Modern endpoint backup means real-time data protection. Get it from Code42. Click here.
Welcome Guest | Sign In
TechNewsWorld.com
Code42
Civil Rights Office Issues Ransomware Guidance
July 22, 2016
Ransomware infections are on the rise, and healthcare organizations are ripe targets, which may be why the federal government addressed the subject last week. Ransomware attacks have risen from about 1,000 a day last year to 4,000 a day this year, Symantec has reported. Many of those attacks are for small change, but some of the larger ones have been directed at healthcare providers.
Congressional Committee Report Finds Something Rotten at FDIC
July 18, 2016
Officials at the U.S. Federal Deposit Insurance Corporation, which insures deposits in U.S. banks, made false statements to Congress and failed to make timely notification of serious cybersecurity breaches, according to a U.S. House of Representatives Committee on Science, Space and Technology's interim staff report. FDIC CIO Lawrence Gross has created a toxic work environment, it also says.
Mobile Ransomware Has Mushroomed: Report
July 8, 2016
The number of mobile ransomware victims across the globe has increased fourfold compared to a year ago, suggests a Kaspersky Lab report. Kaspersky software protected 136,532 users targeted by ransomware from April 2015 to March 2016 -- up from 35,413. "The growth curve may be less than that seen for PC ransomware, but it is still significant enough to confirm a worrying trend," the report notes.
BlackBerry Lets Go of Its Classic Phone
July 5, 2016
BlackBerry on Tuesday announced it will cease manufacturing the BlackBerry Classic. "The Classic has long surpassed the average lifespan for a smartphone in today's market," noted COO Ralph Pini. "To keep innovating and advancing our portfolio, we are updating our smartphone lineup with state-of-the-art devices." BlackBerry intends to continue supporting its BlackBerry 10 platform, however.
Symantec Scrambles to Fix Flaws After Google Sounds Alarm
July 5, 2016
Symantec last week confirmed that it had developed fixes for a series of eight vulnerabilities found in its portfolio of security products for enterprise and consumer customers, after an outside researcher identified the problem. A researcher from Google's Project Zero alerted the company, but there was no evidence of the vulnerability being exploited in the wild.
Pichai Account Trespassers Claim Their Hacking Heart's in the Right Place
June 29, 2016
Hackers late Sunday broke into CEO Sundar Pichai's Quora account and through it accessed his Twitter followers, according to reports. The group taking credit for the breach, OurMine Security, previously hit other prominent high-tech figures, including Facebook CEO Mark Zuckerberg, Spotify CEO Daniel Elk, Amazon CTO Werner Vogels and former Twitter CEO Dick Costolo.
Study: Third-Party Apps Pose Risks for Enterprises
June 23, 2016
Since mobile computing put an end to the good old days when IT departments had absolute control over software deployed in the enterprise, there's been a rise in employees' use of third-party applications -- a rise that poses security risks to corporate environments. That is one of the findings in a report CloudLock released last week.
Google Makes It Easier to Do the 2-Step
June 21, 2016
Google on Monday began rolling out a new two-step authentication feature, Google Prompt, targeting enterprise employees. The new option consists of a pop-up that displays a mobile user's name and profile image, and that specifies the location and device involved in the attempted sign-in. The device owner is asked whether to allow or deny the sign-in.
Russians Hack DNC Servers to Get Goods on Trump
June 15, 2016
Two groups of Russian hackers burrowed into the Democratic National Committee's servers and spent months stealing information on Donald Trump, the Republican Party's presumptive presidential nominee, according to Crowdstrike. The security firm identified "two sophisticated adversaries on the network," noted CTO Dmitri Alperovitch, dubbed "Cozy Bear" and "Fancy Bear."
Banking Trojans Take Backseat to Ransomware
June 4, 2016
The banking trojan -- a type of malware used to steal credentials for bank accounts -- has been a staple of cyberthieves for years. However, ransomware, which has proven both easy to use and highly successful, has started eroding its popularity. In a typical banking trojan attack, a robber mounts a phishing campaign to entice a target to open an attachment or click on a link.
Hacker Hawks 2-Year-Old Cache of 117M LinkedIn User IDs
May 23, 2016
A hacker reportedly has offered to sell the account information of 117 million LinkedIn users, which was stolen in a 2012 hack. The data includes users' email addresses and passwords.The hacker, who goes by the handle "Peace," reportedly offered the data on The Real Deal -- a site on the dark web -- for 5 bitcoins -- about $2,200. LeakedSource last week announced it had more than 167 million stolen records.
Gang Surrenders Key to TeslaCrypt Ransomware Kingdom
May 20, 2016
Eset on Wednesday announced that it has fashioned a free tool that victims of all variants of the TeslaCrypt ransomware can use to unlock affected files. After the criminal gang behind TeslaCrypt recently abandoned support of the malicious software, an Eset analyst contacted the group anonymously, using the channel offered to ransomware victims, and asked for the universal master decryption key.
Flaw Puts a Billion Wireless Mice at Risk
May 20, 2016
Wireless mice and keyboards are the perfect accessories for a world in which devices increasingly are shuffling off their connection coils, but those accessories -- especially untethered rodents -- also can create new threats for those who use them. One such threat is Mousejack. The attack exploits a vulnerability found in 80 percent of wireless mice.
Docker Ramps Up Container Security
May 13, 2016
Docker this week announced the rollout of security scanning technology to safeguard container content across the entire software supply chain. Docker Security Scanning is an opt-in service for Docker Cloud private repository plans. It provides a security assessment of the software included in container images. It enables detailed image security profiles.
Data Breaches Chip Away at IT Pros' Confidence in Security
May 12, 2016
The daily barrage of data breach news appears to be eroding confidence in security solutions. Fifty percent of IT pros aren't confident about the ability of their security measures to protect their data, according to a survey released last week by Barkly. The high percentage of IT pros with doubts about their security systems caught Barkly CTO Jack Danahy off-guard.
Report: Companies in the Dark About Their Open Source Risk Exposure
May 10, 2016
Commercial software is full of security vulnerabilities from unpatched open source components developers use, according to a report Black Duck Software issued last week. Software companies misjudge how much open source code their commercial products contain, according to the report, which is based on an analysis of 200 applications researchers viewed over the previous six months.
ISIS Cyberthreat: Puny but Gaining Power
May 5, 2016
The Islamic State group's cyberwar capabilities are unsophisticated, but they won't be that way for long. That was the conclusion of a 25-page report released last week by Flashpoint. The report, "Hacking for ISIS: The Emergent Cyber Threat Landscape," found that the Islamic State's "overall capabilities are neither advanced nor do they demonstrate sophisticated targeting."
Cybersecurity Goals to Guide Federal Software Spending
May 4, 2016
The U.S. government is on track to significantly boost spending on cybersecurity solutions. However, evolving requirements to greatly improve federal protection of information technology resources will shape that spending. In fact, federal cyberprotection goals should be augmented and significantly modified, according to recent studies of the federal market.
IT Execs Join Federal Cybersecurity Panel
April 28, 2016
Key components of the Obama administration's multipronged cybersecurity initiative keep falling into place. One of the most recent developments was the formation of a federal Commission on Enhancing National Cybersecurity. Another was the formal introduction in Congress of the administration's information technology investment plan, which is heavily tilted toward cybersecurity protection.
White Hat Finds Security Threats on Facebook's Corporate Net
April 26, 2016
A white hat hacker last week announced the discovery of more than a half-dozen security flaws in some software Facebook used on its corporate network. While performing penetration testing third-party software in a network appliance Facebook used, Orange Tsai discovered seven vulnerabilities that attackers could use to compromise a system, as well as a backdoor script left by someone else.
Insurance Industry Buzzes Over Data Breach Ruling
April 21, 2016
If the rash of data breaches in recent months has done anything for businesses, it's raised their awareness of cyber liability insurance. The market for cyber liability insurance is expected to increase dramatically as businesses become more aware that their current policies don't adequately cover cyber-risks, according to the National Association of Insurance Commissioners.
Journalist Gets 2-Years in Prison for Aiding Anonymous Prank
April 19, 2016
A U.S. District Court judge last week sentenced Matthew Keys to two years in prison after he was found guilty of conspiring with the hacker group Anonymous to break into the Los Angeles Times' website and modify a news story. Keys had been site administrator for KTXL Fox 40, which was owned by Tribune, the same company that owned the Times.
Feds Prep for Cybersecurity Buying Spree
April 18, 2016
The U.S. government's objectives for improving cybersecurity are taking shape in updated contracting procedures, contracts and projected increases in spending. Recent developments have underscored the federal commitment to IT security. The GSA has asked vendors to respond by Wednesday to a research survey on what it should do to expedite federal acquisition of cybersecurity products and services.
Microsoft Sues DoJ Over Spying Gag Orders
April 15, 2016
Microsoft on Thursday filed suit against the U.S. Department of Justice challenging the gag orders that accompany requests to access customers' private emails and other data. The orders prevent the company from notifying affected customers about the government's demands. The case is the fourth public lawsuit it has filed against the Justice Department in three years.
E2E Encryption Could Make WhatsApp a Spam Magnet
April 15, 2016
Facebook's WhatsApp last week announced it would roll out end-to-end encryption for its users, but the move could make the service more attractive to spammers. While encryption can safeguard information from data thieves, it also can block data protectors. The policy "will not stop the growth of spam on the platform and could make the problem worse," AdaptiveMobile's Simeon Coney said.
Hortonworks Ramps Up Hadoop Security
April 14, 2016
Hortonworks this week announced a series of enterprise security efforts to bolster performance and data safety with its Hortonworks Data Platform. The company announced that Pivotal Software will standardize on Hortonworks' Hadoop distribution. The thrust of the product announcements concerned updates on applying security policies and maintaining data governance.
CFPB Asserts Jurisdiction Over E-Commerce Privacy Regulation
April 12, 2016
Another federal agency has entered the arena for regulating e-commerce companies regarding the protection of consumer data. The federal Consumer Financial Protection Bureau has closed its first and so far only privacy case with a consent agreement between itself and an online payments processor. The CFPB charged that Dwolla misled consumers that its information was encrypted and stored securely.
Adobe Issues Emergency Patch to Head Off Flash Ransomware Attacks
April 11, 2016
Adobe last week issued an emergency security patch to fix a vulnerability in Flash that could leave users vulnerable to a ransomware attack. The vulnerability exists in Adobe Flash Player 21.0.0.197 and earlier versions for Windows, Macintosh, Linux and Chrome operating systems. It can cause a crash and leave the computer vulnerable to attackers, the company said.
DC Healthcare Provider Limps On After Malware Attack
April 1, 2016
Despite its computer systems being infected with malware since Monday, MedStar Health, which operates 10 hospitals and more than 250 outpatient facilities in and around Washington, D.C., has continued to provide patient care at near normal levels, according to several updates released this week. Since the malware attack occurred, MedStar Health has treated an average of 3,380 patients a day.
Firm Wins Patent for Novel Way to Detect Spearphishing
March 31, 2016
Hackers in recent weeks have stepped up their efforts to steal employee tax information from companies in all kinds of industries. Typically, the information contained on IRS form W-2 is used to file false tax returns or steal someone's identity. The situation has become so bad that the IRS earlier this month issued an alert to human resources and payroll professionals about the subject.
See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Code42
Would you drive a Tesla?
I already do, and I love it!
Yes -- if the price were lower.
No -- I wouldn't trust its Autopilot.
I'd drive an electric car but not a Tesla.
I'm not yet sold on electric vehicles.
Code42