Welcome Guest | Sign In
LinuxInsider.com
The War Room: Experiential Security Planning
August 16, 2017
Ask any security practitioner about ransomware nowadays, and chances are good you'll get an earful. Recent outbreaks like Petya and WannaCry have left organizations around the world reeling, and statistics show that ransomware is on the rise. For example, 62 percent of participants surveyed for ISACA's recent "Global State of Cybersecurity" survey experienced a ransomware attack in 2016.
Is the Path to Secure Elections Paved With Open Source Code?
August 8, 2017
Increased use of open source software could fortify U.S. election system security, according to former CIA head R. James Woolsey and Bash creator Brian J. Fox. The two made their case for open source elections software after security researchers demonstrated how easy it was to crack some election machines at the recent DefCon hacking conference in Las Vegas.
WannaCry Hero Arrested on Kronos Malware Charges
August 5, 2017
In a stunning twist, U.S. authorities have arrested a British cyber-researcher credited with stopping the spread of the WannaCry ransomware virus on charges he helped develop and deploy the Kronos banking trojan that attacked financial institutions around the world in 2014. A federal grand jury in Wisconsin last month handed down a six-count indictment against Marcus Hutchins, a citizen of the UK.
HBO Cyberattack Driven By Mysterious Motives
August 3, 2017
HBO on Wednesday admitted that it had been targeted by a cyberattack, confirming an anonymous email the alleged hackers distributed to media outlets last weekend. Among the content that may have been compromised were upcoming episodes of the series Ballers, Barry and Room 104, along with script outlines of the channel's hit show Games of Thrones.
Comcast, Google Can Publish Users' Email Contents
August 2, 2017
Comcast's Terms of Service for its Xfinity Internet service gives it, its agents, suppliers and affiliates the right to "reproduce, publish, distribute and display" the content worldwide. It also lets third parties copy, republish or distribute material posted or transmitted using Xfinity Internet. This would include confidential information sent by a company employee or an independent contractor.
Russian Head of $4B Bitcoin Exchange Charged in Massive Money Laundering Scheme
July 28, 2017
A grand jury in the Northern District of California indicted a Russian man for running a massive money laundering operation through the BTC-e bitcoin exchange, a group of federal officials announced Wednesday. The exchange allegedly received up to $4 billion in proceeds from various criminal activities, including the 2014 hack of the Mt. Gox bitcoin exchange.
Flash Flames Out - but It Will Smolder for a While
July 27, 2017
Adobe has decided to pull the plug on its much maligned Flash format, citing the growing use of HTML5, WebGL and Web Assembly open standards. Helper apps have evolved over time to become plugins, which then further evolved to become open Web standards, Adobe noted. However, because gaming, education and video have come to depend heavily on Flash over the years, its phaseout will be gradual.
Microsoft Releases Long-Awaited Security Tool, Sets Linux Preview
July 25, 2017
Microsoft has released its long-awaited cloud-based bug detection tool, previously code-named "Project Springfield." The Windows version became generally available, and a new Linux version became available as a preview last week. The tool, Microsoft Security Risk Detection, uses artificial intelligence to hunt down security vulnerabilities in software that is about to be released.
New Cybersecurity Policy Will Impact Federal IT Market
July 24, 2017
Federal agencies already under the gun to modernize their information technology capabilities have a new set of standards to meet as a result of an executive order President Donald Trump issued this spring. The directive not only will affect agency managers in their IT operations and acquisition activities, but also will have a significant effect on IT vendors.
Open Source Flaw 'Devil's Ivy' Puts Millions of IoT Devices at Risk
July 21, 2017
Millions of IoT devices are vulnerable to cybersecurity attacks due to a vulnerability initially discovered in remote security cameras. Senrio found the flaw in a security camera developed by Axis Communications, one of the world's biggest manufacturers of the devices. The Model 3004 security camera is used for security at the Los Angeles International Airport, according to Senrio.
V2V's Place in an Increasingly Connected World
July 21, 2017
You're probably tired of reading that the Internet of Things is the hottest thing going, and that IoT is a boon to technology and, simultaneously, a potential disaster for security and privacy. However, over the past few years, another IoT-related technology has been growing: vehicle to vehicle. V2V is a way for automobiles to communicate directly with other vehicles on the road.
Vendor Exposes Millions of Verizon Customers on Amazon Cloud
July 17, 2017
Verizon, the largest wireless carrier in the U.S., has confirmed that data belonging to about six million of its wireless customers was exposed after the information mistakenly was allowed to remain unprotected on an Amazon cloud server. The disclosure follows reports that an engineer at Nice Systems allowed the data of 14 million Verizon customers to reside on an Amazon Web Services S3 bucket.
Petya's Ransomware Cloaking Device
July 11, 2017
Recent ransomware threats have escalated into a global crisis, and cybersecurity experts and government authorities have redoubled their investigative efforts. Of grave concern is the possibility that the recent Petya attack had more sinister motives than typical ransomware operations, and that state actors were involved behind the scenes. The Petya attack actually used ransomware as a cover.
IoT Fuels Growth of Linux Malware
July 5, 2017
Malware targeting Linux systems is growing, largely due to a proliferation of devices created to connect to the Internet of Things. That is one of the findings in a report WatchGuard Technologies released last week. The report, which analyzes data gathered from more than 26,000 appliances worldwide, found three Linux malware programs in the top 10 for the first quarter of the year.
The Stupidly Dangerous Politics of Blame
July 3, 2017
I hope that, like me, you are off this long holiday weekend and have a chance to think about the drama that now surrounds the U.S. administration. What I find fascinating isn't that the government is a bit of a mess but that the accidental transparency of this administration is focusing us more on the visibility of the problems rather than on the problems themselves.
Google Gives Up Scanning Personal Gmail
June 30, 2017
Google recently announced the end of its policy of scanning user emails for targeted advertising purposes -- a controversial practice that riled privacy advocates and spurred legal challenges. Gmail is the world's most widely used email provider, with more than 1.2 billion users. Google attributed its decision to gains it has made in the enterprise.
Petya Ransomware Sinks Global Businesses Into Chaos
June 28, 2017
A new ransomware exploit dubbed "Petya" struck major companies and infrastructure sites this week, following last month's WannaCry ransomware attack, which struck more than 300,000 computers worldwide. Petya is believed to be linked to the same set of hacking tools as WannaCry. Petya already has impacted a Ukrainian international airport and shut down radiation monitoring systems at Chernobyl.
Cyberattackers Kick Down a Few Parliament Email Doors
June 27, 2017
The United Kingdom's Parliament on Monday reported a cyberattack on its email system over the weekend, when hackers attempted to access user accounts without authorization. Due to the "robust measures" in place to protect the legislative body's accounts and networks, fewer than 1 percent of the 9,000 accounts on the network were compromised, officials said. Accounts that were compromised reportedly had weak passwords.
DHS to Congress: The Russians Are Coming Back
June 22, 2017
The House Intelligence Committee on Wednesday conducted a hearing focusing on the impact of Russian hacking on the 2016 elections. Members heard testimony from former DHS Secretary Jeh Johnson, who was in charge of the department when the actual hacking took place during the final months of the Obama administration. Russian President Vladimir Putin ordered the cyberattack, Johnson said.
OTA Report: Consumer Services Sites More Trustworthy Than .Gov Sites
June 22, 2017
The Online Trust Alliance on Tuesday released its 2017 Online Trust Audit & Honor Roll. Among its findings: Consumer services sites have the best combined security and privacy practices. FDIC 100 banks and U.S. government sites are the least trustworthy, according to the audit. The number of websites that qualified for the honor roll is at a nine-year high.
3 WannaCry Talking Points to Win Security Buy-In
June 21, 2017
By this point, most technology practitioners -- and nearly all security practitioners -- know about WannaCry. In fact, you might be sick of people analyzing it, rehashing it, sharing "lessons learned" about it, and otherwise laying out suggestions -- in some cases, contradictory -- about what you might do differently in the future. The level of unsolicited advice can border on the annoying.
Deep Root Analytics Downplays Giant Voter Data 'Oops'
June 20, 2017
A data contractor working on behalf of the Republican National Committee earlier this month allowed the personal data of 198 million voters to be exposed online, marking the largest ever leak of voter data in history. Deep Root Analytics exposed 1.1 terabytes of sensitive information -- including names, home addresses, dates of birth, phone numbers and voter registration information.
Broader Scope of Russian Election Cyberattacks Revealed
June 15, 2017
Federal and state officials have confirmed that cyberattacks against state voting systems during the 2016 election were more widespread than previously disclosed to the public, but they said the heightened activity did not impact final vote tallies. The confirmations follow a report that attempts to influence the 2016 presidential election were much greater than previously disclosed.
Securing Your Linux System Bit by Bit
June 13, 2017
As daunting as securing your Linux system might seem, one thing to remember is that every extra step makes a difference. It's almost always better to make a modest stride than let uncertainty keep you from starting. Fortunately, there are a few basic techniques that greatly benefit users at all levels, and knowing how to securely wipe your hard drive in Linux is one of them.
Microsoft Buys Hexadite to Toughen Windows Security
June 9, 2017
Microsoft on Thursday said it has agreed to buy a Hexadite, which incorporates artificial intelligence in its automated responses to cyberthreats. The acquisition will help bolster the company's efforts to help commercial Windows 10 customers deal with advanced attacks on their networks, Microsoft said. The acquisition will include Hexadite's endpoint security automated remediation.
BitKey Unlocks Mysteries of the Bitcoin Universe
June 1, 2017
BitKey is a Debian-based live distribution with specialist utilities for performing highly secure air-gapped bitcoin transactions. This distro is not for everyday computing needs, but if you are obsessed with the use of bitcoin or other cryptocurrencies, it might be just what you need. I am a high-tech sort of guy with a keen interest in diving through Linux distros both simple and complex.
Hacking and Linux Go Together Like 2 Keys in a Key Pair
May 31, 2017
Ever since taking an interest Linux, with the specific aim of better understanding and enhancing my personal digital security, I have been fascinated by hacker conferences. As soon as I learned of their existence, I made a point of keeping tabs on the major conferences so I could browse through the latest videos in their archive once each one wraps up. I thought that was the closest I would get.
Kaspersky to US: Check Our Source Code
May 27, 2017
Cybersecurity expert Eugene Kaspersky reportedly has volunteered to turn over his company's software source code to allay fears about possible ties with the Russian government. Kaspersky made the offer public at CeBIT Australia last week. Some U.S. officials have expressed concerns that Kaspersky Lab might have a close working relationship with the Russian government.
Leaked Docs Spotlight Complexity of Moderating Facebook Content
May 23, 2017
The public got a rare view into how Facebook tries to keep offensive and dangerous content offline in a report published Sunday. Leaked confidential documents exposed the secret rules by which Facebook polices postings on issues such as violence, hate speech, terrorism, pornography, racism and self-harm, as well as such subjects as sports fixing and cannibalism.
Report: Cybersecurity Dangerously Lax at Mar-a-Lago
May 19, 2017
Internet security at Mar-a-Lago -- the private club President Trump owns and has dubbed the "Southern White House" -- is weak, based on a recent investigation. Trump has used the resort to meet with staffers and foreign heads of state on official business. In February, he took a call about a North Korean ballistic missile launch in Mar-a-Lago's dining room, with members and waiters present.
See More Articles in Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Flexera Software White Paper
How do you feel about flying on a pilotless plane?
No way -- if there's a screw-up, you can't just jump out.
I'd do it -- flights are pretty much entirely automated anyway.
I'm skeptical but open minded, especially if fares would be much less.
I would try it if there were *someone* on board to take over in a pinch.
It's the wave of the future -- I'm resigned to it.