Find and compare the best Artificial Intelligence software for your business.
Welcome Guest | Sign In
LinuxInsider.com
Sudo or Sudo Not, There Is No (4th) Try
June 24, 2017
If you're a Linux user, at some point in some tutorial or troubleshooting guide you've more than likely encountered Linux's magic word: "sudo". A casual observer probably can tell you that it's used to access restricted functions on your computer, but there is much more to it than that. My hope is that by taking a moment to learn about the power of "sudo", you will be better equipped to use it.
3 WannaCry Talking Points to Win Security Buy-In
June 21, 2017
By this point, most technology practitioners -- and nearly all security practitioners -- know about WannaCry. In fact, you might be sick of people analyzing it, rehashing it, sharing "lessons learned" about it, and otherwise laying out suggestions -- in some cases, contradictory -- about what you might do differently in the future. The level of unsolicited advice can border on the annoying.
Microsoft Buys Hexadite to Toughen Windows Security
June 9, 2017
Microsoft on Thursday said it has agreed to buy a Hexadite, which incorporates artificial intelligence in its automated responses to cyberthreats. The acquisition will help bolster the company's efforts to help commercial Windows 10 customers deal with advanced attacks on their networks, Microsoft said. The acquisition will include Hexadite's endpoint security automated remediation.
Hacking and Linux Go Together Like 2 Keys in a Key Pair
May 31, 2017
Ever since taking an interest Linux, with the specific aim of better understanding and enhancing my personal digital security, I have been fascinated by hacker conferences. As soon as I learned of their existence, I made a point of keeping tabs on the major conferences so I could browse through the latest videos in their archive once each one wraps up. I thought that was the closest I would get.
Crate.io Packs New Features, Services Into DB Upgrade
May 17, 2017
Crate.io on Tuesday announced an upgrade to its open source CrateDB, and introduced a commercial version. The database now is available as a managed service as well. CrateDB 2.0 features clustering enhancements and SQL improvements. The enterprise edition adds authentication and authorization features for enhanced security, which are not provided in the open source version.
Massive Ransomware Attack Reaps Meager Profits
May 17, 2017
The WannaCry ransom attack that quickly circled the globe last week is not yet fully contained. So far, it has impacted more than 300,000 computers in 150 countries. However, one of the remarkable things about it is that only a trifling $100,000 in ransom, give or take, apparently has been paid. That represents a surprisingly low response from an attack generally considered the biggest ever.
Microsoft Bashes NSA Following Massive Ransomware Attacks
May 15, 2017
Microsoft this weekend unleashed its wrath on the National Security Agency, alleging it was responsible for the ransomware attack that began last week and has spread to thousands of corporate, government and individual computer systems around the world. Microsoft Chief Legal Officer Brad Smith launched a blistering attack on the NSA and governments worldwide.
British Hospitals, FedEx Among Thousands Hit by Ransomware
May 13, 2017
Authorities are investigating a massive ransomware attack that reportedly hit more than 45,000 computers in 74 countries worldwide, including the UK's NHS England national health service, international delivery service FedEx, and Spanish telecom firm Telefonica. Security experts have linked the exploit to an earlier leak by the Shadow Brokers, who allegedly pilfered hacking tools from the NSA.
Flaw in Intel Chips Could Open Door to Botnet Armies
May 9, 2017
A 7-year-old flaw in Intel chips could enable hijackers to gain total control of business computers and use them for malicious purposes. The Intel AMT vulnerability is the first of its kind, according to Embedi, which released technical details about it last week. Attackers could exploit the flaw to get full control over business computers, even those turned off but plugged into an outlet.
Surviving the Security 'Skills Desert'
May 8, 2017
If you've ever spent time in a desert, it may seem inconceivable to you that creatures actually can live there. The fact that animals not only survive, but also thrive in those conditions seems counterintuitive. In fact, a number of animals do so -- in many cases, they are aided by an array of specialized adaptations that allow them to leverage the environment to their advantage.
New Strain of Linux Malware Could Get Serious
April 25, 2017
A new strain of malware targeting Linux systems, dubbed "Linux/Shishiga," could morph into a dangerous security threat. Eset disclosed the threat, which represents a new Lua family unrelated to previously seen LuaBot malware. Linux/Shishiga uses four protocols -- SSH, Telnet, HTTP and BitTorrent -- and Lua scripts for modularity, wrote Detection Engineer Michal Malik and Eset researchers.
Microsoft Inches Toward a World Without Passwords
April 20, 2017
Microsoft has announced the general availability of its phone sign-in for customers with Microsoft accounts -- a system that could be the beginning of the end for passwords. The new system requires that customers add their accounts to the Microsoft Authenticator app, which comes in both iOS and Android versions, noted Alex Simons, director of program management of the Microsoft Identity Division.
Report: Commercial Software Riddled With Open Source Code Flaws
April 19, 2017
Black Duck Software has released its 2017 Open Source Security and Risk Analysis, detailing significant cross-industry risks related to open source vulnerabilities and license compliance challenges. Black Duck conducted audits of more than 1,071 open source applications for the study. There are widespread weaknesses in addressing open source security vulnerability risks across key industries.
Microsoft's Timely Response to Shadow Brokers Threat Raises Questions
April 18, 2017
Just as the Shadow Brokers hacker group started crowing about a dump of never-seen-before flaws in Windows, Microsoft announced it already had fixed most of the exploits. "Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers," said Microsoft Principal Security Group Manager Phillip Misner. "Most of the exploits are already patched."
Don't Let the Next Catastrophic Phishing Scandal End Your Career
March 27, 2017
What I think is amazing about all of the massive data breaches we hear about is that we know most are not reported. For every email, customer record, or financial theft in the news, there likely are hundreds that remain in the shadows. Yet another incident came to light last week. A clever Lithuanian individual was able to pull a whopping $100 million from a bunch of unnamed Internet companies.
WikiLeaks Exposes CIA's Device Surveillance Tricks
March 23, 2017
WikiLeaks has released more Vault 7 documentation online, including details about several CIA projects to infect Apple's Mac computer firmware and operating system. The site unloaded its first batch of stolen Vault 7 data earlier this month. The CIA's Embedded Development Branch developed malware that could persist even if the targeted computer were reformatted and its OS were reinstalled.
IBM Launches Enterprise-Strength Blockchain as a Service
March 20, 2017
IBM has unveiled the first enterprise-ready Blockchain as a Service offering based on The Linux Foundation's open source Hyperledger Fabric. IBM Blockchain, which lets developers quickly establish highly secure blockchain networks on the IBM cloud, is a transformative step in being able to deploy high-speed, secure business transactions through the network on a large scale, the company said.
Intelligence-Driven Supply Chain Resilience
March 20, 2017
Information security practices are undergoing a transformation. For at least a decade, environments have been becoming less perimeter-centric: Gone are the good old days when in-line controls protected the trusted, safe interior from the "wild west" of the outside. As environments become more complex and externalized, the traditional "perimeter" loses meaning.
Dun & Bradstreet Marketing Database Exposed
March 17, 2017
A Dun & Bradstreet database, 52 GB in size and containing more than 33.6 million records with very specific details, has been exposed. Cybersecurity researcher Troy Hunt, who received it for study, on Wednesday confirmed that the records already were organized and developed as if intended for distribution to a potential client. The database apparently was compiled for the use of marketers.
US Charges 2 Russian Intel Agents, 2 Hackers in Yahoo Case
March 16, 2017
The Justice Department has announced charges against four individuals, including two officers of Russia's FSB, for carrying out a massive cyberbreach that affected about 500 million Yahoo account holders. A federal grand jury in Northern California charged the defendants -- the FSB officials and two Russian cybercriminals -- with using stolen data to gain illegal access to numerous accounts.
Federal Agencies Mirror Commercial Websites for Encryption
March 15, 2017
Private and public sector organizations share a common goal in hosting Internet websites: making sure that connections with customers and citizens are secure. However, complete security is not yet universal in either sector. Google and Mozilla, for example, are among many entities promoting Internet security via the adoption of HTTPS versus the basic and less secure HTTP technology.
Tech Companies Weigh Responses to WikiLeaks Exposure
March 11, 2017
Following WikiLeaks' publication earlier this week of classified documents stolen from the CIA, major technology companies, including Apple, Samsung, Microsoft and Cisco, have been scrambling to assess the risks posed to their customers by the revelations. The so-called "Vault 7" leak includes information about methods and tools the CIA crafted to hack into products produced by those companies.
Online Trust Alliance Launches IoT Security Campaign
March 8, 2017
The Online Trust Alliance is calling on businesses, consumers and government to share responsibility for ensuring that Internet of Things devices are not weaponized, outlining actions that businesses, consumers and government can take to ensure the security and privacy of IoT devices. It calls for a campaign to have retailers and consumers reject IoT products that pose a security threat.
Time to Get Serious About IoT Cybersecurity
March 2, 2017
Both companies and individuals will have incredible opportunities ahead with the Internet of Things. IoT is starting to combine with AI, cloud-based services, and many other new segments, creating a very fertile growing field. However, it also poses a growing threat for security. A secure IoT framework does not yet exist. That's where the new IoT Cybersecurity Alliance comes into play.
Cloudflare Nips Cloudbleed Bug in the Bud
March 1, 2017
Cloudflare has fixed the Cloudbleed software bug responsible for a buffer overrun problem that caused its edge servers to return private information in response to some HTTP requests. That private information included HTTP cookies, authentication tokens and HTTP POST bodies. However, SSL private keys weren't leaked, said Cloudflare CTO John Graham-Cumming in an online post.
Google Cracks Key Security Code, Calls for New Standard
February 24, 2017
Google on Thursday announced that its two years of collaboration with CWI resulted in the launch of a successful attack against the SHA-1 cryptographic algorithm, a widely used standard protocol used to protect sensitive data in millions of computers. The breakthrough research hows that the industry needs to send the SHA-1 standard into retirement, Google said.
Microsoft Seeks Global Cybersecurity Accord
February 18, 2017
Microsoft has called on governments around the world to create a "digital Geneva Convention" as a way to normalize international cybersecurity rules and protect civilian use of the Internet. President Brad Smith, who is also Microsoft's chief legal officer, addressed the issue at the annual RSA conference held earlier this week, saying that governments need to establish international rules.
Capsule8 Launches Linux-Based Container Security Platform
February 11, 2017
Cybersecurity startup Capsule8 this week announced that it has raised $2.5 million to launch the industry's first container-aware, real-time threat protection platform designed to protect legacy and next-generation Linux infrastructures from existing and potential attacks. CEO John Viega, CTO Dino Dai Zovi and Chief Scientist Brandon Edwards, all veteran hackers, cofounded the firm.
The Old Man and the Tsunami: A Security Story
January 23, 2017
There's a folk-story that all Japanese schoolchildren learn about an old man who lives in a village by the sea. One day, an earthquake hits. He's the only person in the village to realize that a tsunami will soon follow. He hurries to the nearby mountainside where the rice for the village is grown and sets the entire harvest aflame. All of the villagers race to the mountainside to deal with the conflagration -- their rice is their most precious resource.
Yahoo and the Year of Living Dangerously
January 20, 2017
If there is a lesson to be drawn from Internet search giant Yahoo's hellish past year, it is a grimly illustrative one: Never assume a cybersecurity disaster can't get worse. Last September, the Internet portal disclosed that it had suffered the most damaging and far-reaching data breach in history -- only to then announce in December the discovery of a second, earlier, and even larger hack.
See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Which of these tech companies has the greatest *negative* impact on society?
Amazon
Apple
Facebook
Google
IBM
Microsoft
Twitter