Showcase Your Business as a Thought Leader - Publish Your Blog, Videos and Events on ALL EC - Save 25% Now
Welcome Guest | Sign In
ECommerceTimes.com
Gmail Privacy and Security Get Ruggedized
April 26, 2018
Google has rolled out a number of new features designed to make its G Suite collaboration and productivity apps more efficient and safer to use. G Suite currently has more than 4 million paying business customers. The updates include a new design, enhanced security and AI components, and better integration of G Suite apps -- including Gmail, which is getting a brand new look.
'Holy Grail' Exploit Puts Nintendo Switch Consoles at Risk
April 25, 2018
Devices built on Nvidia's Tegra X-1 mobile processor are at risk of attack from a flaw security researchers have revealed. The exploit chain discovered by Katherine Temkin and others affects any device running the chip, including the Nintendo Switch gaming console. Called "Fusée Gelée," the vulnerability allows anyone to run code on the chip by overloading a critical buffer when a system boots.
Google Puts a Lid on Mysterious 'Self-Spamming'
April 24, 2018
Users of Google's Gmail have been receiving spam that appears to have been sent from their own accounts. Google said it was aware of a spam campaign impacting a "small subset of Gmail users" and was taking measures to protect against it. The attackers used forged email headers to make it appear that users were sending emails to themselves, which led to those emails appearing in their sent folders.
Microsoft Calls On Linux for Its New IoT Security Platform
April 22, 2018
Microsoft has opted to use its own version of a Linux operating system instead of Windows 10 to drive its new Azure Sphere solution for securely connecting Internet of Things devices. Microsoft introduced Azure Sphere last week at the RSA security conference in San Francisco. Azure Sphere is a platform that connects microcontroller units, or MCUs, embedded in cloud-connected devices.
Microsoft, Facebook, Oracle Among 34 Firms to Join Cybersecurity Tech Accord
April 18, 2018
Microsoft, Oracle and Facebook, along with 31 other companies, have signed the Cybersecurity Tech Accord, an agreement aimed at defending against cyberattacks, whether coming from rogue hackers or nation-states. The 34 tech firms committed to stronger defenses, no offensive attacks, capacity building and collective action. Security remains a major issue in the tech world.
Standards Milestone Could Mark Beginning of End for Passwords
April 11, 2018
A Web standards milestone could point to the end of the road for pesky passwords. The new standard, WebAuthn, has won near-final approval from the World Wide Web Consortium. WebAuthn defines a standard API that can be incorporated into browsers and Web infrastructure. It opens the door for new ways for users to authenticate themselves on the Internet that are more secure and convenient than passwords.
Beyond CRM
April 10, 2018
We should start discussing what's beyond CRM. I chose the word "beyond" advisedly. CRM is far from dead or even in decline, so "after" would be incorrect. However, CRM already has changed so much that it may be time to rethink it. Also, many of the tangential technologies that have turbocharged CRM in the last few years, like social media, have drawn so much attention that some analysis is due.
No Cure for Cyber Insecurity?
April 6, 2018
An alarming number of major U.S. retailers, industrial firms, government agencies and other organizations have been hit in a recent wave of cyberbreaches that may signal increasing vulnerability for consumers and businesses alike. The attacks have exposed millions of consumer payment cards to fraud. Cyberthieves have used a variety of methods to infiltrate corporate computer systems.
FTC Signals Tougher Stance on Mobile Privacy Protection
March 29, 2018
Mobile device makers and telecom service providers need to make significant privacy protection improvements for their customers, says the FTC. Its recent report could become the basis for agency enforcement actions -- not only for smartphones, but also for other mobile devices. "The report is a clear signal to the industry to focus on this issue," said Gerard Stegmaier, a partner at Reed Smith.
US Charges 9 Iranians in Massive Academic Research Theft
March 27, 2018
The DoJ has charged nine Iranian nationals for engaging in a massive phishing campaign on behalf of the Iranian Revolutionary Guard. The allegations include the theft of $3.4 billion in research and intellectual property from 320 colleges and universities in the U.S. and abroad, as well as from 47 foreign and domestic companies, plus several federal agencies, state governments, and the UN.
Facebook Phone-Scraping Takes Users by Surprise
March 27, 2018
Facebook on Sunday confirmed that its Messenger and Lite apps for Android smartphones routinely collect call and text histories. The call and text history logging are opt-in features for people using Messenger or Facebook Lite on Android devices, the company said in a post. The feature is designed to help users stay connected, and it improves the Facebook experience, according to the company.
Researcher Cracks 'Hacker-Proof' Crypto Wallet
March 22, 2018
A virtual currency hardware wallet with millions of users has been compromised. Saleem Rashid explained how he cracked the firmware on the wallet produced by Ledger using what's known as a "supply chain" attack. That means a targeted device is compromised before any users get their hands on it. The attack on Ledger's $100 Nano S wallet creates a backdoor on the device.
Nest Builds More Security, Flexibility Into Smart Home Products
March 20, 2018
The Nest Hello video doorbell and the Nest x Yale Lock are now available, along with a new Nest Temperature Sensor -- the latest addition to the company's smart home lineup. Owners of the Hello video doorbell can use the Nest app for iOS or Android to see and converse with people without opening their door. The x Yale Lock -- a tamper-proof, key-free deadbolt -- also connects with the Nest app.
Russians Pose as Americans to Steal Data on Social Media
March 8, 2018
Americans have been targeted on social media by Russian agents on a mission to harvest personal information. The agents pretended to work for organizations promoting African-American businesses as a ruse to obtain personal information from black business owners during the 2016 presidential election campaign. Using names like "BlackMattersUS," the agents set up hundreds of social media accounts.
Amazon Buys Ring to Make Homes, Deliveries More Secure
March 2, 2018
Amazon has agreed to buy Ring for $1 billion, the companies have disclosed. Ring users already could use the Echo Show to see and hear visitors at the front door. The deal means Ring can further its "mission to reduce crime in neighborhoods by providing effective yet affordable home security tools to our neighbors that make a positive impact on our homes, our communities and the world," Ring said.
AI's Malicious Potential Front and Center in New Report
February 22, 2018
As beneficial as AI can be, it has its dark side, too. That dark side is the focus of a new 100-page report. AI will be used by threat actors to expand the scale and efficiency of their attacks, it predicts. They will employ it to compromise physical systems and to broaden their privacy invasion and social manipulation capabilities. Novel attacks are to be expected.
Are Smart TV Designs Taking Home Security for Granted?
February 15, 2018
Millions of smart TVs from Samsung and some streaming devices from Roku recently were found to be vulnerable to cyberattacks, allowing intruders to take control and remotely change channels and volume settings, among other things, according to Consumer Reports research. Vulnerabilities were discovered not only in Samsung televisions, but also in TVs from TCL and other Roku-compatible brands.
Microsoft to Use Blockchain to Create Decentralized ID System
February 14, 2018
Microsoft has announced a plan to use blockchain technology to develop decentralized identities, or DIDs. Microsoft formally joined the ID2020 Alliance last month as a founding member. The Alliance aims to develop a blockchain-based identity system for vulnerable populations -- one that can operate across various blockchains, cloud providers, government agencies and other organizations.
Leak of Stale iOS Source Code Could Trigger Fresh Problems
February 9, 2018
Apple lawyers have sent a copyright violation notice to Github, following the publication of leaked iOS 9 source code on the site. Though iOS 9 is dated, it's possible that the leaked code could be used to jailbreak older devices or worse. Publication of the code violated Apple's rights under the DMCA, the attorneys wrote, demanding that the iBoot source code be removed.
Open Up the Source Code to Lock Down Your Data
February 8, 2018
Meaningful security is more than an app or an OS. It's a mindset. Linux security tools by themselves will not make you or anyone more secure. Security requires trade-offs in convenience, so the tools I'll highlight here are not recommended as "daily drivers." Only you can determine your ideal balance point. Perhaps the single greatest strength of Linux is that it is open source.
WiFi Routers Riddled With Holes: Report
February 6, 2018
Most WiFi router vendors have not patched numerous firmware vulnerabilities discovered more than two years ago, according to a new report. OEM firmware built into WiFi routers use open source components that contain numerous known security vulnerabilities that can be exploited by hackers. Insignary conducted comprehensive binary code scans for known security vulnerabilities in WiFi routers.
Intel Reports Progress on Patch-Related Performance Issues
January 25, 2018
Intel appears to have encountered some daylight in its struggle to fix performance issues related to the Meltdown and Spectre vulnerabilities. The company has identified the root cause on its older Broadwell and Haswell platforms, according to Navin Shenoy, general manager of Intel's data center group. Intel has begun rolling out a solution to its industry partners for testing, Shenoy said.
Ominous Processor Vulnerabilities Could Put Most Computers at Risk
January 4, 2018
Nearly a dozen cybersecurity researchers this week reported two potentially serious exploits of vulnerabilities that exist in most modern processors. Three teams independently discovered and reported the Meltdown exploit. Two teams independently discovered and reported the Spectre exploit. The Meltdown and Spectre exploits could used to capture sensitive information on devices.
Zealot Loads Cryptocurrency Miner on Linux, Windows Machines
December 22, 2017
A new Apache Struts campaign that researchers named "Zealot" has come to light in recent weeks. Zealot loads Windows or Linux-based machines by installing a miner for Monero, which has become one of the hottest cryptocurrencies used in recent malware attacks. Zealot uses NSA-linked EternalBlue and EternalSynergy exploits, according to the F5 Labs researchers who discovered the campaign.
What Amazon's Abuse of Power Foreshadows for 2018
December 18, 2017
Given how many big names have fallen over the last few weeks due to sexual misconduct, abuse and harassment, you'd think I'd name 2017 as the year of power abuse. However, while I know a lot of folks think the issue is dying down, I don't see that at all. There are entire industries that have yet to be hit by this, and Congress hasn't even finished cleaning house or putting in place rules to prevent this activity.
New Open Source Tools Test for VPN Leaks
December 13, 2017
ExpressVPN on Tuesday launched a suite of open source tools that let users test for vulnerabilities that can compromise privacy and security in virtual private networks. Released under an open source MIT License, they are the first-ever public tools to allow automated testing for leaks on VPNs, the company said. The tools are written primarily in Python, and available for download on Github.
Oops... Some HP Laptops Shipped With Hidden Keylogger
December 12, 2017
Some HP laptops users came with a preinstalled program to capture the keystrokes of users, a security researcher recently discovered. The researcher, Michael Myng aka "ZwClose," discovered the keylogger software while trying to solve a keyboard problem for a friend. The software is turned off by default. After Myng contacted HP about the program, it quickly released a patch to get rid of it.
MacOS High Sierra Flaw Creates High Anxiety
November 29, 2017
Apple has released a security update to fix a serious flaw revealed via Twitter. The patch is available for macOS High Sierra 10.13.1. macOS 10.12.6 and earlier versions aren't affected. "This morning, as of 8 a.m., the update is available for download, and, starting later today, it will be immediately automatically installed on all systems running MacOS High Sierra 10.13.1," Apple said.
Risky Scripts Pose Threat to Web Surfers, Say Researchers
November 28, 2017
A popular technique used by website operators to observe the keystrokes, mouse movements and scrolling behavior of visitors on Web pages is fraught with risk. The technique offered by a number of service providers uses scripts to capture the activity of a visitor on a Web page, store it on the provider's servers, and play it back on demand for a website's operators.
BlackBerry: The Most Important Mobile Company of the Future?
November 20, 2017
If you are like many, when you saw this headline you likely were surprised BlackBerry was still around. As BlackBerry phones left the market, the company fell out of sight. However, behind the scenes it has been moving into industries like automotive. Also, it remains the leading vendor providing mobile security to our politicians, military personnel and major corporations.
See More Articles in Consumer Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Freshsales - Reply.ai
What best describes your attitude toward social networks and politics?
The value of engaging in serious political discourse outweighs the negatives.
Most of the political conversations seem overheated and ignorant.
Social networks provide a lot of very good political information from reliable sources.
Almost every political post I see is skewed or totally fake.
Political interactions on social networks simply mirror those in the real world.
Social networks remove inhibitions, bringing out the worst in people and politics.