Attention Marketers: Access 30 Million IT Decision Makers with ECT News Network's INSTA-LEADS Click to Learn More!
Welcome Guest | Sign In
Critical Infrastructure Companies Lack Cyberdefenses
July 11, 2014
Companies providing the world's critical infrastructure are woefully unprepared for cyberattacks despite the increasing threat level, evidenced by the release of the Stuxnet worm and the Shamoon virus in recent years, found a survey conducted by the Ponemon Institute and Unisys. Nearly 70 percent of the 599 surveyed companies in the past 12 months have reported at least one security breach.
Your Abandoned Smartphone May Betray You
July 09, 2014
Doing a factory reset to wipe the data off smartphones does not work, and the data can be recovered, warned Avast. The company recovered tons of data, including more than 40,000 stored photographs, from 20 used Android phones purchased from eBay. Device owners need to overwrite their files to make them irretrievable, Avast said, touting one of the applications it offers.
Report: Malware Poisons One-Third of World's Computers
July 09, 2014
Nearly one-third of the world's computers could be infected with malware, suggests a report released last week by the Anti-Phishing Working Group. Malicious apps invaded 32.77 percent of the world's computers, a more than 4 percent jump from the previous quarter's 28.39 percent, it estimates. The increase in infected computers has come hand-in-hand with a jump in the appearance of malware samples.
Dragonfly Swoops Down on Energy Firms
July 01, 2014
The energy industry in the United States and Europe is being targeted by a cybercriminal gang that's suspected of being state-sponsored and has links to Russia. Known variously as "Dragonfly" and "Energetic Bear," the group has been operating at least since 2011. Its focus appears to be espionage and persistent access, with a side dish of sabotage as required, Symantec said.
Heartbleed Flaw Goes Unpatched on 300K Servers: Report
June 23, 2014
Two months after the Heartbleed vulnerability sent frissons of fear down the spines of IT managers everywhere, 300,000 servers still remain vulnerable, Errata Security said. When the flaw was announced in April, Errata found 600,000 servers vulnerable. "The norm is to do no patches at all for some systems, no matter how easy it is to patch," said Errata CEO Robert Graham.
Researchers Find Android Security on Par With iOS
June 18, 2014
The open source mobile operating system Android long has been considered by security experts to be the mobile OS most vulnerable to security threats, but iOS is just as vulnerable. However, the two OSes expose users to different types of threats. The perceived greater security of iOS rests on Apple's control of app distribution rather than on any inherent superiority of the OS over Android.
BlackBerry Unveils BBM Protected to, Ahem, Protect Market Share
June 18, 2014
BlackBerry, whose share of the mobile phone market has been on a downward spiral, this week launched BBM Protected, the first in its planned eBBM Suite of secure enterprise-class messaging products. BBM Protected targets regulated industries. It's claimed to be the only secure mobile instant messaging app that uses a FIPS 140-2 validated cryptographic library.
Godzilla Foreshadows Trouble for Internet of Things
June 16, 2014
The Internet of Things has come under attack by pranksters in recent days. The events could signal tumultuous things to come as more and more everyday objects connect to the Internet. Homeland Security has advised the customers of digital sign maker Daktronics to "take defensive measures" following a series of cyberpranks on the company's traffic signs.
5 Myths of Virtualization Security: You May Be More Vulnerable Than You Think
June 11, 2014
Businesses increasingly are relying on virtual machines to handle more critical data and tasks than ever before. The reality is that virtualization is growing as a platform for managing customer data, financial transactions and the applications that businesses use. Simply put, virtualization is a core component of today's mission-critical IT infrastructure.
Cupid Fires Arrow at OpenSSL's Heart
June 10, 2014
As if the discovery of the Heartbleed flaw weren't enough woe for OpenSSL, more than half a dozen additional defects have been discovered in the code used to protect communication on the Web. Among them is one dubbed "Cupid" by its discoverers. The flaw can be used to compromise enterprise networks. Like Heartbleed, Cupid uses a malicious heartbeat packet to compromise a TLS connection.
Open Source Persistence: Resistance Is Futile
June 09, 2014
Software developers routinely use open source components to boost productivity and improve the quality of their code. The problem for enterprises is that companies using open source must properly manage it and comply with its licensing, as with any third-party code. That becomes difficult to do when corporate leaders do not know their computer systems are running open source code.
Heartbleed-Weary Tech Firms Show OpenSSL a Little Love
May 30, 2014
Remember Heartbleed? Several weeks ago, the exposure of this security bug chilled the Internet, highlighting once again that even the seemingly unbreakable can be hacked. In the case of the Heartbleed vulnerability, encrypted data was at risk of theft. Sites potentially vulnerable to Heartbleed -- from Canada's Revenue Agency to AWS to Yahoo to Reddit -- urged users to change their passwords.
Destination Cloud: Are We There Yet?
May 29, 2014
There is growing interest in the cloud. It sounds absolutely perfect for both consumers and businesses. Some are jumping in -- so why isn't everyone? There are many pros and cons. Many use it successfully to build and manage their growing business, but many others fall victim to problems. What, exactly, is the cloud? "The cloud" is a general term that means many different things.
eBay's In With the Breached Crowd
May 21, 2014
If there's a list of retailers that have not exposed their customers' data to a security breach, it just got shorter. The most recent company to confess to being hacked is eBay, which on Wednesday began sending emails urging customers to change their passwords. eBay announced that a cyberattack had compromised a database containing encrypted passwords and other nonfinancial data.
Hackers Paint Bull's-eyes on Cybercurrencies
May 19, 2014
Another digital currency was brought to its knees last week when the administrators of Doge Vault had to suspend operations after they discovered their online wallet service had been attacked by hackers. Following an investigation of the incident and the reconstruction of some of their damaged information from a backup, the administrators contacted users.
Case Study: Software Security Pays Off for Heartland
May 14, 2014
Heartland Payment Systems has successfully leveraged software-assurance tools and best practices to drive better security within its IT organization -- and improve its overall business performance. In this podcast, Ashwin Altekar, director of enterprise risk management at Heartland, shares his insights and knowledge with Amir Hartman, the founder and managing director at MainStay.
Ransomware Gang Targets Android Phones
May 13, 2014
The Reveton Gang is at it again. This time, though, they're targeting users of Android phones -- typically visitors to porn sites. The gang that pioneered the idea of locking up a target's computer and demanding a ransom to unlock it has turned its attention to the rapidly growing mobile market. Once Reveton mobile infects a phone, it will display a bogus warning.
The Tangled Web of IoT Security
May 06, 2014
The Internet of Things, or IoT, consists of "uniquely identifiable objects and their virtual representations in an Internet-like structure," according to Wikipedia. The IoT is "the network of physical objects accessed through the Internet," according to Cisco Systems. In addition to there being no clear definition of the IoT, estimates vary widely about the number of unique devices it includes.
Security Pros Struggle With Cyberthreat Angst
May 05, 2014
As the volume and sophistication of cyberattacks increase, system defenders in the trenches are losing confidence in their ability to protect their organizations' information assets, suggests a survey released last week. The survey of almost 5,000 global IT security pros found that 57 percent felt their organizations were unprotected from sophisticated cyberattacks.
Microsoft Gives XP One last Hug
May 03, 2014
When Microsoft included Windows XP in the Internet Explorer zero-day browser vulnerability patch it issued this week, some industry observers were stunned. Had the company decided to backtrack on its assertion that it would no longer support XP? Had it knuckled under to user protests? Not really. Redmond has not decided to backtrack on killing support for Windows XP; it made a one-time exception.
Heartbleed: SaaS' Forbidden Experiment?
May 02, 2014
Have you ever heard the term "The Forbidden Experiment"? If you're not familiar with it, it's a concept originating in the behavioral sciences relating to challenges in understanding human language development. Specifically, the "experiment" in question refers to actually testing empirically what would happen if a child were raised without language.
Clandestine Fox Nips at Explorer's Heels
April 28, 2014
Microsoft's Internet Explorer Web browser has a flaw that allows hackers to commandeer control of computers, FireEye reported Saturday. Although the never-seen-before vulnerability can be found in all versions of the browser, hackers are targeting IE versions 9 through 11, according to a blog post by the three security researchers who made the discovery.
Verizon Dabbles in Security Reporting
April 23, 2014
Ninety-two percent of more than 100,000 incidents reported by 50 companies over the past 10 years fall into nine basic patterns, according to Verizon's 2014 data breach investigations report. An advance copy was released to the media Tuesday. Point-of-sale intrusions, Web app attacks, cyberespionage and card skimmers cause the most concern for data disclosure, it says.
Heartbleed and Heartache in FOSS Town
April 21, 2014
Well it's been a wild few weeks here in the Linux blogosphere, thanks not just to XP's demise but also the long-overdue discovery of the all-pervasive Heartbleed bug. That the bug is "catastrophic" appears to be beyond dispute; in fact, "some might argue that it is the worst vulnerability found ... since commercial traffic began to flow on the Internet," as at least one commentator suggested.

See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS