Welcome Guest | Sign In
LinuxInsider.com
New iOS Security Feature Ripe for Defeat
July 11, 2018
A new feature in iOS 11.4.1, which Apple released earlier this week, is designed to protect against unwanted intrusions through the iPhone's Lightning Port. However, the protection may be weak at best. The feature, called "USB Restricted Mode," disables data transfer through the Lightning Port after an hour of inactivity. In some cases, the phone might not charge, according to Apple.
Polar Flow Fitness App Exposes Soldiers, Spies
July 10, 2018
A popular fitness app provided a convenient map for anyone interested in shadowing government personnel who exercised in secret locations, including intelligence agencies, military bases and airfields, nuclear weapons storage sites, and embassies around the world. The fitness app, Polar Flow, publicized more data about its users in a more accessible way than comparable apps, investigators found.
Breaking the Fraud Chain
June 29, 2018
Retailers' biggest worry is increasing e-commerce fraud -- including data breaches, targeted attacks and card-not-present fraud -- according to a report from the Federal Reserve Bank of Minneapolis. Online fraud is one of the biggest challenges facing retailers, with CNP fraud being one of their top worries. CNP fraud will hit $71 billion over the next five years, Juniper Research has forecast.
WPA3 Arrives to Shore Up WiFi Security
June 27, 2018
Network devices with better security will be hitting the market this year, thanks to Wi-Fi Certified WPA3, which the Wi-Fi Alliance launched Tuesday. The announcement paves the way for the proliferation of devices that support the new, more secure protocol for WiFi communication, which is designed to replace the 14-year-old WPA2. The new protocol adds features to simplify WiFi security.
The Dismal State of Healthcare IoT Security
June 25, 2018
The healthcare industry has been moving toward medical equipment connectivity to speed up data entry and recording, as well as improve data accuracy. At the same time, there has been a shift toward incorporating consumer mobile devices, including wearables. "The demand for connected devices has increased rapidly in recent years," noted Leon Lerman, CEO of Cynerio.
The IoT's Perplexing Security Problems
June 19, 2018
Worldwide IoT spending will total nearly $773 billion this year, IDC has predicted. The IoT will sustain a compound annual growth rate of 14.4 percent, and spending will hit $1.1 trillion by 2021, according to the firm's forecast. Consumer IoT spending will total $62 billion this year, making it the fourth largest industry segment, after manufacturing, transportation and utilities.
Upcoming iOS Access Restrictions Could Stymie Law Enforcement
June 16, 2018
Apple plans to equip iOS 12 with USB Restricted Mode, which requires users to unlock their iPhone with their passcode before USB accessories can connect if the phone last was unlocked more than an hour earlier. The company included this feature in the developer versions of iOS 11.4.1 and iOS 12. Apple will release USB Restricted Mode publicly in a future software update, it confirmed this week.
Breach Litigation: A Growing Risk for E-Commerce Businesses
June 15, 2018
The expanding world of Internet commerce likely will generate a corresponding expansion of data breaches, resulting in more e-commerce businesses becoming the targets of consumer class action lawsuits. Breach litigation has become more prevalent as a result of a perceptible legal trend favoring consumers. Courts have tended to allow lawsuits based on a lower threshold for establishing injury.
Dark Screen Mode Among New macOS Mojave Highlights
June 6, 2018
Apple on Monday gave the world a peek at macOS Mojave, the next version of its operating system for Macintosh laptop and desktop computers. The preview took place at the company's Worldwide Developers Conference held at the McEnery Convention Center in San Jose, California. Mojave has a mix of new features that add to its good looks and utility as a productivity tool.
DevOps: Plenty of Devs, Not Enough Ops
May 29, 2018
In spite of all the high-profile breaches that seem to sweep the headlines with greater frequency, companies slowly but surely have been getting a handle on internal security practices. At this point, it's hard to imagine any employee, in or out of the tech sector, who hasn't been run through antiphishing training. However, security is only as strong as its weakest link.
FBI Declaws Russian Fancy Bear Botnet
May 25, 2018
The FBI has disrupted a network of half a million routers compromised by the group of Russian hackers believed to have penetrated the DNC and the Hillary Clinton campaign during the 2016 elections, according to reports. The hacker group, known as "Fancy Bear," has been using a malware program called "VPN Filter" to compromise home and small office routers.
Okta Offers Devs Free Tool to Set Up Multifactor Authentication
May 24, 2018
Okta has announced the Okta API Products One App, which lets engineering teams and developers implement multifactor authentication for any single website or application. Developers can use API Products for One App free if they display "Identity by Okta" on the login page of their app. Among Okta API Products for One App's features are authentication and directory services for Web or mobile apps.
Cloud Health Services, Part 2: Privacy and Security
May 23, 2018
Health services vendors have been partnering with various organizations to gain a foothold in the cloud and to test out their solutions. One of the cloud's major selling points is security -- but it is not as safe as it's made out to be. Google Cloud "recently announced a significant expansion in HIPAA compliance across our portfolio of cloud products," noted Google Cloud's Joe Corkery.
Cloud Health Services, Part 1: Benefits and Complications
May 22, 2018
The cloud offers a host of potential uses, according to the healthcare industry and academic medical center representatives who participated in a Healthcare Information and Management Systems Society survey. Application hosting was the top use, identified by 90 percent of the respondents. Disaster recovery and backup, and hosting application data were among other uses cited.
Rhino-Saving Tech Also Could Protect Kids and Borders
May 21, 2018
Cisco has reduced the poaching of endangered rhinos in Africa by a whopping 96 percent. This success comes at a time when kids appear to be increasingly at risk from rogue school shooters and the United States government seems deadlocked on gun control. The focus of Cisco's tech is on catching the poachers who kill around 1,000 endangered rhinos a year, rather than on taking away their guns.
How to Back Up iPhone Data to an External Drive
May 16, 2018
A recent incident reminded me of the importance of backing up one's phone regularly. Soon after carrying my recycling out to the curbside, I realized I had misplaced my 6-month-old iPhone. Cue brief panic, followed by deep concern that I'd somehow tossed my device into that transparent bag I'd left outside for the world to see. That led me to yelling "Hey, Siri" until the familiar chime sounded.
Highly Sensitive Encrypted Email at Risk of Exposure
May 15, 2018
A newfound flaw in email clients that use PGP and S/MIME to encrypt messages can be exploited to expose the plain text of the missives, according to a new paper. By injecting malicious snippets of text into encrypted messages, attackers can use the flaw to make the email client exfiltrate decrypted copies of the emails, explained the authors, a team of researchers from three European universities.
Circadence VP Keenan Skelly: Changing the Cybersecurity Paradigm
May 9, 2018
"It's only a few times in the history of the U.S. and in specific domains do you have the opportunity to make decisions and have a lasting effect on that domain," said Circadence VP Keenan Skelly. "In terms of information cybersecurity, we're right in the middle of it right now. We're just figuring out what global norms should be."
Insurance and the Consumer IoT
April 30, 2018
Smart home and consumer IoT solutions promise significant opportunities for the insurance industry in terms of reducing costs, alleviating risks, deepening customer engagement, and creating new services and revenue streams. There are many barriers ahead to overcome, but given the tremendous upside, insurance companies have begun attacking these challenges with a multi-tiered strategy.
Could BlackBerry Displace Apple?
April 30, 2018
I spent a day with BlackBerry last week and it brought back memories of how Apple displaced the company around a decade ago. I, like a lot of folks, thought what Apple was attempting was impossible. However, after the fact, it didn't even look difficult. BlackBerry largely has completed its pivot to software and services, but a wave of new phones from its partners suggests new possibilities.
Researchers Create Hack to Unlock Millions of Hotel Room Doors
April 26, 2018
A flaw in certain electronic hotel door locks could allow hackers to access guest rooms and other secure locations at millions of properties around the world, F-Secure researchers have discovered. Software updates were issued to fix the flaw in the smart locks after F-Secure notified and worked with the manufacturer over the past year. The researchers had found a way to make a master key.
Gmail Privacy and Security Get Ruggedized
April 26, 2018
Google has rolled out a number of new features designed to make its G Suite collaboration and productivity apps more efficient and safer to use. G Suite currently has more than 4 million paying business customers. The updates include a new design, enhanced security and AI components, and better integration of G Suite apps -- including Gmail, which is getting a brand new look.
'Holy Grail' Exploit Puts Nintendo Switch Consoles at Risk
April 25, 2018
Devices built on Nvidia's Tegra X-1 mobile processor are at risk of attack from a flaw security researchers have revealed. The exploit chain discovered by Katherine Temkin and others affects any device running the chip, including the Nintendo Switch gaming console. Called "Fusée Gelée," the vulnerability allows anyone to run code on the chip by overloading a critical buffer when a system boots.
Google Puts a Lid on Mysterious 'Self-Spamming'
April 24, 2018
Users of Google's Gmail have been receiving spam that appears to have been sent from their own accounts. Google said it was aware of a spam campaign impacting a "small subset of Gmail users" and was taking measures to protect against it. The attackers used forged email headers to make it appear that users were sending emails to themselves, which led to those emails appearing in their sent folders.
Microsoft Calls On Linux for Its New IoT Security Platform
April 22, 2018
Microsoft has opted to use its own version of a Linux operating system instead of Windows 10 to drive its new Azure Sphere solution for securely connecting Internet of Things devices. Microsoft introduced Azure Sphere last week at the RSA security conference in San Francisco. Azure Sphere is a platform that connects microcontroller units, or MCUs, embedded in cloud-connected devices.
Microsoft, Facebook, Oracle Among 34 Firms to Join Cybersecurity Tech Accord
April 18, 2018
Microsoft, Oracle and Facebook, along with 31 other companies, have signed the Cybersecurity Tech Accord, an agreement aimed at defending against cyberattacks, whether coming from rogue hackers or nation-states. The 34 tech firms committed to stronger defenses, no offensive attacks, capacity building and collective action. Security remains a major issue in the tech world.
Standards Milestone Could Mark Beginning of End for Passwords
April 11, 2018
A Web standards milestone could point to the end of the road for pesky passwords. The new standard, WebAuthn, has won near-final approval from the World Wide Web Consortium. WebAuthn defines a standard API that can be incorporated into browsers and Web infrastructure. It opens the door for new ways for users to authenticate themselves on the Internet that are more secure and convenient than passwords.
Beyond CRM
April 10, 2018
We should start discussing what's beyond CRM. I chose the word "beyond" advisedly. CRM is far from dead or even in decline, so "after" would be incorrect. However, CRM already has changed so much that it may be time to rethink it. Also, many of the tangential technologies that have turbocharged CRM in the last few years, like social media, have drawn so much attention that some analysis is due.
No Cure for Cyber Insecurity?
April 6, 2018
An alarming number of major U.S. retailers, industrial firms, government agencies and other organizations have been hit in a recent wave of cyberbreaches that may signal increasing vulnerability for consumers and businesses alike. The attacks have exposed millions of consumer payment cards to fraud. Cyberthieves have used a variety of methods to infiltrate corporate computer systems.
FTC Signals Tougher Stance on Mobile Privacy Protection
March 29, 2018
Mobile device makers and telecom service providers need to make significant privacy protection improvements for their customers, says the FTC. Its recent report could become the basis for agency enforcement actions -- not only for smartphones, but also for other mobile devices. "The report is a clear signal to the industry to focus on this issue," said Gerard Stegmaier, a partner at Reed Smith.
See More Articles in Consumer Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Content Marketing on ALL EC
How does the tech industry compare to other industries when it comes to diversity?
Tech firms have been working much harder than others to achieve diversity.
Tech is rife with sexism, racism, homophobia and other forms of discrimination.
The tech industry would be more inclusive if there were more qualified applicants.
Tech firms have made superficial efforts but they're mainly for show.
The push for diversity is a cultural fad, and there is no real problem.