OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com
Connected Cloud Summit
Failure to Communicate Hamstrings Cyberdefenders
July 23, 2014
A failure to communicate between security pros and company brass may be contributing to the inability of a significant number of organizations to reduce the risk of cyberattacks on their systems. Thirty-one percent of the nearly 5,000 respondents surveyed for a recent study said their cybersecurity team never met with the executive team about cybersecurity.
Cloud App Security: Foggy With Low Visibility
July 21, 2014
While the cloud promises faster time to market and reduced costs, it also presents a new landscape for hackers to attack and achieve their goals -- namely, to find and gain unauthorized access to data and information. Attackers follow the data they are after, and if that data is residing in the cloud, then they are going to start operating in the cloud as well.
Gameover Zombies on the March Again
July 17, 2014
The Gameover botnet is back, more or less, only six weeks or so after the Justice Department announced that an FBI-led multinational effort had disrupted it. Still, the botnet's downtime was longer than expected -- the UK's National Crime Agency had warned that the people running it would regain control within two weeks. Sophos this week spotted a new version of the malware.
Google's Project Zero Cybersecurity Watch: No Excuses
July 15, 2014
Google on Tuesday announced Project Zero, an effort to speed up the security bug-fixing process. A team of cybersecurity experts will go after vulnerabilities in any and all software, notify the vendors, and then file bug reports in a public database so users can track the issuance of patches. The Project Zero team has promised to send bug reports to vendors in as close to real-time as possible.
What's Eating Internet Security?
July 15, 2014
It's a given that hackers can and do penetrate websites with laughable ease, ranging from those of retailers to those of the United States government. It certainly doesn't help the security-minded to know that the U.S. National Security Agency and other countries' spy agencies, including the UK's GCHQ and the West German intelligence agency, are tapping into online communications at will.
Critical Infrastructure Companies Lack Cyberdefenses
July 11, 2014
Companies providing the world's critical infrastructure are woefully unprepared for cyberattacks despite the increasing threat level, evidenced by the release of the Stuxnet worm and the Shamoon virus in recent years, found a survey conducted by the Ponemon Institute and Unisys. Nearly 70 percent of the 599 surveyed companies in the past 12 months have reported at least one security breach.
Your Abandoned Smartphone May Betray You
July 09, 2014
Doing a factory reset to wipe the data off smartphones does not work, and the data can be recovered, warned Avast. The company recovered tons of data, including more than 40,000 stored photographs, from 20 used Android phones purchased from eBay. Device owners need to overwrite their files to make them irretrievable, Avast said, touting one of the applications it offers.
Report: Malware Poisons One-Third of World's Computers
July 09, 2014
Nearly one-third of the world's computers could be infected with malware, suggests a report released last week by the Anti-Phishing Working Group. Malicious apps invaded 32.77 percent of the world's computers, a more than 4 percent jump from the previous quarter's 28.39 percent, it estimates. The increase in infected computers has come hand-in-hand with a jump in the appearance of malware samples.
Dragonfly Swoops Down on Energy Firms
July 01, 2014
The energy industry in the United States and Europe is being targeted by a cybercriminal gang that's suspected of being state-sponsored and has links to Russia. Known variously as "Dragonfly" and "Energetic Bear," the group has been operating at least since 2011. Its focus appears to be espionage and persistent access, with a side dish of sabotage as required, Symantec said.
Heartbleed Flaw Goes Unpatched on 300K Servers: Report
June 23, 2014
Two months after the Heartbleed vulnerability sent frissons of fear down the spines of IT managers everywhere, 300,000 servers still remain vulnerable, Errata Security said. When the flaw was announced in April, Errata found 600,000 servers vulnerable. "The norm is to do no patches at all for some systems, no matter how easy it is to patch," said Errata CEO Robert Graham.
Researchers Find Android Security on Par With iOS
June 18, 2014
The open source mobile operating system Android long has been considered by security experts to be the mobile OS most vulnerable to security threats, but iOS is just as vulnerable. However, the two OSes expose users to different types of threats. The perceived greater security of iOS rests on Apple's control of app distribution rather than on any inherent superiority of the OS over Android.
BlackBerry Unveils BBM Protected to, Ahem, Protect Market Share
June 18, 2014
BlackBerry, whose share of the mobile phone market has been on a downward spiral, this week launched BBM Protected, the first in its planned eBBM Suite of secure enterprise-class messaging products. BBM Protected targets regulated industries. It's claimed to be the only secure mobile instant messaging app that uses a FIPS 140-2 validated cryptographic library.
Godzilla Foreshadows Trouble for Internet of Things
June 16, 2014
The Internet of Things has come under attack by pranksters in recent days. The events could signal tumultuous things to come as more and more everyday objects connect to the Internet. Homeland Security has advised the customers of digital sign maker Daktronics to "take defensive measures" following a series of cyberpranks on the company's traffic signs.
5 Myths of Virtualization Security: You May Be More Vulnerable Than You Think
June 11, 2014
Businesses increasingly are relying on virtual machines to handle more critical data and tasks than ever before. The reality is that virtualization is growing as a platform for managing customer data, financial transactions and the applications that businesses use. Simply put, virtualization is a core component of today's mission-critical IT infrastructure.
Cupid Fires Arrow at OpenSSL's Heart
June 10, 2014
As if the discovery of the Heartbleed flaw weren't enough woe for OpenSSL, more than half a dozen additional defects have been discovered in the code used to protect communication on the Web. Among them is one dubbed "Cupid" by its discoverers. The flaw can be used to compromise enterprise networks. Like Heartbleed, Cupid uses a malicious heartbeat packet to compromise a TLS connection.
Open Source Persistence: Resistance Is Futile
June 09, 2014
Software developers routinely use open source components to boost productivity and improve the quality of their code. The problem for enterprises is that companies using open source must properly manage it and comply with its licensing, as with any third-party code. That becomes difficult to do when corporate leaders do not know their computer systems are running open source code.
Heartbleed-Weary Tech Firms Show OpenSSL a Little Love
May 30, 2014
Remember Heartbleed? Several weeks ago, the exposure of this security bug chilled the Internet, highlighting once again that even the seemingly unbreakable can be hacked. In the case of the Heartbleed vulnerability, encrypted data was at risk of theft. Sites potentially vulnerable to Heartbleed -- from Canada's Revenue Agency to AWS to Yahoo to Reddit -- urged users to change their passwords.
Destination Cloud: Are We There Yet?
May 29, 2014
There is growing interest in the cloud. It sounds absolutely perfect for both consumers and businesses. Some are jumping in -- so why isn't everyone? There are many pros and cons. Many use it successfully to build and manage their growing business, but many others fall victim to problems. What, exactly, is the cloud? "The cloud" is a general term that means many different things.
eBay's In With the Breached Crowd
May 21, 2014
If there's a list of retailers that have not exposed their customers' data to a security breach, it just got shorter. The most recent company to confess to being hacked is eBay, which on Wednesday began sending emails urging customers to change their passwords. eBay announced that a cyberattack had compromised a database containing encrypted passwords and other nonfinancial data.
Hackers Paint Bull's-eyes on Cybercurrencies
May 19, 2014
Another digital currency was brought to its knees last week when the administrators of Doge Vault had to suspend operations after they discovered their online wallet service had been attacked by hackers. Following an investigation of the incident and the reconstruction of some of their damaged information from a backup, the administrators contacted users.

See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS