OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com
XP Users Have a Bad Headache Coming On
April 07, 2014
Money will be the biggest problem users of Windows XP will face when Microsoft officially stops supporting it on Tuesday. As a last resort, Microsoft is offering custom support for Windows XP as a temporary stopgap. That could cost as much as $200 per PC per year, Gartner estimated. The UK government reportedly has paid Microsoft about $9 million to extend Windows XP support for one year.
Yahoo Issues Security Sitrep
April 03, 2014
Yahoo has announced a new effort to upgrade its security, in the wake of a torrent of breaches and hacker attacks over recent months. Yahoo's plans include encryption of data in motion, enabling HTTPS encryption, and implementing the latest in security best practices, said Chief Information Security Officer Alex Stamos, who took over the job in March.
Clock Counting Down on Windows XP Support
April 01, 2014
As Microsoft prepares to cut off support for Windows XP, hackers are sharpening their knives in anticipation of carving up the operating system's carcass. Web predators will pounce on XP 10 minutes after Microsoft pulls the support plug on the software, predicted one former military computer specialist and network engineer. Indeed, it appears that information highwaymen are stockpiling ammunition.
Big Blue Dons Big Data Gloves to Fight Fraud
March 21, 2014
IBM on Thursday launched a set of software and consulting services to help fight fraud and financial crime. The so-called smarter counterfraud initiative draws from more than 500 fraud consulting experts, 290 fraud-related research patents, and the $24 billion IBM has invested in its Big Data and analytics software and services capabilities over the past nine years.
Target Breach Lesson: PCI Compliance Isn't Enough
March 18, 2014
"Target was certified as meeting the standard for the payment card industry in September 2013. Nonetheless, we suffered a data breach." Those words by Target CEO Gregg Steinhafel affirmed what security experts know as gospel: Compliance does not equal security. "Just because you pass a PCI audit does not mean that you're secure," said HyTrust President Eric Chiu.
Target Missed Bull's-Eye in Data Breach
March 14, 2014
Target acknowledged Thursday that it put information on a back burner that led to the compromise of more than 100 million customer records. "We learned that after these criminals entered our network, a small amount of their activity was logged and surfaced to our team," said spokesperson Molly Snyder, which "determined that it did not warrant immediate follow up."
2013: A Perilous Year on the Internet
March 11, 2014
Surfing the Internet last year was a dangerous proposition. On average, 200 samples of malicious software were collected every minute by McAfee Labs, the company reported in its threat report for the Q4 2013. All kinds of Internet nastiness increased last year -- from ransomware and suspicious URLs to bogus digital certificates, master boot record attacks, and poisoned mobile apps, the firm said.
The Increasing Business Risk of Cloud Cyberattacks
March 10, 2014
It is hard to figure out which is growing at a faster pace -- movement to the cloud or cybercrime. Cybercrime is following the data to the cloud, according to reports, to find and steal cloud data of hotel records, credit card information, and maybe even corporate secrets and the client files of lawyers. The concept of managing data for business on a remote computer is actually 50 years old.
Boeing Unveils Suicidally Secure Smartphone
February 27, 2014
Boeing this week filed an application with the United States Federal Communications Commission for a secure Android smartphone called the "Black" that will self-destruct if anyone tries to physically open the case. The company will offer it to the U.S. defense and security communities. The Black has endless modularity capabilities, according to Boeing.
Apple's Better Late Than Never With OS X Security Fix
February 26, 2014
Apple has pushed a large update to its OS X Mavericks OS that includes a patch for a significant security flaw. The vulnerability allows Net predators to hijack a secure communication channel from a device running the latest version of OS X and perform mischief such as intercepting user names and passwords. The flaw affects Apple programs that use SSL encryption.
Security Firms Scour Mobile Apps
February 24, 2014
Security pros weren't very kind to mobile applications last week. A number of firms knocked apps produced for the smartphone market for all kinds of risky behaviors that could lead to trouble not only for mobile device owners, but also for their employers. While Android has been a poster child for misbehaving apps in the past, competitor Apple's apps aren't as pristine as is commonly believed.
Hackers Perfectly Time Largest DDoS Attack Ever
February 12, 2014
"Very big NTP reflection attack hitting us right now. Appears to be bigger than the #Spamhaus attack from last year. Mitigating." That Monday evening tweet from Matthew Prince, CEO of CloudFlare, signaled what's being touted as the largest distributed denial of service attack ever launched on the Internet. The attackers leveraged a known vulnerability in the Internet's infrastructure.
Kaspersky Details Sophisticated 'Mask' Robber Ops
February 11, 2014
Kaspersky Lab has released research findings on Careto, a malware toolkit that has hit more than 380 victims in 31 countries so far since 2007. "Careto" means "mask" in Spanish, Kaspersky notes. The word also could point to an ancient tradition incorporated into Portuguese and Brazilian Carnival festivals. Because they are so highly sophisticated, the attacks could be the work of a nation-state.
Careless, Reckless Staff Are Corporate Security's Biggest Threat
February 07, 2014
We have met the enemy and he is us. Pogo's philosophical observation perfectly describes the way IT and security professionals view their end users' attitude toward data security. An overwhelming 80 percent of corporate security professionals and IT administrators indicated in a recent survey that "end user carelessness" constituted the biggest security threat to their organizations.
Target Fiasco Shines Light on Supply Chain Attacks
February 03, 2014
The holiday data breach at Target was opened up with stolen credentials from a vendor in the company's supply chain, according to reports that surfaced last week. That kind of attack is getting more and more common these days. "About 80 percent of data breaches originate in the supply chain," said Torsten George, vice president of marketing for Agiliance.
IT Weaknesses Paved the Way for Target Hackers
January 30, 2014
The Target data breach exposed more than 100 million customers, riled up U.S. intelligence agencies, sparked a Justice Department investigation, involved the U.S. Department of Homeland Security and the FBI, triggered congressional hearings, and led several banks to re-issue their credit cards. The hacker has variously been identified as a 17-year-old Russian or one or more other cybercriminals.
Syrian Electronic Army Takes Another Poke at Microsoft
January 22, 2014
The Syrian Electronic Army, which is notorious for launching cyberattacks against the media, on Monday defaced the Microsoft Office blog site. The hack occurred after Microsoft redesigned the blog site following an SEA attack earlier this month. "A targeted cyberattack temporarily affected the Microsoft Office blog and the account was reset," said exec Dustin Childs.
The Blackphone vs. the NSA
January 20, 2014
Well Linux bloggers have made it plain from the get-go that privacy is among their top concerns for 2014, and recent events have done nothing to shift that focus. President Obama's momentous speech proposing NSA reforms wasn't the only clarion call last week. We also heard from Mozilla, which appealed to security researchers to help keep Firefox source code unadulterated and backdoor-free.
Obama's NSA Reforms Draw Tepid Response
January 18, 2014
In a keenly anticipated speech, President Obama on Friday announced reforms to the NSA's surveillance activities, but his pronouncements failed to please just about everyone. "We heard nothing in his speech or proposal that will repair the damage that has been done to the tech industry and the future of the Internet," said Matt Simons, director of social justice at ThoughtWorks.
Blackphone Aims to Keep Spooks in the Dark
January 15, 2014
Silent Circle and Geeksphone have teamed up to create the Blackphone -- a smartphone designed to truly protect users' privacy. Carrier- and vendor-independent, the Blackphone allows users to make and receive phone calls securely, as well as transfer and store files, swap secure text messages, and conduct video chats without compromising their privacy, the companies claim.
NSA's Radio Spying Could Backfire
January 15, 2014
The United States National Security Agency's surveillance efforts reportedly include radio transmissions from circuit boards and USB cards inserted surreptitiously into computers. This apparently has been going on since 2008. "This is pretty cool," said Jim McGregor, principal analyst at Tirias Research. "You could embed a transmitter in a USB dongle or memory card or mouse plugin or USB plugin."
Ready, Set, Cyberattack!
January 14, 2014
Advanced persistent threats and stealth malware attacks have been making the rounds for years. Now, U-M researchers Robert Axelrod and Rumen Iliev have created a model that, in essence, lays out the best time for nation-states to launch cyberattacks. The model takes into account the stealth and persistence of a cyber-resource -- a means to exploit a vulnerability in a target's computer system.
Foreign Firms Flee US Cloud Services
January 13, 2014
Further proof that the NSA surveillance scandal is impacting the United States IT industry came on Friday with the publication of a study conducted for Canadian Web hosting and cloud services provider Peer1 Hosting. Fully 64 percent of the 300 UK- and Canada-based respondents to the survey hoped to move data from U.S.-based cloud service providers to their own countries within the next five years.
Intrusion Prevention: Keeping the Bad Guys Out
January 13, 2014
By improving the security and availability of services, IT leaders can deliver better experiences and payoffs for businesses and end users alike. In this podcast, we're joined by Jim O'Shea, Network Security Architect for HP Cyber Security Strategy and Infrastructure Engagement. We'll explore the ins and outs of improving enterprise intrusion prevention systems.

See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS