Attention Marketers: Access 30 Million IT Decision Makers with ECT News Network's INSTA-LEADS Click to Learn More!
Welcome Guest | Sign In
TechNewsWorld.com
Heartbleed and Heartache in FOSS Town
April 21, 2014
Well it's been a wild few weeks here in the Linux blogosphere, thanks not just to XP's demise but also the long-overdue discovery of the all-pervasive Heartbleed bug. That the bug is "catastrophic" appears to be beyond dispute; in fact, "some might argue that it is the worst vulnerability found ... since commercial traffic began to flow on the Internet," as at least one commentator suggested.
Banking Trojan Enters Mobiles via Facebook
April 21, 2014
Purveyors of a notorious mobile banking Trojan have started targeting Facebook users to infect Android smartphones. The Net predators use a desktop Trojan to leverage a Facebook socializer to install banking malware on their phone, ESET malware researcher Jean-Ian Boutin discovered last week. The desktop bad app, Win32/Qadars, waits for an infected machine to open a Facebook page.
Michaels Crafts Artless Response to Customer Data Breach
April 21, 2014
Another retailer security breach, another national conversation about how these now regular occurrences need to stop. In the Michaels case, though, some of the talk touched on what by now should be remedial public relations. When you screw up and it affects your clients, apologize -- profusely and without hedging or reservation. The hacked retailer du jour apparently was unaware of this rule.
Heartbleed's Never-Ending Drip, Drip, Drip
April 21, 2014
The Heartbleed vulnerability in OpenSSL has sent just about everyone who uses the Web for fun or profit gibbering madly in search of a solution, creating fertile ground for spammers, scammers and marketing types. Canada is in an uproar following a disclosure by the Canada Revenue Agency that a hacker had exploited Heartbleed to steal about 900 social insurance numbers from it over a six-hour span.
IT Providers Stew Over Big Data Privacy Regulation
April 18, 2014
With the emergence of the Big Data era, technology developers see major benefits in the ability to manage huge volumes of information. However, with an onslaught of data breaches such as the recent hacking of the Target retail chain, consumers and their representatives in government are increasingly nervous about bigger threats to privacy. The White House is conducting a review of the issue.
German Media Mogul Rips Google in Open Letter
April 18, 2014
The head of one of Germany's biggest media companies penned an open letter criticizing Google, saying that his company is afraid of Google and its ever-swelling power. The letter, written by Mathias Dopfner, the chief executive of media giant Axel Springer, opines that Google's technology platforms spread more quickly and more efficiently than anything in the world -- save "biological viruses."
FBI May Pick Out Your Face in a Crowd
April 16, 2014
The FBI is planning to have a fully operational facial recognition system in place by this summer and may be well on its way to reaching that goal. The system will be able to query a database of photos to identify individuals based on their appearance even if they do not have a criminal record, reported Jennifer Lynch, a senior staff attorney at the Electronic Frontier Foundation.
Google Clarifies Gmail Snooping in Updated ToS
April 16, 2014
Google this week updated its terms of service with new language that more clearly spells out how it scans and analyzes user content, such as emails, to match it with targeted ads. "Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection," it says.
Internet Leeches Drawn to Heartbleed
April 14, 2014
It's been more than a week since news of the Heartbleed flaw launched a frantic scramble on the Web, but security professionals' palpitations haven't subsided. The OpenSSL Software Foundation has issued a fix, and Google, Cisco, and hordes of other companies have begun patching their products. Predictably, scammers and spammers have climbed onto the Heartbleed solution bandwagon.
White Hats Use Heartbleed to Steal Keys
April 14, 2014
The tech industry reeled last week when security researchers discovered a flaw in a key security technology in the Internet's infrastructure. The bug, ghoulishly named "Heartbleed," was found in an open source library, OpenSSL, used by the protocol, SSL, used to encrypt data in transit on the Net. By exploiting the flaw with a specially crafted packet, hackers can extract data from a server's memory in 64K chunks.
PCI 3.0, Part 3: Validating Your Cardholder Data Environment
April 14, 2014
Most e-commerce businesses already are preparing for their 2015 PCI audit, and plenty of changes are afoot when it comes to meeting 3.0 compliance requirements. Remember, compliance itself does not equal security, but rather is a reporting function of your security program. It is both a mandatory part of meeting 3.0 standards and a critical step toward improving your security posture.
Microsoft Touts Privacy Bona Fides to European Customers
April 11, 2014
Having become the first company to formally meet the European Union's data protection rules, Microsoft is trying to turn its trustworthiness into business in privacy-wary Europe. "For customers who care about privacy and compliance, there is no more committed partner than Microsoft," wrote Microsoft General Counsel Brad Smith in a Thursday blog post.
Consumers Can't Stanch Heartbleeding
April 11, 2014
Consumers can do little to protect themselves from the catastrophic Heartbleed bug. "Catastrophic is the right word," wrote security guru Bruce Schneier in his blog this week. "On the scale of 1 to 10, this is an 11." Heartbleed is an extension of the SSL/TLS protocol used to encrypt data in transit on the Internet. Heartbleed is used to keep a secure connection alive.
SDF Cofounder Chris Davis: Bad Guys Will Need a New M.O.
April 09, 2014
In the war against malware, a new strategy is taking shape. The good guys are preparing to demolish the bad guys' most effective weapons: rogue websites. The Secure Domain Foundation will tackle the identification and prevention of Internet cybercrime through a series of steps designed to interfere with the way cybergangs operate online. SDF made its debut last month at ICANN 49 in Singapore.
Agency: 'Cuban Twitter' Meant to Help, Not Incite
April 09, 2014
Rajiv Shah, the administrator of AID, defended a Twitter-esque social media site created by the agency, saying it was an attempt to nurture communication on the island -- not, as has been claimed, a way to collect data and incite a revolt. Appearing before the Senate and House appropriations subcommittees, Shah said the "programs are part of our mission to promote open communications."
FOSS Community Hustles to Fix Gaping Heartbleed Flaw
April 08, 2014
A flaw in OpenSSL that has been around since 2011, the Heartbleed Bug, lets hackers steal information protected by the SSL/TLS encryption used to secure the Internet. Codenomics, which co-discovered the flaw at about the same time as Google's Neel Mehta, tested some of its own services and found it could steal "the secret keys used for our X.509 certificates, user names and passwords" and more.
Courtroom Drama: Hollywood Sues Megaupload
April 08, 2014
Six Hollywood studios have banded together in a copyright infringement lawsuit against Megaupload, the wildly popular though now shuttered site that, in its heyday, was ground zero for file-sharing. The suit doesn't specify an amount of damages, but does say that the studios should be entitled to $150,000 per copyright infringement, as well as profits earned by Megaupload.
XP Users Have a Bad Headache Coming On
April 07, 2014
Money will be the biggest problem users of Windows XP will face when Microsoft officially stops supporting it on Tuesday. As a last resort, Microsoft is offering custom support for Windows XP as a temporary stopgap. That could cost as much as $200 per PC per year, Gartner estimated. The UK government reportedly has paid Microsoft about $9 million to extend Windows XP support for one year.
Americans Distrust Tech Companies
April 07, 2014
The steady stream of reports on government surveillance of Americans has taken a toll on the image of high-tech companies, according to a Harris poll. More than two-thirds of Americans -- 67 percent -- feel technology companies violate their users' trust by helping the government spy on its citizens, suggests the poll of 2,000 consumers, which was sponsored by ESET.
Yahoo Issues Security Sitrep
April 03, 2014
Yahoo has announced a new effort to upgrade its security, in the wake of a torrent of breaches and hacker attacks over recent months. Yahoo's plans include encryption of data in motion, enabling HTTPS encryption, and implementing the latest in security best practices, said Chief Information Security Officer Alex Stamos, who took over the job in March.

See More Articles in Security Section >>
Facebook Twitter LinkedIn Google+ RSS