Welcome Guest | Sign In
TechNewsWorld.com
Trump Clings to Personal Phone Despite Security Risks
January 27, 2017
President Donald J. Trump apparently has continued to use his personal Android smartphone despite security concerns. Trump was concerned about losing access to his personal phone even prior to taking his oath of office, according to a report citing unnamed aides who said he worried about how isolated he could become in the White House without his phone to keep in touch with friends.
The Old Man and the Tsunami: A Security Story
January 23, 2017
There's a folk-story that all Japanese schoolchildren learn about an old man who lives in a village by the sea. One day, an earthquake hits. He's the only person in the village to realize that a tsunami will soon follow. He hurries to the nearby mountainside where the rice for the village is grown and sets the entire harvest aflame. All of the villagers race to the mountainside to deal with the conflagration -- their rice is their most precious resource.
Microsoft Hardens Latest Windows Version Against Hackers
January 17, 2017
Microsoft has fortified the latest version of Windows to make it more secure than previous editions, but the strongest protections will be available only to those willing to pay a steep price for them. Windows 10 Anniversary Update has introduced many mitigation techniques in core Windows components and the Microsoft Edge browser, researchers Matt Oh and Elia Florio wrote in a blog post last week.
US Pushes Cybersecurity Acquisition Tools as Contracts Flow
January 16, 2017
Vendors of cybersecurity offerings are finding that the U.S. government is serious about improving the protection of federal IT assets. A steady stream of data protection contracts has been flowing to providers, including some notable high-value transactions during the last half of 2016. One example is a Department of Homeland Security contract, with a potential value of $395 million.
St. Jude Medical Patches Cardiac Machine's Cybersecurity Flaw
January 11, 2017
Medical device maker St. Jude Medical on Monday began deploying software designed to protect its remote monitoring system for implantable pacemaker and defibrillator devices. The move came on the heels of the U.S. food and Drug Administration's warning that the company's Merlin@home Transmitter contained vulnerabilities that could be exploited by hackers.
Pentagon Battle-Tests Micro Drone Swarm
January 11, 2017
The U.S. Department of Defense on Monday announced a successful demonstration of one of the world's largest micro drone swarms at China Lake in California. Three F/a-18 Super Hornet combat jets launched 103 Perdix drones in the exercise, which took place last fall. The micro drones demonstrated advanced swarm behaviors such as collective decision making, adaptive formation flying and self-healing.
Las Vegas Captures Ransomware Crown
January 7, 2017
Las Vegas is arguably the gambling capital of the world, but it's also the king city for ransomware, based on recent research. Among the world's nations, the United States ranked highest in ransomware incidents, according to a Malwarebytes report on the prevalence and distribution of extortion apps. The area of the country that logged the most incidents was the Las Vegas-Henderson, Nevada, region.
Norton Core Router Gives Home Security a New Design
January 3, 2017
Norton by Symantec on Tuesday announced the Norton Core secure router for smart devices in the connected home at CES. The router protects up to 20 PCs, Macs, Android and iOS smartphones and tablets on a home network, and unlimited devices connected to the IoT. It will update its firmware in background mode automatically, said Ameer Karim, GM of consumer IoT security at Symantec.
2017: More Apple Security Flaws, Cyberattacks, Hacktivisim
December 28, 2016
More security vulnerabilities will appear in the software of Adobe and Apple than in Microsoft's, more attacks on the Internet's infrastructure will occur, and cybersecurity events will stoke international tensions. Those are a few of the predictions for 2017 that security experts have made. Signs of hackers' increased interest in Adobe and Apple started appearing in 2016, Trend Micro noted.
Yahoo Suffers Major Data Breach Deja Vu
December 16, 2016
Yahoo has revealed that Net bandits stole data associated with 1 billion of its user accounts -- one of the largest data breaches in Internet history. The theft, which occurred in 2013, is distinct from the theft disclosed earlier this fall, in which 500 million accounts were compromised, Yahoo CISO Bob Lord explained. Stolen data may include names, email addresses, telephone numbers and more.
Ransomware Fighters Get New Free Tool
December 7, 2016
Ransomware has become a gold mine for digital criminals. In the first three months of this year, electronic extortionists squeezed $209 million from victims desperate to recover their data after it was scrambled by the malicious software, based on FBI estimates. At that rate, ransomware could funnel as much as $1 billion into criminal coffers this year.
Multinational Effort Halts Malware Avalanche
December 6, 2016
The DoJ on Monday released new details about the multinational takedown of Avalanche, a multimillion-dollar malware and money-laundering network, following a four-year probe led by German police and prosecutors. Assistant Attorney General Leslie R. Caldwell, Acting U.S. Attorney Soo C. Song and Assistant Director Scott S. Smith of the FBI's Cyber Division made the announcement in Pittsburgh.
China's Business-Unfriendly Cybersecurity Stance
November 30, 2016
China's parliament earlier this month passed a law aimed at addressing the country's concerns about hacking and terrorism, which has spiked concerns among foreign businesses and human rights advocates. One interpretation of the new law is that it only codifies China's existing cybersecurity practices. However, 46 global business groups across a variety of industries didn't see it that way.
Feds Need to Bolster Cyberprotection Speed and Range
November 29, 2016
Providing cybersecurity adequate to meet increasing threats is a perpetual catch-up process. Public sector agencies are particularly sensitive targets, with high visibility not only to the citizens they serve, but also to cyberattackers. A recent survey uncovered both a lack of speed in detecting and responding to attacks, and weak defenses of the full range of possible attack channels.
SF Muni Hack a Wake-Up Call for Public Systems
November 28, 2016
The San Francisco Municipal Transportation Authority, or SF MTA, was hacked on Friday. "You Hacked, All Data Encrypted," was the message reportedly displayed on computer screens at the authority's stations throughout the city. "Contact for Key (cryptom27@yandex.com)ID:681 , Enter." Fare payment machines at underground stations were out of order, resulting in free rides.
$5 PoisonTap Tool Easily Breaks Into Locked PCs
November 25, 2016
Proving once again that you can do a lot of damage with a little investment and a lot of ingenuity, security researcher Samy Kamkar recently managed to take down a locked, password-protected computer using a $5 Raspberry Pi. The low-tech cookie-siphoning intrusion is one of Kamkar's simplest hacks ever. He previously has unlocked car doors, garages, wireless remote cameras and other devices.
Cyber Grinches Could Disrupt Holidays' Biggest Shopping Weekend
November 23, 2016
Recent high-profile distributed denial of service attacks on the Internet's infrastructure and an investigative journalist's website have spiked concerns over possible disruptions of traffic during the biggest online shopping weekend of the year. Online spending last year exceeded $5.8 billion on Black Friday and Cyber Monday, according to Adobe, and that figure is expected to go up this year.
Google Clamps Down on Sneaky Malicious Sites
November 16, 2016
Sites that repeatedly violate Google's safe browsing policies will be classified as repeat offenders, the company said. A small number of websites take corrective actions after Google displays alerts on their landing pages warning visitors that they're harmful. However, they typically revert to violating the policies after Google verifies that they're safe and removes the warnings.
Why Trump May Be the Better Technology President
November 14, 2016
Years ago, I worked as one of Rev. Robert Schuller's body guards (it was something to do on Sundays, I wasn't particularly religious) and one of his sayings was "when given lemons, make lemonade." Personally, I wasn't excited about either presidential candidate, but I actually think Trump could be a better technology candidate than Clinton would have been.
Defeating Malware With Its Own DNA
November 11, 2016
It's widely known that human DNA evidence has had a major impact in the criminal justice system. Now another kind of DNA may have a similar impact in the fight to eradicate malicious software. Malware DNA, also known as "malware provenance," is the art and science of attributing elements of one object to another object. The technique has applications outside information security -- for example, in genetics, or to test the authorship of student papers.
Election Day Cybershenanigans Highlight Need to Shore Up Security
November 10, 2016
Hackers last week launched DDoS attacks against both presidential candidates' campaign websites. The attacks were routed through HTTP Layer 7 of the OSI protocol. There were at least four 30-second attacks reported. "The websites were not penetrated by a cyberintrusion," said John Costello, a senior analyst at Flashpoint. The attackers were unsophisticated hackers and not a nation-state.
Russia's Fancy Bear Attacks Microsoft, Adobe as Election Nears
November 4, 2016
Microsoft earlier this week said it had fallen victim to "Strontium," its code name for the Russian hacking group also known as "Fancy Bear," which has been linked to recent attacks on Democratic Party systems. The group launched a spear phishing attack that targeted vulnerabilities in both the Windows operating system and Adobe Flash, according to Microsoft EVP Terry Myerson.
Bot Armies Boost Candidates' Popularity on Twitter
October 29, 2016
Internet bots have many useful online purposes, but they have a dark side, too, as three researchers demonstrated in their analysis of Twitter traffic during the first presidential debate between Hillary Clinton and Donald Trump. Bots are used to automate functions on the Net. For example, if you belong to several social networks, you could use a bot to post a photo to all of them at once.
Antique Kernel Flaw Opens Door to New Dirty Cow Exploit
October 25, 2016
A Linux security vulnerability first discovered more than a decade ago once again poses a threat, Red Hat warned last week, as an exploit that could allow attackers to gain enhanced privileges on affected computers has turned up in the wild. Users need to take steps to patch their systems to prevent the exploit, known as "Dirty Cow," from granting access to unprivileged attackers.
DDoS Attack Causes Waves of Internet Outages
October 22, 2016
Hundreds of websites -- including those of biggies such as Netflix, Twitter and Spotify -- on Friday fell prey to massive DDoS attacks that cut off access to Internet users on the East Coast and elsewhere in the U.S. Three attacks were launched over a period of hours against Internet performance management company Dyn. The first attack started at about 7:10 a.m. EDT.
Assange Lives to Leak Another Day
October 19, 2016
The status of WikiLeaks founder Julian Assange grew a bit murky on Tuesday after the group accused the U.S. State Department of pressuring Ecuadorian officials to block him from posting additional emails linked to presidential candidate Hillary Clinton. The Ecuadorian foreign ministry on Tuesday acknowledged restricting Assange's access, saying it did not wish to interfere in a foreign election.
This Election May Be Scarier Than You Think
October 17, 2016
Not that it isn't scary enough -- but if you look at both candidates, who have had their images destroyed largely by technology, i.e., tapes and emails -- there is a huge warning inherent in the process. Email really wasn't a big thing until the late 1990s and even having your own email server wouldn't have been likely before 2005, let alone thinking through the security aspects.
What Should be on the Next President's Cyberagenda?
October 14, 2016
When the new president takes up residence at 1600 Pennsylvania Ave., cybersecurity will be on the shortlist for action. TechNewsWorld asked more than a dozen experts what should be at the top of the new leader of the free world's cyberagenda. Following are some of their responses. "The president has to set the tone early on cybersecurity within the first 100 days," said Cybereason's Sam Curry.
US Considers 'Proportional Response' to Russia's Election Tampering
October 13, 2016
The Obama administration on Tuesday indicated it was considering a proportional response to retaliate against Russia for its efforts to influence the U.S. election process. The administration has officially linked Russian operatives to a series of cyberattacks against the Democratic National Committee and other organizations, apparently in an effort to influence the November presidential race.
Odinaff Trojan Targets Banks, Financial Firms Worldwide
October 12, 2016
Symantec on Tuesday reported on a malware campaign that has targeted financial organizations worldwide for the past 10 months. Dubbed "Trojan.Odinaff," it has infiltrated the banking, securities, trading and payroll sectors, as well as organizations that provide them with support services. Odinaff is used in the first stage of an attack, to get a foothold into a network.
See More Articles in Cybersecurity Section >>
Facebook Twitter LinkedIn Google+ RSS
What's your reaction to the Turkish Crime Family's claim that it can access hundreds of millions of iCloud accounts?
I'm very worried -- I take all cyberthreats seriously.
I'm feeling secure -- I changed my password and set up 2FA.
I'm angry -- companies need to be more responsible.
I'm not at all concerned -- I trust Apple.
I'm resigned -- I expect to be breached at some point.
I don't care much -- the world has bigger problems.