Search and compare Web Designers and Developers to build, improve or rebrand your website.
Welcome Guest | Sign In
ECommerceTimes.com
Content Marketing on ALL EC
Beyond CRM
April 10, 2018
We should start discussing what's beyond CRM. I chose the word "beyond" advisedly. CRM is far from dead or even in decline, so "after" would be incorrect. However, CRM already has changed so much that it may be time to rethink it. Also, many of the tangential technologies that have turbocharged CRM in the last few years, like social media, have drawn so much attention that some analysis is due.
No Cure for Cyber Insecurity?
April 6, 2018
An alarming number of major U.S. retailers, industrial firms, government agencies and other organizations have been hit in a recent wave of cyberbreaches that may signal increasing vulnerability for consumers and businesses alike. The attacks have exposed millions of consumer payment cards to fraud. Cyberthieves have used a variety of methods to infiltrate corporate computer systems.
US Charges 9 Iranians in Massive Academic Research Theft
March 27, 2018
The DoJ has charged nine Iranian nationals for engaging in a massive phishing campaign on behalf of the Iranian Revolutionary Guard. The allegations include the theft of $3.4 billion in research and intellectual property from 320 colleges and universities in the U.S. and abroad, as well as from 47 foreign and domestic companies, plus several federal agencies, state governments, and the UN.
Kali Linux Security App Lands in Microsoft Store
March 6, 2018
Kali Linux, a penetration testing app from Offensive Security, has become available in the Microsoft Store. Windows 10 users can download and install the Kali Linux app onto the Windows Subsystem for Linux. Microsoft last summer announced that WSL, which makes it possible to run operating systems like Ubuntu, would become a fully supported part of the Windows 10 Fall Creators Update.
Fileless Malware: Why You Should Care
March 2, 2018
It's a truism that just like organizations adapt, so too do criminals. Anyone who has ever seen a Wells Fargo commercial knows that there was a time when stagecoaches were a normative method for transporting cash and valuables. But what modern criminals in their right mind would attempt robbing a Brink's truck on horseback? That strategy might have worked well in the days of the Pony Express.
AI's Malicious Potential Front and Center in New Report
February 22, 2018
As beneficial as AI can be, it has its dark side, too. That dark side is the focus of a new 100-page report. AI will be used by threat actors to expand the scale and efficiency of their attacks, it predicts. They will employ it to compromise physical systems and to broaden their privacy invasion and social manipulation capabilities. Novel attacks are to be expected.
SentinelOne Debuts Unified OS Threat Protection
February 15, 2018
SentinelOne this week announced a partnership with Microsoft to bolster threat protection for mixed platform users, making computing safer for Linux machines in a multiplatform workplace. SentinelOne will integrate its Endpoint Protection Platform with Microsoft's Windows Defender Advanced Threat Protection service to cover Mac and Linux device platforms.
WiFi Routers Riddled With Holes: Report
February 6, 2018
Most WiFi router vendors have not patched numerous firmware vulnerabilities discovered more than two years ago, according to a new report. OEM firmware built into WiFi routers use open source components that contain numerous known security vulnerabilities that can be exploited by hackers. Insignary conducted comprehensive binary code scans for known security vulnerabilities in WiFi routers.
Alphabet's New Chronicle Promises to Speed Threat Data Analysis
January 30, 2018
Alphabet has launched Chronicle, a new cybersecurity venture, following two years of development at the Alphabet X research lab. Chronicle will include VirusTotal, a Google-owned cybersecurity and intelligence platform and malware intelligence service. The idea behind Chronicle stems from the fact that many companies receive many more security alerts per day than they can handle.
Don't Pay the Hackers
January 30, 2018
If you follow security news, you may have noticed a disturbing trend. Last year, we learned that Uber paid attackers $100,000 to keep under wraps their stealth of the personal information of 50 million Uber riders. More recently, we learned that Hancock Health paid approximately $55,000 in bitcoin to bring hospital systems back online. The payment of ransoms could be more common than it appears.
Free Linux Tool Monitors Systems for Meltdown Attacks
January 27, 2018
SentinelOne has released Blacksmith, a free Linux tool that can detect Meltdown vulnerability exploitation attempts. The company has been working on a similar tool to detect Spectre vulnerability attacks. Though free, Blacksmith is not open source. SentinelOne decided to expedite its development in-house to save time, said Raj Rajamani, vice president of product management.
Intel Reports Progress on Patch-Related Performance Issues
January 25, 2018
Intel appears to have encountered some daylight in its struggle to fix performance issues related to the Meltdown and Spectre vulnerabilities. The company has identified the root cause on its older Broadwell and Haswell platforms, according to Navin Shenoy, general manager of Intel's data center group. Intel has begun rolling out a solution to its industry partners for testing, Shenoy said.
Zealot Loads Cryptocurrency Miner on Linux, Windows Machines
December 22, 2017
A new Apache Struts campaign that researchers named "Zealot" has come to light in recent weeks. Zealot loads Windows or Linux-based machines by installing a miner for Monero, which has become one of the hottest cryptocurrencies used in recent malware attacks. Zealot uses NSA-linked EternalBlue and EternalSynergy exploits, according to the F5 Labs researchers who discovered the campaign.
Full Disclosure Applies to Internal Security Too
December 21, 2017
If you've been keeping up with the news, you've probably noticed a few recent reports about companies that may have been a little less than candid about security issues. For example, we recently learned that Uber experienced a breach in 2016. As we've also learned from subsequent press reports, the company may have paid the attacker to remain silent about that breach.
US Fingers North Korea for WannaCry Epidemic
December 20, 2017
The United States on Tuesday accused North Korea of responsibility for a global ransomware attack that locked down more than 300,000 computers in 150 countries earlier this year. The U.S. now has enough evidence to support its assertion that Pyongyang was behind the WannaCry attack in May, Homeland Security Advisor Tom Bossert told reporters at a White House press briefing.
Feds: Cloud Cybersecurity Benefits Now Outweigh Risks
December 11, 2017
Many federal government IT managers used to be wary of the shortcomings of migrating to cloud technology because of potential data security problems affecting email, business systems, personal data records and, especially, national security operations. However, after the federal "cloud first" initiative's six-year effort, there are signs that federal IT managers have changed their assessment.
The Return of Industrial Espionage and the Building New Wave of Scandals
December 4, 2017
As powerful men drop like flies due to their inability to resist abusing their authority, it's clear that the problem is widespread. Similarly, it's likely that we'll find the problem of alleged industrial espionage is not limited to Uber. You see, when people misuse authority -- and the sexual harassment problem is a massive misuse of authority -- folks typically don't just misuse it in one area.
MacOS High Sierra Flaw Creates High Anxiety
November 29, 2017
Apple has released a security update to fix a serious flaw revealed via Twitter. The patch is available for macOS High Sierra 10.13.1. macOS 10.12.6 and earlier versions aren't affected. "This morning, as of 8 a.m., the update is available for download, and, starting later today, it will be immediately automatically installed on all systems running MacOS High Sierra 10.13.1," Apple said.
Offsetting Asymmetry With Automation
November 24, 2017
In the security world, there is a truism that defense is harder than offense because it's an asymmetric playing field. The bad guys need only find one path into an environment -- one place where everything hasn't been done exactly "just so" and perfectly -- while those charged with securing that environment need to protect against intrusions everywhere they have a technology footprint.
BlackBerry: The Most Important Mobile Company of the Future?
November 20, 2017
If you are like many, when you saw this headline you likely were surprised BlackBerry was still around. As BlackBerry phones left the market, the company fell out of sight. However, behind the scenes it has been moving into industries like automotive. Also, it remains the leading vendor providing mobile security to our politicians, military personnel and major corporations.
Eavesdropper Vulnerability Exposes Hundreds of Mobile Apps
November 10, 2017
Appthority has warned that up to 700 apps in the enterprise mobile environment, including more than 170 that were live in official app stores, could be at risk to due to the Eavesdropper vulnerability. Affected Android apps already may have been downloaded up to 180 million times, the firm said. The vulnerability has resulted in large-scale data exposure.
Microsoft Partners Up to Boost Windows Defender Threat Detection
November 9, 2017
Microsoft has partnered to integrate threat detection products from Bitdefender, Lookout and Ziften into Windows Defender, extending security to macOS, iOS, Linux and Android devices. No additional infrastructure will be required, Microsoft said. Once the integration is set, new events from onboard macOS, iOS, Android and Linux devices will begin surfacing on the Windows Defender ATP console.
5 Ways Etailers Can Make Online Shoppers Feel Safe
November 8, 2017
At least 145 million Americans were impacted by a data breach at Equifax that netted thieves personal information such as names, addresses, birthdates, Social Security Numbers and driver's license numbers. That pales in comparison to the earlier Yahoo breaches, which affected more than 1 billion accounts. However, those incidents may be just the tip of a very large iceberg.
WPA2 Flaw Could Blow WiFi Systems Wide Open
October 17, 2017
A security flaw in WPA2, the security protocol for most modern WiFi systems, could allow an attacker to steal sensitive data including emails, credit card numbers and passwords, Researchers at Belgian university KU Leuven reported Monday. Depending on the network configuration, the flaw also could allow an attacker to inject or manipulate information in the system.
LogicHub CPO Monica Jain: Focus on Results
October 11, 2017
"I was always interested in analyzing the data," said LogicHub Chief Product Officer Monica Jain. "I was introduced to a company that was a pioneer in the market, and that's where my career in security started. I fell in love with security because it's all about finding and analyzing the data, and about crunching the data. That's how I started with security. I've never left it since then."
OpenWorld 2017
October 10, 2017
I spent last week at Oracle's OpenWorld 2017 in San Francisco. When I wasn't drinking from an information fire hose, it was alternately fascinating and exhausting. There were major announcements in database, blockchain, artificial intelligence, cybersecurity, and other stuff I'm associated with only tangentially. For instance, my eyes glaze over when they start talking about bare metal servers.
Small Companies Often in the Dark About Cyberattacks
October 10, 2017
Nearly 60 percent of small businesses have been the victims of a cyberattack over the past year, but the vast majority didn't realize that they had been attacked, according to Nationwide's third annual survey of 1,069 businesses with fewer than 299 employees. Initially, only 13 percent of the participating companies said they had been victims of a cyberattack.
Android Devs May Follow Apple's Face ID Lead
October 9, 2017
Apple's use of facial recognition to unlock its iPhone X may open the gates for developers champing at the bit to bring the technology to the Android world. Face ID, which will replace fingerprint scanning in Apple's new iPhone X, uses Apple's TrueDepth 3D camera to verify the owner of a phone. Android developers have been working on similar systems, said Sensible Vision CEO George Brostoff.
HPE Gave Russia Deep Dive Into Security Software Used by Pentagon
October 6, 2017
Hewlett Packard Enterprise has allowed experts working with Russia to review the source code of cybersecurity software that is used by the U.S. Defense Department. The Pentagon uses HPE's ArcSight software to protect sensitive computer networks. The review of its code was conducted by Russian firm Echelon on behalf of a Russian defense agency that deals with cybersecurity issues.
RoboCyberWall Aims to Block Linux Server Hacks
October 4, 2017
RoboCyberWall has launched its proprietary precision firewall solution bearing the same name. RoboCyberWall is designed to protect HTTP and HTTPS ports on Linux-based Apache2 and NGINX Web servers. The patent-pending firewall blocks all known exploits and zero-day attacks on Apache2 and NGINX Web servers, according to the developer. The Linux server firewall solution targets small and mid-sized business users.
See More Articles in Enterprise Security Section >>
Facebook Twitter LinkedIn Google+ RSS
Which tech social media influencer has the greatest influence on your thinking?
Blogger Robert Scoble
Facebook's Mark Zuckerberg
Recode's Kara Swisher
Tech Evangelist Guy Kawasaki
Tesla and SpaceX's Elon Musk
Twitter's Jack Dorsey
Someone else