Explore Technology Certificate Programs That Fit Your Needs /// Click here to learn more.
Welcome Guest | Sign In
TechNewsWorld.com
The Tangled Web of IoT Security
May 06, 2014
The Internet of Things, or IoT, consists of "uniquely identifiable objects and their virtual representations in an Internet-like structure," according to Wikipedia. The IoT is "the network of physical objects accessed through the Internet," according to Cisco Systems. In addition to there being no clear definition of the IoT, estimates vary widely about the number of unique devices it includes.
Security Pros Struggle With Cyberthreat Angst
May 05, 2014
As the volume and sophistication of cyberattacks increase, system defenders in the trenches are losing confidence in their ability to protect their organizations' information assets, suggests a survey released last week. The survey of almost 5,000 global IT security pros found that 57 percent felt their organizations were unprotected from sophisticated cyberattacks.
Feds Weigh In on Cybersharing Antitrust Issues
May 01, 2014
The use and scope of information technology has grown dramatically since 2000 -- and along with that growth have come ever greater cybersecurity threats to businesses, government agencies and consumers. The need to counter actual threats, as well as to prevent potential cybersecurity problems, calls for sharing information among vulnerable parties.
Verizon Dabbles in Security Reporting
April 23, 2014
Ninety-two percent of more than 100,000 incidents reported by 50 companies over the past 10 years fall into nine basic patterns, according to Verizon's 2014 data breach investigations report. An advance copy was released to the media Tuesday. Point-of-sale intrusions, Web app attacks, cyberespionage and card skimmers cause the most concern for data disclosure, it says.
Popular UK Sports File-Sharing Site Shuttered
April 22, 2014
The Sports Torrent Network, a brazenly named file-sharing site, shut down after UK police threatened to put its operators behind bars for up to 10 years. TSTN was a hotbed for illicit broadcasts of European soccer, the National Hockey League, Formula 1 races and more. The site reportedly had about 20,000 members, making it "possibly the largest site of its type."
Heartbleed and Heartache in FOSS Town
April 21, 2014
Well it's been a wild few weeks here in the Linux blogosphere, thanks not just to XP's demise but also the long-overdue discovery of the all-pervasive Heartbleed bug. That the bug is "catastrophic" appears to be beyond dispute; in fact, "some might argue that it is the worst vulnerability found ... since commercial traffic began to flow on the Internet," as at least one commentator suggested.
Banking Trojan Enters Mobiles via Facebook
April 21, 2014
Purveyors of a notorious mobile banking Trojan have started targeting Facebook users to infect Android smartphones. The Net predators use a desktop Trojan to leverage a Facebook socializer to install banking malware on their phone, ESET malware researcher Jean-Ian Boutin discovered last week. The desktop bad app, Win32/Qadars, waits for an infected machine to open a Facebook page.
Heartbleed's Never-Ending Drip, Drip, Drip
April 21, 2014
The Heartbleed vulnerability in OpenSSL has sent just about everyone who uses the Web for fun or profit gibbering madly in search of a solution, creating fertile ground for spammers, scammers and marketing types. Canada is in an uproar following a disclosure by the Canada Revenue Agency that a hacker had exploited Heartbleed to steal about 900 social insurance numbers from it over a six-hour span.
German Media Mogul Rips Google in Open Letter
April 18, 2014
The head of one of Germany's biggest media companies penned an open letter criticizing Google, saying that his company is afraid of Google and its ever-swelling power. The letter, written by Mathias Dopfner, the chief executive of media giant Axel Springer, opines that Google's technology platforms spread more quickly and more efficiently than anything in the world -- save "biological viruses."
Internet Leeches Drawn to Heartbleed
April 14, 2014
It's been more than a week since news of the Heartbleed flaw launched a frantic scramble on the Web, but security professionals' palpitations haven't subsided. The OpenSSL Software Foundation has issued a fix, and Google, Cisco, and hordes of other companies have begun patching their products. Predictably, scammers and spammers have climbed onto the Heartbleed solution bandwagon.
White Hats Use Heartbleed to Steal Keys
April 14, 2014
The tech industry reeled last week when security researchers discovered a flaw in a key security technology in the Internet's infrastructure. The bug, ghoulishly named "Heartbleed," was found in an open source library, OpenSSL, used by the protocol, SSL, used to encrypt data in transit on the Net. By exploiting the flaw with a specially crafted packet, hackers can extract data from a server's memory in 64K chunks.
The Pace of Federal IT Innovation Requires Vendor Patience
April 11, 2014
Federal information technology managers are as intrigued as any other IT community by the potential benefits from IT innovations. However, many federal managers continue to face challenges in adopting innovative technologies. Lack of funding, employee skill gaps, and lack of organizational buy-in are the top three constraints that inhibit the use of new technologies.
Consumers Can't Stanch Heartbleeding
April 11, 2014
Consumers can do little to protect themselves from the catastrophic Heartbleed bug. "Catastrophic is the right word," wrote security guru Bruce Schneier in his blog this week. "On the scale of 1 to 10, this is an 11." Heartbleed is an extension of the SSL/TLS protocol used to encrypt data in transit on the Internet. Heartbleed is used to keep a secure connection alive.
France Bans Mobile Phones During Cabinet Sessions
April 10, 2014
French President Francois Hollande has imposed a ban on mobile phones during cabinet sessions, forcing ministers to leave their devices at the door. The move is designed to help "focus on what we must do," a spokesperson said, and will ensure that government folk "talk and listen to what is said and will no longer be able to tap away at this magnificent tool."
SDF Cofounder Chris Davis: Bad Guys Will Need a New M.O.
April 09, 2014
In the war against malware, a new strategy is taking shape. The good guys are preparing to demolish the bad guys' most effective weapons: rogue websites. The Secure Domain Foundation will tackle the identification and prevention of Internet cybercrime through a series of steps designed to interfere with the way cybergangs operate online. SDF made its debut last month at ICANN 49 in Singapore.
Americans Distrust Tech Companies
April 07, 2014
The steady stream of reports on government surveillance of Americans has taken a toll on the image of high-tech companies, according to a Harris poll. More than two-thirds of Americans -- 67 percent -- feel technology companies violate their users' trust by helping the government spy on its citizens, suggests the poll of 2,000 consumers, which was sponsored by ESET.
Yahoo Issues Security Sitrep
April 03, 2014
Yahoo has announced a new effort to upgrade its security, in the wake of a torrent of breaches and hacker attacks over recent months. Yahoo's plans include encryption of data in motion, enabling HTTPS encryption, and implementing the latest in security best practices, said Chief Information Security Officer Alex Stamos, who took over the job in March.
April Schools' Day: School Canceled Thanks to IT System Hack
April 01, 2014
Well, an A for creativity. In Australia, someone penetrated a high school's IT system and penned text messages and emails to parents saying that the school had been badly damaged by a fire and was not fit for students. There was no truth to the message, however -- just a bit of April Fools' Day shenanigans. An unknown person apparently wiggled into the school's IT systems Tuesday morning.
Obama, Legislators Tackle Bulk Surveillance Issue
March 25, 2014
The political frenzy over the NSAy's collection of Americans' bulk telephone metadata is escalating, with both the White House and the U.S. House of Representatives' Intelligence Committee announcing plans to introduce legislation to regulate the practice. The White House's proposal reportedly would require phone companies to store the data and provide it under a court order.
China Seeks Answers About NSA/Huawei Report
March 25, 2014
China's government is asking the U.S. to explain itself -- and to knock it off with all the cyberespionage -- following reports that the National Security Agency has had its way with Chinese telecom giant Huawei. The NSA reportedly penetrated Huawei servers to monitor communications among company executives, and to gain access to the dealings of Huawei customers.
Twitter Bags Encryption Program
March 25, 2014
Twitter rose to notoriety by being the place where people spilled the minutiae of their lives, but there are times when its users don't want everyone online to see what they're thinking. For those occasions, there's direct messaging. When direct messages are sent by one tweeter to another, there's a certain expectation of privacy there -- even though little is done to protect those messages.
NSA Lifts Middle Finger to Middle Kingdom
March 24, 2014
Oh, there have been some good National Security Agency revelations. Like the one about the NSA tapping German Chancellor Angela Merkel's phone. Or the one about the NSA planting agents inside World of Warcraft, or impersonating Facebook in a global quest to spread malware. Delicious as all those stories are, however, last weekend's NSA bombshell may take the cake.
Report: NSA Listens to International Calls From the Past
March 19, 2014
The National Security Agency reportedly possesses a system that enables it to record telephone calls -- all telephone calls -- in a foreign country, and review conversations for up to a month after they took place. The system is said to be akin to a time machine, allowing for retroactive snooping on foreign targets. Billions of calls are stored in a 30-day rolling buffer.
Target Breach Lesson: PCI Compliance Isn't Enough
March 18, 2014
"Target was certified as meeting the standard for the payment card industry in September 2013. Nonetheless, we suffered a data breach." Those words by Target CEO Gregg Steinhafel affirmed what security experts know as gospel: Compliance does not equal security. "Just because you pass a PCI audit does not mean that you're secure," said HyTrust President Eric Chiu.

See More Articles in Cybersecurity Section >>
Facebook Twitter LinkedIn Google+ RSS