Attention Marketers: Access 30 Million IT Decision Makers with ECT News Network's INSTA-LEADS Click to Learn More!
Welcome Guest | Sign In
TechNewsWorld.com
Heartbleed-Weary Tech Firms Show OpenSSL a Little Love
May 30, 2014
Remember Heartbleed? Several weeks ago, the exposure of this security bug chilled the Internet, highlighting once again that even the seemingly unbreakable can be hacked. In the case of the Heartbleed vulnerability, encrypted data was at risk of theft. Sites potentially vulnerable to Heartbleed -- from Canada's Revenue Agency to AWS to Yahoo to Reddit -- urged users to change their passwords.
Destination Cloud: Are We There Yet?
May 29, 2014
There is growing interest in the cloud. It sounds absolutely perfect for both consumers and businesses. Some are jumping in -- so why isn't everyone? There are many pros and cons. Many use it successfully to build and manage their growing business, but many others fall victim to problems. What, exactly, is the cloud? "The cloud" is a general term that means many different things.
eBay's In With the Breached Crowd
May 21, 2014
If there's a list of retailers that have not exposed their customers' data to a security breach, it just got shorter. The most recent company to confess to being hacked is eBay, which on Wednesday began sending emails urging customers to change their passwords. eBay announced that a cyberattack had compromised a database containing encrypted passwords and other nonfinancial data.
Hackers Paint Bull's-eyes on Cybercurrencies
May 19, 2014
Another digital currency was brought to its knees last week when the administrators of Doge Vault had to suspend operations after they discovered their online wallet service had been attacked by hackers. Following an investigation of the incident and the reconstruction of some of their damaged information from a backup, the administrators contacted users.
Case Study: Software Security Pays Off for Heartland
May 14, 2014
Heartland Payment Systems has successfully leveraged software-assurance tools and best practices to drive better security within its IT organization -- and improve its overall business performance. In this podcast, Ashwin Altekar, director of enterprise risk management at Heartland, shares his insights and knowledge with Amir Hartman, the founder and managing director at MainStay.
Ransomware Gang Targets Android Phones
May 13, 2014
The Reveton Gang is at it again. This time, though, they're targeting users of Android phones -- typically visitors to porn sites. The gang that pioneered the idea of locking up a target's computer and demanding a ransom to unlock it has turned its attention to the rapidly growing mobile market. Once Reveton mobile infects a phone, it will display a bogus warning.
The Tangled Web of IoT Security
May 06, 2014
The Internet of Things, or IoT, consists of "uniquely identifiable objects and their virtual representations in an Internet-like structure," according to Wikipedia. The IoT is "the network of physical objects accessed through the Internet," according to Cisco Systems. In addition to there being no clear definition of the IoT, estimates vary widely about the number of unique devices it includes.
Security Pros Struggle With Cyberthreat Angst
May 05, 2014
As the volume and sophistication of cyberattacks increase, system defenders in the trenches are losing confidence in their ability to protect their organizations' information assets, suggests a survey released last week. The survey of almost 5,000 global IT security pros found that 57 percent felt their organizations were unprotected from sophisticated cyberattacks.
Microsoft Gives XP One last Hug
May 03, 2014
When Microsoft included Windows XP in the Internet Explorer zero-day browser vulnerability patch it issued this week, some industry observers were stunned. Had the company decided to backtrack on its assertion that it would no longer support XP? Had it knuckled under to user protests? Not really. Redmond has not decided to backtrack on killing support for Windows XP; it made a one-time exception.
Heartbleed: SaaS' Forbidden Experiment?
May 02, 2014
Have you ever heard the term "The Forbidden Experiment"? If you're not familiar with it, it's a concept originating in the behavioral sciences relating to challenges in understanding human language development. Specifically, the "experiment" in question refers to actually testing empirically what would happen if a child were raised without language.
Clandestine Fox Nips at Explorer's Heels
April 28, 2014
Microsoft's Internet Explorer Web browser has a flaw that allows hackers to commandeer control of computers, FireEye reported Saturday. Although the never-seen-before vulnerability can be found in all versions of the browser, hackers are targeting IE versions 9 through 11, according to a blog post by the three security researchers who made the discovery.
Verizon Dabbles in Security Reporting
April 23, 2014
Ninety-two percent of more than 100,000 incidents reported by 50 companies over the past 10 years fall into nine basic patterns, according to Verizon's 2014 data breach investigations report. An advance copy was released to the media Tuesday. Point-of-sale intrusions, Web app attacks, cyberespionage and card skimmers cause the most concern for data disclosure, it says.
Heartbleed and Heartache in FOSS Town
April 21, 2014
Well it's been a wild few weeks here in the Linux blogosphere, thanks not just to XP's demise but also the long-overdue discovery of the all-pervasive Heartbleed bug. That the bug is "catastrophic" appears to be beyond dispute; in fact, "some might argue that it is the worst vulnerability found ... since commercial traffic began to flow on the Internet," as at least one commentator suggested.
Heartbleed's Never-Ending Drip, Drip, Drip
April 21, 2014
The Heartbleed vulnerability in OpenSSL has sent just about everyone who uses the Web for fun or profit gibbering madly in search of a solution, creating fertile ground for spammers, scammers and marketing types. Canada is in an uproar following a disclosure by the Canada Revenue Agency that a hacker had exploited Heartbleed to steal about 900 social insurance numbers from it over a six-hour span.
Internet Leeches Drawn to Heartbleed
April 14, 2014
It's been more than a week since news of the Heartbleed flaw launched a frantic scramble on the Web, but security professionals' palpitations haven't subsided. The OpenSSL Software Foundation has issued a fix, and Google, Cisco, and hordes of other companies have begun patching their products. Predictably, scammers and spammers have climbed onto the Heartbleed solution bandwagon.
White Hats Use Heartbleed to Steal Keys
April 14, 2014
The tech industry reeled last week when security researchers discovered a flaw in a key security technology in the Internet's infrastructure. The bug, ghoulishly named "Heartbleed," was found in an open source library, OpenSSL, used by the protocol, SSL, used to encrypt data in transit on the Net. By exploiting the flaw with a specially crafted packet, hackers can extract data from a server's memory in 64K chunks.
FOSS Community Hustles to Fix Gaping Heartbleed Flaw
April 08, 2014
A flaw in OpenSSL that has been around since 2011, the Heartbleed Bug, lets hackers steal information protected by the SSL/TLS encryption used to secure the Internet. Codenomics, which co-discovered the flaw at about the same time as Google's Neel Mehta, tested some of its own services and found it could steal "the secret keys used for our X.509 certificates, user names and passwords" and more.
XP Users Have a Bad Headache Coming On
April 07, 2014
Money will be the biggest problem users of Windows XP will face when Microsoft officially stops supporting it on Tuesday. As a last resort, Microsoft is offering custom support for Windows XP as a temporary stopgap. That could cost as much as $200 per PC per year, Gartner estimated. The UK government reportedly has paid Microsoft about $9 million to extend Windows XP support for one year.
Yahoo Issues Security Sitrep
April 03, 2014
Yahoo has announced a new effort to upgrade its security, in the wake of a torrent of breaches and hacker attacks over recent months. Yahoo's plans include encryption of data in motion, enabling HTTPS encryption, and implementing the latest in security best practices, said Chief Information Security Officer Alex Stamos, who took over the job in March.
Clock Counting Down on Windows XP Support
April 01, 2014
As Microsoft prepares to cut off support for Windows XP, hackers are sharpening their knives in anticipation of carving up the operating system's carcass. Web predators will pounce on XP 10 minutes after Microsoft pulls the support plug on the software, predicted one former military computer specialist and network engineer. Indeed, it appears that information highwaymen are stockpiling ammunition.

See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS