Build Better Salesforce Reports. Business Intelligence for Salesforce customers. Get a Free Trial Today!
Welcome Guest | Sign In
TechNewsWorld.com
Cisco Erects 6 Pillars for the IoT
June 29, 2015
Cisco on Monday launched Cisco IoT System -- a new Internet of Things initiative comprised of 15 products geared toward improving device interoperability. As many as 50 billion devices and objects could be connected to the Internet by 2020, the company forecast, yet today more than 99 percent of things in the physical world currently are unconnected.
US, Brit Spooks Bedevil Security Software
June 24, 2015
The United States' National Security Agency and the UK's Government Communications Headquarters reportedly have been attacking antivirus and other security software since at least 2008. The aim is to infiltrate networks and track users. The agencies apparently have reverse-engineered security and antivirus software, sometimes under dubious legal authority.
Can Android Give BlackBerry New Life?
June 16, 2015
BlackBerry could be considering equipping an upcoming smartphone with Google's Android operating system, Reuters reported last week. The move would be consistent with BlackBerry's strategy to focus on software and device management instead of handsets. Such a pivot would take the company away from its current strategy to regain lost market share with a new generation of BlackBerry smartphones.
Duqu 2.0 Makes Other Malware Look Clunky
June 12, 2015
Duqu 2.0 may have just snatched the title of "most sophisticated malware ever," according to Kaspersky Lab, which published a report on the new threat this week. Kaspersky discovered Duqu 2.0 after the malware penetrated its own internal networks. "The philosophy and way of thinking of the Duqu 2.0 group is a generation ahead of anything seen in the APT world," said Kaspersky's Kurt Baumgartner.
Patch Tuesday Sunset Will Be a Mixed Bag for Windows Security
June 11, 2015
Microsoft will phase out Patch Tuesday -- its monthly potpourri of software product fixes -- when it rolls out Windows 10, which could be a mixed bag for the operating system's security. Patches will be applied automatically as they're ready. That means users no longer will have to wait until the second Tuesday in the month to secure their systems from potentially troublesome vulnerabilities.
US Snooping Costs High-Tech Sector $35B and Counting
June 10, 2015
Other countries' concerns over U.S. government surveillance programs likely will cost American businesses more than $35 billion, according to a report released Tuesday by the Information Technology & Innovation Foundation. Originally it was thought that the fallout from Edward Snowden's revelations of U.S. mass surveillance programs would be limited to cloud service providers.
US CIO Orders Federal Websites to Get More Secure
June 10, 2015
U.S. federal CIO Tony Scott on Monday sent a memo to the heads of executive departments and agencies requiring that all publicly accessible federal websites and Web services use HTTPS -- "the strongest privacy and integrity protection currently available for public Web connections." Some federal websites currently use HTTPS, but there has not been a consistent policy across the federal government.
OPM Security Was a Data Breach Waiting to Happen
June 9, 2015
Things could get worse before they get better as the FBI, US-CERT and Office of Personnel Management investigate a data breach that may have compromised the personal information of some 4 million current and past federal employees. Additional exposures of personal identifying information could be discovered, officials have warned. The OPM made the breach public last week.
Feds' Photobucket Strategy Could Hobble White Hats
June 2, 2015
There's a new twist in the way feds are seeking to penalize bad actors for making and distributing software used in crimes, suggest recent arrests by Justice Department and FBI officials. "There's a more concerted campaign to go after go after those folks who are distributing in the underground," said Tom Kellermann, chief cybersecurity officer at Trend Micro.
No Wrongdoing at NCIS, Says Defense Watchdog
May 28, 2015
The U.S. Department of Defense's Inspector General has rejected allegations that the Naval Criminal Investigative Service engaged in questionable domestic intelligence activity. The finding concluded a DoD IG probe spurred by allegations that NCIS was making available to military intelligence agencies its Law Enforcement Information Exchange, a database of 506.3 million law enforcement records.
Are Feds Losing the Cybersecurity Fight?
May 27, 2015
U.S. government agencies have invested time, effort and significant funding in the last several years to meet the challenges of cybersecurity threats, but the payoff has been disappointing, according to a report from the ISC2 Foundation. As part of its seventh Global Information Security Workforce Study, the foundation included a section that involved a survey of 1,800 federal IT professionals.
Containing the Zombie Malware Outbreak
May 22, 2015
Your computer could be operating as part of a botnet, sending out email spam, stealing confidential information, or furthering the spread of malware at this very moment. Computers can become zombies in many ways, but the most common technique is through a Trojan virus installed via malicious email attachments or drive-by downloads from infected websites.
DoJ Calls On Private Sector to Strengthen Cybersecurity
May 20, 2015
The Justice Department is stepping up its program to engage more actively with the private sector on dealing with cybercrime and cybersecurity breaches. "We in government know that we cannot go it alone in fighting cybercrime. We need a strong partnership with you in the private sector," Assistant Attorney General Leslie Caldwell said at a recent Cybersecurity Industry Roundtable.
Venom Less Toxic Than Heartbleed
May 20, 2015
It was a little over a year ago that the Heartbleed bug shocked the Internet with its potential for mischief. Now another flaw in open source code has sent network administrators into damage control mode. The bug, called "Venom" for "Virtualized Environment Neglected Operations Manipulation," allows an intruder to jump out of a virtual machine and execute malicious code on its host.
5 IT Security Implementation Myths
May 19, 2015
There's a common perception that implementing comprehensive IT security to protect against today's sophisticated threats and attacks is a difficult and expensive task, and that the benefits of replacing current solutions (even if highly ineffective) are seldom worthwhile. This mindset has resulted in many businesses dealing with a virtual patchwork of disparate systems.
FireEye, Microsoft Outsmart Clever Chinese Malware
May 15, 2015
FireEye and Microsoft have scotched a scheme by a group of cybercriminals based in China to use an IT pro forum to hide malicious activity, according to a report released Thursday. The Chinese gang known as "APT17" devised the scheme, which uses forum pages and profiles on Microsoft's TechNet, to cover traffic from machines infected with the group's Black Coffee malware.
Venom Vulnerability Could Violate Virtual Machines
May 14, 2015
Crowdstrike on Wednesday made public its discovery of yet another long-buried Linux vulnerability. "Venom," as it has been dubbed, was unearthed by the firm's senior security researcher, Jason Geffner. It is listed as vulnerability CVE-2015-3456. Venom exists in the virtual floppy drive code used by virtualization platforms based on QEMU, or quick emulator. It has been around since 2004.
Feds Value - but Don't Always Use - Big Data Tools for Cybersecurity
May 13, 2015
U.S. government agencies can significantly improve their ability to deal with cybersecurity problems by utilizing big data analytics. However, agencies are finding it difficult to fully benefit from these advanced analytical tools for a variety of reasons -- including dealing with the sheer volume of data. Cyberthreats hide in plain sight, suggests a recent report from MeriTalk.
Big Data Analytics Fights Insider Threats
May 13, 2015
Cyberdefenders for years have adopted Fort Apache strategies to protect their networks. Strong perimeters could prevent attackers from reaching precious data, they reasoned. As technology marched on, however, the idea of an impermeable wall became as quaint as the Maginot Line on the eve of World War II. Firewalls alone no longer were strong enough to keep data safe.
Mumblehard Malware Mugs Linux Servers
May 5, 2015
A family of Linux malware targeting Linux and BSD servers has been lurking around for five years. Dubbed "Linux/Mumblehard," the malware contains a backdoor and a spamming daemon, both written in Perl. The components are mainly Perl scripts encrypted and packed inside an executable and linkable format, or ELF, said Eset. In some cases, one ELF executable with a packer nests inside another.
Report: Top Endpoint Security Packages Perfectly Foil Drive-By Attacks
May 5, 2015
Drive-by attacks on the Internet are a particularly pernicious form of online threat, especially for individual Web surfers. On the corporate level, though, a company with good endpoint protection software can foil the malicious practice. A drive-by occurs when an infected website automatically downloads malware onto a Net traveler's computer. Endpoint solutions can thwart those kinds of attacks.
Our Bodies, Our Security: Biometrics vs. Passwords
May 4, 2015
Text-based usernames and password pairs should be replaced with biometric credentialing, such as vein recognition and ingestible security tokens, suggests Johnathan LeBlanc, PayPal's global head of developer evangelism. Celebrities have been mortified, Sony Pictures Entertainment brought to its knees, and Home Depot sent scrambling to EuroPay Mastercard Visa's chip and pin earlier than mandated.
Apple Watch Could Be a Password Alternative
April 30, 2015
With password tolerance levels at an all time low, alternatives to the pesky and insecure authenticators are beginning to abound. One of those alternatives could be the Apple Watch. Even before Apple's latest gadget began shipping last week, MicroStrategy announced it was extending its Usher enterprise security solution to the Apple Watch. Usher on the Apple Watch allows it to act as a digital key.
IoT: Why Security Pros Need to Prepare Now
April 29, 2015
Have you ever heard of the Cullinan diamond? If you haven't, it was the largest diamond ever discovered: a 3106 carat diamond found in 1905 in South Africa. What's interesting about the Cullinan diamond isn't so much the discovery of the stone itself but what happened afterward: specifically, the cutting of the diamond. The Cullinan diamond was split into a number of smaller pieces.

See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS
If I had to give up one of these, it would be...
My tablet
My laptop