Free Report: Securing Your Enterprise in the Cloud
Welcome Guest | Sign In
TechNewsWorld.com
Security Experts Rap Clinton's Email Practices
March 11, 2015
Former Secretary of State Hillary Clinton is in hot water over her use of a private email server to handle emails for official business. The practice was very risky cybersecurity behavior for everyone involved, critics have alleged. In taking her mail outside the State Department's systems, Clinton appears to have turned up her nose at the agency's rules.
Schumer to FAA: Straighten Up Cybersecurity and Fly Right
March 10, 2015
The United States Federal Aviation Administration should implement cybersecurity upgrades recommended by the U.S. Government Accountability Office immediately, or risk hackers taking over its computer systems, Sen. Charles Schumer, D-N.Y., has warned. The GAO last week released a report that found significant security control weaknesses in the FAA's computer systems.
Windows Caught in Path of FREAK Security Storm
March 6, 2015
Microsoft on Thursday issued a security advisory acknowledging a vulnerability in all versions of Windows that could allow FREAK exploits. Windows systems previously were thought to be immune to FREAK attacks. "The vulnerability could allow an attacker to force the downgrading of the cipher suites used in an SSL/TLS connection on a Windows client system," the advisory reads.
Bracing for the Cyberthreat Deluge
March 6, 2015
Almost 17,000 malware alerts surface every week, the Ponemon Institute recently found. Only 4 percent of alerts were investigated, and traditional antivirus products missed nearly 70 percent of malware in the first hour, researchers discovered in a recent Damballa study. Rescanning led to identification of 66 percent of the malware in 24 hours and 72 percent after seven days.
China's Cybersecurity Plans Draw US Fire
March 5, 2015
China should change its tune on new rules for purchases from American high-tech companies if it wants to do business with the United States, President Obama recently warned. China reportedly is planning to ask U.S. high-tech firms to hand over their encryption keys and install security backdoors in their systems to allow surveillance as a counterterrorism measure.
Twitter's New Safety Rules: Hot Diggity or Hot Air?
March 3, 2015
Twitter has announced actions to further protect users of its network -- but it left them vague. The company is rolling out unspecified improvements to its reporting process for content issues including impersonation, self-harm, and the sharing of private and confidential information, aka "doxing." It's also beginning to add new enforcement actions for use against accounts that violate its rules.
Monster Problem Threatens New US Cyberthreat Plan
March 3, 2015
President Barack Obama last week made good on his promise to establish a center for cybersecurity information gathered by agencies of the federal government. It's a laudable initiative -- if it works. The Cyber Threat Intelligence Integration Center will connect the dots regarding malicious foreign cyberthreats to the nation and cyberincidents affecting U.S. national interests.
Government Spies Came Up Dry, Says Gemalto
February 26, 2015
SIM card maker Gemalto, whose networks reportedly were breached by hackers from the United States National Security Agency and the UK's GCHQ, on Wednesday said the spies got nothing. The hackers stole cryptokeys for millions of SIM cards, according to The Intercept, which cited documents released by NSA whistle-blower Edward Snowden. Gemalto denied any SIM cryptokeys had been stolen.
Malicious Emailers Find Healthcare Firms Juicy Prey
February 26, 2015
Healthcare providers have garnered growing interest from hackers in recent months. More evidence of that trend appeared last week in a report on email trust. An email that appeared to come from a healthcare company was four times more likely to be fraudulent than an email purportedly from a social media company like Facebook, one of the largest creators of email on the Internet, Agari found.
Yahoo CISO, NSA Chief Slug It Out Over Security Backdoors
February 25, 2015
Yahoo CISO Alex Stamos on Monday confronted NSA Director Adm. Mike Rogers over the United States government's plan to require built-in backdoors in hardware and software made by American companies. The exchange took place at the New America Foundation's cybersecurity conference. Building backdoors into cryptography is "like drilling a hole in the windshield," Stamos said.
FTC, Private Sector Lock Horns Over Consumer Data Protection
February 25, 2015
The major headline hacking event of 2014 involved data theft at a highly visible enterprise: Sony Pictures. Perhaps just as significant in e-commerce security was a 2014 federal court ruling which allows the FTC to continue penalizing commercial firms for failure to protect consumer data from hackers. That decision has been challenged, and in early March the FTC and its opponent will square off in court.
Citizenfour's Oscar Highlights National Divide Over Snowden
February 24, 2015
Citizenfour, a film documenting interviews director Laura Poitras conducted with whistle-blower Edward Snowden, won the Oscar for best documentary Sunday. The talks took place as Snowden blew the lid off the United States National Security Agency's surveillance activities. The award highlights the divisions in the U.S. over Snowden's actions and the question of national security.
Government Spies Steal SIM Card Cryptokeys
February 23, 2015
The United States' National Security Agency and British spy agency GCHQ have hacked into the internal computer network of Gemalto, the world's largest maker of SIM cards, and stolen the cards' encryption keys, according to information in files leaked by whistle-blower Edward Snowden. Gemalto makes about 2 billion SIM cards a year, and sells them to 450 major wireless network carriers worldwide.
AT&T Puts a Price on Privacy
February 23, 2015
Users who want to sign on to GigaPower by AT&T, the carrier's 1-gigabit-per-second Internet service that just become available in Kansas City, Missouri, have an interesting choice. They can pay $70 with the understanding that their online movements will be tracked for commercial purposes -- or they can pay an additional $29 a month to avoid the monitoring.
Google Rails Against Proposal to Give Feds Remote Hacking Authority
February 20, 2015
Google is fighting a proposed amendment to Rule 41 of the U.S. Criminal Code that might allow authorities to hack into computers abroad. The amendment seeks to empower a magistrate in a district where activities related to a crime may have occurred to issue a warrant for remote search of computers, as well as seizure or copying of their files, under certain circumstances.
Lenovo Rapped for Preinstalling Spyware
February 19, 2015
Lenovo has come under fire for preinstalling spyware on some of its laptops. The software, Superfish, uses the same techniques cybercriminals often employ to crack encrypted traffic. "Superfish is purposely designed to bypass the security of HTTPS websites in a manner that would allow malware and attackers to also bypass the security provided by HTTPS," said Bluebox cofounder Adam Ely.
Cyberthieves Bag a Billion in Snail-Speed Bank Heists
February 18, 2015
Criminals using Carbanak malware have stolen up to $1 billion from 100 financial institutions in Russia, China, Germany and the United States, Kaspersky Lab has revealed. The gang is expanding operations to other countries. Kaspersky has advised financial institutions to scan their networks for intrusion by Carbanak. "These are advanced threat actors," said Lancope CTO TK Keanini.
NSA Suspected of Spreading Super-Resistant Malware
February 17, 2015
Kaspersky Lab on Tuesday announced the discovery of what may be the most sophisticated malware ever. The malware's creators, whom Kaspersky has dubbed "The Equation Group," use a never-seen-before tactic to infect hard drives' firmware. The technique "makes traditional antivirus and antimalware software practically useless," said Protegrity VP of Products Yigal Rozenberg.
It's Time to Investigate Cyber Insurance
February 17, 2015
Almost every day there are reports of cyberintrusions, attacks and related security breaches. If your company does not have the right insurance, it could be even more of a disaster. What company can afford not to have insurance for a potential cyberdisaster? Let's look at some protective measures that can be taken to safeguard your business.
Encryption Can Create Stormy Weather in the Cloud
February 17, 2015
Encryption has received a lot of attention lately as a solution to the growing data breach problem, but one of the hang-ups dogging the technology has been its ability to play nice in the cloud. That's especially true if an organization wants to control the keys by which its data is scrambled and use services offered by a cloud provider beyond simple storage.
Facebook Launches ThreatExchange to Stymie Cybercrime
February 13, 2015
"Threat researchers do already share this data manually," Jeremy Demar, director of threat research at Damballa, told TechNewsWorld. "The value in systems like this isn't the ability to share raw intelligence [it's the] structured data that allows for the information to be accessed quickly and easily by the users." ThreatExchange is based on Facebook's ThreatData threat analysis framework.
Obama's Cyberthreat Intel Aggregator Plan Divides Security Experts
February 12, 2015
The Obama Administration on Tuesday announced plans to set up a national Cyber Threat Intelligence Integration Center to integrate all data from government agencies and the private sector, and disseminate it appropriately. The intelligence integration center will initially have a staff of 50 and a budget of US$35 million. Reactions from cybersecurity experts were mixed.
Samsung Smart TV Owners Fume Over Sneaky Pop-Up Ads
February 11, 2015
Samsung Smart TV owners, already shaken by news earlier this week that their TVs can transmit voice commands and other private data to third parties, have been hit by another revelation -- that the devices sneak ads into movies they're watching, without the owner's knowledge or consent. A user on the Plex forum complained that a Pepsi ad popped up every 10 to 15 minutes while he was watching his Samsung TV.
Box to Let Enterprises Bring Their Own Keys to the Cloud
February 11, 2015
Box on Tuesday raised the curtain on a new offering that allows its enterprise customers to control the digital keys used to encrypt their data stored in the storage provider's cloud. Box is working with Amazon Web Services and Gemalto to bring to market "Box Enterprise Key Management," and give its most security-minded customers total control over the keys used to encrypt data they store on Box.

See More Articles in Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Should employers consider job seekers' online posts when hiring?
Yes - Online activity is a reflection of conduct, and it indicates how a person will represent an employer.
Maybe - Only if the job requires the applicant to represent the company online or in a public capacity.
No - Employers have no business prying into candidates' personal online posts.