Find Command Cheat Sheet » Free from Linux Training Academy » Download Now!
Welcome Guest | Sign In
LinuxInsider.com
Cybercriminals Score Billions in Cryptocurrency Thefts
May 21, 2019
Is anyone surprised to learn that in just the first quarter of 2019 more than $1.2 billion worth of cryptocurrency was stolen? Probably not. This story follows the old line from bank robber Willie Sutton who is credited with saying that he robbed banks "because that's where the money is." So not much has changed. Cryptocurrencies are not exactly money, though, even if they do have a market value.
5 Effective Talent Retention Strategies for Security Teams
May 20, 2019
In IT, we've been hearing about the "cybersecurity skills shortage" for a few years. There is no shortage of statistics and data about it: More than 70 percent of participating organizations reported being impacted by the skills shortage, according to an ESG/ISSA research report. Likewise, more than half of the organizations surveyed for an ISACA report noted unfilled cybersecurity positions.
How Artificial Intelligence Is Reshaping the Workforce
May 17, 2019
Shoppers soon might see a lot more robots in Walmart stores -- but not toy robots or even human assistant gadgets that are available for purchase. Walmart's new robots will be taking over repeatable, predictable and manual tasks that up to now have been carried out by human employees. At Walmart stores, robots will scan shelf inventory and track boxes as part of its inventory management.
Zombieload, Fallout, and 2 Other CPU Flaws Have Intel on the Hop
May 16, 2019
The high-tech industry once again is in a tizzy over flaws discovered in Intel CPUs -- four new MDS vulnerabilities have come to light. MDS is a sub-class of previously disclosed vulnerabilities that sample data leaked from small structures within the CPU using a locally executed speculative execution side channel. The practical exploitation of MDS flaws is a very complex undertaking, however.
Software Bug Gives Spyware Free Rein With a Single WhatsApp Call
May 15, 2019
Many users of Facebook's WhatsApp messaging software are scrambling to patch the program in response to news of a flaw that allowed spyware to be installed on mobile phones running Android and iOS. "This new type of attack is deeply worrying and shows how even the most trusted mobile apps and platforms can be vulnerable," said Mike Campin, vice president of engineering at Wandera.
Baltimore Held Hostage in 2nd Ransomware Attack
May 10, 2019
Baltimore officials have admitted that the city government once again has been victimized by ransomware -- the second such attack in just over a year. City computers reportedly were infected with the RobinHood ransomware virus. Hackers told city officials that they would unlock the computers in return for payment of three bitcoins per system, or 13 bitcoins for the entire system.
Spring Cleaning Your Network Security
May 7, 2019
Spring may be my favorite time of year. The snow is melting, the sun is shining, and the air smells just a little bit fresher. It's as though the world is setting an example for the rest of us, letting us know that it's time to start fresh. It's time for spring cleaning -- and in the security world, spring cleaning means more than just wiping down countertops and lighting a few scented candles.
Open Source Flaw Management Shows Signs of Improvement: Report
April 30, 2019
Almost two years after the infamous Equifax breach, many organizations still struggle to identify and manage open source risk across their application portfolios. Meanwhile, the latest report tracking open source security shows a 40 percent rise in the average number of open source components detected in each codebase analyzed. The scanned software includes commercial applications.
Mobile Chrome Hoax Could Target Android Users
April 30, 2019
A new method for hiding the true location of a website from users of the mobile Chrome Web browser has come to light. Phishers can trick users into revealing their credentials for a legitimate website to operators of a malicious one, security researcher James Fisher reported. Scammers can exploit mobile Chrome's feature that hides the address bar when users are scrolling on a Web page.
Is Nvidia Tesla's Kryptonite?
April 29, 2019
Tesla sure didn't have a good week last week, given the kind of press coverage it got. I'm not that worried about Tesla going away, though, as its products are far too popular for it to disappear. On the other hand, management clearly needs to be fixed. What got me started looking at Tesla last week was that it pretty much announced that Nvidia was its Kryptonite.
Hackers Use Microsoft Help Desk to Pull Off Massive Email Breach
April 16, 2019
Hackers piggybacked onto a Microsoft customer support portal between Jan. 1 and March 28 to gain access to the emails of noncorporate account holders on webmail services Microsoft manages, including MSN.com, Hotmail.com and Outlook.com. Microsoft has confirmed that a "limited" number of customers who use its Web service had their accounts compromised.
Phishers Bait Hooks for Netflix, Amex Users
March 22, 2019
Cybersecurity experts at Microsoft's Windows Defender Security Intelligence Team this week reported their discovery of two new email-based phishing campaigns. One targets Amex users while the other targets Netflix customers. Both campaigns reportedly are very well-crafted, featuring legitimate logos and even fill-in forms that closely mimic those on the respective company's own websites.
Mozilla Offers Free Secure File-Sharing Service
March 13, 2019
Mozilla has announced Firefox Send, a free encrypted file-sharing service that works in any browser. To share a file, you simply visit the Send site and drag your file to a box on the Web page. Unregistered users may upload up to 1 gigabyte in files, while registered users have a 2.5 GB allowance. After uploading your files, you choose an expiration time for the link used to share them.
End of the Line for Windows 7: Open Road for Hackers
March 7, 2019
Microsoft has been urging customers to upgrade from its Windows 7 operating system, while attempting to ease the transition with several options for extended support. It will stop providing routine fixes and security patches effective January 2020. Regular support for Windows Server 2008 also will end at that time. Windows 7 enterprise customers can subscribe to Extended Security Updates.
Breaches: Fix the Issue, Not the Blame
March 5, 2019
Following a natural disaster that causes property damage to businesses and homes -- say a hurricane, fire or flood -- how often do you hear suggestions that the victims were at fault for their misfortune, or that they could have done something to prevent the event from occurring in the first place? Not often, right? We all know that events like that are possible. We plan around those possibilities, and we don't blame the victims.
B0r0nt0K Ransomware Threatens Linux Servers
February 27, 2019
A new cryptovirus called "B0r0nt0K" has been putting Linux and possibly Windows Web servers at risk of encrypting all of the infected domain's files. The new ransomware threat and the ransom of 20 bitcoins -- about $75,000 -- first came to light last week in a forum post. A client's website had all its files encrypted and renamed with the .rontok extension appended to them, the forum user indicated.
E-Ticketing Flaw Exposes Airline Passenger Data to Hackers
February 7, 2019
The e-ticketing systems of eight airlines, including Southwest Airlines and Dutch carrier KLM, have a vulnerability that can expose passengers' personal data, mobile security vendor Wandera has reported. They use unencrypted links that hackers can intercept easily. The hackers then can view and, in some cases, even change the victim's flight booking details, or print their boarding passes.
Apple Squashes FaceTime Eavesdropping Bug
January 30, 2019
Apple has suspended its Group FaceTime application following reports that a bug in the software allowed callers to eavesdrop on the people they were calling. The flaw let a person making a FaceTime call listen through the phone of the person called before the call was accepted or rejected. It reportedly also allowed access to the front-facing camera in an iPhone.
4 Techniques for Validating Enterprise Blockchain
January 21, 2019
There's been a lot of hype about blockchain over the past few years. Nowadays though, there are signs that we may be on the cusp of moving from the "blockchain will solve all your problems" segment of the hype cycle into the "blockchain may be useful for a few targeted applications" segment. Utility-based Darwinism is at work -- we're starting to see the less likely applications fall away.
Court: Cops Can't Compel the Use of Body Parts to Unlock Phones
January 16, 2019
Authorities can't force people to unlock their biometrically secured phones or other devices, ruled a federal judge in California. "The Government may not compel or otherwise utilize fingers, thumbs, facial recognition, optical/iris, or any other biometric feature to unlock electronic devices," Magistrate Judge Kandis A. Westmore wrote. Passcodes already are protected by the Fifth Amendment.
The Biggest Cybercrime Threats of 2019
January 11, 2019
A new year means a fresh start, but it doesn't mean that old threats will go away. In fact, in the world of cybersecurity things could get far worse before they get better. Cybercrime continues to increase, as it allows nefarious actors to operate at a safe distance from victims -- and more importantly, law enforcement. Cybercrime often doesn't get the same attention as other types of crimes.
The Smartest Tech Products of 2018
December 31, 2018
Picking a product of the year is anything but trivial because the products I cover every week range from headphones to laptops to books, cars and more. So, I thought I'd try something different this year and pick six products that each deserve the title and then name a winner that stands out from the rest. This allows me to simplify the task and get around a bit of a writer's block I've been having on this subject.
BlackBerry Makes Autonomous Vehicle Play
December 13, 2018
BlackBerry this week introduced its new Security Credential Management System. SCMS -- a free service for the public and private sectors -- could encourage efforts to develop autonomous and connected vehicle pilot programs. BlackBerry undertook development of this technology to provide the critical infrastructure for vehicles and traffic lights to exchange information securely.
Supermicro: Our Motherboards Are Clean
December 12, 2018
Supermicro CEO Charles Liang has informed the company's customers that a leading third-party investigations company found "absolutely no evidence of malicious hardware" on its motherboards. The investigation was undertaken in response to a recent claim that bad actors had inserted spy chips in the firm's motherboards on behalf of the Chinese People's Liberation Army.
Quora Looks for Answers in Wake of Massive Data Breach
December 5, 2018
The personal data of some 100 million people who have used Quora, a popular question and answer website, has been compromised, the company disclosed. "We recently discovered that some user data was compromised as a result of unauthorized access to one of our systems by a malicious third party," wrote Quora CEO Adam D'Angelo in an online post. "We are working rapidly to investigate the situation."
How to Use a VPN for Safer Online Shopping
December 4, 2018
With the holidays fast approaching, are you looking to buy presents online? The holiday season has become synonymous with online shopping. This isn't really surprising as physical stores usually attract crowds of deal hunters. This often conjures up images of throngs of people waiting in line outside the store, some even camping out. This activity is tolerable for some and even fun for others.
DoJ Takes Down Online Ad Fraud Ring, Indicts 8
November 29, 2018
The DoJ has revealed an unsealed indictment of eight defendants for crimes related to their involvement in widespread digital advertising fraud. The DoJ alleges the eight individuals were behind two global schemes, 3ve and Methbot, which stole tens of millions of dollars through a scam that used fake Web traffic and fake websites to reap ad view revenue from unwitting advertisers.
When Is the Time to Hire a Cyber Specialist?
November 14, 2018
Cybersecurity has been becoming a larger and larger concern for organizations. Nowadays, most organizations -- regardless of size, industry, location, or profit vs. nonprofit status -- find themselves directly or indirectly impacted by cybersecurity. Even though the topic itself is increasing in importance, many smaller organizations don't have specialized security expertise on staff.
Whether Intended or Accidental, Internet Traffic Rerouting Can Be Costly
November 14, 2018
An apparent prefix leak from an errant router misconfiguration caused Google to lose control of several million of its IP addresses for more than an hour on Monday. During the event, Internet traffic was misrouted to China and Russia from Nigeria. The incident initially sparked concerns that it might have been a hijacking. The mishap made Google services unavailable to many users intermittently.
Cryptohackers Breach StatCounter to Steal Bitcoins
November 8, 2018
Hackers planted malware on StatCounter to steal bitcoin revenue from Gate.io account holders, according to Eset researcher Matthieu Faou, who discovered the breach. The malicious code was added to StatCounter's site-tracking script last weekend, he reported. The malicious code hijacks any bitcoin transactions made through the Web interface of the Gate.io cryptocurrency exchange.
See More Articles in Cybersecurity Section >>
Is "too much screen time" really a problem?
Yes -- smartphone addiction is ruining relationships.
Yes -- but primarily due to parents' failure to regulate kids' use.
Possibly -- long-term effects on health are not yet known.
Not really -- lack of self-discipline and good judgement are the problems.
No -- angst over "screen time" is just the latest overreaction to technology.
No -- what matters is the quality of content, not the time spent viewing it.