Maximize Your Salesforce ROI with Premier Success. Learn More >
Welcome Guest | Sign In
TechNewsWorld.com
Faster Results. 80% Higher ROI. Salesforce Premier Success.
Admins Grapple With Shadow Tech
September 03, 2014
If you want to see an IT pro twitch, bring up Shadow IT in a conversation. "Shadow IT" is a term applied to technology deployed by an organization's users outside the purview of the IT department. It's bothersome to system shepherds because it can open up an organization to data leakages. It's also growing. Many Shadow IT programs run in the cloud, but all clouds are not created equal.
Russian Hackers Sack US Banks: Report
August 29, 2014
Hackers appear to have stolen data from JPMorgan Chase and at least one other U.S. bank in retaliation for economic sanctions against Russia. The raid on the banks' computer systems reportedly resulted in the theft of gigabytes of sensitive data. JPMorgan did not confirm the incident. However, the FBI is conducting an investigation into reports of cyberattacks on U.S. banks.
Hacker Attacks on Healthcare Providers Jump 600 Percent
August 28, 2014
The recent data breach at Community Health Systems, in which Chinese hackers stole the personal information of 4.3 million patients, was another sign of a disturbing trend: Healthcare providers are coming under cyberattack at an alarming rate. "We've seen a 600 percent increase in attacks on the healthcare sector in the last 10 months," said Carl Leonard, senior manager at Websense Security Labs.
It's Time Companies Put Mobile First
August 21, 2014
A growing number of consumers are becoming mobile-first or even mobile-only, so why not businesses? Granted, it is hard to image the company whose computing power and data could be accessed and manipulated only through a mobile device. However, a company that gives mobile the same status and resources as its other IT initiatives? That is a little easier to envision.
Mobile App Attacks: No Malware, No Problem
August 19, 2014
Traditional attack methods, like those used with the recent mobile online banking Trojan Svpeng, involve the installation of malware on the device to steal information and commit fraud. However, new techniques are emerging that would enable an attacker to compromise a device and steal private information from the owner -- for example, the typical copycat app on a third-party app store.
Taking the Temperature of Java App Security
August 11, 2014
Current approaches to Java application protection place security at the application or the network layer, both of which are problematic. The first approach has proven to be too complex, too time consuming and too risky -- in other words, "too hot." Meanwhile, network level security that consists of perimeter devices lacks the intelligence to know what's going on inside the application.
Carrier Software Flaws Imperil Smartphones: Report
August 08, 2014
Wireless carriers pose a threat to mobile phone security, researchers have disclosed. Mathew Solnik and Marc Blanchou of Accuvant this week told an audience at the Black Hat security conference in Las Vegas that Android, BlackBerry and some iOS devices are vulnerable. The problem lies in a device management tool using the OMA Device Management Standard, which carriers embed into mobile devices.
Russian Cybergang Stockpiles 1.2B Unique Stolen Credentials
August 07, 2014
A Russian cybercriminal gang so far has stolen 4.5 billion credentials, of which 1.2 billion appear to be unique, Hold Security has announced. The credentials belong to more than 500 million email addresses. Two reports released Tuesday may help explain why the cybergang was so successful. About 92 percent of the 800 top consumer websites evaluated failed the OTA's 2014 Email Integrity Audit.
BlackBerry Ripe for Growth, Predicts CEO Chen
August 06, 2014
BlackBerry -- the "sick man of mobile" -- is poised for better times. That was the sentiment expressed by CEO John Chen in an internal memo distributed to BlackBerry employees last week. BlackBerry has completed its restructuring and the workforce reductions that started three years ago have been completed, Chen reportedly wrote in the memo. Better yet, it may soon be adding workers.
Retailers Harassed by Backoff Malware
August 05, 2014
The U.S. Department of Homeland Security last week sounded an alarm warning retailers of a family of malicious programs aimed at compromising point-of-sale systems. Attackers used such software last year in massive data breaches that nicked millions of consumer records at Target and Nieman Marcus. Variants of the Backoff family have turned up in at least three forensic investigations.
Russia Cites Surveillance Concerns in Apple, SAP Source Code Demands
July 31, 2014
Russia wants Apple and SAP to turn over their source code in yet another instance of fallout resulting from leaks about NSA surveillance activities. The suggestion reportedly came last week, when Communications Minister Nikolai Nikiforov met with executives of the two companies: Peter Nielsen, Apple's general manager in Russia; and Vyacheslav Orekhov, SAP's managing director in Russia.
Hackers Back to Their Old Tricks
July 30, 2014
Old tricks that have helped hackers penetrate computers for months or longer worked again last week at Goodwill and Stubhub. Taking a page from the gang that pillaged payment card and personal information from Target last year, hackers clipped payment card information from an undisclosed number of Goodwill Industries International customers. It's believed point-of-sale systems were compromised.
Android's Fake ID Could Put Millions in Jeopardy
July 30, 2014
An Android vulnerability that exists in every version from v2.1 Eclair to v. 4.3 Jelly Bean could expose millions of users, Bluebox Security has warned. The flaw lets attackers fake the certificates of specially privileged parties, such as Adobe and Google Wallet, and serve them up with malware that bypasses detection by Android. Attackers then can take over every app running on an Android device.
BlackBerry Picks Secusmart to Tighten Mobile Security
July 29, 2014
BlackBerry on Tuesday announced plans to acquire Secusmart, a developer of high-security voice and data encryption and anti-eavesdropping technologies. Mobile devices increasingly are being used for more critical tasks and to store more critical information, noted CEO John Chen. "The acquisition of Secusmart underscores our focus on addressing growing security costs and threats."
Chinese Turn the Screws on Microsoft
July 28, 2014
China is ramping up its campaign against Microsoft, following its ban in May on the installation of Windows 8 on government computers. Officials of China's State Administration for Industry & Commerce reportedly have made unannounced visits to Microsoft offices in Beijing, Shanghai, Guangzhou and Chengdu. They apparently questioned staff in at least one office.
Failure to Communicate Hamstrings Cyberdefenders
July 23, 2014
A failure to communicate between security pros and company brass may be contributing to the inability of a significant number of organizations to reduce the risk of cyberattacks on their systems. Thirty-one percent of the nearly 5,000 respondents surveyed for a recent study said their cybersecurity team never met with the executive team about cybersecurity.
Cloud App Security: Foggy With Low Visibility
July 21, 2014
While the cloud promises faster time to market and reduced costs, it also presents a new landscape for hackers to attack and achieve their goals -- namely, to find and gain unauthorized access to data and information. Attackers follow the data they are after, and if that data is residing in the cloud, then they are going to start operating in the cloud as well.
Gameover Zombies on the March Again
July 17, 2014
The Gameover botnet is back, more or less, only six weeks or so after the Justice Department announced that an FBI-led multinational effort had disrupted it. Still, the botnet's downtime was longer than expected -- the UK's National Crime Agency had warned that the people running it would regain control within two weeks. Sophos this week spotted a new version of the malware.
Google's Project Zero Cybersecurity Watch: No Excuses
July 15, 2014
Google on Tuesday announced Project Zero, an effort to speed up the security bug-fixing process. A team of cybersecurity experts will go after vulnerabilities in any and all software, notify the vendors, and then file bug reports in a public database so users can track the issuance of patches. The Project Zero team has promised to send bug reports to vendors in as close to real-time as possible.
What's Eating Internet Security?
July 15, 2014
It's a given that hackers can and do penetrate websites with laughable ease, ranging from those of retailers to those of the United States government. It certainly doesn't help the security-minded to know that the U.S. National Security Agency and other countries' spy agencies, including the UK's GCHQ and the West German intelligence agency, are tapping into online communications at will.
Critical Infrastructure Companies Lack Cyberdefenses
July 11, 2014
Companies providing the world's critical infrastructure are woefully unprepared for cyberattacks despite the increasing threat level, evidenced by the release of the Stuxnet worm and the Shamoon virus in recent years, found a survey conducted by the Ponemon Institute and Unisys. Nearly 70 percent of the 599 surveyed companies in the past 12 months have reported at least one security breach.
Your Abandoned Smartphone May Betray You
July 09, 2014
Doing a factory reset to wipe the data off smartphones does not work, and the data can be recovered, warned Avast. The company recovered tons of data, including more than 40,000 stored photographs, from 20 used Android phones purchased from eBay. Device owners need to overwrite their files to make them irretrievable, Avast said, touting one of the applications it offers.
Report: Malware Poisons One-Third of World's Computers
July 09, 2014
Nearly one-third of the world's computers could be infected with malware, suggests a report released last week by the Anti-Phishing Working Group. Malicious apps invaded 32.77 percent of the world's computers, a more than 4 percent jump from the previous quarter's 28.39 percent, it estimates. The increase in infected computers has come hand-in-hand with a jump in the appearance of malware samples.
Dragonfly Swoops Down on Energy Firms
July 01, 2014
The energy industry in the United States and Europe is being targeted by a cybercriminal gang that's suspected of being state-sponsored and has links to Russia. Known variously as "Dragonfly" and "Energetic Bear," the group has been operating at least since 2011. Its focus appears to be espionage and persistent access, with a side dish of sabotage as required, Symantec said.

See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Faster Results. 80% Higher ROI. Salesforce Premier Success.