Welcome Guest | Sign In
LinuxInsider.com
FTC Debates Cybersecurity Injury Standard
January 5, 2016
The U.S. Federal Trade Commission is engaged in an internal struggle over how it should assess the effect on consumers when businesses fail to provide proper e-commerce security. The outcome of the debate will have a significant impact on the FTC's ability to initiate cybersecurity violation cases. The legal issue could spill over to federal courts or even Congress for resolution.
Security Execs Sweat Insider Threats
December 31, 2015
Insider threats are becoming increasingly worrisome to corporate security executives. That is one of the findings in a survey of C-level businesspeople Nuix released last week. "The insider threat seems to be a bigger concern this year than it was in previous years," said Nuix's Keith Lowry. "People are recognizing that it is a significant weakness that has yet to be fully addressed."
All Security Pros Want for Christmas: Smarter Users, Decoy Networks
December 24, 2015
People like to see gifts from their wish lists under the Christmas tree, and security pros are no exception. Here are things some cyberwarriors would like old St. Nick to deliver to them. "It's probably never going to happen, but it would be fantastic to get smarter users who are less susceptible to social engineering," said Proofpoint's Ryan Kalember.
Apple's Cook Goes to the Barricades on Encryption
December 22, 2015
Apple CEO Tim Cook brought the encryption battle between the high-tech industry and the nation's law enforcement authorities to prime time TV Sunday in an interview on the CBS news program 60 Minutes. During the interview, Charlie Rose asked Cook about the need for law enforcement agencies to access data that has been encrypted on Apple phones. There's all kinds of sensitive information on smartphones today, Cook noted.
Juniper Networks Shortens ScreenOS Threat List
December 21, 2015
Juniper Networks on Sunday informed customers that recent security threats to its ScreenOS were not as widespread as initially believed. The company last week issued an alert following its discovery in ScreenOS of unauthorized code that could allow an attacker to gain administrative control of devices using Netscreen or to decrypt a VPN. The two issues are unrelated to each other.
Ready or Not, Enterprise Appification Is Here
December 21, 2015
Portfolios of task-oriented mobile apps for employees, contractors and business partners have been transforming the way enterprises conduct business, Apperian reported last week. Companies that have launched mobility initiatives have customized and deployed one or more apps that have streamlined business operations, according to the firm's analysis of 2 million app deployments.
MacKeeper Loses Control of User Data
December 17, 2015
Kromtech this week revealed a vulnerability in the data storage system of its MacKeeper software. Security researcher Chris Vickery, who alerted the company to the problem with its server, pegged the number of MacKeeper users affected at about 13 million. Kromtech posted a security alert about the breach on MacKeeper's website. The company fixed the error within hours of its discovery, it said.
Three Charged in Hacking Case That Spammed 60M
December 17, 2015
Federal prosecutors in New Jersey on Tuesday charged three men in a $2 million identity theft scheme to hack corporate computer systems and blast spam messages to more than 60 million people. The defendants face up to 20 years in prison and $250,000 in fines on wire fraud charges, and up to five years in prison and $250,000 in fines on email and computer conspiracy charges.
Creating Rules of War for Cyberspace
December 17, 2015
The idea of a "Cyber Geneva Convention" has gained steam in the last five years. Based on the original Geneva Convention, it would ensure that certain types of attacks and specific targets would remain off-limits in a cyberwar. The concept of rules dictating what shouldn't be allowed in war came about after Henry Dunant visited wounded soldiers during the Second Italian War of Unification.
Hot Hacker Targets in 2016: Fantasy Sports, Professional Services
December 15, 2015
As 2016 approaches, it's time to get the crystal ball out and predict next year's cybersecurity trends. Here are some predictions from security pros TechNewsWorld interviewed. Fantasy sports sites in 2015 caught the attention of states' attorneys general, who wanted to treat the outfits as gambling enterprises. In 2016, the sites will get attention from another quarter: hackers.
VTech Hires Mandiant to Shore Up Security for Kids
December 4, 2015
VTech on Thursday revealed it has hired FireEye's Mandiant to help improve security after reaction from parents around the world over news that its servers were hacked. It also is cooperating with law enforcement agencies worldwide to investigate the incident and has temporarily shut down several websites, its Learning Lodge app store, and its Kids Connect service.
Forces That Will Reshape the IT Landscape in 2016
December 4, 2015
There may be no better way to capture the state of the technology industry than to borrow Charles Dickens' famous opening from A Tale of Two Cities: "It was the best of times, it was the worst of times..." It never has been a better time to launch offerings via the cloud, but the availability of low-cost computing power and open source software have created unprecedented competitive challenges.
'Tis the Season for Online Predators
December 3, 2015
While visions of holiday shoppers dance in retailers' heads, those visions are also on the minds of online marauders. Net predators are sticking to scams that have made them money throughout the year. "Over the last 12 months, we've seen a return to attachments with innocuous macros in them," said Kevin Epstein, vice president of advanced security and governance at Proofpoint.
New Tech Targets Enterprise Ransomware
November 23, 2015
SentinelOne last week introduced an addition to its behavioral solution designed to address the problem of ransomware scrambling files on a computer. Ransomware has been a scourge not only for consumers, but for the enterprise, too. The malicious software can be particularly nettlesome for enterprises because they have to protect many endpoints -- phones, tablets, laptops, desktops and servers.
FBI, Carnegie Mellon Deny $1M Contract to Crack Tor
November 19, 2015
The FBI has denied allegations that it paid Carnegie Mellon University security researchers $1 million to crack a network designed to protect the anonymity of its users. The Tor Project, which operates the network, last week accused the FBI of cutting the CMU deal. The attack on Tor occurred from January to July 2014. The attackers discovered a way to strip the anonymity of Tor users.
Docker, Yubico Team Up to Secure App Development
November 19, 2015
Docker this week announced new security enhancements at DockerCon EU in Barcelona, Spain, including hardware signing of container images -- an industry first -- through a partnership with Yubico. Docker Content Trust offers hardware signing through support for Yubico's YubiKey. The YubiKey 4 lets Docker users digitally sign code during initial development and through subsequent updates.
Surveys Reveal Lax Mobile Security Among Federal Workers
November 18, 2015
The use of mobile devices provides significant benefits in convenience and workplace productivity. However, two recent reports indicate that U.S. government workers often ignore security protocols associated with mobile IT. The Office of Personnel Management hack revealed earlier this year drove an effort to address federal IT security. That effort largely has bypassed mobile device security.
Paris Attacks Deepen Encryption Debate
November 18, 2015
Encryption once again has come under fire in the wake of last week's terrorist attacks in Paris. Western intelligence agencies reportedly blamed the technology for enabling communications among the attackers, and some officials renewed their calls for technology companies to give them decryption keys. However, the terrorists may have communicated through private messages on the PlayStation 4.
Nadella: Microsoft to Be Stealth Operator for Cloud Security
November 17, 2015
CEO Satya Nadella on Monday made a bid to reintroduce Microsoft to professionals working in a brave new cyberworld of virtual, interconnected computing. Speaking at the Microsoft Government Cloud Forum in Washington, Nadella presented a broad new vision of a cloud- and mobile-first enterprise that promises to make personal and client security a central theme of its business.
Report: Botnets Help Bump Cyberattack Attempts by 20 Percent
November 17, 2015
ThreatMetrix last week reported that it had detected and prevented more than 90 million attempted cyberattacks in real time across industries from July to September. The attempted attacks covered fraudulent online payments, logins and new account registrations, and represented a 20 percent increase over the previous quarter, according to ThreatMetrix Cybercrime Report: Q3 2015.
Gmail to Warn Users of Unencrypted Email
November 16, 2015
Google last week announced that it is developing features for Gmail that will notify them when they get messages through a nonencrypted connection. Regions of the Internet are preventing message encryption by tampering with requests to initiate SSL connections, and malicious DNS servers are publishing fake routing information to email servers looking for Gmail, a study found.
Microsoft Hands Cloud Data Control to German Trustee
November 12, 2015
Microsoft announced it will offer its Azure, Office 365 and Dynamics CRM cloud services to business clients using two Germany-based data centers hosted by a subsidiary of Deutsche Telekom. The arrangement will protect the integrity and privacy of customer data, the company said. The data centers will be under the control of T-Systems, a unit of Deutsche Telekom, which will act as data trustee.
Microsoft to Add Secure Islands to Its Cloud
November 11, 2015
Microsoft on Tuesday announced that it has agreed to purchase data security firm Secure Islands. It will pay between $78 million and $150 million, according to reports, but company spokesperson Joel Sider declined to disclose the terms of the acquisition, which requires regulatory approval. Secure Islands' products will be integrated into the Azure Rights Management Service.
Decryption Tool Foils Linux Server Ransomware Attacks
November 11, 2015
Bitdefender on Monday released a free decryption tool designed to wrest data from the grip of a rare type of ransomware that's been plaguing Linux servers. Details for performing the decryption are available on the company's website. Essentially, the solution takes advantage of a flaw in the ransomware, which Bitdefender discovered through reverse-engineering.
NIST Seeks Review of Email Safety Doc
November 11, 2015
Email systems have become so routine that consumers and workers often regard them as simply part of the furniture. However, the technology is more complex than most users appreciate -- and that complexity makes it vulnerable to cyberthreats. Increased use of email has resulted in a corresponding increase in criminal and nuisance threats, NIST said in a recent advisory on email security.
Deep Learning App Targets Malware
November 10, 2015
Here's the problem with most programs aimed at killing malicious software: They need someone to tell them something's malicious. What if, however, the programs had the smarts to identify bad code on their own? That's what a company called Deep Instinct says its security solution, launched last week, can do. The offering works its magic with a technology called "deep learning."
OpenWorld's Substance Feast
November 4, 2015
For once, Oracle OpenWorld went long on substance. That's hard to do when you have so many products to discuss and Larry Ellison pontificating, but he was both under control and substantive -- though he couldn't resist taking a few shots at competitors. Oracle's team hardly ever sees SAP and IBM in deals these days, he announced, and he gave due praise to cloud pioneers NetSuite and Salesforce.
Mobile Malware's Growth Slows, Nastiness Grows
November 4, 2015
The good news about mobile malware in 2015 is that growth has slowed down. The bad news is that the malware entering the market is more virulent than ever. While there hasn't been a sharp rise in the volume of mobile malware this year, the increasingly malicious nature of the types of malware and attacks is alarming, Blue Coat Systems said last week in its 2015 Mobile Malware Report.
NIST Seeks Business Partners to Boost Email Security
November 3, 2015
The controversy over the management of email systems by former Secretary of State Hillary Clinton has been in the spotlight since March. More recently, the CIA director acknowledged that his personal email had been hacked. Both situations highlight the vulnerability of email. That's why NIST has launched an initiative to help both public and private organizations improve email security.
CISA Passes Senate Despite Privacy Advocates' Fear and Loathing
October 28, 2015
The U.S. Senate on Tuesday voted 74-21 to pass the Cybersecurity Information Sharing Act, or CISA, in the face of strong opposition from legal and cybersecurity experts, the high-tech industry, privacy and civil liberties organizations, and members of the public. The Act calls for several federal agencies to share cyberthreat indicators between the public and private sectors.
See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Live streaming video...
is the next big thing.
is a passing fad.
will dramatically improve citizen journalism.
will feed a lot more disturbing imagery to the Web.
doesn't interest me.