OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
JPEG Committee Proposal Stirs Image-DRM Fears
October 19, 2015
The JPEG Committee last week met in Brussels to discuss a proposal to secure privacy information such as metadata for published pictures, including geographical information enabling identification of people who have given anonymous interviews to journalists, and pictures posted on social media intended only for a limited audience. The proposal also seeks to address intellectual property rights.
Boffins Demo Remote Control of Siri, Google Now
October 19, 2015
Siri and other smartphone digital assistants may do your bidding -- but they may do a hijacker's as well. That's what two researchers discovered when they began to tinker with the effects of radio waves on smartphones. They could use the waves to issue commands to any Android or iOS phone running Google Now or Siri. The researchers first aired their findings at a Paris conference this summer.
Yahoo's New Email App Dumps Passwords
October 16, 2015
Yahoo on Thursday announced a password-free Yahoo Mail app that can manage email accounts from Outlook.com, Hotmail and AOL Mail. There was no mention of syncing with Gmail or Apple's iCloud Mail. Yahoo has been working to improve email security in the wake of repeated hacks of the service over the years, the most prominent a password theft that occurred early last year.
EU Court Decision Threatens US Cloud Dominance
October 16, 2015
Edward Snowden's legacy gained another chapter last week when the European Court of Justice rejected an agreement that created a Safe Harbor for U.S. companies handling personal data of overseas citizens. In essence, the agreement provided that a U.S. company's word that it had adequate privacy safeguards in place was all that was needed to permit overseas personal data transfers.
HP, 3M to Shield Laptop Screens From Visual Hacking
October 15, 2015
HP and 3M are collaborating on privacy screens to protect notebook PCs from visual hacking. "3M is developing an innovative light-enhancement film that can be incorporated into a system that enables light to be directed to other viewers when you want information sharing, and away from onlookers when you need private viewing," 3M spokesperson Jessica Walton said.
E-Commerce Firms Need to Wise Up to Cybercrime
October 15, 2015
Every business owner and executive must think long and hard about cybersecurity -- especially considering all the break-ins and data thefts during the last several years. Data breaches and security issues are in the headlines on a regular basis. One good source for getting a grip on some possible solutions to the problem is AT&T's new report, "What Every CEO Needs to Know About Cybersecurity."
Apple's App Yanking Switches On Data Monitoring Red Light
October 12, 2015
Apple last week revealed that it had removed from its App Store several apps with root certificates that could allow data monitoring. The monitoring could compromise SSL and TLS protocols, the company said. It suggested users delete the apps and their associated configuration profiles. However, it did not name the apps users should delete.
User Info Safe After LoopPay Attack, Says Samsung
October 9, 2015
Samsung has assured users that their information is safe following a computer intrusion of a key company linked to its mobile payment system. The intrusion may have occurred as early as March. Samsung purchased LoopPay for $250 million in February. Its technology allows mobile phones to perform payment card transactions with older POS terminals that recognize only cards with magnetic strips.
Amazon Casts Its Net on the Internet of Things
October 9, 2015
Amazon on Thursday leapt into the Internet of Things market with the announcement of its AWS IoT platform. AWS IoT lets devices -- ranging from cars and turbines to sensor grids and light bulbs -- connect to services from Amazon Web Services. That in turn allows companies to store, process, analyze and act on the mountains of data generated by connected devices.
Verizon Supercookie to Let Advertisers Gorge on Customer Data
October 8, 2015
Verizon has announced it will begin sharing customer data with its AOL Advertising Network, triggering concerns about privacy and customer tracking. AOL will use Verizon's supercookie -- which is difficult to get rid of -- to track users. "This is a huge privacy problem, but carriers have never really cared that much about customer satisfaction," said tech analyst Rob Enderle.
DDoS Attacks Create Smokescreens for Larceny
October 7, 2015
DDoS attacks have evolved from protest tool to criminal weapon. More than one in three DDoS attacks are used to plant malware or a virus on company systems, and 40 percent of them result in data theft, according to NeuStar's semiannual DDoS attack and protection report. "Until two years ago, DDoS attacks were really seen as just a disruption and annoyance tool," said NeuStar's Joe Loveless.
EU Data Transfer Ruling Leaves Tech Companies in Quandary
October 6, 2015
Europe's highest court has ruled that a 15-year-old agreement regulating electronic data transfers with the U.S. was invalid, potentially striking a blow to thousands of U.S. technology companies that rely on a uniform legal standard do business overseas. The European Court of Justice ruled that the U.S. Safe Harbor agreement was inadequate to protect the privacy rights of ordinary citizens.
Federal Cybersecurity Performance Gets Mixed Reviews
October 6, 2015
The spectacular database breach that affected nearly 21 million people highlighted the continuing vulnerability of U.S. government information technology systems, despite the expenditure of billions each year on cybersecurity. The breach resulted in the departure of the head of the agency and triggered widespread questioning about the adequacy of federal IT security by members of Congress.
Another Day, Another Billion Android Users at Risk
October 5, 2015
Google on Monday released an over-the-air update for Nexus devices, which includes patches for the latest Stagefright vulnerabilities and other flaws. Android's Stagefright media processing feature, which recently imperiled 1 billion devices around the world, was once again putting them at risk, Zimperium revealed last week. Zimperium found two new vulnerabilities.
The Sluggish Crawl to Chip-Secured Shopping
October 5, 2015
For retailers that do not yet accept EMV cards -- credit and debit cards with chips embedded in them -- a spine-tingling deadline arrived last week. Liability for any payment fraud that results from acceptance of old-school plastic shifted to them. The magnetic chips in EMV cards will reduce in-store payment fraud, which affected 62 percent of companies, according to a recent survey.
XOR Trojan Threatens Linux Networks
October 2, 2015
Researchers for the Security Intelligence Response Team at Akamai on Tuesday issued a high-risk threat advisory for XOR DDoS proliferation. The XOR DDoS Trojan is used to hijack Linux servers to build a botnet for distributed denial-of-service attacks with SYN and DNS floods, researchers tracking the malware said. The massive Linux-based botnet can take down websites under a flood of DDoS traffic.
Apple Trumpets New Privacy Policy
October 1, 2015
Apple has updated its privacy policy with new information regarding features in iOS 9 and OS X El Capitan. The company attempts to set itself apart from rivals by noting that it doesn't build profiles about its customers to sell to advertisers. For example, unlike Google Maps, which tracks a user's journey end to end, Apple Maps separates data about users' trips into segments that are not linked.
Microsoft Pushes Deeper Into Linux, Containers, IoT
October 1, 2015
Microsoft announced a slew of corporate cloud solutions at Tuesday's AzureCon. "The value for IoT is in control, data collection and analysis, and Microsoft is apparently building a cloud service that can do all three, and wrapping it with enterprise-level security," said Rob Enderle, principal analyst at the Enderle Group. Microsoft also announced a new open Azure Container Service.
Black Hats Offer Million-Dollar iOS 9 Bug Bounty
September 30, 2015
Zerodium has posted a million-dollar bounty for juicy iOS 9 bugs or jailbreaks. Zerodium runs a market where exploits and vulnerabilities are bought and sold, according to Damballa. "While there is no insight into a specific buyer, we can assume if an exploit for iOS 9 is found, Zerodium will sell it for way more than $1 million," wrote Loucif Kharouni, senior threat researcher at Damballa.
BlackBerry Sees the Android Light
September 28, 2015
BlackBerry on Friday announced that it would introduce an Android smartphone later this year. The announcement came during the company's Q2 earnings call. The device will be known as the "Priv" and will be built around user privacy, said CEO John Chen. BlackBerry didn't offer any specifics about the Priv beyond the name -- nothing about pricing, U.S. carrier partners or any handset specs.
Two Risky Strategies Could Threaten Apple's Long-Term Survival
September 28, 2015
One of the ironies of my career is that when I first went to work for a tech company, I specifically wanted to work for a firm that was breaking the mold -- not representative of it. So, in my initial interview, I was concerned that IBM was going to buy the firm because it was the mold at that time. I was promised that there was a contract that said it couldn't. Then, six months later, it did.
Lockscreen Bug Fix Conspicuously Absent in iOS 9 Update
September 25, 2015
Apple has released the first update to its new iOS 9 operating system to clean up some bugs in the original version of the software. Bugs addressed in the update, iOS 9.0.1, include a system freeze on the slide to update screen, alarms and timers that would fail to go off, and frame distortion in paused videos. One bug Apple didn't address allows an intruder to bypass a device's lockscreen.
OPM's Latest Bad News: 5.6 Million Fingerprints Lifted
September 25, 2015
The Office of Personnel Management on Wednesday revealed that the hackers who penetrated its records system stole 5.6 million fingerprints of federal employees -- five times the 1.1 million originally reported. The cyberattack, which came to light this spring, compromised the Social Security numbers and other sensitive information of 21.5 million people.
Eternal Sunshine of the Spotless Timeline
September 24, 2015
That trip down memory lane may never be the same. Those who feel their Facebook Timeline leaves out any important moments in their lives can call up Google Maps' Timeline to fill in the blanks. With tech tools like these, who needs enemies? There may be some things you'd rather not remember -- and there probably definitely are things in your past that you'd rather others didn't know.
What Goes Around Comes Around: Russia Gets Hacked
September 23, 2015
Russia has been a prime suspect in recent cyberattacks against U.S. government targets. However, Russia has been poked with the other end of the hacker stick. For more than two months, hacker attacks originating in China have bedeviled Russia's military and telecom sectors, Proofpoint researchers have revealed. Russian-speaking analysts working at global financial firms also have been attacked.
Feds Award $500M Credit-Monitoring Contract Following OPM Breach
September 23, 2015
The U.S. government spends millions of dollars on IT systems designed to prevent cybersecurity attacks, but they still occur. Government agencies are hopeful that the learning curve will improve dramatically, and breaches will be reduced. In the meantime, what happens to people affected by a breach after an attack succeeds? This year, the OPM was hit with one of the biggest hack attacks ever.
Internet of Things Makes Enterprise Headway
September 22, 2015
The Internet of Things is poised to soar in the enterprise, a new survey from IDC indicates, with the planning stage rapidly shifting to deployment. Nearly 73 percent of about 2,500 respondents to the firm's IoT Decision Maker Survey said they already had deployed IoT solutions or would do so within the next year, the firm reported Tuesday. The survey respondents came from 15 countries.
Malware Jumps Apple's Garden Wall
September 22, 2015
Developers who unknowingly used a malicious tool to code their programs uploaded hundreds of malware-infected apps to the iTunes App Store, China-based iOS developers reportedly discovered last week. Security researchers around the world have analyzed it. Called "XcodeGhost," the malware is hidden in an unauthorized version of a program Apple distributes to create iOS apps.
Patched Android Lockscreen Still a Threat
September 21, 2015
Google recently issued a patch for Nexus mobile devices to fix an Android Lollipop vulnerability that lets hackers bypass the lockscreen and gain control of mobile devices. However, it could take weeks to months for manufacturers and service providers to roll out the patch for other Android devices. University of Texas security researcher John Gordon discovered the vulnerability.
Trust and Value Will Bring IoT Home
September 17, 2015
The connected car and smart home markets are at an early stage of development, but in many ways they have been growing in parallel. Both markets are enabled by the falling costs of sensors, networking technologies and data, as well as by expanded cloud services, the mass penetration of smartphones, and consumer demand for the connected lifestyle. These ecosystems now are beginning to converge.
See More Articles in Security Section >>
Facebook Twitter LinkedIn Google+ RSS
I plan to do my holiday shopping…
Online only -- I like the convenience and comfort.
Online only -- I'd shop in stores if their stock weren't so limited.
At brick-and-mortar stores only -- I like to see what I'm getting.
At brick-and-mortar stores only -- I enjoy the holiday shopping atmosphere.
At brick-and-mortar stores only -- I want to support local merchants.
Online and in stores -- I want the best of both worlds.
I'm not planning on doing any holiday shopping.