OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com
DoD Ramps Up Security as It Drifts Toward Cloud
September 12, 2014
DoD is committed to pursuing cloud-based services and steadily has been improving its capabilities to utilize the technology. The latest evidence of its embracing the cloud is approval of a protocol that will facilitate the use of the technology at higher security levels. DISA has granted provisional authorization for the use of cloud services to levels 3 to 5 of its Cloud Security Model.
Millions of Gmail Users Victims of Latest Password Heist
September 11, 2014
About 5 million Gmail usernames and passwords have been published on a Russian bitcoin security forum as a text file. Sixty percent of the 4.93 million credentials in the file were valid, claimed the poster, who used the online handle "tvskit." The information reportedly was dumped on several Russian cybercrime forums and shared through a variety of peer-to-peer services.
IBM Enlists Intel to Shore Up Hybrid Cloud
September 10, 2014
Despite the growing momentum behind cloud computing in recent times, security concerns have been a drag on adoption. IBM sought to reduce that resistance by announcing on Monday that it would start using Intel chip technology to better secure its SoftLayer cloud platform. The Intel technology can be especially reassuring to enterprises running hybrid clouds.
Comcast Ad Tinkering Could Muck Up WiFi Security
September 10, 2014
Comcast has begun using JavaScript injection to serve ads for its services to devices connected to its publicly accessible Xfinity WiFi hotspots across the U.S. The ads are fleeting, but they can appear roughly every seven minutes. The program reportedly began months ago. "This practice is definitely concerning for multiple reasons," said the Electronic Freedom Foundation's Jeremy Gillula.
Botnet Twists the Knife in iCloud Security
September 10, 2014
Hot on the heels of hackers stealing celebrities' nude photos from their iCloud accounts and posting them on the Web comes news that iCloud users are being targeted again. The Kelihos botnet is sending emails purporting to be from Apple, informing targets they have purchased a film through their iTunes account using a PC or other device not previously linked to their Apple ID.
Apple's Cook Promises Feeble iCloud Security Upgrades
September 05, 2014
Apple is taking steps to improve security in the wake of the furor generated by hackers' posting nude photos of celebs on the Internet, CEO Tim Cook said. Apple will alert users via email and push notifications when someone tries to restore iCloud data to a new device. It already does this when someone tries to change an account password or when a device first logs in to an account.
Home Depot All But Confirms Doozy of a Data Breach
September 03, 2014
Home Depot may have experienced a massive security breach -- possibly on a greater scale than last year's Target breach, which affected an estimated 110 million people. Home Depot said it was investigating the possibility, following security researcher Brian Krebs' Tuesday alert. It appears the perpetrators are the same hackers responsible for the data breaches at Target and elsewhere.
Admins Grapple With Shadow Tech
September 03, 2014
If you want to see an IT pro twitch, bring up Shadow IT in a conversation. "Shadow IT" is a term applied to technology deployed by an organization's users outside the purview of the IT department. It's bothersome to system shepherds because it can open up an organization to data leakages. It's also growing. Many Shadow IT programs run in the cloud, but all clouds are not created equal.
Russian Hackers Sack US Banks: Report
August 29, 2014
Hackers appear to have stolen data from JPMorgan Chase and at least one other U.S. bank in retaliation for economic sanctions against Russia. The raid on the banks' computer systems reportedly resulted in the theft of gigabytes of sensitive data. JPMorgan did not confirm the incident. However, the FBI is conducting an investigation into reports of cyberattacks on U.S. banks.
Hacker Attacks on Healthcare Providers Jump 600 Percent
August 28, 2014
The recent data breach at Community Health Systems, in which Chinese hackers stole the personal information of 4.3 million patients, was another sign of a disturbing trend: Healthcare providers are coming under cyberattack at an alarming rate. "We've seen a 600 percent increase in attacks on the healthcare sector in the last 10 months," said Carl Leonard, senior manager at Websense Security Labs.
Sony DDoS Attack May Have Been Smokescreen
August 25, 2014
Sony's PlayStation and Sony Entertainment networks were taken down over the weekend by a distributed denial of service attack. The hackers, who call themselves the "Lizard Squad," also forced authorities to divert a plane Sony Entertainment president was on by tweeting that there might be a bomb on board. A hacker with the handle "FamedGod" later claimed responsibility for the DDoS attack.
Security Researchers Lay Bare TSA Body Scanner Flaws
August 22, 2014
The U.S. Transportation Security Administration, part of the Department of Homeland Security, has spent more than a billion dollars on full-body scanners designed to strengthen airport security. It turns out that at least one model of scanner in use for four years -- the Rapiscan Secure 1000 full-body scanner -- easily could have been foiled by a savvy bad actor.
Google Gets in a Trusted Stores Encryption Tangle
August 21, 2014
A conflict between Google's push to make the Web more secure and its Trusted Store program may be costing at least one business money. Pegasus Auto Racing Supplies, which encrypts all the pages on its website, reportedly has had its application for Google's Trusted Stores program turned down. Think of the badge as the equivalent of the Good Housekeeping Seal.
Is Open Source an Open Invitation to Hack Webmail Encryption?
August 21, 2014
In a move influenced by Edward Snowden's revelations about the NSA's email snooping, Yahoo and Google last week announced that they were cooperating on end-to-end encrypting their webmail products. While the open source approach has proven its value over and over again, the idea of opening up the code for security features to anyone with eyeballs still creates anxiety in some circles.
Freedom Act Leaves IT Sector at Risk for Spy Program Costs
August 14, 2014
A recent U.S. Senate proposal to curb the impact of electronic surveillance conducted by the NSA could enhance privacy for citizens and benefit businesses as well. However, major information technology companies that help the government collect telecom and Internet data still will be vulnerable to the substantial costs of working with the NSA, even if the proposed bill becomes law.
Snowden Blows NSA's MonsterMind
August 13, 2014
The NSA is working on a new program codenamed "MonsterMind" that will automate the monitoring of traffic patterns on the Internet to look for attacks, whistleblower Edward Snowden revealed. When it detects an attack, MonsterMind will automatically block it from entering the U.S. cyberinfrastructure. It also will automatically fire back at the server from which the attack was launched.
Yahoo, Google Team Up to Fight Email Snoops
August 13, 2014
Yahoo and Google last week announced they'd be teaming up to secure their Web mail systems with encryption by the end of next year. "Our goal is to make end-to-end encryption fully available in 2015," said Yahoo Vice President of Information Security Alex Stamos. Yahoo will be releasing the code for its encryption solution to the open source community.
Russian Gang's Credentials Theft Exposes Web's Wild, Wild West Side
August 12, 2014
News that a Russian gang has stockpiled more than a billion purloined user name and password combinations has revved up the Internet's reputation as a post industrial Wild, Wild West. Just how much havoc will be raised by the gang remains to be seen. The data thieves so far appear content to use their ill-gotten trove for spamming, according to Hold Security, which discovered the credential cache.
Cyberspies Help Themselves to DHS Contractor's Data
August 08, 2014
USIS, the contractor that did the background checks on Washington Navy Yard shooter Aaron Alexis and NSA leaker Edward Snowden, on Thursday reported that its computer systems have been breached. "Our internal IT security team recently identified an apparent external cyberattack on USIS' corporate network," said US Investigation Services in a statement.
Secure Sites to Get the Google Bump
August 07, 2014
Google on Wednesday announced that it has begun factoring websites' use of HTTPS into its search rankings, resulting in more favorable results for those that use the security-minded protocol. Use of the protocol still is considered just a minor factor, though, affecting fewer than 1 percent of global queries and carrying less weight than high-quality content.
Russian Cybergang Stockpiles 1.2B Unique Stolen Credentials
August 07, 2014
A Russian cybercriminal gang so far has stolen 4.5 billion credentials, of which 1.2 billion appear to be unique, Hold Security has announced. The credentials belong to more than 500 million email addresses. Two reports released Tuesday may help explain why the cybergang was so successful. About 92 percent of the 800 top consumer websites evaluated failed the OTA's 2014 Email Integrity Audit.
When It Comes to Technology, Humans Are Idiots
August 04, 2014
There are a lot of things going on at the moment. Israel is tactically defending itself against Hamas -- winning the battles but losing the war, because the Israeli government can't see the big picture. The U.S. is still blaming Snowden for leaks, even though Russia clearly is able to pull damaging information pretty much anytime it wants without Snowden's help.
Tor Has Been Breached - What Now?
August 01, 2014
News that two Carnegie-Mellon CERT researchers have developed an inexpensive way to breach the Tor network has the project, privacy advocates, and probably criminals who use the network equally concerned. The Tor Project posted has advised relays to upgrade to Tor 0.2.r.23e or 0.2.5.6-alpha to close the protocol vulnerability used by the researchers.
Russia Cites Surveillance Concerns in Apple, SAP Source Code Demands
July 31, 2014
Russia wants Apple and SAP to turn over their source code in yet another instance of fallout resulting from leaks about NSA surveillance activities. The suggestion reportedly came last week, when Communications Minister Nikolai Nikiforov met with executives of the two companies: Peter Nielsen, Apple's general manager in Russia; and Vyacheslav Orekhov, SAP's managing director in Russia.

See More Articles in Cybersecurity Section >>
Facebook Twitter LinkedIn Google+ RSS