OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
Laser Pointer Hack Easily Dupes Driverless Cars
September 8, 2015
A simple off-the-shelf laser pointer could be combined with a very basic computer to disrupt the multithousand-dollar Lidar systems installed in most self-driving cars, a security researcher warned last week. A setup that costs about $60 could trick the system, which autonomous vehicles use to sense objects in the road, into responding as though there were obstacles ahead when there were none.
Linux Foundation Security Checklist: Have It Your Way
September 6, 2015
The Linux Foundation's recently published security checklist may draw more attention to best practices for protecting Linux workstations, even if IT pros do not embrace all of its recommendations. Konstantin Ryabitsev, the foundation's director of collaborative IT services, developed the list for the use of LF remote sysadmins, to harden their laptops against attacks.
An Insider Betrayed Ashley Madison - Go Figure
September 4, 2015
When the giant data breach at infidelity website Ashley Madison made headlines last month, the CEO of the site's owner was quick to claim the caper was an inside job. He had the attacker's profile and work credentials, Avid Life Media's CEO Noel Biderman told ace cybersecurity blogger Brian Krebs. Though not an employee, the individual had accessed the company's technical services.
KeyRaider Malware Busts iPhone Jailbreakers
September 3, 2015
Data-robbing malicious software dubbed "KeyRaider" has stolen more than 225,000 valid Apple accounts and thousands of certificates, private keys and purchasing receipts, Palo Alto Networks' Unit 42 reported last week. The firm identified the malware in cooperation with WeipTech, which found the accounts on a server while it was analyzing suspicious user-reported iOS tweaks.
Baby Monitors Riddled With Security Holes
September 2, 2015
Rapid7 has released a report on an assortment of new vulnerabilities found in baby monitors: predictable information leaks; backdoor credentials; reflective, stored XSS; direct browsing; authentication bypass; and privilege escalation. "Many of the issues would allow video and audio from the device to be viewed by an attacker," said Mark Stanislav, senior security consultant at Rapid7.
Qualcomm Sics Fire-Breathing Snapdragon on Android Hackers
September 1, 2015
Qualcomm on Monday announced Snapdragon Smart Protect, a hardware-software product that could make the world a safer place for Android smartphone users. Snapdragon Smart Protect, which will become available with Qualcomm's upcoming Snapdragon 820 processor, will provide real-time, on-device machine learning designed to support accurate and effective detection of zero-day malware threats.
Shadow IT Feeds 'Man in the Cloud' Attacks
August 27, 2015
Shadow IT -- the use of unauthorized online services by company employees -- is a concern of cyberwarriors charged with defending business systems against network attacks. There's new evidence that those concerns are justified. A new attack vector on business systems leverages the synchronization features of services like Dropbox and Google Drive to perform malicious mischief.
Malvertising Headache Swells to Migraine Proportions
August 26, 2015
Online advertising that pushes malicious software to consumers has increased 325 percent over the past year, Cyphort Labs reported Tuesday. Malvertising is adding to what is already a significant problem for online advertisers. Ad fraud will cost global advertisers more than $6 billion this year, according to the Association of National Advertisers.
Cyber-Posse Aims to Round Up Ashley Madison Hackers
August 25, 2015
The Toronto Police Service on Monday reported on the progress of Project Unicorn, the official investigation into the hack attack on Ashley Madison, an adultery-promoting website. The Toronto police are working closely with the U.S. Department of Homeland Security, the RCMP, the FBI, and the Ministry of the Attorney General's criminal law office in carrying out the investigation.
Spotify's 'Sorry' Fails to Cut Through Confusion
August 22, 2015
Spotify CEO Daniel Ek on Friday issued a public apology for poor communications regarding the company's new privacy policy. The new policy, which took effect Wednesday, immediately triggered alarm. Several tech publications railed against the terms, and Minecraft creator Markus Persson engaged Spotify CEO Daniel Ek in a Twitter debate that ended with Persson and others quitting the music service.
Ashley Madison Hackers: Catch Them if You Can
August 20, 2015
The Ashley Madison hacker gang will be tough to apprehend. The hackers this week dumped nearly 10 gigabytes of stolen personal data onto the Web -- details gleaned from accounts established on the site, which is dedicated to matching up people who want to engage in extramarital affairs. It's "nearly impossible" to track down attackers, noted Bit9 + Carbon Black's Ben Johnson.
It's a Mad, Mad, Mad Ashley Madison World
August 19, 2015
Hackers have dumped personal data of about 37 million members of the Ashley Madison website onto the Dark Web. The data was stolen in an attack on the site, which aims to hook up people who want to cheat on their spouses. Parent company "Avid Life Media has failed to take down Ashley Madison and Established Men," the Impact Team wrote in a post online. ... Now everyone gets to see their data."
AT&T Went Above and Beyond for NSA, Say Snowden Docs
August 18, 2015
The National Security Agency considered its relationship with AT&T unique and particularly productive, accordingto a report published Saturday. The information about the company's close ties with the agency came from the trove of documents released by NSA whistleblower Edward Snowden. NSA lauded AT&T for its "extreme willingness to help," giving it access to billions of emails among other things.
Windows 10 FUD Fades Fast
August 14, 2015
Complaints about Windows 10 keep rolling in, but so far none appears to have stuck. The latest brouhaha is over certain privacy settings. Windows 10 gives users many options to disable certain data-gathering and reporting features, but it appears that some communications to Microsoft servers still slip through. So far, there doesn't seem to be anything shifty or harmful about those interactions.
Twitter Goes Long With Historic Tweet Access
August 13, 2015
Twitter on Tuesday announced a search API that will give business users instant and complete access to every historical public tweet about a subject of interest. Based on the Historical PowerTrack and 30-Day Search API tools developed by Gnip, which Twitter purchased last year, the API lets users search tweets back to March 2006, when the first one was posted.
Study: Chinese Hackers Are Savvy, Surgical
August 13, 2015
A clandestine group of sophisticated Chinese hackers have infected scores of sites on the Web and stolen documents from industrial and government organizations with surgical precision, according to a Dell SecureWorks study released last week. Dubbed "Threat Group 3390," the cybergang has used infected websites of some 100 organizations across the globe.
Feds Break Up Hacker-Powered Insider Trading Ring
August 12, 2015
In two indictments unsealed by the U.S. Department of Justice in Brooklyn, N.Y., and Newark, N.J., nine people were charged in federal court with carrying out an international scheme to hack into three business newswires, steal yet-to-be published press releases, and use them to make trades that generated approximately $30 million in illegal profits.
Chinese Hackers May Have Burrowed Into Airlines
August 11, 2015
The China-based hacking team that has been infiltrating U.S. government and business computer systems appears to be behind two newly discovered attacks -- this time on travel reservation processor Sabre and American Airlines. Sabre confirmed that its systems -- which contain sensitive records on as many as a billion travelers -- recently were breached. American Airlines is investigating.
Hacker Demos $30 Gizmo That Unlocks Keyless Car, Garage Doors
August 11, 2015
Infamous security researcher Sammy Kamkar last week demonstrated a gadget that can intercept wireless signals to unlock cars and garage doors. Kamkar showed off the device, which cost him just $32 to make, at the DefCon conference in Las Vegas. RollJam works with a wide array of motor vehicles -- including Nissan, Cadillac, Ford, Toyota, Lotus, Volkswagen and Chrysler, according to Kamkar.
Mozilla Plugs Dangerous Firefox Zero-Day Hole
August 10, 2015
Mozilla on Friday released security updates to fix a zero-day flaw in the Firefox browser. An exploit that searches for sensitive files and uploads them to a server -- possibly somewhere in Ukraine -- has surfaced in an ad on a Russian news site, Mozilla reported last week. The exploit impacts Windows and Linux users. Mac users could be hit by a modified version.
Google on Universal Right to Be Forgotten: Fuhgeddaboudit
August 7, 2015
Google last week asked French regulators to withdraw a demand to universally delist from search results links to information about French citizens who wish to be forgotten on the Internet. Any European can ask to have certain links about them removed from search results that appear in Europe, and Google will grant those requests if they meet specific criteria.
Windows 10 Raises Some Hackles
August 7, 2015
"Tablet view is showing saved porn images," wrote Reddit user "FalloutBos." "Woke up to wife asking why I set it to rotate all my porn images right on the desktop view. I have no idea [how] to shut that feature off and that computer is staying shut down until I do." That incident raised howls of laughter, but it points to one of the problems early users of Microsoft's new OS have reported.
Cyberwarrior Demand Outpaces Supply
August 6, 2015
Demand for cybersecurity professionals continues to far outpace supply, according to a Burning Glass Technologies report released last week. Cybersecurity hiring remains concentrated in government agencies and among defense contractors, the third annual cybersecurity job market report notes, but hiring has started to boom in industries handling consumer data.
OS X Zero-Day Exploit Threatens Massive Mac Attack
August 4, 2015
Mac users, beware -- the ads you see on the Web could let hackers hijack your device. Malwarebytes has discovered a new zero-day exploit in OS X that lets apps bypass passwords during installation to get root permission through a Unix shell. A new adware installer downloaded by a Malwarebytes researcher modified his sudoers file -- a hidden Unix file that controls access to root permissions.

See More Articles in Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Do you want to live in an Internet-connected home?
Yes -- I have some smart things, and I want more.
Yes -- I'm looking forward to all the conveniences.
Not sure -- I have security and privacy concerns.
No -- the technology isn't good enough yet.
No -- it's a ridiculous waste of money.