OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
Cyberwarrior Demand Outpaces Supply
August 6, 2015
Demand for cybersecurity professionals continues to far outpace supply, according to a Burning Glass Technologies report released last week. Cybersecurity hiring remains concentrated in government agencies and among defense contractors, the third annual cybersecurity job market report notes, but hiring has started to boom in industries handling consumer data.
Hackers Make Smart Rifle Go Rogue
July 31, 2015
Security researchers Runa Sandvik and Michael Auger have hacked a TrackingPoint smart rifle that was designed to deliver sharpshooter results, even for novices. They demonstrated their feat for Wired and will present their findings at the week-long Black Hat 2015 security conference in Las Vegas, which begins Saturday. The two purchased a pair of $13,000 rifles and spent a year working on them.
Hackers Take Hijacked Jeep Cherokee for Joyride
July 23, 2015
White-hat hackers Charlie Miller and Chris Valasek remotely took over a Jeep Cherokee, ran its controls, then cut the transmission as it sped at 70 mph along Interstate 64 in an experiment conducted with Wired. They turned on the air conditioning, switched radio channels, turned on the windshield wipers, activated the windshield washer fluid pump, and transmitted a photo of themselves.
OPM Director's Resignation Draws Mixed Reactions
July 23, 2015
The resignation of U.S. Office of Personnel Management Director Katherine Archuleta is drawing mixed reactions from the cybersecurity community. Archuleta's departure on July 10, in the wake of a massive data breach resulting in the theft of the personal information of more than 22 million people, is being characterized by security pros as everything from "necessary" to "unfair."
Philanderers, Scarlet Women Cower After Ashley Madison Hack
July 21, 2015
About 40 million swingers and sexual sophisticates have been whimpering in fear since hearing Sunday's news that hackers broke into the servers of Avid Life Media, the parent company of online cheating site Ashley Madison. The hackers reportedly stole large caches of personal data after breaking into the servers hosting Ashley Madison and related sites Cougar Life and Established Men.
The Emperor Is Naked and We're All Idiots
July 20, 2015
An old fable keeps running through my mind about the scam artist who convinced an emperor that he had created clothing only smart people could see. Everyone says they see the clothing because they don't want to look stupid. Walking around in clothing stupid people can't see doesn't sound enticing anyway, but lately it has seemed clear to me that the folks reporting the news think we are idiots.
Swipes, Taps and Cursor Movements Can Foil Cyberthieves
July 16, 2015
Swipes, taps, cursor movements and other ways of interacting with electronic devices can be used to protect online merchants from Net fraudsters. Many people are familiar with biometric authenticators like irises, fingerprints and voices, but it turns out that how we behave with our machines, including typing speed and the use of keyboard shortcuts, can authenticate our identities, too.
Feds Deliver Darkode's Doomsday
July 16, 2015
United States law enforcement agencies and their counterparts in 19 countries on Wednesday announced they had dismantled the Darkode hackers' forum. Charges, arrests and searches were launched against 70 Darkode members and associates around the world, and 12 people associated with the forum were indicted in the U.S. The agencies also served several search warrants in the U.S.
Security Pros Shine Light on Shadowy Cyberspy Ring
July 8, 2015
A highly sophisticated group of hackers who use cutting-edge techniques to shield their attacks from detection has been bedeviling corporations around the world for several years. The group, which Symantec dubbed "Morpho" and Kaspersky Lab calls "Wild Neutron," has hit multibillion-dollar corporations in the Internet, software, pharmaceutical and commodities sectors in at least 11 countries.
Hacking Team's Dingy Laundry Hung Out Online
July 6, 2015
Fireworks of a different kind rocked the security world this Fourth of July weekend, when news surfaced that hackers breached Hacking Team, an Italy-based firm that develops malware for governments and law enforcement. The attackers reportedly exposed 400 GB of data stolen from its servers. "It appears [Hacking Team] were compromised through social engineering, said Bugcrowd's Jonathan Cran.
Will LastPass Breach Poison Trust in Password Managers?
June 25, 2015
A data breach is no picnic for any organization, but for a company that makes its potato salad by protecting other people's passwords, it's the mother of all nightmares. Yet, that has happened to LastPass twice. In 2011, the service found anomalies in its network traffic that forced it to reset all its users' master passwords. Recently, it came under attack again.
US, Brit Spooks Bedevil Security Software
June 24, 2015
The United States' National Security Agency and the UK's Government Communications Headquarters reportedly have been attacking antivirus and other security software since at least 2008. The aim is to infiltrate networks and track users. The agencies apparently have reverse-engineered security and antivirus software, sometimes under dubious legal authority.
Routers Becoming Juicy Targets for Hackers
June 18, 2015
Most consumers pay as much attention to routers as they do to doorknobs. That's not the case with Net marauders. They're finding the devices ripe targets for mischief. "We've seen a big increase in malware designed for home routers," said Incapsula researcher Ofer Gayer. "Every week, we see a new vulnerability in a vendor's routers," he said. "They're low-hanging fruit if you're a hacker."
Duqu 2.0 Makes Other Malware Look Clunky
June 12, 2015
Duqu 2.0 may have just snatched the title of "most sophisticated malware ever," according to Kaspersky Lab, which published a report on the new threat this week. Kaspersky discovered Duqu 2.0 after the malware penetrated its own internal networks. "The philosophy and way of thinking of the Duqu 2.0 group is a generation ahead of anything seen in the APT world," said Kaspersky's Kurt Baumgartner.
Patch Tuesday Sunset Will Be a Mixed Bag for Windows Security
June 11, 2015
Microsoft will phase out Patch Tuesday -- its monthly potpourri of software product fixes -- when it rolls out Windows 10, which could be a mixed bag for the operating system's security. Patches will be applied automatically as they're ready. That means users no longer will have to wait until the second Tuesday in the month to secure their systems from potentially troublesome vulnerabilities.
US CIO Orders Federal Websites to Get More Secure
June 10, 2015
U.S. federal CIO Tony Scott on Monday sent a memo to the heads of executive departments and agencies requiring that all publicly accessible federal websites and Web services use HTTPS -- "the strongest privacy and integrity protection currently available for public Web connections." Some federal websites currently use HTTPS, but there has not been a consistent policy across the federal government.
OPM Security Was a Data Breach Waiting to Happen
June 9, 2015
Things could get worse before they get better as the FBI, US-CERT and Office of Personnel Management investigate a data breach that may have compromised the personal information of some 4 million current and past federal employees. Additional exposures of personal identifying information could be discovered, officials have warned. The OPM made the breach public last week.
Feds' Photobucket Strategy Could Hobble White Hats
June 2, 2015
There's a new twist in the way feds are seeking to penalize bad actors for making and distributing software used in crimes, suggest recent arrests by Justice Department and FBI officials. "There's a more concerted campaign to go after go after those folks who are distributing in the underground," said Tom Kellermann, chief cybersecurity officer at Trend Micro.
Hackers Launch Sneak Attacks on Microsoft's Live ID
May 26, 2015
Hackers have been infiltrating Microsoft services by sending emails to targets saying their Live IDs have been used to distribute unsolicited email, and their accounts will be blocked unless they click on an embedded link and fulfill new security requirements, Kaspersky researcher Andrey Kostin reported last week. The hackers take advantage of OAuth's Open Redirect feature.
DoJ Calls On Private Sector to Strengthen Cybersecurity
May 20, 2015
The Justice Department is stepping up its program to engage more actively with the private sector on dealing with cybercrime and cybersecurity breaches. "We in government know that we cannot go it alone in fighting cybercrime. We need a strong partnership with you in the private sector," Assistant Attorney General Leslie Caldwell said at a recent Cybersecurity Industry Roundtable.
5 IT Security Implementation Myths
May 19, 2015
There's a common perception that implementing comprehensive IT security to protect against today's sophisticated threats and attacks is a difficult and expensive task, and that the benefits of replacing current solutions (even if highly ineffective) are seldom worthwhile. This mindset has resulted in many businesses dealing with a virtual patchwork of disparate systems.
Researcher's Airplane-Hacking Claims May Not Fly
May 19, 2015
A security researcher who last month bragged he'd hacked into a passenger jet's internal computer systems while in flight appears to have performed the act more than a dozen times over a three-year period. Chris Roberts, founder and CTO of One World Labs, told FBI investigators earlier this year that he'd hacked into the flight systems of commercial passenger aircraft from 15-20 times.
FireEye, Microsoft Outsmart Clever Chinese Malware
May 15, 2015
FireEye and Microsoft have scotched a scheme by a group of cybercriminals based in China to use an IT pro forum to hide malicious activity, according to a report released Thursday. The Chinese gang known as "APT17" devised the scheme, which uses forum pages and profiles on Microsoft's TechNet, to cover traffic from machines infected with the group's Black Coffee malware.
Feds Value - but Don't Always Use - Big Data Tools for Cybersecurity
May 13, 2015
U.S. government agencies can significantly improve their ability to deal with cybersecurity problems by utilizing big data analytics. However, agencies are finding it difficult to fully benefit from these advanced analytical tools for a variety of reasons -- including dealing with the sheer volume of data. Cyberthreats hide in plain sight, suggests a recent report from MeriTalk.
Big Data Analytics Fights Insider Threats
May 13, 2015
Cyberdefenders for years have adopted Fort Apache strategies to protect their networks. Strong perimeters could prevent attackers from reaching precious data, they reasoned. As technology marched on, however, the idea of an impermeable wall became as quaint as the Maginot Line on the eve of World War II. Firewalls alone no longer were strong enough to keep data safe.
Report: Top Endpoint Security Packages Perfectly Foil Drive-By Attacks
May 5, 2015
Drive-by attacks on the Internet are a particularly pernicious form of online threat, especially for individual Web surfers. On the corporate level, though, a company with good endpoint protection software can foil the malicious practice. A drive-by occurs when an infected website automatically downloads malware onto a Net traveler's computer. Endpoint solutions can thwart those kinds of attacks.
Our Bodies, Our Security: Biometrics vs. Passwords
May 4, 2015
Text-based usernames and password pairs should be replaced with biometric credentialing, such as vein recognition and ingestible security tokens, suggests Johnathan LeBlanc, PayPal's global head of developer evangelism. Celebrities have been mortified, Sony Pictures Entertainment brought to its knees, and Home Depot sent scrambling to EuroPay Mastercard Visa's chip and pin earlier than mandated.
IoT: Why Security Pros Need to Prepare Now
April 29, 2015
Have you ever heard of the Cullinan diamond? If you haven't, it was the largest diamond ever discovered: a 3106 carat diamond found in 1905 in South Africa. What's interesting about the Cullinan diamond isn't so much the discovery of the stone itself but what happened afterward: specifically, the cutting of the diamond. The Cullinan diamond was split into a number of smaller pieces.
Other Shoe Drops in White House Security Breach
April 28, 2015
Last year's breach of unclassified White House computer systems reportedly was far more intrusive than initially thought and included the theft of some presidential correspondence. No classified systems were compromised, including the servers that control message traffic from the president's BlackBerry. However, much of the information the unclassified servers handle is considered sensitive.
Breach Outbreaks Fuel Encryption Adoption
April 22, 2015
As data breaches make headlines around the world, more companies are turning to encryption to protect their information jewels. That is one of the findings in a study released Monday, conducted by the Ponemon Institute and sponsored by Thales E-Security. "Mega breaches and cyber attacks have increased companies' urgency to improve their security posture," says the report.
See More Articles in Hacking Section >>
Facebook Twitter LinkedIn Google+ RSS
Will fitness bands fade away?
Yes -- smartwatches will take over their functionality.
Yes -- they're like diets -- people tire of them.
No -- it's smartwatches that will fade away.
No -- people are getting more health-conscious.
Not sure -- but I'd like to try one.
Not sure -- not interested.
Reap the reward of the holiday shopping buzz