Attention Marketers: Access 30 Million IT Decision Makers with ECT News Network's INSTA-LEADS Click to Learn More!
Welcome Guest | Sign In
TechNewsWorld.com
Heartbleed Flaw Goes Unpatched on 300K Servers: Report
June 23, 2014
Two months after the Heartbleed vulnerability sent frissons of fear down the spines of IT managers everywhere, 300,000 servers still remain vulnerable, Errata Security said. When the flaw was announced in April, Errata found 600,000 servers vulnerable. "The norm is to do no patches at all for some systems, no matter how easy it is to patch," said Errata CEO Robert Graham.
White House Tilts Toward Public-Private Cybersecurity Cooperation
June 23, 2014
The Obama administration and the private sector -- often at odds over the regulation of everything from telecom issues to software protection to the environment -- apparently agree that a major issue dealing with cybersecurity should be addressed on a cooperative basis, largely free of federal regulation. The White House recently signaled its tilt toward a cooperative and voluntary approach.
Researchers Find Android Security on Par With iOS
June 18, 2014
The open source mobile operating system Android long has been considered by security experts to be the mobile OS most vulnerable to security threats, but iOS is just as vulnerable. However, the two OSes expose users to different types of threats. The perceived greater security of iOS rests on Apple's control of app distribution rather than on any inherent superiority of the OS over Android.
BlackBerry Unveils BBM Protected to, Ahem, Protect Market Share
June 18, 2014
BlackBerry, whose share of the mobile phone market has been on a downward spiral, this week launched BBM Protected, the first in its planned eBBM Suite of secure enterprise-class messaging products. BBM Protected targets regulated industries. It's claimed to be the only secure mobile instant messaging app that uses a FIPS 140-2 validated cryptographic library.
Target Customers Broadcast Epic Checkout Fail
June 16, 2014
Target's customers jumped en masse onto social media Sunday night after technical malfunctions at its stores around the country resulted in long checkout lines and, in some cases, inability to make purchases with store-branded credit cards. The episode struck a nerve with customers, not only because of the inconvenience, but because it was a reminder of another Target point-of-sale glitch.
Godzilla Foreshadows Trouble for Internet of Things
June 16, 2014
The Internet of Things has come under attack by pranksters in recent days. The events could signal tumultuous things to come as more and more everyday objects connect to the Internet. Homeland Security has advised the customers of digital sign maker Daktronics to "take defensive measures" following a series of cyberpranks on the company's traffic signs.
Project Galileo Offers DDoS Protection for Free Expression Online
June 13, 2014
CloudFlare on Thursday announced the launch of Project Galileo, a service designed to provide enterprise-grade protection against distributed denial of service attacks free of charge to certain sites, with the goal of protecting freedom of expression on the Internet. CloudFlare is working with a number of partners to identify at-risk sites that qualify.
Facebook Plunges Into Online Ad Mainstream
June 12, 2014
Facebook on Thursday announced it will soon move to interest-based advertising, almost three years after archrival Google, and well after other major players such as Yahoo and Amazon. It also will introduce "ad preferences," a tool accessible from every ad on Facebook that will explain why users were served an ad, and let them remove interests that form the basis on which that ad is served.
Microsoft Pushes Back Against US Data Warrant
June 12, 2014
The latest court ruling in an ongoing battle between Microsoft and demands from the United States government for data about one of the company's users, seems to have a lot of folks running for cover. In 2013, U.S. Magistrate Judge James Francis issued a search warrant requiring Microsoft to turn over all date pertaining to the subscriber, hosted on a server in Ireland, to the U.S. authorities.
5 Myths of Virtualization Security: You May Be More Vulnerable Than You Think
June 11, 2014
Businesses increasingly are relying on virtual machines to handle more critical data and tasks than ever before. The reality is that virtualization is growing as a platform for managing customer data, financial transactions and the applications that businesses use. Simply put, virtualization is a core component of today's mission-critical IT infrastructure.
Cupid Fires Arrow at OpenSSL's Heart
June 10, 2014
As if the discovery of the Heartbleed flaw weren't enough woe for OpenSSL, more than half a dozen additional defects have been discovered in the code used to protect communication on the Web. Among them is one dubbed "Cupid" by its discoverers. The flaw can be used to compromise enterprise networks. Like Heartbleed, Cupid uses a malicious heartbeat packet to compromise a TLS connection.
Free Speech vs. Internet Privacy and the 'Right to Be Forgotten'
June 10, 2014
The conventional wisdom of the Internet is that everything posted, whether on social media, a website or anywhere else, will be on the Internet forever. That conventional wisdom was just challenged successfully in a recent ruling handed down by the EU's highest court. A new conventional wisdom may arise from that ruling -- that we have a "right to be forgotten."
Open Source Persistence: Resistance Is Futile
June 09, 2014
Software developers routinely use open source components to boost productivity and improve the quality of their code. The problem for enterprises is that companies using open source must properly manage it and comply with its licensing, as with any third-party code. That becomes difficult to do when corporate leaders do not know their computer systems are running open source code.
Why Mobile Providers Will Have to Give a Little on Privacy
June 06, 2014
Apple has tossed out some hints that its App Store may soon accept apps that handle digital currencies such as bitcoin. Though there are many possible reasons for the move, one stands out: PornHub last month released an analysis of its 38 million daily visitors, which included the interesting observation that more than half were using mobile devices like tablets and smartphones.
Google Releases Email Encryption Tool Alpha
June 06, 2014
Google this week released the alpha version of source code for End-to-End, a Chrome browser extension that encrypts email. End-to-End uses the OpenPGP standard to encrypt, decrypt, digitally sign and verify signed messages within the browser. "We're just sharing the code today so that the community can test and evaluate it, helping us make sure that it's as secure as it needs to be," Google said.
EU Smacks Google Upside the Head Over Right to Be Forgotten
June 05, 2014
I think the European Union often goes overboard, and I typically don't agree with its rulings. However, when the EU declared Google invaded privacy, it seemed to have struck a nerve. Countless users worldwide agreed. So, what impact will the EU have on Google with respect to a citizen's right to be forgotten? This struggle is all about protecting privacy online.
US-Led Posse Scatters GameOver Zeus Botnet
June 04, 2014
A worldwide operation led by the U.S. involving law enforcement, private sector cybersecurity firms and software vendors has disrupted the GameOver Zeus botnet for now. The U.S. also has filed criminal charges in Pittsburgh, Penn., and Omaha, Neb., against Russian national Evgeniy Mikhailovich Bogachev, and has charged a number of other suspects in the Russian Federation and the Ukraine.
Spammers Quick to Exploit eBay Breach
June 03, 2014
If you're a spammer, big news like the recent breach of eBay's computers is like striking oil in your back yard. Spammers live for headline-grabbing events that they can use to separate gullible Web wanderers from their money, so the eBay breach is a perfect vehicle for a scam. In this case, they try to convince recipients their eBay credentials could be used to give them a criminal record.
PCI 3.0, Part 4: Documenting Your Compliance
June 03, 2014
Summer is almost here, and that means many of you probably have made significant headway laying the groundwork for your 2015 PCI audit. However, one important aspect of 3.0 preparations that doesn't always get the attention it should is documentation. If you've tackled PCI compliance in the past, this is probably an area where you'll have a few questions.
Heartbleed-Weary Tech Firms Show OpenSSL a Little Love
May 30, 2014
Remember Heartbleed? Several weeks ago, the exposure of this security bug chilled the Internet, highlighting once again that even the seemingly unbreakable can be hacked. In the case of the Heartbleed vulnerability, encrypted data was at risk of theft. Sites potentially vulnerable to Heartbleed -- from Canada's Revenue Agency to AWS to Yahoo to Reddit -- urged users to change their passwords.

See More Articles in Security Section >>
Facebook Twitter LinkedIn Google+ RSS