OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
TechNewsWorld.com
IT Execs Join Federal Cybersecurity Panel
April 28, 2016
Key components of the Obama administration's multipronged cybersecurity initiative keep falling into place. One of the most recent developments was the formation of a federal Commission on Enhancing National Cybersecurity. Another was the formal introduction in Congress of the administration's information technology investment plan, which is heavily tilted toward cybersecurity protection.
White Hat Finds Security Threats on Facebook's Corporate Net
April 26, 2016
A white hat hacker last week announced the discovery of more than a half-dozen security flaws in some software Facebook used on its corporate network. While performing penetration testing third-party software in a network appliance Facebook used, Orange Tsai discovered seven vulnerabilities that attackers could use to compromise a system, as well as a backdoor script left by someone else.
Insurance Industry Buzzes Over Data Breach Ruling
April 21, 2016
If the rash of data breaches in recent months has done anything for businesses, it's raised their awareness of cyber liability insurance. The market for cyber liability insurance is expected to increase dramatically as businesses become more aware that their current policies don't adequately cover cyber-risks, according to the National Association of Insurance Commissioners.
Journalist Gets 2-Years in Prison for Aiding Anonymous Prank
April 19, 2016
A U.S. District Court judge last week sentenced Matthew Keys to two years in prison after he was found guilty of conspiring with the hacker group Anonymous to break into the Los Angeles Times' website and modify a news story. Keys had been site administrator for KTXL Fox 40, which was owned by Tribune, the same company that owned the Times.
Feds Prep for Cybersecurity Buying Spree
April 18, 2016
The U.S. government's objectives for improving cybersecurity are taking shape in updated contracting procedures, contracts and projected increases in spending. Recent developments have underscored the federal commitment to IT security. The GSA has asked vendors to respond by Wednesday to a research survey on what it should do to expedite federal acquisition of cybersecurity products and services.
Microsoft Sues DoJ Over Spying Gag Orders
April 15, 2016
Microsoft on Thursday filed suit against the U.S. Department of Justice challenging the gag orders that accompany requests to access customers' private emails and other data. The orders prevent the company from notifying affected customers about the government's demands. The case is the fourth public lawsuit it has filed against the Justice Department in three years.
E2E Encryption Could Make WhatsApp a Spam Magnet
April 15, 2016
Facebook's WhatsApp last week announced it would roll out end-to-end encryption for its users, but the move could make the service more attractive to spammers. While encryption can safeguard information from data thieves, it also can block data protectors. The policy "will not stop the growth of spam on the platform and could make the problem worse," AdaptiveMobile's Simeon Coney said.
Hortonworks Ramps Up Hadoop Security
April 14, 2016
Hortonworks this week announced a series of enterprise security efforts to bolster performance and data safety with its Hortonworks Data Platform. The company announced that Pivotal Software will standardize on Hortonworks' Hadoop distribution. The thrust of the product announcements concerned updates on applying security policies and maintaining data governance.
CFPB Asserts Jurisdiction Over E-Commerce Privacy Regulation
April 12, 2016
Another federal agency has entered the arena for regulating e-commerce companies regarding the protection of consumer data. The federal Consumer Financial Protection Bureau has closed its first and so far only privacy case with a consent agreement between itself and an online payments processor. The CFPB charged that Dwolla misled consumers that its information was encrypted and stored securely.
Adobe Issues Emergency Patch to Head Off Flash Ransomware Attacks
April 11, 2016
Adobe last week issued an emergency security patch to fix a vulnerability in Flash that could leave users vulnerable to a ransomware attack. The vulnerability exists in Adobe Flash Player 21.0.0.197 and earlier versions for Windows, Macintosh, Linux and Chrome operating systems. It can cause a crash and leave the computer vulnerable to attackers, the company said.
DC Healthcare Provider Limps On After Malware Attack
April 1, 2016
Despite its computer systems being infected with malware since Monday, MedStar Health, which operates 10 hospitals and more than 250 outpatient facilities in and around Washington, D.C., has continued to provide patient care at near normal levels, according to several updates released this week. Since the malware attack occurred, MedStar Health has treated an average of 3,380 patients a day.
Firm Wins Patent for Novel Way to Detect Spearphishing
March 31, 2016
Hackers in recent weeks have stepped up their efforts to steal employee tax information from companies in all kinds of industries. Typically, the information contained on IRS form W-2 is used to file false tax returns or steal someone's identity. The situation has become so bad that the IRS earlier this month issued an alert to human resources and payroll professionals about the subject.
Chinese National Cops Plea in Defense Secrets Case
March 29, 2016
A Chinese aviation and aerospace businessman last week pleaded guilty to participating in a conspiracy to steal sensitive military and export-controlled data from major U.S. defense contractors and send the information to China, according to the U.S. Department of Justice. Su Bin, also known as Stephen Su and Stephen Subin, entered the plea before Judge Christina A. Snyder.
Ransomware's Aftermath Can Be More Costly Than Ransom
March 24, 2016
Downtime caused by a ransomware attack can cost a company more than paying a ransom to recover data encrypted by the malware, according to a report released last week by Intermedia. Nearly three-quarters (72 percent) of companies infected with ransomware could not access their data for at least two days because of the incident, and 32 percent couldn't access their data for five days or more.
Apple Ransomware Reveals Cert Problem
March 17, 2016
Researchers last week discovered the first ransomware in the wild aimed at Apple's hardware platform. While the threat was subdued quickly, it exposed the weakness of digital certificates in authenticating software to devices. The ransomware appeared as a legitimate application because it contained a digital certificate stolen from a bona fide Mac developer in Turkey.
White House Proposes $3B IT Update Fund
March 10, 2016
The Obama administration is seeking $3.1 billion for a modernization fund to update federal IT resources that need to be replaced with more efficient systems. The fund would bolster the government's annual spending on IT, which is set for a modest increase to $89.8 billion in the administration's proposed budget for fiscal 2017. Upgrading older systems has been a concern for some time.
Quantum Computer Leap Could Make Today's Encryption Passe
March 8, 2016
Researchers at MIT and the University of Innsbruck last week announced that they had designed and constructed the world's first scalable quantum computer, a development that could make existing encryption technology obsolete. They built the computer using five atoms in an ion trap. The researchers used laser pulses to carry out an algorithm on each atom to correctly factor the number 15.
Malvertisers Use Digital Fingerprints to Avoid Detection
March 4, 2016
In the world of computer security, fingerprints are found in more places than where the tips of hands touch. That's because the term is applied to any data set that can be used to make a unique identification. Antifraud programs online retailers use can identify customers by the structure of the files on their computers. In fact, the technique works so well, malicious actors use it.
For Federal Cloud Investing, Change Is the Only Constant
March 4, 2016
Vivek Kundra, the former federal CIO, envisioned that 25 percent of the funds the federal government spends each year on IT could productively be deployed through cloud-based systems. Two recent reports show that for government IT managers, market and technical factors that were nonexistent or modest in their impact when Kundra was serving as federal CIO will affect future cloud deployments.
Cryptography Pioneers Win Million-Dollar Turing Award
March 3, 2016
The Association of Computing Machinery on Tuesday named Whitfield Diffie and Martin E. Hellman recipients of the 2015 ACM A.M. Turing Award for their contributions to modern cryptography. Their invention of public key cryptography and digital signatures revolutionized computer security, the organization said. The award includes a $1 million prize, with financial support provided by Google.
Report: 3.5 Million HTTPS Servers Vulnerable to DROWN
March 2, 2016
A report released Tuesday on the DROWN vulnerability raises concerns about possible attacks that could expose encrypted communications. DROWN is a serious vulnerability that affects HTTPS and other services using SSL version 2, according to the team of security researchers who compiled the report. The protocols affected are some of the essential cryptographic protocols for Internet security.
Microsoft Bolsters Cloud Security
February 29, 2016
Microsoft last week announced measures to improve security management and transparency for Azure cloud services and Office 365. The features, which come from technology Microsoft acquired last year when it purchased Adallom, will bolster security in cloud apps such as Office 365, Box, Salesforce, ServiceNow and Ariba. The reinforcements are the first of a series of planned measures.
Operation Blockbuster Brings the Fight to Sony Hackers
February 25, 2016
Operation Blockbuster, a coalition of security companies led by Novetta, on Wednesday published a report detailing the activities of the Lazarus Group, the organization responsible for the 2014 cyberattack against Sony Pictures Entertainment. Researchers last week published detection signatures to the companies' respective software in the hope of disrupting the group's activities.
The Downside of Linux Popularity
February 25, 2016
Popularity is becoming a two-edged sword for Linux. The open source operating system has become a key component of the Internet's infrastructure, and it's also the foundation for the world's largest mobile OS, Google's Android. Widespread use of the OS, though, has attracted the attention of hackers looking to transfer the dirty tricks previously aimed at Windows to Linux.
Security Pros to Users: Do as We Say, Not as We Do
February 24, 2016
IT pros -- the gatekeepers of company security policies -- are willing to bend the rules to get things done, according to Absolute Software, based on survey findings it released last week. Forty-five percent of IT pros confessed they knowingly worked around their own security policies, according to the survey. Moreover, 33 percent admitted to hacking their own or another organization's systems.
Dell's Embedded PCs Take the IoT to the Mainstream
February 23, 2016
Dell on Tuesday announced the release of its first purpose-built industrial PC products for the mainstream market: the Embedded Box PC 3000 Series and 5000 Series. The products are a response to the growing embedded computing market and the lack of reliable devices, Dell said. The embedded systems market is expected to reach $23.1 billion in 2019, according to a Technavio study.
Hollywood Hospital Succumbs to Hacker Shakedown
February 19, 2016
Hollywood Presbyterian Medical Center on Wednesday announced that it paid approximately $17,000 to resume normal operations after digital extortionists knocked its computer systems offline. The Los Angeles hospital discovered its computer network infected with ransomware earlier this month. After paying the ransom, the hospital was able to bring its electronic medical record system online.
New IBM Mainframe Promises Advanced Security for Hybrid Clouds
February 18, 2016
IBM on Tuesday introduced the z13s, a mainframe computer system optimized for hybrid cloud deployment. The z13s is designed to provide advanced cryptography for mid-sized firms that need a high level of data protection. The advanced cryptography includes built-in hardware security features that effectively double the speed of data encryption and decryption over prior generations of computers.
DHS Ready to Share Intelligence With Private Sector
February 18, 2016
The U.S. Department of Homeland Security this month will start sharing threat information with a small number of hand-picked companies under the newly enacted Cybersecurity Information Sharing Act. DHS hopes to collect threat indicators from companies and redistribute them to other companies so everyone gets a better view of threats and can use that knowledge to bolster defenses.
Hollywood Hospital Hacked Back to Paper Age
February 17, 2016
Hollywood Presbyterian Medical Center last week revealed its computer systems were offline after a ransomware attack scrambled the data on its systems. Ransomware is a form of malware that encrypts data and system files on a computer and demands a ransom payment to unscramble the files. Since the attack, HPMC medical personnel have resorted to faxes and handwritten charts to perform their tasks.
See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS
What best reflects your opinion on online privacy?
We need new laws to curb government spying.
It's dead -- Google, Facebook and others killed it.
Personalized advertising is the worst -- it's creepy.
It's achievable through encryption and other tech.
It's an overblown issue -- I have nothing to hide.