The Shopify Hacker-Powered Security Story » Get the Report from HackerOne!
Welcome Guest | Sign In
LinuxInsider.com
Software Security Best Practices Are Changing, Finds New Report
October 2, 2018
Independent software vendors, along with Internet of Things and cloud vendors, are involved in a market transformation that is making them look more alike. The similarities are evident in the way they approach software security initiatives, according to a report from Synopsys. Synopsys has released its ninth annual Building Security in Maturity Model, or BSIMM9.
The Crypto-Criminal Bar Brawl
September 25, 2018
As if e-commerce companies didn't have enough problems with transacting securely and defending against things like fraud, another avalanche of security problems -- like cryptojacking, the act of illegally mining cryptocurrency on your end servers -- has begun. We've also seen a rise in digital credit card skimming attacks against popular e-commerce software such as Magento.
Protecting Against 'Natural' Cybersecurity Erosion
September 21, 2018
Every child who's ever played a board game understands that the act of rolling dice yields an unpredictable result. In fact, that's why children's board games use dice in the first place: to ensure a random outcome that is -- from a macro point of view -- about the same likelihood each time the die is thrown. Consider what would happen if someone replaced the board game's dice with weighted dice.
Death Watch Begins for Google
September 17, 2018
The EU has been stretching its wings. In the shadow of Brexit, it apparently has decided it has the real enemy of the people in its sights: social media companies and Google. France is even more aggressive, suggesting that the EU's "right to be forgotten" law should apply worldwide. Given that it actually does fall within the legitimate purview of government, it is hard not to agree.
Why You Should Manage Your IoT Devices Like Employees
September 15, 2018
There is a well-known joke among security professionals: Q: "What does IoT stand for?" A: "Internet of Threats." Sadly, this joke is our reality. An estimated 20.4 billion Internet of Things devices will be deployed by 2020, according to Gartner, in what some have dubbed "the fourth industrial revolution." These connected devices are being manufactured to streamline everything we do.
Google Digs In Heels Over Global Expansion of EU's 'Right to Be Forgotten'
September 14, 2018
Google took on French lawyers at the European Union Court of Justice this week, in an effort to fend off expansion of the EU's "right to be forgotten" judgment. The EU's attempts to broaden the scope of that judgment would be "completely unenvisagable," and it could result in impositions on the values of different countries around the world, Google argued.
Android Apps Riskier Than Ever: Report
September 12, 2018
Widespread use of unpatched open source code in the most popular Android apps distributed by Google Play has caused significant security vulnerabilities, suggests an American Consumer Institute report. Thirty-two percent -- or 105 apps out of 330 of the most popular apps in 16 categories sampled -- averaged 19 vulnerabilities per app, according to the report. Researchers found critical vulnerabilities in many common applications.
Medical Device Insecurity: Diagnosis Clear, Treatment Hazy
September 11, 2018
An increasing number of healthcare professionals have become alert to the need for well-rounded medical device security in recent years, and players throughout the industry have started putting more effort into raising the bar. Developers have become aware of the most glaring holes, and more information security researchers have been brought into the fold.
The Thrill Is Gone for Many Facebook Users
September 6, 2018
American consumers' attitudes toward Facebook appear to be cooling, based on the results of a Pew Research Center survey. Forty-two percent of the roughly 4,600 people who responded to the May poll said they had taken a break of several weeks from checking the platform. "Facebook's probably losing subscribers for a number of reasons," said Frost & Sullivan's Michael Jude.
Google Cracks Down on Tech-Support Scams
September 5, 2018
Google has announced new steps to combat the placement of fraudulent tech support ads on its platform. The company will roll out a verification program in the next few months to ensure that only legitimate third-party tech support providers can place Google ads. There are many legitimate providers that offer local or regional services, or affordable support for out-of-warranty products.
'Five Eyes' Nations Push for Encryption Backdoors
September 5, 2018
Strong encryption can be a threat to law enforcement and national security, the governments of the United States, United Kingdom, Canada, Australia and New Zealand said in a statement issued Sunday. "The increasing use and sophistication of certain encryption designs present challenges for nations in combating serious crimes and threats to national and global security," maintained the countries.
Microsoft Foils Russian Attack on GOP Think Tanks
August 22, 2018
Microsoft has torpedoed websites designed to steal credentials from visitors to two Republican Party think tanks. The malicious websites were among six the company took down last week. A group of hackers affiliated with the Russian military created the sites, according to Microsoft. It apparently was the same group that stole a cache of email from the DNC during the 2016 presidential campaign.
5 Important Healthcare Cloud Security Factors to Weigh
August 21, 2018
The healthcare cloud has been growing incredibly, becoming an ever-more-important element of health information technology, or HIT. There are many reasons why the HIT cloud has been becoming more prominent, such as research and development and collaboration. Since the cloud has been expanding so rapidly, this may be a good time to reconsider security.
Don't Be So Sure AI Is Cybersecurity's Silver Bullet
August 20, 2018
There's a lot of hype around artificial intelligence as the greatest thing since sliced bread, but will AI really help with cybersecurity? Criminals who run cybercriminal businesses also are capable of using the AI to commit crimes. It's logical that if one person is smart enough to develop cyberprotection technologies that utilize AI, then thoughtful, creative criminals can use it too.
Google One Paid Storage Now Open to All US Users
August 17, 2018
Google has announced the availability of Google One as a storage upgrade option for people in the United States. The option will become available in other countries within the next few weeks. Users with paid Google Drive storage plans automatically were upgraded to Google One in the past few months, noted Pavni Diwanji, VP of Google One. Google One plans begin at $1.99 for 100 GB.
The Two Sides of the Artificial Intelligence Coin
August 16, 2018
The growth of artificial intelligence in recent years has been astounding -- yet AI is still in the very early stages of growth. Where are we today with this new technology, and where are we heading? Which companies are struggling, and why? What's coming next? AI for years has been a staple of science fiction. Now AI has moved beyond sci-fi and become real, with all sorts of technologies.
Alexa and Cortana: Two AI Heads May Be Better Than One
August 16, 2018
Microsoft and Amazon have released a public preview of the integration of their Cortana and Alexa voice assistants. Cortana will be available on amazon Echo devices, while Alexa will be available on Windows 10 devices and on Harman Kardon Invoke speakers. "Our ongoing goal has been to make Cortana your intelligent assistant, wherever you need assistance," a Microsoft spokesperson said.
Farsight Security COO Alexa Raad: 'Be Your Own Champion'
August 14, 2018
"If you think about Internet threats like phishing and botnets and malware -- all of those start with a DNS -- a domain name system. And so every kind of nefarious act leaves footprints and fingerprints in the DNS. That's something that cannot be faked," said Farsight Security COO Alexa Raad. For example, "a lot of the new domain names that are registered are typically registered with bad intent."
What Can Chrome 68 Teach Us About Election Security?
August 13, 2018
If you're a technologist, you've probably noticed a few new things associated with Chrome 68's release last month. One of the more notable changes is that it now uses a "not secure" indicator for any site not using HTTPS. So instead of providing a notification when a site is HTTPS, it now provides the user with a warning when it isn't. One of those groups is users of government websites.
AI-Driven Marketing Offers High Hopes to B2B Firms
August 8, 2018
Versium has announced a partnership with LiveRamp to launch artificial intelligence-powered B2B audience segments,as part of a new business-to-business data management platform. The partnership will let companies perform online targeting of offline business professional data that often is housed within their own CRM systems. LiveRamp customers will get access to Versium's modeling engine.
Virus Attack on Chipmaker Could Delay Next iPhone
August 7, 2018
A computer virus over the weekend disrupted the operations of the Asian manufacturer that makes chips for the iPhone and other devices offered by top shelf high-tech companies. TSMC said that a virus outbreak Friday evening affected a number of computer systems and fab tools at its facilities in Taiwan. The incident likely will cause shipment delays and create additional costs.
Leveraging Blockchain for B2B E-Commerce
August 6, 2018
Worldwide spending on blockchain will hit $1.5 billion this year -- twice as much as in 2017 -- and it will total nearly $12 billion in 2022, according to IDC. The technology is expected to have a five-year compound annual growth rate of 73.2 percent. Cross-business collaboration and interoperability have emerged as key aspects in the technology's growth.
Homeland Security Unveils Center to Combat Cyberthreats
August 1, 2018
DHS has announced the National Risk Management Center, part of a new effort to combat cyberthreats to the U.S. The new agency's mission will be to defend the critical infrastructure through greater cooperation between the public and private sectors. The center will bring together government experts and industry partners to work out ways that the government can support the partners.
How Online Businesses Must Comply With New California, EU Privacy Laws
July 27, 2018
Governor Jerry Brown last month signed into law the California Consumer Privacy Act. The CCPA is the state's response to a growing concern that consumers need stronger means to protect their personal information. The issue came to a head in part due to recent breaches that exposed the personal data of millions of American consumers. However, the CCPA also addresses other privacy incidents.
Feds Seem to Favor 'Light Touch' IoT Regulation
July 24, 2018
The Internet of Things may be in its infancy, but the U.S. government has been gearing up to determine what the proper federal role should be, both for encouraging and for regulating the use of IoT technology. Two recent developments have underscored the government's interest in IoT. On the regulatory front, the CPSC has launched an initiative to determine a framework for regulation.
Cover Up, Your Smart TV May Be Spying on You
July 18, 2018
Did you know that fancy smart TV sitting in your living room, kitchen, bedroom or bathroom actually may be watching you? Sorry to break it to you. It's another example of amazing modern technology designed to help marketers while striking a blow to privacy. Then again, we haven't had privacy in more years than I can remember. There are two ways to look at this. If you are a marketer, you love it.
New iOS Security Feature Ripe for Defeat
July 11, 2018
A new feature in iOS 11.4.1, which Apple released earlier this week, is designed to protect against unwanted intrusions through the iPhone's Lightning Port. However, the protection may be weak at best. The feature, called "USB Restricted Mode," disables data transfer through the Lightning Port after an hour of inactivity. In some cases, the phone might not charge, according to Apple.
US Lawmakers Eye Apple, Alphabet Data Privacy Practices
July 11, 2018
The House Committee on Energy and Commerce has written Alphabet CEO Larry Page and Apple CEO Tim Cook demanding information on their companies' practices with regard to third-party access, audio and location data collection. "This is a huge issue," said Consumer Watchdog's John Simpson. "People are becoming aware of how much data about them is being sucked up by their smartphones."
Polar Flow Fitness App Exposes Soldiers, Spies
July 10, 2018
A popular fitness app provided a convenient map for anyone interested in shadowing government personnel who exercised in secret locations, including intelligence agencies, military bases and airfields, nuclear weapons storage sites, and embassies around the world. The fitness app, Polar Flow, publicized more data about its users in a more accessible way than comparable apps, investigators found.
Security Economics: The Key to Resilience
July 5, 2018
There are times when looking at something narrowly can be more effective than taking a wider and more comprehensive view. If you don't believe me, consider the experience of looking at organisms in a microscope or watching a bird through binoculars. Distractions are minimized, allowing optimal evaluation and analysis of what's under investigation.
See More Articles in Security Section >>
Facebook Twitter LinkedIn Google+ RSS
What best describes your attitude toward social networks and politics?
The value of engaging in serious political discourse outweighs the negatives.
Most of the political conversations seem overheated and ignorant.
Social networks provide a lot of very good political information from reliable sources.
Almost every political post I see is skewed or totally fake.
Political interactions on social networks simply mirror those in the real world.
Social networks remove inhibitions, bringing out the worst in people and politics.