Welcome Guest | Sign In
LinuxInsider.com
OPM's Latest Bad News: 5.6 Million Fingerprints Lifted
September 25, 2015
The Office of Personnel Management on Wednesday revealed that the hackers who penetrated its records system stole 5.6 million fingerprints of federal employees -- five times the 1.1 million originally reported. The cyberattack, which came to light this spring, compromised the Social Security numbers and other sensitive information of 21.5 million people.
Feds Award $500M Credit-Monitoring Contract Following OPM Breach
September 23, 2015
The U.S. government spends millions of dollars on IT systems designed to prevent cybersecurity attacks, but they still occur. Government agencies are hopeful that the learning curve will improve dramatically, and breaches will be reduced. In the meantime, what happens to people affected by a breach after an attack succeeds? This year, the OPM was hit with one of the biggest hack attacks ever.
Internet of Things Makes Enterprise Headway
September 22, 2015
The Internet of Things is poised to soar in the enterprise, a new survey from IDC indicates, with the planning stage rapidly shifting to deployment. Nearly 73 percent of about 2,500 respondents to the firm's IoT Decision Maker Survey said they already had deployed IoT solutions or would do so within the next year, the firm reported Tuesday. The survey respondents came from 15 countries.
IoT Can Open Doors to Cybercriminals, FBI Warns
September 16, 2015
The FBI has warned businesses and consumers to be careful when deploying devices that connect to the Internet of Things. As more companies and consumers use IoT devices to improve efficiency and convenience, their connection to the Internet creates opportunities for cybercriminals, the FBI said. The "Internet of Things" is a broad term that encompasses myriad devices that connect via cyberspace.
Hackers Home in on Health, Education, Government Sectors
September 16, 2015
A New York healthcare provider, California's higher education system and the Department of Energy have become the latest targets of data bandits. The latest massive data breach at a healthcare provider reportedly took place at Excellus BlueCross BlueShield, which last week revealed that the personal data of more than 10 million people was at risk due to an attack that dates back to December 2013.
Netflix Move Prompts Premature Antivirus Software Obit
September 11, 2015
Netflix reportedly is in the process of dumping its antivirus software and placing all its faith in an alternative solution to protect its more than 60 million subscribers from online nastiness, a move that prompted one pundit to pronounce the death of antivirus software yet again. Such dire pronouncements have been made for years, and they're likely to be made for many years to come.
Linux Foundation Security Checklist: Have It Your Way
September 6, 2015
The Linux Foundation's recently published security checklist may draw more attention to best practices for protecting Linux workstations, even if IT pros do not embrace all of its recommendations. Konstantin Ryabitsev, the foundation's director of collaborative IT services, developed the list for the use of LF remote sysadmins, to harden their laptops against attacks.
White House Wants Feedback on IT Contract Security
September 2, 2015
Cybersecurity is a key component of all contracts between U.S. government agencies and information technology vendors. Yet cyberbreaches continue to occur -- some of them with alarming scope and depth. The White House is seeking input from private sector vendors and others on how to improve the cybersecurity elements involved in federal government purchases of IT equipment and services.
Shadow IT Feeds 'Man in the Cloud' Attacks
August 27, 2015
Shadow IT -- the use of unauthorized online services by company employees -- is a concern of cyberwarriors charged with defending business systems against network attacks. There's new evidence that those concerns are justified. A new attack vector on business systems leverages the synchronization features of services like Dropbox and Google Drive to perform malicious mischief.
Study: Chinese Hackers Are Savvy, Surgical
August 13, 2015
A clandestine group of sophisticated Chinese hackers have infected scores of sites on the Web and stolen documents from industrial and government organizations with surgical precision, according to a Dell SecureWorks study released last week. Dubbed "Threat Group 3390," the cybergang has used infected websites of some 100 organizations across the globe.
Feds Break Up Hacker-Powered Insider Trading Ring
August 12, 2015
In two indictments unsealed by the U.S. Department of Justice in Brooklyn, N.Y., and Newark, N.J., nine people were charged in federal court with carrying out an international scheme to hack into three business newswires, steal yet-to-be published press releases, and use them to make trades that generated approximately $30 million in illegal profits.
Chinese Hackers May Have Burrowed Into Airlines
August 11, 2015
The China-based hacking team that has been infiltrating U.S. government and business computer systems appears to be behind two newly discovered attacks -- this time on travel reservation processor Sabre and American Airlines. Sabre confirmed that its systems -- which contain sensitive records on as many as a billion travelers -- recently were breached. American Airlines is investigating.
Android on BlackBerry Is Looking More Real
August 10, 2015
BlackBerry's upcoming slider handset, aka "Venice," will run on Android and will be available in the coming months for AT&T as well as T-Mobile, according to rumors that picked up steam over the weekend. This is not the first time rumors of a BlackBerry device running on Android have made the rounds. The company earlier this year hinted at the possibility at the Mobile World Congress.
Cyberwarrior Demand Outpaces Supply
August 6, 2015
Demand for cybersecurity professionals continues to far outpace supply, according to a Burning Glass Technologies report released last week. Cybersecurity hiring remains concentrated in government agencies and among defense contractors, the third annual cybersecurity job market report notes, but hiring has started to boom in industries handling consumer data.
Malvertisers Poison Yahoo's Ad Network
August 4, 2015
Yahoo's ad network suffered an attack that lasted for almost a week, Malwarebytes reported mid-day Monday. Malwarebytes earlier notified Yahoo of the attacks, which began July 28. Yahoo had stopped them by the time the report was published. The attackers used the Angler Exploit Kit, described as highly sophisticated, to redirect visitors to ad sites on two Microsoft Azure domains.
Leverage Big Data to Get Rid of Network Attackers
July 21, 2015
Up to 30 percent of their firms' security incidents this year should have been detected by perimeter security measures -- but weren't -- said 55 percent of respondents to a SANS Institute survey. The truth is that today's attackers have become skilled at bypassing conventional defenses, which no longer can be counted on to protect enterprise networks on their own.
DoJ: Firms Should Hire Cyber-Savvy Lawyers
July 20, 2015
Hardly a day goes by without a headline about a cyberintrusion. No entity is immune -- international retailers, airlines, hotels, mom and pop stores, cloud providers -- even the U.S. government. However, it seems that few businesses contemplate how important it is for their attorney to know and understand cybersecurity, as well as know what to do when a cyberintrusion occurs.
NYSE, United Shutdowns Spark Cyberattack Rumors
July 9, 2015
The New York Stock Exchange on Tuesday halted all transactions for three hours, due to what it maintained was a technical glitch. Trading continued on the other exchanges belonging to its owner, holding company Intercontinental Exchange. "The markets did not plummet with the shutdown," said Jim Wright, chief investment officer at Harvest Financial Partners.
Security Pros Shine Light on Shadowy Cyberspy Ring
July 8, 2015
A highly sophisticated group of hackers who use cutting-edge techniques to shield their attacks from detection has been bedeviling corporations around the world for several years. The group, which Symantec dubbed "Morpho" and Kaspersky Lab calls "Wild Neutron," has hit multibillion-dollar corporations in the Internet, software, pharmaceutical and commodities sectors in at least 11 countries.
Is Isolating the Internet Key to Bulletproof Security?
July 7, 2015
With so many cybersecurity pros drowning in an ever-rising tide of hack attacks on their computer systems, an emerging approach to defending those systems may be the life preserver they've been looking for. The approach doesn't involve beefing up perimeter defenses, carefully scrutinizing network traffic, or applying analytics to employee behavior.
Poll Highlights Container Security Concerns
July 6, 2015
The results of a recent survey on container usage trends suggest that a deployment surge is likely within the next two years -- but also that companies have serious concerns about container security, certification and skills. The survey, commissioned by Red Hat and conducted by TechValidate, assessed enterprise adoption plans for application containers.
Hacking Team's Dingy Laundry Hung Out Online
July 6, 2015
Fireworks of a different kind rocked the security world this Fourth of July weekend, when news surfaced that hackers breached Hacking Team, an Italy-based firm that develops malware for governments and law enforcement. The attackers reportedly exposed 400 GB of data stolen from its servers. "It appears [Hacking Team] were compromised through social engineering, said Bugcrowd's Jonathan Cran.
Cisco Erects 6 Pillars for the IoT
June 29, 2015
Cisco on Monday launched Cisco IoT System -- a new Internet of Things initiative comprised of 15 products geared toward improving device interoperability. As many as 50 billion devices and objects could be connected to the Internet by 2020, the company forecast, yet today more than 99 percent of things in the physical world currently are unconnected.
US, Brit Spooks Bedevil Security Software
June 24, 2015
The United States' National Security Agency and the UK's Government Communications Headquarters reportedly have been attacking antivirus and other security software since at least 2008. The aim is to infiltrate networks and track users. The agencies apparently have reverse-engineered security and antivirus software, sometimes under dubious legal authority.
Can Android Give BlackBerry New Life?
June 16, 2015
BlackBerry could be considering equipping an upcoming smartphone with Google's Android operating system, Reuters reported last week. The move would be consistent with BlackBerry's strategy to focus on software and device management instead of handsets. Such a pivot would take the company away from its current strategy to regain lost market share with a new generation of BlackBerry smartphones.
Duqu 2.0 Makes Other Malware Look Clunky
June 12, 2015
Duqu 2.0 may have just snatched the title of "most sophisticated malware ever," according to Kaspersky Lab, which published a report on the new threat this week. Kaspersky discovered Duqu 2.0 after the malware penetrated its own internal networks. "The philosophy and way of thinking of the Duqu 2.0 group is a generation ahead of anything seen in the APT world," said Kaspersky's Kurt Baumgartner.
Patch Tuesday Sunset Will Be a Mixed Bag for Windows Security
June 11, 2015
Microsoft will phase out Patch Tuesday -- its monthly potpourri of software product fixes -- when it rolls out Windows 10, which could be a mixed bag for the operating system's security. Patches will be applied automatically as they're ready. That means users no longer will have to wait until the second Tuesday in the month to secure their systems from potentially troublesome vulnerabilities.
US Snooping Costs High-Tech Sector $35B and Counting
June 10, 2015
Other countries' concerns over U.S. government surveillance programs likely will cost American businesses more than $35 billion, according to a report released Tuesday by the Information Technology & Innovation Foundation. Originally it was thought that the fallout from Edward Snowden's revelations of U.S. mass surveillance programs would be limited to cloud service providers.
US CIO Orders Federal Websites to Get More Secure
June 10, 2015
U.S. federal CIO Tony Scott on Monday sent a memo to the heads of executive departments and agencies requiring that all publicly accessible federal websites and Web services use HTTPS -- "the strongest privacy and integrity protection currently available for public Web connections." Some federal websites currently use HTTPS, but there has not been a consistent policy across the federal government.
OPM Security Was a Data Breach Waiting to Happen
June 9, 2015
Things could get worse before they get better as the FBI, US-CERT and Office of Personnel Management investigate a data breach that may have compromised the personal information of some 4 million current and past federal employees. Additional exposures of personal identifying information could be discovered, officials have warned. The OPM made the breach public last week.
See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS
What is your reaction to the rumored
4-inch iPhone?
I'm in -- I'd love to have a smaller iPhone.
I prefer a larger iPhone, but it's good to have more options.
I expect innovation from Apple -- seems it's running out of ideas.
I'm not interested in an iPhone of any size.