OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
XOR Trojan Threatens Linux Networks
October 2, 2015
Researchers for the Security Intelligence Response Team at Akamai on Tuesday issued a high-risk threat advisory for XOR DDoS proliferation. The XOR DDoS Trojan is used to hijack Linux servers to build a botnet for distributed denial-of-service attacks with SYN and DNS floods, researchers tracking the malware said. The massive Linux-based botnet can take down websites under a flood of DDoS traffic.
Microsoft Pushes Deeper Into Linux, Containers, IoT
October 1, 2015
Microsoft announced a slew of corporate cloud solutions at Tuesday's AzureCon. "The value for IoT is in control, data collection and analysis, and Microsoft is apparently building a cloud service that can do all three, and wrapping it with enterprise-level security," said Rob Enderle, principal analyst at the Enderle Group. Microsoft also announced a new open Azure Container Service.
Black Hats Offer Million-Dollar iOS 9 Bug Bounty
September 30, 2015
Zerodium has posted a million-dollar bounty for juicy iOS 9 bugs or jailbreaks. Zerodium runs a market where exploits and vulnerabilities are bought and sold, according to Damballa. "While there is no insight into a specific buyer, we can assume if an exploit for iOS 9 is found, Zerodium will sell it for way more than $1 million," wrote Loucif Kharouni, senior threat researcher at Damballa.
BlackBerry Sees the Android Light
September 28, 2015
BlackBerry on Friday announced that it would introduce an Android smartphone later this year. The announcement came during the company's Q2 earnings call. The device will be known as the "Priv" and will be built around user privacy, said CEO John Chen. BlackBerry didn't offer any specifics about the Priv beyond the name -- nothing about pricing, U.S. carrier partners or any handset specs.
OPM's Latest Bad News: 5.6 Million Fingerprints Lifted
September 25, 2015
The Office of Personnel Management on Wednesday revealed that the hackers who penetrated its records system stole 5.6 million fingerprints of federal employees -- five times the 1.1 million originally reported. The cyberattack, which came to light this spring, compromised the Social Security numbers and other sensitive information of 21.5 million people.
Feds Award $500M Credit-Monitoring Contract Following OPM Breach
September 23, 2015
The U.S. government spends millions of dollars on IT systems designed to prevent cybersecurity attacks, but they still occur. Government agencies are hopeful that the learning curve will improve dramatically, and breaches will be reduced. In the meantime, what happens to people affected by a breach after an attack succeeds? This year, the OPM was hit with one of the biggest hack attacks ever.
Internet of Things Makes Enterprise Headway
September 22, 2015
The Internet of Things is poised to soar in the enterprise, a new survey from IDC indicates, with the planning stage rapidly shifting to deployment. Nearly 73 percent of about 2,500 respondents to the firm's IoT Decision Maker Survey said they already had deployed IoT solutions or would do so within the next year, the firm reported Tuesday. The survey respondents came from 15 countries.
IoT Can Open Doors to Cybercriminals, FBI Warns
September 16, 2015
The FBI has warned businesses and consumers to be careful when deploying devices that connect to the Internet of Things. As more companies and consumers use IoT devices to improve efficiency and convenience, their connection to the Internet creates opportunities for cybercriminals, the FBI said. The "Internet of Things" is a broad term that encompasses myriad devices that connect via cyberspace.
Hackers Home in on Health, Education, Government Sectors
September 16, 2015
A New York healthcare provider, California's higher education system and the Department of Energy have become the latest targets of data bandits. The latest massive data breach at a healthcare provider reportedly took place at Excellus BlueCross BlueShield, which last week revealed that the personal data of more than 10 million people was at risk due to an attack that dates back to December 2013.
Netflix Move Prompts Premature Antivirus Software Obit
September 11, 2015
Netflix reportedly is in the process of dumping its antivirus software and placing all its faith in an alternative solution to protect its more than 60 million subscribers from online nastiness, a move that prompted one pundit to pronounce the death of antivirus software yet again. Such dire pronouncements have been made for years, and they're likely to be made for many years to come.
Linux Foundation Security Checklist: Have It Your Way
September 6, 2015
The Linux Foundation's recently published security checklist may draw more attention to best practices for protecting Linux workstations, even if IT pros do not embrace all of its recommendations. Konstantin Ryabitsev, the foundation's director of collaborative IT services, developed the list for the use of LF remote sysadmins, to harden their laptops against attacks.
White House Wants Feedback on IT Contract Security
September 2, 2015
Cybersecurity is a key component of all contracts between U.S. government agencies and information technology vendors. Yet cyberbreaches continue to occur -- some of them with alarming scope and depth. The White House is seeking input from private sector vendors and others on how to improve the cybersecurity elements involved in federal government purchases of IT equipment and services.
Shadow IT Feeds 'Man in the Cloud' Attacks
August 27, 2015
Shadow IT -- the use of unauthorized online services by company employees -- is a concern of cyberwarriors charged with defending business systems against network attacks. There's new evidence that those concerns are justified. A new attack vector on business systems leverages the synchronization features of services like Dropbox and Google Drive to perform malicious mischief.
Study: Chinese Hackers Are Savvy, Surgical
August 13, 2015
A clandestine group of sophisticated Chinese hackers have infected scores of sites on the Web and stolen documents from industrial and government organizations with surgical precision, according to a Dell SecureWorks study released last week. Dubbed "Threat Group 3390," the cybergang has used infected websites of some 100 organizations across the globe.
Feds Break Up Hacker-Powered Insider Trading Ring
August 12, 2015
In two indictments unsealed by the U.S. Department of Justice in Brooklyn, N.Y., and Newark, N.J., nine people were charged in federal court with carrying out an international scheme to hack into three business newswires, steal yet-to-be published press releases, and use them to make trades that generated approximately $30 million in illegal profits.
Chinese Hackers May Have Burrowed Into Airlines
August 11, 2015
The China-based hacking team that has been infiltrating U.S. government and business computer systems appears to be behind two newly discovered attacks -- this time on travel reservation processor Sabre and American Airlines. Sabre confirmed that its systems -- which contain sensitive records on as many as a billion travelers -- recently were breached. American Airlines is investigating.
Android on BlackBerry Is Looking More Real
August 10, 2015
BlackBerry's upcoming slider handset, aka "Venice," will run on Android and will be available in the coming months for AT&T as well as T-Mobile, according to rumors that picked up steam over the weekend. This is not the first time rumors of a BlackBerry device running on Android have made the rounds. The company earlier this year hinted at the possibility at the Mobile World Congress.
Cyberwarrior Demand Outpaces Supply
August 6, 2015
Demand for cybersecurity professionals continues to far outpace supply, according to a Burning Glass Technologies report released last week. Cybersecurity hiring remains concentrated in government agencies and among defense contractors, the third annual cybersecurity job market report notes, but hiring has started to boom in industries handling consumer data.
Malvertisers Poison Yahoo's Ad Network
August 4, 2015
Yahoo's ad network suffered an attack that lasted for almost a week, Malwarebytes reported mid-day Monday. Malwarebytes earlier notified Yahoo of the attacks, which began July 28. Yahoo had stopped them by the time the report was published. The attackers used the Angler Exploit Kit, described as highly sophisticated, to redirect visitors to ad sites on two Microsoft Azure domains.
Leverage Big Data to Get Rid of Network Attackers
July 21, 2015
Up to 30 percent of their firms' security incidents this year should have been detected by perimeter security measures -- but weren't -- said 55 percent of respondents to a SANS Institute survey. The truth is that today's attackers have become skilled at bypassing conventional defenses, which no longer can be counted on to protect enterprise networks on their own.
DoJ: Firms Should Hire Cyber-Savvy Lawyers
July 20, 2015
Hardly a day goes by without a headline about a cyberintrusion. No entity is immune -- international retailers, airlines, hotels, mom and pop stores, cloud providers -- even the U.S. government. However, it seems that few businesses contemplate how important it is for their attorney to know and understand cybersecurity, as well as know what to do when a cyberintrusion occurs.
NYSE, United Shutdowns Spark Cyberattack Rumors
July 9, 2015
The New York Stock Exchange on Tuesday halted all transactions for three hours, due to what it maintained was a technical glitch. Trading continued on the other exchanges belonging to its owner, holding company Intercontinental Exchange. "The markets did not plummet with the shutdown," said Jim Wright, chief investment officer at Harvest Financial Partners.
Security Pros Shine Light on Shadowy Cyberspy Ring
July 8, 2015
A highly sophisticated group of hackers who use cutting-edge techniques to shield their attacks from detection has been bedeviling corporations around the world for several years. The group, which Symantec dubbed "Morpho" and Kaspersky Lab calls "Wild Neutron," has hit multibillion-dollar corporations in the Internet, software, pharmaceutical and commodities sectors in at least 11 countries.
Is Isolating the Internet Key to Bulletproof Security?
July 7, 2015
With so many cybersecurity pros drowning in an ever-rising tide of hack attacks on their computer systems, an emerging approach to defending those systems may be the life preserver they've been looking for. The approach doesn't involve beefing up perimeter defenses, carefully scrutinizing network traffic, or applying analytics to employee behavior.

See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Do you want to live in an Internet-connected home?
Yes -- I have some smart things, and I want more.
Yes -- I'm looking forward to all the conveniences.
Not sure -- I have security and privacy concerns.
No -- the technology isn't good enough yet.
No -- it's a ridiculous waste of money.
Ignite Payments
Reap the reward of the holiday shopping buzz