OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com
Cyanogen Taps Truecaller in Effort to Build a Better Mobile OS
May 8, 2015
Cyanogen, best known for its FOSS Android-based OS, CyanogenMod, soon will provide caller ID screening and spam blocking directly from the native dialer on Cyanogen OS, the commercial version of its operating system. These capabilities will be provided through the company's global partnership with Truecaller. They will be baked into future smartphone devices preloaded with Cyanogen OS.
Federal Appeals Court Rules NSA's Phone Data-Vacuuming Illegal
May 7, 2015
A U.S. Court of Appeals has ruled, in essence, that the NSA's collection of metadata concerning Americans' communications is illegal. The court vacated U.S. District Judge William Pauley's December 2013 ruling in ACLU v. Clapper, and remanded the case to the lower court. "The Second Circuit found the government incorrect in many of its arguments," said ACLU Staff Attorney Patrick Toomey.
Mumblehard Malware Mugs Linux Servers
May 5, 2015
A family of Linux malware targeting Linux and BSD servers has been lurking around for five years. Dubbed "Linux/Mumblehard," the malware contains a backdoor and a spamming daemon, both written in Perl. The components are mainly Perl scripts encrypted and packed inside an executable and linkable format, or ELF, said Eset. In some cases, one ELF executable with a packer nests inside another.
Report: Top Endpoint Security Packages Perfectly Foil Drive-By Attacks
May 5, 2015
Drive-by attacks on the Internet are a particularly pernicious form of online threat, especially for individual Web surfers. On the corporate level, though, a company with good endpoint protection software can foil the malicious practice. A drive-by occurs when an infected website automatically downloads malware onto a Net traveler's computer. Endpoint solutions can thwart those kinds of attacks.
Our Bodies, Our Security: Biometrics vs. Passwords
May 4, 2015
Text-based usernames and password pairs should be replaced with biometric credentialing, such as vein recognition and ingestible security tokens, suggests Johnathan LeBlanc, PayPal's global head of developer evangelism. Celebrities have been mortified, Sony Pictures Entertainment brought to its knees, and Home Depot sent scrambling to EuroPay Mastercard Visa's chip and pin earlier than mandated.
Steer Clear of iOS 8's Infinite Loop
May 1, 2015
A flaw in iOS 8 allows hackers essentially to crash apps that perform SSL communications whenever they like. Skycure reported the bug at the RSA security conference held last week, advising owners of iOS devices to upgrade to iOS 8.3. Apple this week confirmed that iOS 8.3 addresses the vulnerability. An attack would involve specially crafting an SSL certificate to regenerate a bug.
Apple Watch Could Be a Password Alternative
April 30, 2015
With password tolerance levels at an all time low, alternatives to the pesky and insecure authenticators are beginning to abound. One of those alternatives could be the Apple Watch. Even before Apple's latest gadget began shipping last week, MicroStrategy announced it was extending its Usher enterprise security solution to the Apple Watch. Usher on the Apple Watch allows it to act as a digital key.
IoT: Why Security Pros Need to Prepare Now
April 29, 2015
Have you ever heard of the Cullinan diamond? If you haven't, it was the largest diamond ever discovered: a 3106 carat diamond found in 1905 in South Africa. What's interesting about the Cullinan diamond isn't so much the discovery of the stone itself but what happened afterward: specifically, the cutting of the diamond. The Cullinan diamond was split into a number of smaller pieces.
Other Shoe Drops in White House Security Breach
April 28, 2015
Last year's breach of unclassified White House computer systems reportedly was far more intrusive than initially thought and included the theft of some presidential correspondence. No classified systems were compromised, including the servers that control message traffic from the president's BlackBerry. However, much of the information the unclassified servers handle is considered sensitive.
House Passes Cybersecurity Bills Despite Privacy Fears
April 24, 2015
Two cybersecurity bills approved this week by the U.S. House of Representatives pose a threat to citizens' privacy, according to opponents of the measures. Both bills aim to improve sharing of cybersecurity information between businesses and government agencies. "'Information sharing' is a misnomer," said Gabriel Rottman, legislative counsel for the American Civil Liberties Union.
VCs Cough Up $100M for Cybersecurity Startup Illumio
April 23, 2015
Illumio, a 2-year-old cybersecurity startup, last week announced it had raised $100 million in a Series C round of financing, bringing its total funding over the past 27 months to more than $142 million. Illumio will use the fresh funds to meet demand for its Adaptive Security Platform software, to invest in R&D, to grow sales and marketing efforts, and to fuel international expansion.
Breach Outbreaks Fuel Encryption Adoption
April 22, 2015
As data breaches make headlines around the world, more companies are turning to encryption to protect their information jewels. That is one of the findings in a study released Monday, conducted by the Ponemon Institute and sponsored by Thales E-Security. "Mega breaches and cyber attacks have increased companies' urgency to improve their security posture," says the report.
Government Surveillance: What to Do, What to Do?
April 21, 2015
The CIA has been trying to hack into iOS for years. British and American agencies reportedly have collaborated to create a map of the Internet and Web users. The United States National Security Agency has, together with the UK's GCHQ, reportedly stolen SIM card encryption keys from Gemalto. The FBI is frothing at the mouth over Google's and Apple's encryption of their mobile OSes.
US Navy Gears Up for Cyberwarfare
April 20, 2015
The U.S. Fleet Cyber Command, part of the U.S. 10th Fleet, reportedly is developing a strategy for modernizing its cyberoperations and transforming the Navy's network into a cyberwarfare platform. The need for a stronger cybersecurity approach has been underlined by the penetration of U.S. government networks by hackers, the most recent of which was an attack on unsecured White House computers.
Your Lawyer Is Vulnerable to Cyberattacks
April 20, 2015
Lawyers help their clients as they negotiate confidential business transactions, hold intellectual property, manage funds and litigate disputes, among many other business activities. In the ordinary course of business, lawyers also maintain numerous confidential documents and data of and about their clients. Lawyers therefore have a big bull's-eye drawn on their backs, visible to cybercriminals.
China's Great Cannon Could Point Anywhere When Next Fuse Is Lit
April 16, 2015
China, which censors the Internet with its Great Firewall aka the "Golden Shield," has a new censorship tool that is causing alarm. It's known as the "Great Cannon." The University of Toronto's Citizen Lab identified the tool in a report released last week. The Great Cannon was first used in March, to launch a large-scale DDoS attack on GitHub and GreatFire.org, Citizen Lab said.
Opening Windows Source Code Could Improve Security
April 16, 2015
Microsoft Technical Fellow Mark Russinovich raised a few eyebrows at ChefCon earlier this month, when he aired the possibility of Windows becoming an open source program. Sure, Microsoft's attitude toward the open source movement has mellowed over the years, but the prospect of the company rubbing elbows with the likes of Linux overloads the imagination.
Ransomware Perps Put the Squeeze on Police
April 14, 2015
Five police departments in Maine, whose networks are linked together so they can share files, recently deposited bitcoins worth 300 euros into a Swiss bank account as ransom for their records. The departments' management system was locked down by ransomware that scrambled their data and rendered it unusable. The police decided to pay up after their experts failed to crack the ransomware code.
DEA Sued for Unconstitutional Phone Surveillance
April 10, 2015
The Electronic Frontier Foundation this week filed a complaint against the U.S. Drug Enforcement Administration for secretly collecting data on all telephone calls to as many as 116 countries, possibly going back to the 1990s. The suit was filed on behalf of Human Rights Watch. Many of the calls were made to countries known to be heavily involved in the drug trade.
Chrome Web Store Gives Bad Extensions the Boot
April 10, 2015
Google recently purged some 200 extensions from its Chrome Store inventory. Extensions and add-ons let users add functions and features to the Chrome Web browser, but bad extensions can expose users to a greater risk of spyware and malware. A major problem with many browser add-ons is ad injectors. The clean-up resulted from increasing user complaints.
Heartbleed Threat Won't Fade Away
April 9, 2015
This week marks the first anniversary of the Heartbleed vulnerability that caused a panic across the Internet last year. While the flaw appears to have faded from the recollections of Net denizens, it still poses danger at many sites in cyberspace. Heartbleed was discovered in April 2014 in an open source library, OpenSSL, used by the SSL protocol.
FTC Upgrades IT to Protect Consumer Privacy, Data Security
April 8, 2015
The FTC, which is at the forefront of regulating the impact of information technology on consumers, is bolstering its technical resource capabilities through a new Office of Technology Research and Investigation. The FTC is concerned about the failure of commercial entities to make adequate disclosures or to properly address data breaches and privacy issues.
John Oliver Tackles Surveillance in Surprise Snowden Scoop
April 6, 2015
Comedy talk show host John Oliver boldly went where few journalists from the mainstream media have dared to tread, grilling whistle-blower Edward Snowden about his leaking of thousands of NSA documents to the press. He raked Snowden over the coals for not having read every one of the documents, insisting there's a difference between understanding what's in documents and reading them.
Obama Draws Cyber Line in Sand
April 2, 2015
President Barack Obama on Wednesday signed an executive order that gives the Secretary of Treasury the authority to impose sanctions on entities found responsible for or complicit in carrying out a cyberattack harmful to U.S. interests. The Secretary of Treasury will have to consult with the Secretary of State and the Attorney General before enacting the powers granted under the order.

See More Articles in Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Is Microsoft starting to get cool again?
Yes - thanks to Satya Nadella's vision.
Yes - but only in certain areas, like AI and VR.
Maybe - it doesn't seem as stodgy as before.
No - it never was.