Four E-Commerce Tips for Retailers on How to Help Prevent Shopping Cart Abandonment
Welcome Guest | Sign In
ECommerceTimes.com
Gooligan Ransacks More Than 1M Android Accounts
December 2, 2016
More than 1 million Google accounts have been breached by Android malware dubbed "Gooligan," Check Point reported Wednesday. The malware roots infected devices and steals authentication tokens that can be used to access data from various Google apps including Gmail, Google Docs, G Suite and Google Drive. It potentially affects devices running Android 4 and 5.
Facebook Denies Ransomware Infiltration
November 29, 2016
Facebook has denied that its network and Messenger app were being used to spread ransomware to its users, contradicting the claims of a security firm. Two Check Point researchers last week reported they had discovered a new method for delivering malicious code to machines, which they dubbed "ImageGate." Threat actors had found a way to embed malicious code into an image, they said.
$5 PoisonTap Tool Easily Breaks Into Locked PCs
November 25, 2016
Proving once again that you can do a lot of damage with a little investment and a lot of ingenuity, security researcher Samy Kamkar recently managed to take down a locked, password-protected computer using a $5 Raspberry Pi. The low-tech cookie-siphoning intrusion is one of Kamkar's simplest hacks ever. He previously has unlocked car doors, garages, wireless remote cameras and other devices.
Cyber Grinches Could Disrupt Holidays' Biggest Shopping Weekend
November 23, 2016
Recent high-profile distributed denial of service attacks on the Internet's infrastructure and an investigative journalist's website have spiked concerns over possible disruptions of traffic during the biggest online shopping weekend of the year. Online spending last year exceeded $5.8 billion on Black Friday and Cyber Monday, according to Adobe, and that figure is expected to go up this year.
Friend Finder Data Breach Exposes 400M Swingers
November 19, 2016
Hackers have stolen information of more than 400 million users of Friend Finder Networks, which runs several adult dating and pornography websites, LeakedSource reported. This is Friend Finders' second breach in two years. Last year, hackers accessed 4 million accounts, exposing information on users' sexual preferences and extramarital affairs. More than 412 million users were compromised.
iPhone Call Logs Easy Pickings on iCloud, Says Russian Security Firm
November 17, 2016
Russian digital forensics firm ElcomSoft on Thursday reported that Apple automatically uploads iPhone call logs to iCloud remote servers, and that users have no official way to disable this feature other than to completely switch off the iCloud drive. The data uploaded could include a list of all calls made and received on an iOS device, as well as phone numbers, dates and times, and duration.
Google Clamps Down on Sneaky Malicious Sites
November 16, 2016
Sites that repeatedly violate Google's safe browsing policies will be classified as repeat offenders, the company said. A small number of websites take corrective actions after Google displays alerts on their landing pages warning visitors that they're harmful. However, they typically revert to violating the policies after Google verifies that they're safe and removes the warnings.
Russia's Fancy Bear Attacks Microsoft, Adobe as Election Nears
November 4, 2016
Microsoft earlier this week said it had fallen victim to "Strontium," its code name for the Russian hacking group also known as "Fancy Bear," which has been linked to recent attacks on Democratic Party systems. The group launched a spear phishing attack that targeted vulnerabilities in both the Windows operating system and Adobe Flash, according to Microsoft EVP Terry Myerson.
Microsoft: Google's Policy Endangers Windows Users
November 1, 2016
Google on Monday posted to the Internet a previously unpublicized flaw that could pose a security threat to users of the Microsoft Windows operating system. Google notified both Microsoft and Adobe of zero day vulnerabilities in their software on Oct. 21, wrote Neel Mehta and Billy Leonard, members of Google's Threat Analysis Group, in an online post.
Verizon Signals Cold Feet Over Yahoo Deal
October 17, 2016
Verizon last week indicated that its $4.8 billion acquisition of Yahoo could be in jeopardy in light of the company's delay in disclosing a massive 2014 data breach that compromised about 500 million account holders. Verizon may need some additional assurances, suggested General Counsel Craig Silliman. "I think we have a reasonable basis to believe right now that the impact is material."
This Election May Be Scarier Than You Think
October 17, 2016
Not that it isn't scary enough -- but if you look at both candidates, who have had their images destroyed largely by technology, i.e., tapes and emails -- there is a huge warning inherent in the process. Email really wasn't a big thing until the late 1990s and even having your own email server wouldn't have been likely before 2005, let alone thinking through the security aspects.
Odinaff Trojan Targets Banks, Financial Firms Worldwide
October 12, 2016
Symantec on Tuesday reported on a malware campaign that has targeted financial organizations worldwide for the past 10 months. Dubbed "Trojan.Odinaff," it has infiltrated the banking, securities, trading and payroll sectors, as well as organizations that provide them with support services. Odinaff is used in the first stage of an attack, to get a foothold into a network.
Insulin Pump Susceptible to Hacking
October 7, 2016
Medical device manufacturer Animas on Tuesday warned that its OneTouch Ping insulin pump system was susceptible to hacking. "We have been notified of a cybersecurity issue with the OneTouch Ping, specifically that a person could potentially gain unauthorized access to the pump through its unencrypted radio frequency communication system," reads the company's letter to users of the device.
IoT Could Become Playground for Botnets Gone Wild
October 6, 2016
The source code for Mirai, the malware behind the botnet that launched a massive attack on the Krebs on Security website -- the largest DDoS attack on record -- has been released in the wild, according to Brian Krebs. A hacker who goes by the handle "Anna-senpai," apparently because of increased scrutiny from the cybersec industry, last week announced the release on Hackforums, Krebs said.
Report: Apple Shares Unencrypted iMessage Metadata With Cops
October 5, 2016
Apple last week faced renewed scrutiny for its data-sharing practices, following news that it retains iMessage metadata and shares it with law enforcement when presented with a court order. The company has insisted that it would not share data that would jeopardize the privacy and trust of its millions of customers. Metadata includes contacts, IP addresses, and dates and times of conversations.
Garden-Variety Cybercrooks Breached Yahoo, Says Security Firm
September 30, 2016
The hackers who stole the data of hundreds of millions of Yahoo users two years ago were two cybercriminal gangs, InfoArmor reported. That finding contradicts the notion that state-sponsored actors were behind the attack, which Yahoo suggested when it disclosed the breach. Further, the number of users' records stolen is closer to 1 billion than to the 500 million Yahoo acknowledged.
Adobe Leaps From AWS to Microsoft's Cloud
September 28, 2016
Microsoft has announced a series of major enhancements to its enterprise cloud platform, as well as a new strategic partnership with Adobe, advancing its drive to attract new business from core competitors like Salesforce and Amazon. Microsoft has entered a strategic partnership to make Azure the preferred cloud platform for the Adobe Marketing Cloud, Adobe Creative Cloud and Adobe Document Cloud.
Hackers Get Up Close and Personal With WH Staffer's Email
September 27, 2016
Federal authorities last week launched a probe of a suspected cyberattack that targeted the private Gmail account of a White House staffer. The employee's correspondence turned up on the DCleaks hacktivist site, which earlier this month posted the private emails of former Secretary of State Colin Powell. The latest dump involves the private account of White House staffer Ian Mellul.
Hack of Half a Billion Records Takes Shine Off Yahoo's Data Trove
September 23, 2016
Yahoo on Thursday disclosed that a data breach in late 2014 resulted in the theft of information from at least 500 million customer accounts. It appears that state-sponsored hackers carried out the attack, the company said. Account information compromised includes names, email addresses, telephone numbers, dates of birth, hashed passwords, and security questions and answers.
Opera's Free VPN Takes On Internet Privacy Challenge
September 22, 2016
Opera earlier this week released a new version of its browser, Opera 40, which comes with a free virtual private network service built in. The official rollout follows five months of user experimentation with a beta version. After evaluating beta users' feedback, the company brought on additional servers, added options for global or private browsing, and created iOS and Android versions.
Congress to Bureaucrats: Trust No One
September 20, 2016
Congress earlier this month lowered the hammer on the U.S. Office of Personnel Management in a report on the massive data breach that resulted in the theft of 4.2 million former and current government employees' personnel files, as well as 21.5 million individuals' security clearance information, including fingerprints associated with 5.6 million of them.
How China Could Take Over the World's Tech and Automotive Markets
September 12, 2016
Nvidia and Baidu recently made an announcement with regard to self-driving cars that deserves closer attention. China currently is behind the U.S. in automotive technology, but it has passed the U.S. and Japan in automobile production -- I actually thought Japan was still ahead. China is producing twice the number of cars the U.S. is producing right now.
Dropbox Drops Other Shoe in Years-Old Data Breach
September 8, 2016
Dropbox has confirmed that more than 68 million emails and passwords have been compromised from a hack that originally was disclosed in 2012. Exposure from the breach was limited to email addresses, Dropbox originally claimed. However, the hackers actually stole hashed and salted passwords. Even so, there have been no indications that they succeeded in accessing user accounts, the company said.
Obama Warns Against Cyber Cold War
September 6, 2016
President Obama on Monday urged de-escalation of a potential arms race involving cyberweapons. The president's remarks followed his meeting with world leaders, including Russian President Vladimir Putin, at the G20 Summit in Hangzhou, China. The U.S. has more offensive and defensive capability than any other country on Earth, Obama noted. The president urged adoption of new cybersecurity norms.
Feds Warn States to Batten Down Hatches Following Election System Attacks
September 2, 2016
The FBI has launched investigations into malicious cyberattacks on the electronic election infrastructures in Illinois and Arizona, and federal officials last month warned states to take steps to protect their systems as the presidential campaign heats up, according to reports. The attacks, dating back to June, led to the illegal download of information on more than 200,000 Illinois voters.
Election Season Spawns Scams With Political Twist
August 30, 2016
Dirty tricks during political campaigns are nothing new, but the Internet and the proliferation of mobile devices have allowed tricksters to up their games a notch. It came to light last week, for example, that Donald Trump's campaign app was hoovering the address books on his supporters' phones. Trump's app wasn't doing anything illegal. It wasn't even trying to hide what it was doing.
Apple Speeds iOS Patch to Bring Down Pegasus
August 26, 2016
Apple on Thursday issued a patch that addresses three recently discovered critical iOS zero-day vulnerabilities, and advised users to update their systems immediately. State-sponsored actors exploited the flaws to target United Arab Emirates human rights defender Ahmed Mansoor, and a Mexican journalist who reported on government corruption. Researchers have dubbed the flaws "Trident."
Russian Gang Suspected of Hacking Oracle's POS System
August 20, 2016
Oracle has been investigating a point-of-sale system breach that may be the work of Russian cyberthieves. Hackers compromised at least 700 computers on the MICROS POS system, used by hundreds of thousands of hotels, restaurants and retail outlets worldwide to process credit card transactions, Krebs on Security reported earlier this month. More than 330,000 cash registers worldwide use MICROS.
Super-Sophisticated Spyware Spotted After 5-Year Run
August 16, 2016
Symantec and Kaspersky Lab last week separately announced the discovery of a highly sophisticated APT that had eluded security researchers for at least five years. A previously unknown group called "Strider" has been using Remsec, an advanced tool that seems to be designed primarily for spying. Its code contains a reference to Sauron, the main villain in The Lord of the Rings.
Hackability of Volkswagen's Keyless Entry System Exposed
August 12, 2016
Hackers using cheap wireless devices pose a threat to millions of cars equipped with Volkswagen's keyless entry system, according to a study from the University of Birmingham. Scheduled for presentation Friday at the USENIX security conference in Austin, Texas, the study shows that thieves can use a simple wireless device to unlock the doors of millions of cars remotely.
See More Articles in Consumer Security Section >>
Facebook Twitter LinkedIn Google+ RSS
What is your No. 1 priority for a new laptop?
Robust features and functionality
Form factor, including size and weight
A good selection of ports and drives
Flexibility to support a variety of uses
A brand name I can trust