Explore Newsletters from ECT News Network » View Samples | Subscribe
Welcome Guest | Sign In
LinuxInsider.com
Risk Assessment: Buttress Account Security and Foil Fraudsters
March 30, 2020
Under ordinary circumstances, the average consumer can order a latte on the way to the coffee shop, book a last-minute trip to the coast, and come home to find groceries delivered -- all with the click of a button. What makes these transactions so smooth and effortless? It starts with account creation. Consumers increasingly are willing to create accounts with sites they interact with regularly.
Report: E-Commerce Account Takeovers, Shipping Fraud on the Rise
March 25, 2020
E-commerce account takeovers increased 347 percent and shipping fraud jumped 391 percent from 2018 to 2019, a fraud and identity solutions company reported. Fraudsters are gaining access to accounts using credential stuffing, romance scams, social engineering, phishing or hacking. The three-digit rise in account takeovers is connected to the rash of data breaches over the last decade.
Ask Siri if You Have the Coronavirus
March 24, 2020
Apple users wondering if they've caught COVID-19 now can ask digital assistant Siri for advice. The company has rolled out a self-screening feature that allows users to ask, "Hey Siri, do I have the coronavirus?" Siri then takes them through a questionnaire prepared by the U.S. Centers for Disease Control and U.S. Public Health Service to determine if they're exhibiting symptoms of the disease.
COVID-19 and Computer Security, Part 2: Shoring Up Systems for Remote Workers
March 19, 2020
As companies send employees home in an effort to curb the spread of COVID-19, cybersecurity experts are warning that telecommuting could be putting company assets and data at risk. There are a number of precautions that employees working from home should consider to ensure that sensitive data isn't compromised by cybercriminals taking advantage of the health crisis.
Microsoft Leaves Necurs Botnet in Shambles
March 13, 2020
Microsoft and partners have disrupted the Necurs botnet group blamed for infecting more than 9 million computers globally. There are 11 botnets under the Necurs umbrella, all apparently controlled by a single group, according to Valter Santos, security researcher at Bitsight, which worked with Microsoft on the takedown. Four of those botnets account for about 95 percent of all infections.
Report: Open Source Vulnerabilities Rampant in Popular Projects
March 12, 2020
Open source vulnerabilities rose by nearly 50 percent in 2019 over the previous year, based on a new report. Common vulnerabilities rated as high or critical severity were found in all of the most popular open source projects, according to the WhiteSource 2020 annual report, "The State of Open Source Security Vulnerabilities." The vulnerability rate is expected to continue rising.
COVID-19 and Computer Security, Part 1: Telecommuting Risks
March 12, 2020
The United States Office of Personnel Management last week urged agencies to prepare to allow federal employees to telework -- that is, work remotely.This came on the heels of the Department of Homeland Security closing its facilities in Washington state, after learning an employee had visited the Life Care facility in the city of Kirkland, which is ground zero for the state's COVID-19 outbreak.
VPN, Ad Blocker Provider Caught With Hand in the Data Jar
March 11, 2020
A number of VPN and ad-blocking apps owned by Sensor Tower, a popular analytics platform, have been collecting data from millions of people using the programs on their Android and iOS devices, according to a report. The software involved includes Free and Unlimited VPN, Luna VPN, Mobile Data, Adblock Focus for Android devices, and Adblock Focus and Luna VPN for iOS hardware.
The Dark Art of Turning Mountains of Stolen Data Into Cash
February 28, 2020
We're only two months into a new year and already hundreds of millions of personal records have been compromised, including 123 million records from sporting retailer Decathlon and another 10.6 million records from MGM Resorts hotels. These announcements followed fuel and convenience chain Wawa's revelation that it was the victim of a nine-month-long breach of its payment card systems.
Firefox Scrambles DNS to Boost Consumer Privacy
February 26, 2020
Firefox users in the United States are getting an extra measure of privacy protection starting this week, the Mozilla Foundation announced. Firefox Desktop Product Development Vice President Selena Deckelmann heralded the rollout of encrypted DNS over HTTPS, or DoH, by default in Mozilla's browser. The DNS, or Domain Name System, is one of the oldest parts of the Internet.
Linux-Powered Azure IoT Security Platform Arrives
February 25, 2020
After several years of building and testing previews, Microsoft has announced the general availability of its Azure Sphere secure IoT service. Microsoft first introduced Azure Sphere in 2018, opting to use its own version of a Linux operating system instead of Windows 10 to drive its new Azure Sphere OS to securely connect Internet of Things devices.
2020: The Year for Custom CX and Privacy
February 24, 2020
With the introduction of the CCPA this year and GDPR in 2018, the age of data privacy has begun, bringing the opportunity for businesses to harness it to gain competitive advantage. There are both challenges and opportunities for those that aim to deliver superior CX while adhering to data privacy regulations. Data privacy protection concerns are driving new regulations around the world.
The Truth About Documents and SMB Security
February 22, 2020
There's a major myth about "going paperless." A paperless office doesn't mean that paper is outright banned. There likely will be a need for physical paper in business for a long time, so don't throw out your printer just yet. Rather, being paperless means being able to embrace a shift from traditional paperwork processes to those that take advantage of documents that can be in a digital state.
Some Android Malware Can Break Your Phone When You Delete It
February 21, 2020
Since Android's unveiling in 2007, the platform has stayed true to its commitment to provide open and free source code. The source code is freely available to developers and device manufacturers who can, at their own discretion, install the software without worrying about the hassles of licensing fees. Android not only delivers cheaper smartphones -- it is the largest mobile OS in the world.
Unsigned Firmware Puts Windows, Linux Peripherals at Risk
February 19, 2020
Eclypsium has released research that identifies and confirms unsigned firmware in WiFi adapters, USB hubs, trackpads and cameras used in Windows and Linux computer and server products from Lenovo, Dell, HP and other major manufacturers. Eclypsium also demonstrated a successful attack on a server via a network interface card with unsigned firmware used by each of the big three server manufacturers.
Extortion Artists Prey on AdSense Users
February 19, 2020
A new extortion scheme targets users of Google's AdSense program. The scam threatens to flood a website with bogus traffic until Google suspends the site's AdSense account, unless the owner pays $5,000 in bitcoin to stop the attack, security blogger Brian Krebs reported. The grifters appear to be exploiting a click-fraud crackdown Google launched last summer.
ACLU Blasts Clearview's Facial Recognition Accuracy Claims
February 14, 2020
The American Civil Liberties Union has leveled criticisms against facial recognition tool developer Clearview for making misleading claims about the accuracy of its product. Clearview apparently has been telling law enforcement agencies that its technology underwent accuracy testing modeled on the ACLU's 2018 test of Amazon's Rekognition facial recognition tool.
The Clear and Present Ransomware Danger
February 12, 2020
Ransomware hit at least 966 U.S. government agencies, educational establishments and healthcare providers in 2019, at a cost possibly exceeding $7.5 billion. The victims included 113 state and municipal governments and agencies; 764 healthcare providers; and 89 universities, colleges and school districts. Operations at up to 1,233 individual schools potentially were affected.
Cyber Worries Help Push Doomsday Clock Closer to Midnight
February 7, 2020
The hands on the iconic "Doomsday Clock" moved to just 100 seconds to midnight last month. That is the closest they have come to the final hour since its creation in 1947. The Bulletin of the Atomic Scientists' Science and Security Board, in consultation with the Bulletin's Board of Sponsors, made the unprecedented decision to express the time remaining in seconds rather than minutes.
Philips Hue Vulnerability Shines Light on Possible IoT Security Nightmare
February 6, 2020
A vulnerability in Philips Hue smart lightbulbs and their controller bridges could allow intruders to infiltrate networks with a remote exploit, Check Point Software Technologies has disclosed. The researchers notified the owner of the Philips Hue brand about the vulnerability in November, and it issued a patched firmware version through an automatic update.
Oops - Google May Have Sent Your Embarrassing Private Video to a Stranger
February 5, 2020
Google misdirected a number of private videos that users of its Google Photos app intended to back up to Google Takeout, sending them instead to strangers' archives. The company emailed affected users to inform them that a technical issue caused the error. Google recommended that affected users back up their content again and delete their previous backup.
Bridging the IoT Innovation-Security Gap
February 4, 2020
There is a problem with the Internet of Things: It's incredibly insecure. This is not a problem that is inherent to the idea of smart devices. Wearables, smart houses, and fitness tracking apps can be made secure -- or at least more secure than they currently are. The problem, instead, is one that largely has been created by the companies that make IoT devices.
From Personal to Planetary: ECT News Roundtable, Episode 4
January 30, 2020
We asked ECT News Network's roundtable of industry insiders to reflect on their own personal tech preferences, to speculate on what popular gadgets may vanish from use in the next decade, to consider the role of wearable health tools -- and then to expand the discussion to the health of the planet, tech advances in traveling on it, and the prospect of leaving it altogether.
COPRA May Be Coming, and It's Not Too Soon to Prepare
January 28, 2020
All eyes are on the West Coast as California reins in the unfettered collection, use and sale of the personal data consumers share as part of the bargain for "free" online services. For years this bargain has been explained in privacy policies that few people read, because there is not a lot of negotiating in the personal data market. The CCPA gives consumers revolutionary rights.
Saudi Hack of Bezos' Phone Shines Bright Light on Security Challenges
January 24, 2020
A digital forensic analysis conducted by FTI Consulting concludes with "medium to high confidence" that Amazon CEO Jeff Bezos' smartphone was hacked through a malicious file sent from the WhatsApp account of Saudi Arabian crown prince Mohammed bin Salman. The malware was in an MP4 file attached to a WhatsApp message. UN special rapporteurs released technical elements of the report.
Grabbing the Cybersecurity and Privacy Problems by the Horns: ECT News Roundtable, Episode 3
January 23, 2020
Cybersecurity and privacy threats aren't confined to the tech world. They've cast their pall on the world in general. Computer viruses, malware and data leaks have become commonplace, personal privacy has become a bad joke, and cyberwar looms like a virtual mushroom cloud. What sometimes gets lost in the gloom are the many ways security professionals have been working to shore up cyberdefenses.
Report: FBI Got Apple to Roll Over on iCloud Encryption
January 23, 2020
Apple shelved plans to give iPhone users control over encrypted backups stored on the company's iCloud service over concerns raised by the FBI and internal sources, according to a report. The company made the decision to retain control over iCloud encryption around two years ago, but it came to light just recently. The plan would have removed Apple's ability to decrypt users' backups.
Is Congress Finally Ready to Take On Cybersecurity?
January 23, 2020
The United States Congress made some significant progress this session when it comes to data privacy, but cybersecurity remains a blind spot for lawmakers. Congress currently is considering a national privacy law that mirrors legislation enacted in the European Union. It would allow people to access, correct and request the deletion of the personal information collected from them.
Google CEO Adds His Voice to AI Regulation Debate
January 21, 2020
Sundar Pichai, CEO of Google and parent company Alphabet, called for government regulation of artificial intelligence technology in a speech at Bruegel, a think tank in Brussels, and in an op-ed. There is no question in Pichai's mind that AI should be regulated, he said. The question is what will be the best approach. Sensible regulation should balance potential harm with potential good.
Cybersecurity 2020: A Perilous Landscape
January 17, 2020
Cybersecurity is a very serious issue for 2020 -- and the risks stretch far beyond the alarming spike in ransomware. In addition to the daily concerns of malware, stolen data and the cost of recovering from a business network intrusion, there is the very real danger of nefarious actors using cyberattacks to influence or directly impact the outcome of the 2020 U.S. general election.
See More Articles in Security Section >>
How has the pandemic impacted your daily life?
I'm interacting more with family and friends, off and online.
I'm consuming much more news.
I'm escaping through TV shows, movies and books.
I'm spending more time on personal and home projects.
I'm feeling isolated and anxious.
I have less time for work due to distractions.
My work is on the front lines -- I'm overwhelmed.