Modern endpoint backup means real-time data protection. Get it from Code42. Click here.
Welcome Guest | Sign In
TechNewsWorld.com
Code42
Operation Blockbuster Brings the Fight to Sony Hackers
February 25, 2016
Operation Blockbuster, a coalition of security companies led by Novetta, on Wednesday published a report detailing the activities of the Lazarus Group, the organization responsible for the 2014 cyberattack against Sony Pictures Entertainment. Researchers last week published detection signatures to the companies' respective software in the hope of disrupting the group's activities.
The Downside of Linux Popularity
February 25, 2016
Popularity is becoming a two-edged sword for Linux. The open source operating system has become a key component of the Internet's infrastructure, and it's also the foundation for the world's largest mobile OS, Google's Android. Widespread use of the OS, though, has attracted the attention of hackers looking to transfer the dirty tricks previously aimed at Windows to Linux.
Security Pros to Users: Do as We Say, Not as We Do
February 24, 2016
IT pros -- the gatekeepers of company security policies -- are willing to bend the rules to get things done, according to Absolute Software, based on survey findings it released last week. Forty-five percent of IT pros confessed they knowingly worked around their own security policies, according to the survey. Moreover, 33 percent admitted to hacking their own or another organization's systems.
Dell's Embedded PCs Take the IoT to the Mainstream
February 23, 2016
Dell on Tuesday announced the release of its first purpose-built industrial PC products for the mainstream market: the Embedded Box PC 3000 Series and 5000 Series. The products are a response to the growing embedded computing market and the lack of reliable devices, Dell said. The embedded systems market is expected to reach $23.1 billion in 2019, according to a Technavio study.
Hollywood Hospital Succumbs to Hacker Shakedown
February 19, 2016
Hollywood Presbyterian Medical Center on Wednesday announced that it paid approximately $17,000 to resume normal operations after digital extortionists knocked its computer systems offline. The Los Angeles hospital discovered its computer network infected with ransomware earlier this month. After paying the ransom, the hospital was able to bring its electronic medical record system online.
New IBM Mainframe Promises Advanced Security for Hybrid Clouds
February 18, 2016
IBM on Tuesday introduced the z13s, a mainframe computer system optimized for hybrid cloud deployment. The z13s is designed to provide advanced cryptography for mid-sized firms that need a high level of data protection. The advanced cryptography includes built-in hardware security features that effectively double the speed of data encryption and decryption over prior generations of computers.
DHS Ready to Share Intelligence With Private Sector
February 18, 2016
The U.S. Department of Homeland Security this month will start sharing threat information with a small number of hand-picked companies under the newly enacted Cybersecurity Information Sharing Act. DHS hopes to collect threat indicators from companies and redistribute them to other companies so everyone gets a better view of threats and can use that knowledge to bolster defenses.
Hollywood Hospital Hacked Back to Paper Age
February 17, 2016
Hollywood Presbyterian Medical Center last week revealed its computer systems were offline after a ransomware attack scrambled the data on its systems. Ransomware is a form of malware that encrypts data and system files on a computer and demands a ransom payment to unscramble the files. Since the attack, HPMC medical personnel have resorted to faxes and handwritten charts to perform their tasks.
NIST Risk-Assessment Framework Shapes Federal Cybersecurity Strategy
February 12, 2016
The U.S. government is under pressure to improve cybersecurity and is meeting that challenge with a commitment to enhance spending for protecting IT systems. The Obama administration projected the budget for cybersecurity spending in fiscal 2016 would be about $14 billion -- an increase of $1.4 billion from 2015. That represents strong support to safeguard operations and protect personal data.
IRS Halts Hack Attack
February 11, 2016
The Internal Revenue Service on Tuesday said it recently discovered and halted an automated bot attack on its electronic filing PIN application website. Identity thieves used malware in an attempt to generate E-file PINs for 464,000 Social Security numbers stolen from another source, the IRS said. The hackers succeeded in accessing an E-file PIN for 101,000 of those numbers.
Hacker Posts Stolen Data on FBI, Homeland Security Employees Online
February 9, 2016
The U.S. departments of Justice and Homeland Security on Monday announced they were investigating reports that a hacker broke into government computer systems and stole sensitive information about employees at the agencies. The hacker posted stolen information for about 9,000 DHS employees online Sunday and made public data on 20,000 FBI employees Monday.
New Safe Harbor Pact Offers Temporary Port in Storm
February 9, 2016
Through an eleventh-hour maneuver, the United States and the European Union last week avoided action that could have choked the movement of data between the regions and caused financial harm to U.S. companies. It may be only a temporary respite, however. The problem stems from a European Court of Justice decision in October that blew up an agreement between the regions.
Keybase Releases Encrypted File-Sharing iPhone App
February 8, 2016
Keybase last week announced the alpha release of the Keybase app for the iPhone with a cryptographically secure file mount. Users can write data in an automatically created folder in this format: /keybase/public/username. Files written in the folder are signed automatically and appear as plain text files. The folder prevents server-side and man-in-the-middle attacks, Keybase said.
Report: 100 Ways to Improve Federal Cybersecurity
February 8, 2016
The U.S. government was shaken last year when the Office of Personnel Management disclosed that employment records affecting 21.5 million people had been breached. The Obama administration initiated several comprehensive actions designed to shore up federal data protection. A parallel initiative revealed that federal agencies still have a long way to go to strengthen cybersecurity performance.
Harvard Researchers Debunk Warnings of Terrorists 'Going Dark'
February 2, 2016
The Berkman Center for Internet & Society at Harvard University on Monday released a report that questions the so-called "going dark" phenomenon. The U.S. government and surveillance and law enforcement agencies have been calling for an end to encryption because they say it lets terrorists communicate with impunity and is responsible for the inability of law enforcement to monitor communications.
Oracle Pulls Plug on Java Browser Plug-In
January 30, 2016
Oracle earlier this week announced its decision to scrap its Java browser plug-in. The plug-in, a frequent target of hackers, won't be included in the next version of JDK 9, which is expected to ship in September. Oracle's action was motivated by browser makers' withdrawal of support for the plug-in. Developers of applications that depend on it need to consider alternatives, the company said.
GM Bug Program Gets Mixed Notices
January 21, 2016
Two white-hat hackers, Charlie Miller and Chris Valasek, made headlines last year when they demonstrated how they could hijack the control systems of a moving motor vehicle over the Internet. The move got the attention of the auto industry, and last week General Motors put in place a program to encourage more digital dabblers to alert the company when they find bugs in GM vehicles.
Zero-Day Flaw Puts Millions of Linux Machines, Android Devices at Risk
January 21, 2016
Tens of millions of Linux PCs and servers, as well as 66 percent of all Android mobile devices, are vulnerable to a zero-day flaw that could allow users with lower-level privileges to gain root access, according to Perception Point, which announced its discovery last week. The local privilege escalation vulnerability, which affects Linux Kernel v3.8 and higher, has existed since 2012, the firm said.
FTC Issues Regulatory Warning on Big Data Use
January 20, 2016
The Federal Trade Commission is extending its regulatory reach to the e-commerce impact of big data. For years, the FTC has asserted vigorously its authority to apply existing consumer protection laws to emerging developments in the IT realm. Now it is signaling that it will apply that same vigor to big data under the regulatory authority it possesses through the FTC Act and other laws.
Cook Slams Door on Backdoor Discussions
January 19, 2016
Privacy advocates from around the globe have taken heart from reports that Apple CEO Tim Cook pushed hard against the Obama administration's efforts to reach a compromise on encryption during a recent Silicon Valley meeting. Cook reportedly lashed out at administration officials who were calling for a way to grant law enforcement officials limited, backdoor access to computer systems.
Microsoft Prods Skylake Users to Take the Windows 10 Plunge
January 18, 2016
Microsoft last week announced that within the next 18 months, it will end support for Windows 7 and Windows 8.1 on machines equipped with Intel's 6th generation Core processors, also known as "Skylake." As of mid-July next year, Windows 10 will be the only supported Windows platform on Skylake systems, and only the most critical security fixes will be released for earlier versions of Windows.
Privacy as a Service Advocates Promise Better Data Protection
January 14, 2016
There's been a lot of wailing and gnashing of teeth about the Sisyphean task of protecting privacy in the Digital Age, but that hasn't stopped innovators from searching for ways to preserve it. One of the latest ideas to emerge in the field is Privacy as a Service. As with many emerging technologies, the definition of "PaaS" (not to be confused with Platform as a Service) is in flux.
Black Duck Intros Container Scanning
January 13, 2016
Black Duck Software on Tuesday announced it has added to its Hub software container-scanning capabilities that let users map open source security flaws for applications, Linux distros, and other software in Docker and other Linux containers. Adding a containerized scanner to a Docker host enables automatic identification of known open source vulnerabilities in all layers of containers on the host.
US Army Marches to the Cloud
January 13, 2016
The U.S. Army may be in the walking phase of its plan to shift major portions of its information technology resources to the cloud, but a recent contracting initiative could move the service up to a jogging pace by the end of the year. The Army's progress in migrating much of its IT capabilities to the cloud was characterized as a crawl during 2015.
Microsoft Puts Legacy IE Browsers Out to Pasture
January 12, 2016
Microsoft has ended technical support for the older versions of its legacy Internet Explorer browser, placing at risk millions of users who -- despite extensive warnings -- have not upgraded to the latest version of Internet Explorer or the free install of Windows 10. The support expiration means that customers using IE 8, 9 and 10 no longer will receive technical support and security updates.
Iranian Cyberattack on American Dam Viewed As Rarity
January 7, 2016
Just days before Christmas, a rare event occurred: the report of a successful intrusion into America's infrastructure by overseas hackers. The event -- penetration of the control system of a dam 20 miles from New York City -- happened more than two years ago but wasn't made until last month. Cloaking such incidents in secrecy is standard operating procedure for industries that use control systems.
FTC Debates Cybersecurity Injury Standard
January 5, 2016
The U.S. Federal Trade Commission is engaged in an internal struggle over how it should assess the effect on consumers when businesses fail to provide proper e-commerce security. The outcome of the debate will have a significant impact on the FTC's ability to initiate cybersecurity violation cases. The legal issue could spill over to federal courts or even Congress for resolution.
Security Execs Sweat Insider Threats
December 31, 2015
Insider threats are becoming increasingly worrisome to corporate security executives. That is one of the findings in a survey of C-level businesspeople Nuix released last week. "The insider threat seems to be a bigger concern this year than it was in previous years," said Nuix's Keith Lowry. "People are recognizing that it is a significant weakness that has yet to be fully addressed."
All Security Pros Want for Christmas: Smarter Users, Decoy Networks
December 24, 2015
People like to see gifts from their wish lists under the Christmas tree, and security pros are no exception. Here are things some cyberwarriors would like old St. Nick to deliver to them. "It's probably never going to happen, but it would be fantastic to get smarter users who are less susceptible to social engineering," said Proofpoint's Ryan Kalember.
Apple's Cook Goes to the Barricades on Encryption
December 22, 2015
Apple CEO Tim Cook brought the encryption battle between the high-tech industry and the nation's law enforcement authorities to prime time TV Sunday in an interview on the CBS news program 60 Minutes. During the interview, Charlie Rose asked Cook about the need for law enforcement agencies to access data that has been encrypted on Apple phones. There's all kinds of sensitive information on smartphones today, Cook noted.
See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Code42
Would you drive a Tesla?
I already do, and I love it!
Yes -- if the price were lower.
No -- I wouldn't trust its Autopilot.
I'd drive an electric car but not a Tesla.
I'm not yet sold on electric vehicles.