OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com
Connected Cloud Summit
Microsoft Cranks Up Security to Lock Out Government Spies
December 05, 2013
Microsoft is taking steps to make its customers' data more secure in the wake of revelations about government spying. The company was implicated in NSA snooping operations after former government contractor Edward Snowden leaked documents related to the agency's activities earlier this year. Government spying on Microsoft's servers constitutes a persistent threat, said General Counsel Brad Smith.
Akamai Buys Prolexic to Beef Up DDoS Protection
December 02, 2013
Akamai Technologies is buying Prolexic, which offers protection against distributed denial of service attacks. The deal, which is expected to close in the first half of 2014, will cost Akamai about $370 million in cash plus the assumption of outstanding unvested options to purchase Prolexic stock. "Akamai aims to extend its optimization and security solutions," said spokesperson Jeff Young.
NSA's Malware Infection Spree Leaves Network Managers Powerless
November 26, 2013
The United States National Security Agency reportedly has seeded 50,000 networks worldwide with malware designed to steal sensitive information. The report -- the latest in a series of published disclosures based on documents released by Snowden -- is likely to fuel the controversy raging around cybersurveillance by the U.S. and its allies -- the UK, Australia, New Zealand and Canada.
97 Percent of Company Mobile Apps Are Insecure
November 19, 2013
Mobile apps for consumers have been criticized for gathering more information from users' devices than they need. It seems, however, that mobile apps from companies fare no better. Ninety-seven percent of some 2,000 mobile apps produced by 600 companies accessed at least one private information source on the device they were installed on, according to a report released Monday by HP.
Securing the Internet of Things: 5 Easy Pieces
November 15, 2013
The Internet of Things has been receiving quite a bit of attention. Definitions vary, but at its core the concept is a simple one: Extend computing and data-processing capability to the physical world around us. The earliest manifestations of this are starting to be seen already in the growth of smart devices: televisions, automobiles, appliances, electric meters, etc.
Brit Spies Spoof LinkedIn Pages to Track Targets
November 11, 2013
British intelligence agency GCHQ reportedly has spoofed LinkedIn profiles of employees at mobile communications companies and mobile billing firms to gain access to their corporate networks. The first known attack was on Belgacom, a telecom firm partly owned by the Belgian government, according to a top secret GCHQ presentation revealed by NSA whistleblower Edward Snowden.
Starting the Cyberinsurance Conversation
November 02, 2013
"In this world nothing can be said to be certain, except death and taxes," wrote Benjamin Franklin in 1789. You have to wonder if Old Ben wouldn't add cyberattacks to that list were he alive today. We live in a world in which hundreds of thousands of new threats are created every day. Nary a day goes by without a new piece of malware or other threat finding its way into a network.
Adobe Hack Victim Count Skyrockets to 38M
October 31, 2013
After initially estimating that a mere 3 million customers had been affected by the security breach it announced at the start of October, Adobe on Wednesday admitted that the actual number now looks to be closer to an eye-popping 38 million. In addition, the breach seems to be more far-reaching than initially thought, extending to the Photoshop family of products as well.
Strong Encryption, Natural Language Search Make Potent Cocktail
October 22, 2013
Strong encryption and natural language search can be like oil and water. That's because encrypted data can't be digested by your typical search engine. However, CipherCloud announced a solution to that knotty problem last week. The latest version of the 3-year-old company's cloud-based service includes something it's calling "searchable strong encryption."
Oracle Unleashes the Mother of All Security Patches
October 17, 2013
Oracle has released a whopper of a critical patch update for October, with 127 security fixes across several of the company's products. Of these, 51 are fixes for Java SE, and all but one of those will allow remote exploitation of a computer without authentication. Oracle recommends the patch be applied as soon as possible, as many of the vulnerabilities cross product family lines.
MediaFire's Derek Labian: Cloud Storage Is an Everyday Need
October 15, 2013
Security and privacy concerns may be far outweighed for many users by the convenience and appeal of the cloud, but users need to view cloud access as more than just another storage utility on the desktop. That's according to Derek Labian, CEO of cloud storage service MediaFire. Instead, cloud users need to focus on cloud performance and application functionality, Labian suggests.
Hackers Purloin 2.9M Adobe Customers' Data
October 04, 2013
Adobe on Thursday announced what has become depressingly familiar news to consumers and security experts: It has been hacked, and on a large scale. "Very recently, Adobe's security team discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products," said Brad Arkin, the company's chief security officer.
Coverity's Zack Samocha: Software Quality and the Open Source Advantage
October 01, 2013
Software quality is a topic close to most developers' hearts, whether they work with open source or proprietary code. Assessing quality, however, isn't always a simple matter. As a result, several efforts have sprung up to tackle the challenge, including the Coverity Scan project. Coverity began work in 2006 on the open source project, which is a joint endeavor with the Department of Homeland Security.
Revisiting Risk Assessment in the Cloud
October 01, 2013
The case for cloud is compelling for a number of reasons, but one of the more compelling reasons from a technologist's point of view has to do with the ability to abstract lower levels of the application stack. Depending on the model of cloud employed, varying amounts of the underlying technology components move out of the scope of your direct control.
Google Adds Remote Locking for MIA Androids
September 25, 2013
Google on Tuesday rolled out a feature for its recently launched Android Device Manager that lets users lock down a stolen Android device from anywhere, via the Web. "This is something that should be built into the OS and the platform because it's an inherent security feature," said tech analyst Rob Enderle. Google is late to the game in rolling out its remote lock capability.
AlienVault's Barmak Meftah: Time to Put Hackers on the Defensive
September 24, 2013
As CEO of AlienVault, Barmak Meftah faces enemies every day who play out their attacks from faraway lands using seemingly unbeatable weapons. One of the weapons AlienVault uses with the support of the open source community is a global report called the Open Threat Exchange that tracks threats to computer networks. The results make it possible to identify trouble spots and take corrective action.
BYOD Security Is All About Juggling Risks
September 23, 2013
Allowing workers to use personal phones and tablets to do their jobs has created security risks in the workplace, but those risks can be minimized if they're managed. What should such a risk management program do? "The first step is you have to protect the device," said IBM Application, Data and Mobile Security Director Caleb Barlow. That includes everything from provisioning to data wiping.
Cracking the BYOD Security Nut
September 23, 2013
While so-called BYOD isn't necessarily new -- IT departments, after all, have been supporting mobile road warriors since the 1980s -- the rising tide of end users seeking the use and support of their own consumer devices is different. It's so different that IT departments are grasping for any standard or proven approaches that make BYOD access of enterprise resources both secure and reliable.
RSA Warns Customers Off Suspected NSA-Tainted Crypto Tools
September 21, 2013
RSA has advised its customers to make a configuration adjustment to its BSafe security software products. This follows an announcement issued by NIST not to use a security standard it designed and published. The standard is the Dual Elliptic Curve Deterministic Random Bit Generator. The Dual_EC_DRBG is believed to contain an NSA backdoor that would in essence nullify the standard's security.
Heavy Attacks Expected as Microsoft Scrambles to Fix IE Flaw
September 18, 2013
Microsoft revealed Tuesday it was investigating a previously unknown security flaw affecting all versions of its IE Web browser. Hackers have attempted to exploit the vulnerability in targeted attacks on users of versions 8 and 9, it reported in a security advisory. "The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code," the advisory says.

See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS