Welcome Guest | Sign In
LinuxInsider.com
The Perils of Mobile App Insecurity
February 04, 2014
Smartphones and tablets have become ubiquitous -- and so convenient that we often download apps and approve permissions without giving them much thought. Such behavior exposes the data we store on our prized devices to increasing risk. That blind trust is just what app makers count on. Android users, especially, are complacent about synchronizing apps on multiple devices.
An SMB's Guide to PCI 3.0 Penetration Testing
February 04, 2014
By now, if you're an IT professional and you're in an organization that has PCI-DSS in your scope -- that is, you store, process or transmit credit card data -- you probably already know that an update to the standard, Version 3.0, was released late last year. With this update come a few changes to the technical measures that organizations handling credit card information must implement.
Target Fiasco Shines Light on Supply Chain Attacks
February 03, 2014
The holiday data breach at Target was opened up with stolen credentials from a vendor in the company's supply chain, according to reports that surfaced last week. That kind of attack is getting more and more common these days. "About 80 percent of data breaches originate in the supply chain," said Torsten George, vice president of marketing for Agiliance.
IT Weaknesses Paved the Way for Target Hackers
January 30, 2014
The Target data breach exposed more than 100 million customers, riled up U.S. intelligence agencies, sparked a Justice Department investigation, involved the U.S. Department of Homeland Security and the FBI, triggered congressional hearings, and led several banks to re-issue their credit cards. The hacker has variously been identified as a 17-year-old Russian or one or more other cybercriminals.
Slipshod Security, Human Frailty Made @N Ripe for Plucking
January 30, 2014
GoDaddy reportedly has admitted one of its employees handed out customer information to a scammer who carried out a scheme to obtain a prime Twitter account. Naoki Hiroshima, a developer at Echofon, this week detailed how the scammer was able to force him to hand over his prime Twitter account, @N. The scammer used social engineering to accomplish his goal.
Worried Retail Shoppers Bury Heads in Sand
January 28, 2014
Consumers are getting increasingly nervous over retailers' ability to protect their personal data -- yet they are not changing their shopping habits, according to findings from an AP-GfK poll. In the wake of the Target breach, nearly half of those surveyed expressed extreme concern about their personal data while shopping in stores, and 58 percent had deep worries about online spending.
Google Buys DeepMind to Dig Deeper Into Data
January 27, 2014
News that Google is purchasing artificial intelligence company DeepMind for between $500 million and $650 million surfaced Monday. The first commercial applications of DeepMind are in simulations, e-commerce and games. "These are the areas most likely to benefit from -- and generate revenue from -- AI," aid Jim McGregor, principal analyst at Tirias Research.
Neiman Marcus Alerts Customers to Hack Attack
January 24, 2014
Neiman Marcus has announced that some 1.1-million customer credit and debit cards may have been exposed in a hack attack. The retailer was first alerted to the intrusion at the beginning of the year. It appears that "sophisticated, self-concealing malware" able to obtain payment card information was active in the company's systems between July 16 and Oct. 30, 2013, CEO Karen Katz said.
Privacy Board Urges Shutdown of 'Illegal' NSA Data Dig
January 23, 2014
The United States National Security Agency should end its controversial bulk telephone metadata collection program, recommended the Privacy and Civil Liberties Oversight Board. The board's report, issued Thursday, says Section 215 of the U.S. Patriot Act, which provides the foundation for the NSA's authority, "does not provide an adequate legal basis to support the program."
With AirWatch in Tow, VMware Arrives Late to Mobile Party
January 23, 2014
VMware on Wednesday announced it is acquiring enterprise mobile management and security solutions provider AirWatch. The deal, which is expected to close later this quarter subject to the usual regulatory approvals and closing conditions, will expand VMware's reach into the mobile space. AirWatch has more than 10,000 customers worldwide and more than 1,600 employees across nine offices globally.
English Soccer Player Lobs One at Twitter
January 22, 2014
Stan Collymore, a retired soccer player from England, accused Twitter of sitting on its hands when it comes to combating abusive messages -- of which he has received many. Collymore, now a broadcaster, became a troll target after he suggested Liverpool forward Luis Suarez faked a foul -- "diving," in soccer parlance -- in a game played last Saturday.
Syrian Electronic Army Takes Another Poke at Microsoft
January 22, 2014
The Syrian Electronic Army, which is notorious for launching cyberattacks against the media, on Monday defaced the Microsoft Office blog site. The hack occurred after Microsoft redesigned the blog site following an SEA attack earlier this month. "A targeted cyberattack temporarily affected the Microsoft Office blog and the account was reset," said exec Dustin Childs.
Bitcoin's Popularity Attracts Malware Writers
January 22, 2014
Most folks know the value of money, but few know the latest value of a Bitcoin, a virtual currency prone to wide price swings. Those swings haven't deterred those on the digital leading edge from speculating in the currency -- or bad app writers from plotting ways to steal it. "Bitcoins -- and indeed any digital property of any value -- will be a theft target," said Bitcoin developer Jeff Garzik.
Crowdfunders Send Jamaican Bobsled Team to Sochi
January 21, 2014
The Jamaican bobsled team, which qualified for the Olympics for the first time since 2002, is heading to the Sochi Olympics, thanks in large part to a group of supporters who raised more than $25,000 worth of "Dogecoins," an Internet currency. The team needed about $40,000 total, and after the Internet came through with $25K, Jamaica's Olympic committee picked up the difference.
Nest CEO Promises to Preserve Privacy
January 21, 2014
Nest CEO Tony Fadell took on one of the many lingering questions about Google's $3.2 billion acquisition of the company: What will become of its privacy policy? Any changes to Nest's privacy policy will be opt-in, and the company will be "transparent" about those changes to its users, Fadell promised. This assurance from Fadell is almost as significant as Google's acquisition of Nest.
Beware of the Spam-Sending Fridge
January 21, 2014
More than 100,000 Internet-connected home consumer devices, including a refrigerator, spammed enterprises and consumers worldwide for about two weeks, between Dec. 23 and Jan. 6, according to security firm Proofpoint. The devices were part of a botnet that sent out 750,000 spam emails, the company claimed. The attack apparently featured waves of emails sent in bursts of 100,000 at a time.
Google Axes Adware-Pushing Chrome Extensions
January 20, 2014
Following reports of adware being distributed through extensions for Google's Web browser Chrome, the search giant has removed two applets from it its online store. Pulled from the Chrome Web Store were "Add to Feedly" and "Tweet This Page." Both extensions were mentioned in a Friday report about adware vendors buying popular Chrome extensions and transforming them into advertising hoses.
Wife of Indian Minister Dead After Exposing Husband on Twitter
January 20, 2014
The wife of Shashi Tharoor, an Indian minister and member of parliament, was found dead in a luxury hotel in New Delhi days after exposing her husband's alleged infidelity via Twitter. The cause of death is not known, but a forensic expert reportedly dubbed it a "sudden, unnatural death." Private messages between Tharoor and a Pakistani journalist popped up on Tharoor's Twitter account Wednesday.
The Blackphone vs. the NSA
January 20, 2014
Well Linux bloggers have made it plain from the get-go that privacy is among their top concerns for 2014, and recent events have done nothing to shift that focus. President Obama's momentous speech proposing NSA reforms wasn't the only clarion call last week. We also heard from Mozilla, which appealed to security researchers to help keep Firefox source code unadulterated and backdoor-free.
Obama's NSA Reforms Draw Tepid Response
January 18, 2014
In a keenly anticipated speech, President Obama on Friday announced reforms to the NSA's surveillance activities, but his pronouncements failed to please just about everyone. "We heard nothing in his speech or proposal that will repair the damage that has been done to the tech industry and the future of the Internet," said Matt Simons, director of social justice at ThoughtWorks.

See More Articles in Security Section >>
Facebook Twitter LinkedIn Google+ RSS