -- up from 35,413. "The growth curve may be less than that seen for PC ransomware, but it is still significant enough to confirm a worrying trend," the report notes.
FBI Director Raps Clinton but Recommends No Criminal Action
July 6, 2016
Although an FBI investigation concluded that Hillary Clinton's use of a separate email system during her tenure as Secretary of State may have violated federal law, Director James B. Comey recommended no criminal prosecution. Considered in light of the bureau's actions in similar cases in the past, Comey explained, the facts in the Clinton case do not warrant the filing of criminal charges.
Study: Third-Party Apps Pose Risks for Enterprises
June 23, 2016
Since mobile computing put an end to the good old days when IT departments had absolute control over software deployed in the enterprise, there's been a rise in employees' use of third-party applications -- a rise that poses security risks to corporate environments. That is one of the findings in a report CloudLock released last week.
Google Makes It Easier to Do the 2-Step
June 21, 2016
Google on Monday began rolling out a new two-step authentication feature, Google Prompt, targeting enterprise employees. The new option consists of a pop-up that displays a mobile user's name and profile image, and that specifies the location and device involved in the attempted sign-in. The device owner is asked whether to allow or deny the sign-in.
Russians Hack DNC Servers to Get Goods on Trump
June 15, 2016
Two groups of Russian hackers burrowed into the Democratic National Committee's servers and spent months stealing information on Donald Trump, the Republican Party's presumptive presidential nominee, according to Crowdstrike. The security firm identified "two sophisticated adversaries on the network," noted CTO Dmitri Alperovitch, dubbed "Cozy Bear" and "Fancy Bear."
See More Articles in Cybersecurity Section >>
Facebook Twitter LinkedIn Google+ RSS
Is fake news a major problem?
Yes -- people don't know which news to trust.
No -- it's very easy to spot.
Yes -- it's propaganda warfare, and the U.S. is losing.
No -- people have always believed what suited them.
Yes -- but only temporarily, as people are catching on.
No -- much of it actually isn't fake.