Get the E-Commerce Minute Newsletter from the E-Commerce Times » Subscribe Today
Welcome Guest | Sign In
ECommerceTimes.com
Calling All Retailers - Ready or Not, CCPA Is on Its Way
November 9, 2019
We're just a few short months away from the California Consumer Privacy Act going into effect. The regulation brings privacy rights to residents in California and gives them control of their personal information and how companies can use it. Any business that sells to a California resident needs to be CCPA-compliant. Nearly every brick-and-mortar store nowadays has an e-commerce site.
Researchers Use Lasers to Hack Smart Speakers
November 6, 2019
University researchers have discovered a way to issue unauthorized commands to digital assistants like Alexa, Google Assistant, Facebook Portal and Siri via laser beams. The microphones in devices like smart speakers, mobile phones and tablets convert sound into electrical signals, but what the researchers found was that the mics react to light aimed directly at them, too.
Smart Speaker Apps Caught Snooping Around Homes
October 22, 2019
Flaws in Amazon and Google smart speakers can expose users to eavesdropping and voice phishing. Researchers at Security Research Labs discovered that developers could create malicious apps for the Amazon and Google platforms to turn the smart speakers into smart spies. Using the standard development interfaces for the platforms, the researchers found a way to request and collect personal data.
Adopt a Maintenance Mindset: Protect IT
October 18, 2019
As part of National Cyber Security Awareness Month, the National Cyber Security Alliance is advising all computer users to "Protect IT" by taking precautions such as updating to the latest security software, Web browser and OS. The nonprofit public-private partnership, which works with DHS and private sector sponsors, advised computer users on ways to protect their personal data.
Security First: The Double-Edged Sword of Collaboration
October 14, 2019
Online tech support scams have been on the rise for the past decade, as hackers found new ways to trick consumers into providing remote access to their computers in order to steal information. This tried-and-true scam currently relies on sophisticated social engineering, fueled by detailed user information that creates enough credibility to dupe even the most savvy and skeptical users.
Setting Up Roadblocks to Social Engineering
October 11, 2019
Since the dawn of the Internet age, criminals have looked for ways to profit on unsuspecting people while they browse the Web. Viruses, malware and other schemes were invented to infect and infiltrate systems, both at the enterprise and consumer levels. One of the most successful forms of cybercrime is social engineering, also known as the con man of the Internet.
Stop Cyberattacks in Their Tracks: Secure IT
October 10, 2019
Stopping cyberattacks requires diligent behavior. One of the themes of this year's National Cyber Security Awareness Month, or NCSAM, is that all computer users should take steps to Secure IT. That means shaking up the passphrase protocol by using not just strong passwords but strong and unique passphrases. Everyone should double login protection through multifactor authentication.
Get Serious About Cybersecurity: Take Ownership of Your Personal Data
October 4, 2019
October is National Cyber Security Awareness Month, and one of the prongs in the three-part theme is for all computer users to "Own IT." This means staying safe on social media, updating privacy settings, and keeping tabs on apps. Simply put, users need to take better ownership of their data and their online presence as part of daily safe cyber practices.
eGobbler Malvertising Attack Infects More Than a Billion Ads
October 2, 2019
Two eGobbler malvertising exploits impacted 1.16 billion programmatic ads between Aug. 1 and Sept. 23, according to Confiant, which has been tracking the threat. The first targeted versions of Chrome prior to Chrome 75 on iOS. The flaw was fixed in the Chrome 75 rollout June 4. he second exploit impacted WebKit-based browsers. Confiant reported it to the Chrome and Apple security teams Aug. 7.
Congress Eyes Google's Chrome Encryption Plans
October 1, 2019
Google's plans to test an encrypted Internet DNS protocol reportedly have spurred some members of Congress to consider opening an antitrust investigation. They are concerned that the new technology could give Google an edge over competitors by making it harder for them to access consumer data. Google is experimenting with new ways to enhance online privacy.
Spotlight on Cybersecurity Awareness: Own IT, Secure IT, Protect IT
September 27, 2019
Cybersecurity should be a concern for all businesses -- large and small. Cybersecurity also should be a concern for consumers, government agencies, and basically anyone who relies on the Internet in our increasingly connected world. Among efforts to focus attention on the threatscape is designating October as National Cyber Security Awareness Month.
Amazon Trying Out Hand-Scanning Payment System: Report
September 5, 2019
Amazon is testing scanners that can identify a human hand to use as a payment method for in-store purchases. The company plans to introduce "Orville" to some Whole Foods stores by the beginning of 2020, and later expand it to all locations in the United States. Employees at Amazon's New York offices are said to be using the technology to buy items from specially equipped vending machines.
Verizon Steps Up Fight Against Rampant Robocalls
August 29, 2019
Verizon, the No. 1 mobile carrier in the United States, this week introduced a free version of its robocall-blocking app, which will be standard on all new Android devices. The company further announced that it will auto-enroll eligible Android users to its Call Filter service and block what are seen as "high-risk" calls. This includes calls from numbers that have been reported as fraudulent.
Report: Chinese Hackers Eye US Cancer Research
August 27, 2019
Hackers affiliated with the Chinese government have been making a concerted effort to steal medical research, particularly cancer research, from U.S. institutions. The step-up in medical research theft by Chinese APT hacker groups appears to be linked to China's growing concern over cancer mortality rates and increasing healthcare costs. Cancer in the leading cause of death in China.
Yubico Offers Dual Lightning, USB-C Dongle to Secure Devices
August 21, 2019
Owners of iPhones looking for an extra measure of protection when using applications and logging into websites can get it with a new dongle from Yubico. Its new YubiKey 5Ci, which retails for $70, supports both USB-C and Apple's Lightning connectors on a single device. The dual connectors can give security-conscious consumers and enterprise users strong hardware-backed authentication.
Faulty Driver Coding Exposes Microsoft Windows to Malware Risks
August 15, 2019
Numerous driver design flaws by 20 different hardware vendors expose Microsoft Windows users to widespread security compromises that can cause persistent malware attacks. A report titled "Screwed Drivers," which Eclypsium security researchers presented at DEF CON, urges Microsoft to support solutions to better protect against this class of vulnerabilities.
28M Records Exposed in Biometric Security Data Breach
August 15, 2019
Researchers associated with vpnMentor, which provides virtual private network reviews, discovered a data breach involving nearly 28 million records in a BioStar 2 biometric security database belonging to Suprema. "BioStar 2's database was left open, unprotected and unencrypted," vpnMentor said. "After we reached out to them, they were able to close the leak."
The Apple Card Difference: Security
August 13, 2019
Apple sent emails to a small number of customers last week, inviting them to apply for the company's new Apple Card, and a privileged few have become the first to enroll in the program. The rollout is limited to qualifying applicants in the U.S. The Apple Card, which is a virtual Mastercard issued by Goldman Sachs Bank USA's Salt Lake City branch, will roll out generally later this summer.
The Future of Entertainment Services Authentication
August 12, 2019
New personal identification and authentication technologies have the potential to transform the way entertainment services are delivered, accessed and experienced. These technologies offer a high level of security, often incorporating biometrics such as voice, fingerprint, iris or retinal features, and facial characteristics. Each type of authentication bears its own advantages and disadvantages.
How to Exert Privacy Control Over Your Home Speakers
August 6, 2019
Amazon, Google and Apple have suspended contractor review of consumer recordings following disclosures that the devices are nearly always listening and have captured personal, business and other delicate human interactions. Consumers using smart speakers and digital assistant apps from Amazon and Google can apply some control over their system settings.
Is Biometrics ID Security Good Enough?
August 2, 2019
United Airlines has announced plans to begin rolling out Clear's biometric prescreening at its hub airports. The system works by verifying a flier's fingerprints or eye scan. Clear already is available at about 60 locations throughout the United States. It offers a system that utilizes biometrics to speed preapproved travelers to the front of the security lane.
Capital One Discloses Massive Data Breach, Hacker Arrested
July 31, 2019
Capital One Financial Corporation has announced a data breach affecting some 100 million people in the U.S. and another 6 million in Canada. The FBI arrested the alleged perpetrator of the breach in Seattle. Capital One on July 19 discovered someone had accessed its data stored online and obtained personal information of credit card customers and people who had applied for credit card products.
Equifax Data Breach Settlement No Wrist Slap
July 23, 2019
The United States Federal Trade Commission announced that Equifax has agreed to pay a minimum of $575 million as part of a global settlement of claims against it arising from a 2017 data breach that affected 147 million Americans. The settlement with the FTC, the Consumer Financial Protection Bureau, and 50 states and territories potentially could reach $700 million.
Isn't It Time to Buy Cyber Insurance?
July 15, 2019
Every day we read stories about data breaches and cyberattacks on business and government websites, and the resulting the loss of personally identifiable information. Cybercrime is on the rise, and given the ever-evolving methods of attack, meaningful relief and reliable measures to fend off cybercriminals are unlikely in the foreseeable future. Companies need to insure against cybertheft.
Zoom Flaw Turns Mac Cam into Spy Cam
July 10, 2019
A security researcher has found a flaw in the popular video conferencing app Zoom that could be used to turn on the camera on a Macintosh computer without a user's permission. The vulnerability allows any website to forcibly join a user to a Zoom call, with their video camera activated, without a user's permission, explained Jonathan Leitschuh, a senior software engineer at Gradle.
The Router's Obstacle-Strewn Route to Home IoT Security
July 10, 2019
It is newly minted conventional wisdom that not a single information security conference goes by without a presentation about the abysmal state of IoT security. While this is a boon for researchers looking to make a name for themselves, this sorry state of affairs is definitely not beneficial for anyone who owns a connected device. IoT device owners aren't the only ones fed up, though.
The Threat of a Deepfake Fiasco
July 5, 2019
An AI technology called "deepfake" may be the next big threat we face as a society. Consider a recent video clip of Facebook CEO Marc Zuckerberg saying some outlandish things. You might think it is real -- but it's a deepfake. It's his image, and it sure sounds like him, but he never actually made that speech. "Can't be," you might think. "That has to be Zuckerberg talking." Wrong.
Chinese Hackers Linked to Global Attacks on Telcos
June 26, 2019
Chinese hackers likely are responsible for a series of cyberattacks against telecommunications companies around the world, security researchers have reported. The campaign, dubbed "Operation Soft Cell," has been active since 2012, according to Cybereason. There is some evidence suggesting even earlier activity against the telecommunications providers, all of whom were outside North America.
Firefox Users Warned to Patch Critical Flaw
June 20, 2019
Firefox users should update their browsers immediately to fix a critical zero-day vulnerability. Anyone using Firefox on a Windows, macOS or Linux desktop is at risk. Mozilla issued a patch Tuesday, but the vulnerability was discovered by Samuel Groß of Google Project Zero on April 15. Mozilla's fix came after Coinbase reported exploitation of the vulnerability for targeted spearphishing attacks.
Instagram Targets Account Hijacking
June 18, 2019
Account hijacking has become a nettlesome problem at Instagram so it has decided to do something about it. The social media company has begun testing a simpler method for users to reclaim their compromised accounts. It allows users locked out of their hacked accounts to ask for a six-digit code to be sent to the email address or phone number originally used to open the account.
See More Articles in Consumer Security Section >>
Salesforce is a Leader in the Gartner Magic Quadrant 2019 for Digital Commerce
How do you feel about your use of the Internet?
I spend a lot of time online and it's mostly high value.
I spend a lot of time online and much of it is wasted.
I'd like to experience more immersive online activities, like VR.
I'd like to spend more time in the real world.
I'd like to be always connected, perhaps with eyewear.
It's important to disconnect from the Web at regular intervals.
I go online as little as possible and I intend to keep it that way.
Get the ICMI Agent Experience Toolkit
Amazon Advertising: Strategies to Drive Success