Attention Marketers: Access 30 Million IT Decision Makers with ECT News Network's INSTA-LEADS · Click to Learn More!
Welcome Guest | Sign In
TechNewsWorld.com
PENN STATE ONLINE Information Technology Degrees and Certificates
Security Experts Rap Clinton's Email Practices
March 11, 2015
Former Secretary of State Hillary Clinton is in hot water over her use of a private email server to handle emails for official business. The practice was very risky cybersecurity behavior for everyone involved, critics have alleged. In taking her mail outside the State Department's systems, Clinton appears to have turned up her nose at the agency's rules.
Schumer to FAA: Straighten Up Cybersecurity and Fly Right
March 10, 2015
The United States Federal Aviation Administration should implement cybersecurity upgrades recommended by the U.S. Government Accountability Office immediately, or risk hackers taking over its computer systems, Sen. Charles Schumer, D-N.Y., has warned. The GAO last week released a report that found significant security control weaknesses in the FAA's computer systems.
Windows Caught in Path of FREAK Security Storm
March 6, 2015
Microsoft on Thursday issued a security advisory acknowledging a vulnerability in all versions of Windows that could allow FREAK exploits. Windows systems previously were thought to be immune to FREAK attacks. "The vulnerability could allow an attacker to force the downgrading of the cipher suites used in an SSL/TLS connection on a Windows client system," the advisory reads.
Bracing for the Cyberthreat Deluge
March 6, 2015
Almost 17,000 malware alerts surface every week, the Ponemon Institute recently found. Only 4 percent of alerts were investigated, and traditional antivirus products missed nearly 70 percent of malware in the first hour, researchers discovered in a recent Damballa study. Rescanning led to identification of 66 percent of the malware in 24 hours and 72 percent after seven days.
China's Cybersecurity Plans Draw US Fire
March 5, 2015
China should change its tune on new rules for purchases from American high-tech companies if it wants to do business with the United States, President Obama recently warned. China reportedly is planning to ask U.S. high-tech firms to hand over their encryption keys and install security backdoors in their systems to allow surveillance as a counterterrorism measure.
Monster Problem Threatens New US Cyberthreat Plan
March 3, 2015
President Barack Obama last week made good on his promise to establish a center for cybersecurity information gathered by agencies of the federal government. It's a laudable initiative -- if it works. The Cyber Threat Intelligence Integration Center will connect the dots regarding malicious foreign cyberthreats to the nation and cyberincidents affecting U.S. national interests.
Government Spies Came Up Dry, Says Gemalto
February 26, 2015
SIM card maker Gemalto, whose networks reportedly were breached by hackers from the United States National Security Agency and the UK's GCHQ, on Wednesday said the spies got nothing. The hackers stole cryptokeys for millions of SIM cards, according to The Intercept, which cited documents released by NSA whistle-blower Edward Snowden. Gemalto denied any SIM cryptokeys had been stolen.
Malicious Emailers Find Healthcare Firms Juicy Prey
February 26, 2015
Healthcare providers have garnered growing interest from hackers in recent months. More evidence of that trend appeared last week in a report on email trust. An email that appeared to come from a healthcare company was four times more likely to be fraudulent than an email purportedly from a social media company like Facebook, one of the largest creators of email on the Internet, Agari found.
Yahoo CISO, NSA Chief Slug It Out Over Security Backdoors
February 25, 2015
Yahoo CISO Alex Stamos on Monday confronted NSA Director Adm. Mike Rogers over the United States government's plan to require built-in backdoors in hardware and software made by American companies. The exchange took place at the New America Foundation's cybersecurity conference. Building backdoors into cryptography is "like drilling a hole in the windshield," Stamos said.
FTC, Private Sector Lock Horns Over Consumer Data Protection
February 25, 2015
The major headline hacking event of 2014 involved data theft at a highly visible enterprise: Sony Pictures. Perhaps just as significant in e-commerce security was a 2014 federal court ruling which allows the FTC to continue penalizing commercial firms for failure to protect consumer data from hackers. That decision has been challenged, and in early March the FTC and its opponent will square off in court.
Citizenfour's Oscar Highlights National Divide Over Snowden
February 24, 2015
Citizenfour, a film documenting interviews director Laura Poitras conducted with whistle-blower Edward Snowden, won the Oscar for best documentary Sunday. The talks took place as Snowden blew the lid off the United States National Security Agency's surveillance activities. The award highlights the divisions in the U.S. over Snowden's actions and the question of national security.
Government Spies Steal SIM Card Cryptokeys
February 23, 2015
The United States' National Security Agency and British spy agency GCHQ have hacked into the internal computer network of Gemalto, the world's largest maker of SIM cards, and stolen the cards' encryption keys, according to information in files leaked by whistle-blower Edward Snowden. Gemalto makes about 2 billion SIM cards a year, and sells them to 450 major wireless network carriers worldwide.
Lenovo Rapped for Preinstalling Spyware
February 19, 2015
Lenovo has come under fire for preinstalling spyware on some of its laptops. The software, Superfish, uses the same techniques cybercriminals often employ to crack encrypted traffic. "Superfish is purposely designed to bypass the security of HTTPS websites in a manner that would allow malware and attackers to also bypass the security provided by HTTPS," said Bluebox cofounder Adam Ely.
Cyberthieves Bag a Billion in Snail-Speed Bank Heists
February 18, 2015
Criminals using Carbanak malware have stolen up to $1 billion from 100 financial institutions in Russia, China, Germany and the United States, Kaspersky Lab has revealed. The gang is expanding operations to other countries. Kaspersky has advised financial institutions to scan their networks for intrusion by Carbanak. "These are advanced threat actors," said Lancope CTO TK Keanini.
It's Time to Investigate Cyber Insurance
February 17, 2015
Almost every day there are reports of cyberintrusions, attacks and related security breaches. If your company does not have the right insurance, it could be even more of a disaster. What company can afford not to have insurance for a potential cyberdisaster? Let's look at some protective measures that can be taken to safeguard your business.
Facebook Launches ThreatExchange to Stymie Cybercrime
February 13, 2015
"Threat researchers do already share this data manually," Jeremy Demar, director of threat research at Damballa, told TechNewsWorld. "The value in systems like this isn't the ability to share raw intelligence [it's the] structured data that allows for the information to be accessed quickly and easily by the users." ThreatExchange is based on Facebook's ThreatData threat analysis framework.
Obama's Cyberthreat Intel Aggregator Plan Divides Security Experts
February 12, 2015
The Obama Administration on Tuesday announced plans to set up a national Cyber Threat Intelligence Integration Center to integrate all data from government agencies and the private sector, and disseminate it appropriately. The intelligence integration center will initially have a staff of 50 and a budget of US$35 million. Reactions from cybersecurity experts were mixed.
Bug Bounties Entice Researchers to Don White Hats
February 10, 2015
Bug bounty programs are used by individual software makers to improve the quality of their products, but they can have incidental benefits for all software makers, too. One of those is to encourage bug hunters to wear a white hat instead of a black one. When you make it easy for hackers to do the right thing, the majority will," noted Alex Rice, CTO of HackerOne.
Is the FTC Jumping the Gun on IoT Security?
February 3, 2015
For months, the security community has been waving a red flag about how the nascent Internet of Things could become a cyber criminal's paradise. Last week, those admonitions were given some credence when the Federal Trade Commission recommended that the makers of IoT gadgets adopt some "best practices" to protect consumers from potential violations of their privacy and security.
China May Write New Rules for US Businesses Selling Tech to Banks
February 2, 2015
A group of organizations representing American businesses last week requested urgent discussion and dialog with China's government. They expressed concern about the possible adoption of a policy to ensure that any Internet and information communications technology products Chinese banks purchase from companies outside of China are secure and controllable.
Google Gives WebView the Cold Shoulder
January 30, 2015
Google has decided not to fix vulnerabilities in WebView for Android 4.3 and older, sparking heated discussions among developers. Those versions of WebView run on the WebKit browser. Fixing them "required changes to significant portions of the code and was no longer practical to do so safely," explained Adrian Ludwig, lead engineer for Android security.
Canada Levitates Data from File-Sharing Sites
January 29, 2015
Canada's spy agency, the Communications Security Establishment, has been eavesdropping on 102 free file upload sites, including Sendspace, Rapidshare and Megaupload, which has been shut down. A CSE program called "Levitation" lets analysts access information on 10-15 million uploads and downloads of files from such sites daily, according to documents released by whistle-blower Edward Snowden.
There's a GHOST in Linux's Library
January 28, 2015
Patches for GHOST, a critical vulnerability in glibc, the Linux GNU C Library, now are available through vendor communities for a variety of Linux server and desktop distributions. Qualys earlier this week reported its discovery of GHOST, a vulnerability that allows attackers to remotely take control of an entire system without having any prior knowledge of system credentials.
POS Terminals Rich Vein for Gold-Digging Hackers
January 28, 2015
Hackers are like gold miners. Once they find a rich vein for their malware, they mine it until it's dry. Point-of-sale terminals are such a vein, and it doesn't appear that it's one that's about to run dry any time soon. Following the success of the Target breach in 2013, the hacker underground was quick to rush more POS malware to market.

See More Articles in Cybersecurity Section >>
Facebook Twitter LinkedIn Google+ RSS
Is native advertising good for journalism?
Yes -- It's a reasonable source of additional revenue for media outlets to support their traditional editorial efforts.
Yes -- Paid-for articles can contain useful information, but readers might bypass them if they look too much like ads.
Maybe -- But only if it's clearly labeled as paid-for content.
No -- I don't trust any information from media outlets that cloak paid-for content as objective journalism.
No -- Native advertising is confusing and devious, and it threatens the fabric of traditional journalism.
I Don't Know -- I don't understand what native advertising is.
PENN STATE ONLINE Information Technology Degrees and Certificates