Explore Newsletters from ECT News Network » View Samples | Subscribe
Welcome Guest | Sign In
ECommerceTimes.com
How Fixable Is the Unsafe Internet?
April 15, 2021
A recent study from Consumer Reports' Digital Lab reveals that 96 percent of Americans agree that more should be done to protect consumer privacy. But don't expect to see a whole new alternative Internet emerging any year soon. Instead, you will see a focus on software offerings built around privacy and security rather than hardware.
DNS Flaws Expose Millions of IoT Devices to Hacker Threats
April 14, 2021
A set of flaws in a widely used network communication protocol that could affect millions of devices has been revealed by Forescout Research Labs and JSOF Research. The nine vulnerabilities discovered by security researchers dramatically increase the attack surface of at least 100 million Internet of Things devices, exposing them to potential attacks that could take the devices offline or to be hijacked by threat actors.
Fortune 500s Hit by MS Exchange Breach Maybe Still Unaware
April 13, 2021
Jonathan Cran, founder and CEO of Intrigue, a cybersecurity startup based in Austin, Texas, used his company's network security tools to compile a list of Fortune 500 companies still exposed to last month's Microsoft Exchange breach. Potentially, many of those companies may not know their networks are compromised.
Intrigue Funded to Develop New Attack Surface Management Platform
April 13, 2021
Startup information security firm Intrigue has announced a US$2 million seed round led by LiveOak Venture Partners for a new attack service management platform that helps secure enterprise networks. The Intrigue tools scan all public, exposed attack surfaces inside and outside a company. The seed funding will also support the security and developer communities contributing to Intrigue Core.
Fraud Awareness Kit Puts Businesses on Notice: It's Tax Scam Season
April 7, 2021
Businesses fearful their workers may be targeted by fraudsters will want to take a look at the free Tax Scam Awareness Kit offered by Proofpoint. The kit, for both Windows and macOS, includes materials for an employee education campaign about tax fraud, three educational videos, an infographic, answers to frequently asked questions about tax scams, and a tax scam flyer.
Hacker Recycles Data on Half a Billion Facebook Users
April 6, 2021
A rich cache of data on some 533 million Facebook users was posted to a hacker forum over the weekend and is available to download for practically free. In a statement provided to TechNewsWorld by Facebook, the company said it is confident the posted information is old data that originated from a weakness in its contact importer feature that was discovered and fixed in August 2019.
Cybersecurity Fears Trigger Migration From the Public Cloud
March 26, 2021
Cloud cybersecurity -- or a lack of it -- is feeding a frenzy of companies out of the public cloud. A similar concern about managing compliance obligations is keeping organizations from moving to the cloud in general. However, much of the growing concerns over cloud cybersecurity result from experiences with public and private cloud platforms. A trend toward hybrid cloud computing could be an approach to better ensure data security.
Advance Strategies to Eliminate E-Commerce Chargebacks
March 19, 2021
Half of consumers who originally planned to return to their pre-pandemic in-store shopping routines once coronavirus is under control now plan to stick with online shopping. That shift in preferences means that e-commerce merchants must keep up with trending ways to market, sell, and prevent fraud. Let's look at a few of the most important developments and see where they're going.
Young Adults, Seniors Over 75 Most Susceptible to Cyber Fraud: Report
March 18, 2021
The most vulnerable cybercrime victims are young adults and adults over 75, according to the latest research revealed in the LexisNexis Risk Solutions biannual Cybercrime Report. The report reveals how unprecedented global change in 2020 created new opportunities for cybercriminals around the world, particularly as they targeted new users of online channels.
New Threat Report Finds Email Prime Vehicle for Malware
March 16, 2021
Malicious online actors used email as their prime vehicle for delivering malware to their victims in the last quarter of 2020. The HP-Bromium Threat Insights Report found that 88 percent of malware was delivered by email into its targets' inboxes, many times evading measures at email gateways to filter out the infected correspondence.
Microsoft Confident Exchange Hack Is State-Sponsored Operation
March 10, 2021
Microsoft on Monday reported that multiple malicious actors were taking advantage of vulnerabilities in its Exchange software last week to attack systems at organizations that have failed to patch the flaws. The company attributed the attacks "with high confidence" to Hafnium, a group believed to be state-sponsored and operating out of China.
Successful Phishers Make Slim Gains in 2020
February 24, 2021
Catastrophic events, like a pandemic, coupled with hasty technological change such as many people forced to work from home immediately, have been a rich environment in the past for phishers, who use deception to infect machines with malware, steal credentials, and invade corporate networks. However, malicious actors achieved only a marginal increase in success in 2020, according to a recent report.
Lessons Learned From the SolarWinds Supply Chain Hack
February 23, 2021
In a recent Linux Foundation blog post titled "Preventing Supply Chain Attacks like SolarWinds," the foundation's Director of Open Source Supply Chain Security, David A. Wheeler, adamantly pushed the need for software developers to embrace the LF's security recommendations. Given the magnitude of the SolarWinds hack, LinuxInsider asked Wheeler to dive deeper into how supply chain security standards might benefit from the LF's latest advice.
Silver Sparrow Malware Hatched on 30,000 Macs
February 23, 2021
Nearly 30,000 Macs have been infected with a new malware strain. Discovered by researchers at Red Canary, the malware has been sitting on it hosts waiting for a payload that never arrived. In a statement provided to TechNewsWorld, Apple said that upon discovering the malware, it revoked the certificates of the developer accounts used to sign the packages, preventing new machines from being infected.
The Future of Cybersecurity in 2021 and Beyond
February 16, 2021
Cybersecurity experts predict that in 2021 there will be a cyberattack incident every 11 seconds. This is nearly twice what it was in 2019, and four times the rate five years ago in 2016. The rapidly growing increase in cyberattacks worldwide comes at a hefty cost for businesses in order to better protect their computer networks from intrusions. Cyberattacks not only are increasing in frequency, but they are costing victims larger financial losses.
Hacker Attempts to Poison Florida City's Water Supply
February 10, 2021
A cyber intruder broke into the computer network of the water treatment system of Oldsmar, Fla. and attempted to poison it with lye. News of the attack was made public Monday by officials of Oldsmar, who revealed the attack was foiled by an operator at the facility within minutes of its launch. The Oldsmar plant provides water to businesses and about 15,000 residents.
Is 2021 the Year Cyberattacks Force Privacy Laws to Grow Some Teeth?
February 4, 2021
Cyberattacks are increasing in frequency, ramping up the data privacy threats they pose to government agencies and businesses alike. Governments both domestic and foreign need to step up efforts to pass legislation that bolsters technological defenses this year, warn privacy groups. Stiffer privacy laws are gradually being reviewed and signed into the U.S. market. But that process is mostly taking place at the state level.
Ubuntu Core 20 Brings Better Industrial IoT Control
February 2, 2021
Canonical on Feb. 2 made available Ubuntu Core 20. This new Ubuntu Core version boasts notable new device security innovations. Given the increasing numbers and sophistication of attacks by individual and state-sponsored cybercriminals, Canonical's efforts should be welcomed by both IoT device makers and their customers, according to Charles King, principal analyst at Pund-IT.
High Time for Cyberlaw Enforcement and a Future of Work Strategy
January 25, 2021
Huawei has events where it pulls together key analysts to focus on problems it thinks are critical to the future. At its last event, Huawei spoke about two areas that need considerable work. Let's talk this week about the need for centralized cyberlaw enforcement, and the need for a clear vision on the future of work. We'll close with the product of the week, a new 40" curved monitor from Dell.
Cloud Security Practices Playing Into Hands of Attackers
January 7, 2021
More than 80 percent of 650 cybersecurity and IT professionals surveyed by Check Point Software Technologies in July said their traditional security solutions either do not work at all, or only provide limited functions in the cloud. This indicates that organizations' cloud migrations and deployments are racing ahead of their security teams' abilities to defend against attacks and breaches.
FTC's Zoom Deal Signals Commitment to Security Enforcement
December 29, 2020
The U.S. Federal Trade Commission is making good on a resolution to strengthen its enforcement of security deficiencies occurring in e-commerce transactions. The agency's recent action involving allegations of improper activities by teleconferencing provider Zoom Video Communications is a notable example.
Cyberthreat Hunter FireEye Hacked by Nation-State Attackers
December 9, 2020
Cybersecurity firm FireEye, which has been prominent in the fight against nation-state cyberthreats, has been itself attacked by "a highly sophisticated threat actor, one whose discipline, operational security, and techniques," company CEO Kevin Mandia announced Tuesday. This indicates the attack is likely state-sponsored, by a nation "with top-tier offensive capabilities."
'Scalper' Bots Hoarding Hottest Products from Consumers
December 9, 2020
During any holiday season, consumers have a tough time wrestling with each other for best-selling products, but now times have become even tougher, thanks to the proliferation of online "scalper" bots. These robot shoppers, unleashed by cybercriminals, emulate the activity of ticket scalpers in the real world.
'Tis the Season for Online Counterfeits
November 25, 2020
It should be prime time for shopping, but the pandemic has forced many consumers to tighten their purse strings. To help consumers -- and give e-tailers a heads up about better security -- the E-Commerce Times discussed holiday shopping issues with a panel of cybersecurity experts. They offered advice on how consumers can avoid buying counterfeit products; and analyses of how fake goods affect the broader retail market.
New Internet Protocol Aims to Give Users Control of Their Digital Identities
November 18, 2020
The @ Company wants to give you a more secure and human-centric Internet built on providing you with true ownership and control of your personal data. To that end, the company has launched an app built on its new privacy protocol. This new standard will attempt to change how online vendors and companies wheel and deal with the personal information of billions of Internet users.
Zoom Beefs Up User Security With End-To-End Encryption
October 28, 2020
Zoom gave its users a big security upgrade Monday when it rolled out end-to-end encryption for its online meetings network. E2EE puts control of the keys for scrambling data in the hands of meeting organizers. Before the E2EE rollout, encryption was done on Zoom's servers, where someone with access to those servers could intercept the data. When used correctly, E2EE can make it difficult for even the best-resourced intelligence agencies to eavesdrop on communication.
The Trials and Tribulations of Paying Ransomware Hackers
October 23, 2020
There's no question that hackers are getting increasingly ambitious -- the average ransom demand increased from about $29,000 in 2018 to more than $302,000 in 2019. U.S. law doesn't prohibit paying ransom per se; but when victims pay monies to people or organizations who have been sanctioned by the U.S. government...they get into more trouble.
Microsoft Squelches Trickbot Ransomware Network
October 13, 2020
An outlaw online network that's been used to infect millions of computers with ransomware has been disrupted by Microsoft. The company announced Monday that, together with telecommunications providers around the world, it was able to cut off the infrastructure used by the Trickbot botnet so it could no longer be used to initiate new infections or activate ransomware already planted on computer systems.
Controversial Plan Urges DoD to Recruit Tech Pros to WFH
October 2, 2020
The United States Defense Innovation Board has recommended that the Pentagon hire civilians to work from home who can handle classified information as a way of attracting people with technology expertise. The individuals sought "will have technical degrees and/or highly specialized skills in digital technologies and innovation needed across the U.S. Department of Defense," which is undergoing digital transformation.
Cybersecurity Assessment and the Zero Trust Model
October 1, 2020
Instead of legacy security models that differentiate a "trusted" interior from an untrusted external one, zero trust instead assumes that all networks and hosts are equally untrustworthy. Once this fundamental shift in assumptions is made, you start to make different decisions about what, who, and when to trust, and acceptable validation methods to confirm a request or transaction is allowed.
See More Articles in Cybersecurity Section >>
Digital River - Talk to the Experts
If my employer requires me to return to the company's office full-time to perform my job, I will...
Agree, because I like my job regardless of where I perform my duties.
Comply, because I can't afford to lose my current job.
Go with the flow, but start looking for different employment.
Resign immediately, so I can dedicate all of my time to find a job that better suits my needs.
Try to negotiate a hybrid work from home / work in office arrangement with my employer.
Waylay IO
Digital River - Talk to the Experts