Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Automation, Exercises Shorten Response Time To Advanced Attacks
Detecting threats remains a problem, but companies need to improve incident response -- automation can help significantly
NSA Surveillance Fallout Costs IT Industry Billions
Analysts predict US tech companies may lose $180 billion by 2016 due to international concerns about intelligence agencies' spying.
Bitcoin Thefts Surge, DDoS Hackers Take Millions
Cryptographic currency's massive rise in value leads to a corresponding increase in online heists by criminals seeking easy paydays.
Presidential Council Calls For Feds And ISPs To Step Up In Cybersecurity
New report to President Obama says feds 'rarely follow' security best practices
Microsoft Office 365 Encrypted Email On Tap
Microsoft Office 365 Message Encryption feature will encrypt all messages by default, though recipients will need an Office 365 or Microsoft Account ID to read the mail.
Dataium Settles Browser History Sniffing Charges
The car buyer tracking firm was accused of using JavaScript to illegally identify websites visited by 181,000 named consumers, and selling harvested information.
What IT Can Teach Utilities About Cybersecurity & Smart Grids
Protecting smart grids from cyber attack is a popular conversation in information security circles. But the threats are far worse than generally believed.
LG Admits Smart TVs Spied On Users
LG admits it collected information on consumers' viewing habits, promises firmware update to honor opt-out requests.
Google Settles With State AGs On Privacy
Google agrees to pay $17 million to 37 states to settle claims it circumvented cookie-blocking controls in Apple's Safari browser.
Spamhaus Shows What's Next For Block Listing
The broad, silent acceptance of a recent Spamhaus blocking action is a strong indicator that the rules have changed in the battle over spam and other kinds of email abuse.
Financial Services Industry Proposes Security Controls For Third-Party, Open-Source Software
FS-ISAC addresses potential dangers of insecure software components used by financial firms
'i2Ninja' Trojan Taps Anonymized Darknet
New malware being sold via underground Russian cybercrime markets uses decentralized, anonymizing P2P system.
Study: Most Application Developers Don't Know Security, But Can Learn
Solid training of app developers can reduce vulnerabilities, Denim Group study says
Healthcare.gov Security Hiccups
Take two aspirin and call me in the morning
Close HealthCare.gov For Security Reasons, Experts Say
Testifying before the House technology committee, four security experts advise would-be HealthCare.gov users to steer clear of the site, pending security improvements.
Cupid Concedes January Hack, 42 Million Passwords Stolen
Separately, Github forces some users to reset weak passwords following a rapid attack launched via 40,000 IP addresses.
Mobile App Security: 5 Frequent Woes Persist
HP Fortify study finds five frequent problems that make mobile apps vulnerable, recommends simple-to-implement information security fixes.
SMBs Unsure And At Risk, Survey Finds
New study highlights uncertainty among small to midsize businesses on cyberattacks, threats
iPhone Photo Leads To Cybercrime Arrest
The FBI uses an iPhone photo to nab six members of a cybercrime ring accused of stealing $45 million via ATMs.
Understanding IT Risk Management In 4 Steps X 3
A risk management matrix combines the probability of harm and the severity of harm. In IT terms that means authentication, context, and process.
iOS Mobile Point-of-Sale Fail
Trendy 'i' mobile payment systems often rolled out with major security flaws, researcher says
vBulletin.com Hacked, Customer Data Stolen
"Inj3ct0r Team" hackers claim they employed vBulletin zero-day bug to take down both vBulletin.com and MacRumors, offer to sell related exploit.
FBI Blames Federal Hacks On Anonymous Campaign
A British suspect is accused of attacking numerous government agencies, including the U.S. Army and NASA.
BYOD: 'We Have Met the Enemy & He Is Us'
As smartphone adoption continues at an unrelenting pace, the issues surrounding BYOD will become an even more challenging mobile security management issue.
Authentication + Mobile Phone = Password Killer
Can the smartphone free us from the drudgery of the much-despised password? There's good reason to hope.
Facebook Forces Some Users To Reset Passwords
Facebook is asking users whose passwords might have been exposed on other sites to change their passwords to access the social network.
Kelihos Botnet Thrives, Despite Takedowns
Fast flux infrastructure and Windows XP infections continue to keep the botnet alive.
4 Lessons From MongoHQ Data Breach
Security experts urge companies to implement two-factor authentication, VPNs, and graduated permission levels to better protect customer data from hackers.
Microsoft May Encrypt All Server-To-Server Communications
Microsoft admits it doesn't encrypt all server-to-server communications, opening the way for the NSA and others to access the data flow.
Obamacare Website Suffers Few Hack Attacks
Affordable Care Act site has faced a relatively low volume of attacks, compared with other federal websites.
LinkedIn Lesson: Detail Security First, Feature Fest Second
Memo to businesses with an information security trust deficit: Prove how you're going to keep our data secure.
Online Extortion: The Ethics Of Unpublishing
What are the ethical limits on the Internet, the land where anything goes? What happens when people invent new schemes for making money and then take them too far?
Higher Ed Must Lock Down Data Security
Higher education rivals only the healthcare industry in housing personally identifiable data. Consider these tactics for smart planning.
Secure Your Network From Modern Hazards
Traditional security measures don't stand a chance in a data-centric world. But within the crisis lie opportunities for IT security pros.
Schneier: Time To Make NSA Eavesdropping Expensive
NSA surveillance piggybacks on corporate capabilities through cooperation, bribery, threats and compulsion, says security evangelist Bruce Schneier.
IT Security Faces Big Data Skills and Resource Gap
In the near future, IT security teams will not be complete without at least one data scientist among its ranks.
What The Carna Botnet Also Found
Researcher at Black Hat Brazil to present new data and analysis of the controversial Internet Census project
MacRumors Hacker Promises Stolen Passwords Are Safe
Hacker grabbed 860,000 passwords for fun, but promises not to leak or use them to harm people.
Research Into BIOS Attacks Underscores Their Danger
The jury is out on BadBIOS, but malware for motherboards and other hardware is both possible and, with the rise of the Internet of Things, likely
Study: Many Consumers Still Untrained On Privacy Risks
Most consumers have not had security training, fail to stay up to date on privacy policies, Harris survey finds
DDoS Attack: Preparing For The Inevitable
DDoS mitigation is a challenging undertaking. Here are four steps to help you plan for the worst.
Facebook Forces Some Users To Reset Passwords
Facebook is asking users whose passwords may have been exposed on others sites to change passwords to access the social website.
The Emergence of DDoS-as-a-Service
"Legitimized" services increase DDoS threats and lend credence to the notion that information security is as much about corporate health as it is self-defense.
Report: Social Media Gets Abused
New data culled from real-world branded social media accounts shows cybercriminals' obsession with going social
Tech Insight: Viral Arms Race Brings New, Better Evasion
New malware advances focus on evading security researchers and automated analysis sandboxes
Data Center Servers Exposed
Popular server firmware contains multiple zero-day vulnerabilities, but fixes are fraught with trade-offs
Criminals Exploit Microsoft Office Zero-Day Flaw
At least two sets of attackers have been using malicious Office documents to exploit the graphics processing vulnerability.
Hackers Threaten Destruction Of Obamacare Website
DDoS tool targets the federal Affordable Care Act website. But will it work?
New Bucks For Bugs Program Focuses On Open-Source Software, Internet Infrastructure
Microsoft and Facebook co-sponsor community bug bounty program that pays researchers for flaws found in popular open-source software, Internet protocols
ColdFusion Hacks Point To Unpatched Systems
Several highly publicized hacks have been traced to unpatched ColdFusion vulnerabilities, collectively leading to one million records being stolen.
|
Latest Comment: This comment is waiting for review by our moderators.
Navigating the Deluge of Security DataIn this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industry’s conventional wisdom. Here’s a look at what they’re thinking about.
Tweet This
1 Comments
