Welcome Guest | Sign In
TechNewsWorld.com
US Charges 2 Russian Intel Agents, 2 Hackers in Yahoo Case
March 16, 2017
The Justice Department has announced charges against four individuals, including two officers of Russia's FSB, for carrying out a massive cyberbreach that affected about 500 million Yahoo account holders. A federal grand jury in Northern California charged the defendants -- the FSB officials and two Russian cybercriminals -- with using stolen data to gain illegal access to numerous accounts.
Federal Agencies Mirror Commercial Websites for Encryption
March 15, 2017
Private and public sector organizations share a common goal in hosting Internet websites: making sure that connections with customers and citizens are secure. However, complete security is not yet universal in either sector. Google and Mozilla, for example, are among many entities promoting Internet security via the adoption of HTTPS versus the basic and less secure HTTP technology.
Donald Trump Should Channel Steve Jobs on Security
March 13, 2017
We saw yet another government breach last week, and more secrets went out to WikiLeaks. I'm of a mixed mind on this one, because the CIA tools disclosed likely were emulated by others, and WikiLeaks is helping consumer technology companies ensure they no longer work. I don't know about you, but I really don't want any organization spying on me -- not even my own government.
Tech Companies Weigh Responses to WikiLeaks Exposure
March 11, 2017
Following WikiLeaks' publication earlier this week of classified documents stolen from the CIA, major technology companies, including Apple, Samsung, Microsoft and Cisco, have been scrambling to assess the risks posed to their customers by the revelations. The so-called "Vault 7" leak includes information about methods and tools the CIA crafted to hack into products produced by those companies.
Online Trust Alliance Launches IoT Security Campaign
March 8, 2017
The Online Trust Alliance is calling on businesses, consumers and government to share responsibility for ensuring that Internet of Things devices are not weaponized, outlining actions that businesses, consumers and government can take to ensure the security and privacy of IoT devices. It calls for a campaign to have retailers and consumers reject IoT products that pose a security threat.
WikiLeaks Dumps CIA Hacking Docs Online
March 8, 2017
WikiLeaks on Tuesday dumped thousands of classified documents onto the Internet, exposing hacking programs used by the CIA. The torrent of data is just the first in a series of dumps WikLeaks is calling "Vault 7." This first installment includes 8,761 documents and files stolen from an isolated high-security network within the CIA's Center for Cyber Intelligence in Langley, Virginia.
Cloudflare Nips Cloudbleed Bug in the Bud
March 1, 2017
Cloudflare has fixed the Cloudbleed software bug responsible for a buffer overrun problem that caused its edge servers to return private information in response to some HTTP requests. That private information included HTTP cookies, authentication tokens and HTTP POST bodies. However, SSL private keys weren't leaked, said Cloudflare CTO John Graham-Cumming in an online post.
Google Cracks Key Security Code, Calls for New Standard
February 24, 2017
Google on Thursday announced that its two years of collaboration with CWI resulted in the launch of a successful attack against the SHA-1 cryptographic algorithm, a widely used standard protocol used to protect sensitive data in millions of computers. The breakthrough research hows that the industry needs to send the SHA-1 standard into retirement, Google said.
Microsoft Seeks Global Cybersecurity Accord
February 18, 2017
Microsoft has called on governments around the world to create a "digital Geneva Convention" as a way to normalize international cybersecurity rules and protect civilian use of the Internet. President Brad Smith, who is also Microsoft's chief legal officer, addressed the issue at the annual RSA conference held earlier this week, saying that governments need to establish international rules.
Watson Joins Cybersecurity Warriors' Ranks
February 16, 2017
IBM this week announced Watson for Cyber Security, a powerful new ally for organizations that want to protect their data from Net marauders. The new offering bolsters the ability of information security pros to analyze the flood of information from the roughly 200,000 events that pour into their Security Operations Centers, or SOCs, every day. As much as 80 percent of it is unstructured data.
FTC's Lawsuit Should Make You Feel Very Insecure About the IoT
February 14, 2017
Even though D-Link expressly promised that many of its wireless devices had the highest level of security available, the FTC last month filed a lawsuit that alleges otherwise. The FTC filing includes copies of online marketing materials and technical specifications for D-Link's products, and flatly declares that "thousands of Defendants' routers and cameras have been vulnerable to attacks."
Anonymous Hacker Pulls Plug on Thousands of Dark Net Sites
February 7, 2017
Twenty percent of the Dark Net was taken offline last week, when a hacker compromised a server hosting some 10,000 websites on the Tor network. Tor, designed to hide the identities of its users, is widely used on the Dark Web, which serves as a hub for illegal online activities. Visitors to the affected pages were greeted with the message, "Hello, Freedom Hosting II, you've been hacked."
Hackers Targeted DC Police Cams Days Before Inauguration
January 31, 2017
A ransomware attack darkened the video surveillance system of the District of Columbia's police department eight days before the presidential inauguration of Donald J. Trump. Video storage devices for 70 percent of the CCTV system reportedly were unable to record anything between Jan. 12 and Jan. 15, as police techies scrambled to combat malicious software found on 123 of 187 networked video recorders.
Trump Clings to Personal Phone Despite Security Risks
January 27, 2017
President Donald J. Trump apparently has continued to use his personal Android smartphone despite security concerns. Trump was concerned about losing access to his personal phone even prior to taking his oath of office, according to a report citing unnamed aides who said he worried about how isolated he could become in the White House without his phone to keep in touch with friends.
The Old Man and the Tsunami: A Security Story
January 23, 2017
There's a folk-story that all Japanese schoolchildren learn about an old man who lives in a village by the sea. One day, an earthquake hits. He's the only person in the village to realize that a tsunami will soon follow. He hurries to the nearby mountainside where the rice for the village is grown and sets the entire harvest aflame. All of the villagers race to the mountainside to deal with the conflagration -- their rice is their most precious resource.
Microsoft Hardens Latest Windows Version Against Hackers
January 17, 2017
Microsoft has fortified the latest version of Windows to make it more secure than previous editions, but the strongest protections will be available only to those willing to pay a steep price for them. Windows 10 Anniversary Update has introduced many mitigation techniques in core Windows components and the Microsoft Edge browser, researchers Matt Oh and Elia Florio wrote in a blog post last week.
US Pushes Cybersecurity Acquisition Tools as Contracts Flow
January 16, 2017
Vendors of cybersecurity offerings are finding that the U.S. government is serious about improving the protection of federal IT assets. A steady stream of data protection contracts has been flowing to providers, including some notable high-value transactions during the last half of 2016. One example is a Department of Homeland Security contract, with a potential value of $395 million.
St. Jude Medical Patches Cardiac Machine's Cybersecurity Flaw
January 11, 2017
Medical device maker St. Jude Medical on Monday began deploying software designed to protect its remote monitoring system for implantable pacemaker and defibrillator devices. The move came on the heels of the U.S. food and Drug Administration's warning that the company's Merlin@home Transmitter contained vulnerabilities that could be exploited by hackers.
Pentagon Battle-Tests Micro Drone Swarm
January 11, 2017
The U.S. Department of Defense on Monday announced a successful demonstration of one of the world's largest micro drone swarms at China Lake in California. Three F/a-18 Super Hornet combat jets launched 103 Perdix drones in the exercise, which took place last fall. The micro drones demonstrated advanced swarm behaviors such as collective decision making, adaptive formation flying and self-healing.
Las Vegas Captures Ransomware Crown
January 7, 2017
Las Vegas is arguably the gambling capital of the world, but it's also the king city for ransomware, based on recent research. Among the world's nations, the United States ranked highest in ransomware incidents, according to a Malwarebytes report on the prevalence and distribution of extortion apps. The area of the country that logged the most incidents was the Las Vegas-Henderson, Nevada, region.
Norton Core Router Gives Home Security a New Design
January 3, 2017
Norton by Symantec on Tuesday announced the Norton Core secure router for smart devices in the connected home at CES. The router protects up to 20 PCs, Macs, Android and iOS smartphones and tablets on a home network, and unlimited devices connected to the IoT. It will update its firmware in background mode automatically, said Ameer Karim, GM of consumer IoT security at Symantec.
2017: More Apple Security Flaws, Cyberattacks, Hacktivisim
December 28, 2016
More security vulnerabilities will appear in the software of Adobe and Apple than in Microsoft's, more attacks on the Internet's infrastructure will occur, and cybersecurity events will stoke international tensions. Those are a few of the predictions for 2017 that security experts have made. Signs of hackers' increased interest in Adobe and Apple started appearing in 2016, Trend Micro noted.
Yahoo Suffers Major Data Breach Deja Vu
December 16, 2016
Yahoo has revealed that Net bandits stole data associated with 1 billion of its user accounts -- one of the largest data breaches in Internet history. The theft, which occurred in 2013, is distinct from the theft disclosed earlier this fall, in which 500 million accounts were compromised, Yahoo CISO Bob Lord explained. Stolen data may include names, email addresses, telephone numbers and more.
Ransomware Fighters Get New Free Tool
December 7, 2016
Ransomware has become a gold mine for digital criminals. In the first three months of this year, electronic extortionists squeezed $209 million from victims desperate to recover their data after it was scrambled by the malicious software, based on FBI estimates. At that rate, ransomware could funnel as much as $1 billion into criminal coffers this year.
Multinational Effort Halts Malware Avalanche
December 6, 2016
The DoJ on Monday released new details about the multinational takedown of Avalanche, a multimillion-dollar malware and money-laundering network, following a four-year probe led by German police and prosecutors. Assistant Attorney General Leslie R. Caldwell, Acting U.S. Attorney Soo C. Song and Assistant Director Scott S. Smith of the FBI's Cyber Division made the announcement in Pittsburgh.
China's Business-Unfriendly Cybersecurity Stance
November 30, 2016
China's parliament earlier this month passed a law aimed at addressing the country's concerns about hacking and terrorism, which has spiked concerns among foreign businesses and human rights advocates. One interpretation of the new law is that it only codifies China's existing cybersecurity practices. However, 46 global business groups across a variety of industries didn't see it that way.
Feds Need to Bolster Cyberprotection Speed and Range
November 29, 2016
Providing cybersecurity adequate to meet increasing threats is a perpetual catch-up process. Public sector agencies are particularly sensitive targets, with high visibility not only to the citizens they serve, but also to cyberattackers. A recent survey uncovered both a lack of speed in detecting and responding to attacks, and weak defenses of the full range of possible attack channels.
SF Muni Hack a Wake-Up Call for Public Systems
November 28, 2016
The San Francisco Municipal Transportation Authority, or SF MTA, was hacked on Friday. "You Hacked, All Data Encrypted," was the message reportedly displayed on computer screens at the authority's stations throughout the city. "Contact for Key (cryptom27@yandex.com)ID:681 , Enter." Fare payment machines at underground stations were out of order, resulting in free rides.
$5 PoisonTap Tool Easily Breaks Into Locked PCs
November 25, 2016
Proving once again that you can do a lot of damage with a little investment and a lot of ingenuity, security researcher Samy Kamkar recently managed to take down a locked, password-protected computer using a $5 Raspberry Pi. The low-tech cookie-siphoning intrusion is one of Kamkar's simplest hacks ever. He previously has unlocked car doors, garages, wireless remote cameras and other devices.
Cyber Grinches Could Disrupt Holidays' Biggest Shopping Weekend
November 23, 2016
Recent high-profile distributed denial of service attacks on the Internet's infrastructure and an investigative journalist's website have spiked concerns over possible disruptions of traffic during the biggest online shopping weekend of the year. Online spending last year exceeded $5.8 billion on Black Friday and Cyber Monday, according to Adobe, and that figure is expected to go up this year.
See More Articles in Cybersecurity Section >>
Facebook Twitter LinkedIn Google+ RSS
What is most important to you when shopping online?
Obtaining exactly the right product.
Finding the lowest price.
Fast, free delivery and easy, free returns.
Dependable customer service.
I shop online only as a last resort.