How Does Your Website Stack Up? View Mobile/Website Performance Free Today!
Welcome Guest | Sign In
ECommerceTimes.com
Windows Caught in Path of FREAK Security Storm
March 06, 2015
Microsoft on Thursday issued a security advisory acknowledging a vulnerability in all versions of Windows that could allow FREAK exploits. Windows systems previously were thought to be immune to FREAK attacks. "The vulnerability could allow an attacker to force the downgrading of the cipher suites used in an SSL/TLS connection on a Windows client system," the advisory reads.
Bracing for the Cyberthreat Deluge
March 06, 2015
Almost 17,000 malware alerts surface every week, the Ponemon Institute recently found. Only 4 percent of alerts were investigated, and traditional antivirus products missed nearly 70 percent of malware in the first hour, researchers discovered in a recent Damballa study. Rescanning led to identification of 66 percent of the malware in 24 hours and 72 percent after seven days.
China's Cybersecurity Plans Draw US Fire
March 05, 2015
China should change its tune on new rules for purchases from American high-tech companies if it wants to do business with the United States, President Obama recently warned. China reportedly is planning to ask U.S. high-tech firms to hand over their encryption keys and install security backdoors in their systems to allow surveillance as a counterterrorism measure.
Twitter's New Safety Rules: Hot Diggity or Hot Air?
March 03, 2015
Twitter has announced actions to further protect users of its network -- but it left them vague. The company is rolling out unspecified improvements to its reporting process for content issues including impersonation, self-harm, and the sharing of private and confidential information, aka "doxing." It's also beginning to add new enforcement actions for use against accounts that violate its rules.
Monster Problem Threatens New US Cyberthreat Plan
March 03, 2015
President Barack Obama last week made good on his promise to establish a center for cybersecurity information gathered by agencies of the federal government. It's a laudable initiative -- if it works. The Cyber Threat Intelligence Integration Center will connect the dots regarding malicious foreign cyberthreats to the nation and cyberincidents affecting U.S. national interests.
Government Spies Came Up Dry, Says Gemalto
February 26, 2015
SIM card maker Gemalto, whose networks reportedly were breached by hackers from the United States National Security Agency and the UK's GCHQ, on Wednesday said the spies got nothing. The hackers stole cryptokeys for millions of SIM cards, according to The Intercept, which cited documents released by NSA whistle-blower Edward Snowden. Gemalto denied any SIM cryptokeys had been stolen.
Malicious Emailers Find Healthcare Firms Juicy Prey
February 26, 2015
Healthcare providers have garnered growing interest from hackers in recent months. More evidence of that trend appeared last week in a report on email trust. An email that appeared to come from a healthcare company was four times more likely to be fraudulent than an email purportedly from a social media company like Facebook, one of the largest creators of email on the Internet, Agari found.
Yahoo CISO, NSA Chief Slug It Out Over Security Backdoors
February 25, 2015
Yahoo CISO Alex Stamos on Monday confronted NSA Director Adm. Mike Rogers over the United States government's plan to require built-in backdoors in hardware and software made by American companies. The exchange took place at the New America Foundation's cybersecurity conference. Building backdoors into cryptography is "like drilling a hole in the windshield," Stamos said.
FTC, Private Sector Lock Horns Over Consumer Data Protection
February 25, 2015
The major headline hacking event of 2014 involved data theft at a highly visible enterprise: Sony Pictures. Perhaps just as significant in e-commerce security was a 2014 federal court ruling which allows the FTC to continue penalizing commercial firms for failure to protect consumer data from hackers. That decision has been challenged, and in early March the FTC and its opponent will square off in court.
Citizenfour's Oscar Highlights National Divide Over Snowden
February 24, 2015
Citizenfour, a film documenting interviews director Laura Poitras conducted with whistle-blower Edward Snowden, won the Oscar for best documentary Sunday. The talks took place as Snowden blew the lid off the United States National Security Agency's surveillance activities. The award highlights the divisions in the U.S. over Snowden's actions and the question of national security.
Government Spies Steal SIM Card Cryptokeys
February 23, 2015
The United States' National Security Agency and British spy agency GCHQ have hacked into the internal computer network of Gemalto, the world's largest maker of SIM cards, and stolen the cards' encryption keys, according to information in files leaked by whistle-blower Edward Snowden. Gemalto makes about 2 billion SIM cards a year, and sells them to 450 major wireless network carriers worldwide.
AT&T Puts a Price on Privacy
February 23, 2015
Users who want to sign on to GigaPower by AT&T, the carrier's 1-gigabit-per-second Internet service that just become available in Kansas City, Missouri, have an interesting choice. They can pay $70 with the understanding that their online movements will be tracked for commercial purposes -- or they can pay an additional $29 a month to avoid the monitoring.
Google Rails Against Proposal to Give Feds Remote Hacking Authority
February 20, 2015
Google is fighting a proposed amendment to Rule 41 of the U.S. Criminal Code that might allow authorities to hack into computers abroad. The amendment seeks to empower a magistrate in a district where activities related to a crime may have occurred to issue a warrant for remote search of computers, as well as seizure or copying of their files, under certain circumstances.
Lenovo Rapped for Preinstalling Spyware
February 19, 2015
Lenovo has come under fire for preinstalling spyware on some of its laptops. The software, Superfish, uses the same techniques cybercriminals often employ to crack encrypted traffic. "Superfish is purposely designed to bypass the security of HTTPS websites in a manner that would allow malware and attackers to also bypass the security provided by HTTPS," said Bluebox cofounder Adam Ely.
Cyberthieves Bag a Billion in Snail-Speed Bank Heists
February 18, 2015
Criminals using Carbanak malware have stolen up to $1 billion from 100 financial institutions in Russia, China, Germany and the United States, Kaspersky Lab has revealed. The gang is expanding operations to other countries. Kaspersky has advised financial institutions to scan their networks for intrusion by Carbanak. "These are advanced threat actors," said Lancope CTO TK Keanini.
NSA Suspected of Spreading Super-Resistant Malware
February 17, 2015
Kaspersky Lab on Tuesday announced the discovery of what may be the most sophisticated malware ever. The malware's creators, whom Kaspersky has dubbed "The Equation Group," use a never-seen-before tactic to infect hard drives' firmware. The technique "makes traditional antivirus and antimalware software practically useless," said Protegrity VP of Products Yigal Rozenberg.
It's Time to Investigate Cyber Insurance
February 17, 2015
Almost every day there are reports of cyberintrusions, attacks and related security breaches. If your company does not have the right insurance, it could be even more of a disaster. What company can afford not to have insurance for a potential cyberdisaster? Let's look at some protective measures that can be taken to safeguard your business.
Encryption Can Create Stormy Weather in the Cloud
February 17, 2015
Encryption has received a lot of attention lately as a solution to the growing data breach problem, but one of the hang-ups dogging the technology has been its ability to play nice in the cloud. That's especially true if an organization wants to control the keys by which its data is scrambled and use services offered by a cloud provider beyond simple storage.
Facebook Launches ThreatExchange to Stymie Cybercrime
February 13, 2015
"Threat researchers do already share this data manually," Jeremy Demar, director of threat research at Damballa, told TechNewsWorld. "The value in systems like this isn't the ability to share raw intelligence [it's the] structured data that allows for the information to be accessed quickly and easily by the users." ThreatExchange is based on Facebook's ThreatData threat analysis framework.
Obama's Cyberthreat Intel Aggregator Plan Divides Security Experts
February 12, 2015
The Obama Administration on Tuesday announced plans to set up a national Cyber Threat Intelligence Integration Center to integrate all data from government agencies and the private sector, and disseminate it appropriately. The intelligence integration center will initially have a staff of 50 and a budget of US$35 million. Reactions from cybersecurity experts were mixed.
Samsung Smart TV Owners Fume Over Sneaky Pop-Up Ads
February 11, 2015
Samsung Smart TV owners, already shaken by news earlier this week that their TVs can transmit voice commands and other private data to third parties, have been hit by another revelation -- that the devices sneak ads into movies they're watching, without the owner's knowledge or consent. A user on the Plex forum complained that a Pepsi ad popped up every 10 to 15 minutes while he was watching his Samsung TV.
Box to Let Enterprises Bring Their Own Keys to the Cloud
February 11, 2015
Box on Tuesday raised the curtain on a new offering that allows its enterprise customers to control the digital keys used to encrypt their data stored in the storage provider's cloud. Box is working with Amazon Web Services and Gemalto to bring to market "Box Enterprise Key Management," and give its most security-minded customers total control over the keys used to encrypt data they store on Box.
Bug Bounties Entice Researchers to Don White Hats
February 10, 2015
Bug bounty programs are used by individual software makers to improve the quality of their products, but they can have incidental benefits for all software makers, too. One of those is to encourage bug hunters to wear a white hat instead of a black one. When you make it easy for hackers to do the right thing, the majority will," noted Alex Rice, CTO of HackerOne.
Report: Connected Vehicles Vulnerable to Hack Attacks
February 09, 2015
Motorists in the United States are increasingly at risk of cyberattacks and violations of privacy, as more and more technology is added to their cars. A report released on Sunday by the office of Sen. Ed Markey (D-Mass.) listed a number of key findings that are based on responses from 16 auto makers to a letter sent to them by Markey's office.

See More Articles in Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Are you looking forward to self-driving cars?
You bet -- I'd love to have a built-in chauffeur.
Yes -- self-driving cars will save lives.
Kind of -- I'd like some self-driving features, like parking.
No -- self-driving cars are too dangerous.
No -- I don't want to give up another freedom.
Absolutely not -- I saw Terminator and I'm not letting some robot take me for a ride!
Salsify 30-day free trial
Download your FREE case study