OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
There's a GHOST in Linux's Library
January 28, 2015
Patches for GHOST, a critical vulnerability in glibc, the Linux GNU C Library, now are available through vendor communities for a variety of Linux server and desktop distributions. Qualys earlier this week reported its discovery of GHOST, a vulnerability that allows attackers to remotely take control of an entire system without having any prior knowledge of system credentials.
POS Terminals Rich Vein for Gold-Digging Hackers
January 28, 2015
Hackers are like gold miners. Once they find a rich vein for their malware, they mine it until it's dry. Point-of-sale terminals are such a vein, and it doesn't appear that it's one that's about to run dry any time soon. Following the success of the Target breach in 2013, the hacker underground was quick to rush more POS malware to market.
Businesses Seek Liability Protection for Cybersecurity Disclosures
January 28, 2015
"No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families," President Barack Obama told the U.S. Congress during the State of the Union Address last week. However, hunting down the perpetrators of cyberattacks that compromise national security or disrupt commerce is only going to get more difficult in the future.
Coinbase Bitcoin Exchange Off to a Rocky Start
January 26, 2015
Coinbase on Monday launched Coinbase Exchange, the first regulated bitcoin exchange in the U.S. It got the jump on the upcoming Gemini exchange currently being established by Cameron and Tyler Winkelvoss. The firm debuted in 24 U.S. states, but the launch was bedeviled with problems. Some pages reportedly failed to load completely, and some users had problems with access.
White House Jump-Starts Cybersecurity Protection Programs
January 23, 2015
As members of the U.S. Congress started to prepare for the upcoming legislative session, President Obama lost little time in putting cybersecurity near the top of a to-do list for lawmakers. During a visit to the federal National Cybersecurity Communications Integration Center, Obama called for additional legislation to improve information technology protection.
Businesses Waste Big Bucks Fighting Phantom Cyberattacks
January 21, 2015
Businesses spend an average of $1.27 million a year chasing cyberthreats that turn out to be dead ends. That is one of the findings in a report released last week on the cost of containing malware. In a typical week, an organization can receive nearly 17,000 malware alerts, although only 19 percent of them are considered reliable, the researchers found.
Keeping Score in the Google vs. Microsoft Zero-Day Games
January 20, 2015
Google's recent publication of Windows' vulnerabilities -- two within a week -- predictably raised Microsoft's ire. "Risk is significantly increased by publically announcing information that a cybercriminal could use to orchestrate an attack and assumes those that would take action are made aware of the issue," wrote Chris Betz, Microsoft's senior director of trustworthy computing.
Cameron Takes Hard Line on Encrypted Communications
January 15, 2015
UK Prime Minister David Cameron, who is standing for re-election, has vowed to ban personal encrypted communications apps such as Snapchat and WhatsApp if he is voted in. He also will allow UK government security agencies to monitor communications, with warrants signed by the Home Secretary. "The first duty of any government is to keep our country and our people safe," Cameron declared.
Docker Security Questioned
January 15, 2015
Security questions recently have been raised about Docker, a promising technology for running applications in the cloud. Docker is an open source initiative that allows applications to be run in containers for flexibility and mobility only dreamt of in the past. "Since the 70s, programmers have been talking about reusable code and the ability to migrate applications," noted IDC analyst Al Gillen.
Sony Sortie's Smoking Gun Still Missing
January 14, 2015
Recent research from security firm Cloudmark has raised doubt about the purported connection between North Korea and last November's intrusion on Sony Pictures Entertainment's computer networks. The FBI last week continued to press its case that North Korea was behind the cyberattack, pointing to an exposed block of IP addresses allocated to North Korea.
The Convoluted Trail Linking North Korea to Sony
January 13, 2015
FBI Director James Comey has "very high confidence" that North Korea was behind last November's cyberattack on Sony, he said last week at Fordham University. New evidence of the link includes documentation of the hackers' failure to cover their tracks with proxy servers on several occasions, Comey said. Several times they got "sloppy" and exposed their home IP addresses.
Data Breach Law Tops Obama Privacy Initiatives
January 12, 2015
A proposed national data breach reporting law, aimed primarily at protecting consumer privacy, headlined several initiatives the Obama administration announced Monday. The Personal Data Notification & Protection Act clarifies the obligations of companies when there's been a data breach. It includes a requirement to notify customers within 30 days of the discovery of a breach.
Fingerprint Theft Just a Shutter Click Away
January 7, 2015
Ever since smartphone makers started incorporating fingerprint scanners as a means of unlocking mobile phones, the Chaos Computer Club has attacked the technology with vigor. Not long after Apple added Touch ID to its iPhones, the German hackers demonstrated how to lift prints from a surface and create a flexible pad containing the print that could be used to break into a phone.
Google Outs Unpatched Windows 8.1 Kernel Flaw
January 6, 2015
Microsoft got a fiery start to 2015 when Google last week publicized a kernel vulnerability in Windows 8.1 Update. Google Project Zero's James Forshaw, who discovered the flaw, ranked it as a high-severity issue. Although Forshaw reported it to Microsoft last September, the company had not yet fixed the problem when Google published it. The vulnerability lets people falsely pose as administrators.
Writers Worldwide Chilled by Government Surveillance
January 6, 2015
Concern over government surveillance has been so heightened by confidential information leaked by former intelligence hand Edward Snowden that writers in free countries are as worried as those in autocratic nations, according to a new report. Three-quarters of writers in countries classified as "free" told researchers they were "worried" or "somewhat worried" about surveillance.
Yikes! Ransomware Could Take Over Your Hard Drive
January 5, 2015
Malware is running rampant on the Internet, affecting smartphones, tablets and PCs. Relatively new malware allows bad guys to encrypt devices until a ransom is paid. Usually the ransom is required in bitcoin, rather than U.S. currency, as it cannot be traced. What are the legal and other risks associated with ransomware? Ransomware is largely directed at personal devices and small businesses.
Hackers Give Touch ID the Finger
December 29, 2014
Hacker Jan Krissler, aka "Starbug," this weekend told attendees at the 31st Chaos Computer Club convention that he had replicated the fingerprints of German Defense Minister Ursula von der Leven using a standard photo camera and commercially available software. Krissler used a close-up of a photo of the minister's thumb and other pictures taken at different angles during a press event in October.
Misfortune Cookie Crumbles Millions of Security Systems
December 29, 2014
Check Point Software Technologies recently revealed a flaw in millions of routers that allows the devices to be controlled by hackers. The company detected 12 million Internet-connected devices that have the flaw. The vulnerability, which Check Point dubbed "Misfortune Cookie," can be found in the code of a commonly used embedded Web server, RomPager from AllegroSoft.
The Big Tech Stories of 2015
December 29, 2014
Last week, we looked back at the largely untold, or under told, stories of 2014. This week, let's look ahead to some of the stories that are coming in 2015. We'll have robots, self-driving cars, armed autonomous drones, the professional proliferation of head mounted cameras, some scandals, and some interesting political implications. I'll close with my product of the year, which even surprised me.
Flaws in Ancient Standard Enable Wireless Eavesdropping, Spying
December 23, 2014
Vulnerabilities in Signaling System 7, telephony signaling protocols used by carriers worldwide, allow third parties to listen to people's cellphone calls and intercept text messages despite encryption, The Washington Post reported last week. German cybersecurity researchers Tobias Engel of Sternraute and Karsten Nohl of Security Research Labs separately discovered these vulnerabilities.
Boeing Picks BlackBerry to Brace Black's Security
December 22, 2014
Boeing has enlisted BlackBerry to help bolster the security of its Black smartphone by providing "secure mobile solutions for Android devices utilizing their BES-12 platform," said Boeing spokesperson Andrew Lee. BES 12 provides cross-platform enterprise mobile management that gives organizations strict control of devices, while letting users keep personal data private.
US Mulls Response to Sony Hack
December 19, 2014
Department of Homeland Security Secretary Jeh Johnson on Thursday said the United States "is actively considering a range of options" to take in response to the Sony hack. The hack is "very serious," Johnson said, though he refused to label it as a terrorist attack. There has been widespread suspicion that North Korea engineered the hack. The FBI is investigating.
Terrorist Threats May Blow Up 'The Interview's' Box Office
December 17, 2014
The now-notoriously controversial action comedy The Interview, which was expected to deliver profits of $90-$95 million for Sony, may have become a financial black hole. The movie's Thursday premiere in New York has been cancelled, and several movie theater chains have scrapped plans to screen it, following a hacker message referencing 9/11 and threatening physical attacks on theaters.
FIDO Pursues Vision of a Password-Free World
December 17, 2014
A group of some 150 companies last week moved closer to eliminating the bane of many an online user: the ubiquitous password. The FIDO Alliance, which counts among its members Microsoft, PayPal, Google, Bank of America, Visa and MasterCard, released version 1.0 of its open specifications for strong authentication on the Internet without the use of passwords.

See More Articles in Cybersecurity Section >>
Facebook Twitter LinkedIn Google+ RSS
Is native advertising good for journalism?
Yes -- It's a reasonable source of additional revenue for media outlets to support their traditional editorial efforts.
Yes -- Paid-for articles can contain useful information, but readers might bypass them if they look too much like ads.
Maybe -- But only if it's clearly labeled as paid-for content.
No -- I don't trust any information from media outlets that cloak paid-for content as objective journalism.
No -- Native advertising is confusing and devious, and it threatens the fabric of traditional journalism.
I Don't Know -- I don't understand what native advertising is.
PENN STATE ONLINE Information Technology Degrees and Certificates