Explore Newsletters from ECT News Network » View Samples | Subscribe
Welcome Guest | Sign In
ECommerceTimes.com
Is Congress Finally Ready to Take On Cybersecurity?
January 23, 2020
The United States Congress made some significant progress this session when it comes to data privacy, but cybersecurity remains a blind spot for lawmakers. Congress currently is considering a national privacy law that mirrors legislation enacted in the European Union. It would allow people to access, correct and request the deletion of the personal information collected from them.
Google CEO Adds His Voice to AI Regulation Debate
January 21, 2020
Sundar Pichai, CEO of Google and parent company Alphabet, called for government regulation of artificial intelligence technology in a speech at Bruegel, a think tank in Brussels, and in an op-ed. There is no question in Pichai's mind that AI should be regulated, he said. The question is what will be the best approach. Sensible regulation should balance potential harm with potential good.
Cybersecurity 2020: A Perilous Landscape
January 17, 2020
Cybersecurity is a very serious issue for 2020 -- and the risks stretch far beyond the alarming spike in ransomware. In addition to the daily concerns of malware, stolen data and the cost of recovering from a business network intrusion, there is the very real danger of nefarious actors using cyberattacks to influence or directly impact the outcome of the 2020 U.S. general election.
Clock Runs Out for Windows 7 Holdouts: Upgrade or Replace?
January 14, 2020
After 10 years of fully supporting Windows 7, Microsoft ended its official support for the out-of-date Windows operating system on Tuesday. The popular classic Windows 7 OS still runs on some 200 million PCs around the globe, according to industry estimates. Users include small business owners, some larger companies, and hordes of consumers holding onto aging personal computers.
What's in Your Containers? Try an Open Source Tool to Find Out
January 14, 2020
As most security pros know, application containers -- Docker, rkt, etc. -- and the orchestration elements employed to support them, such as Kubernetes, are used increasingly in many organizations. Often the security organization isn't exactly the first stop on the path to deployment of these tools. If it was in your shop, consider yourself one of the lucky ones.
Arduino Aims to Secure IoT With New Dev Platform, Hardware
January 10, 2020
Arduino announced a new low-code Internet of Things application development platform at CES 2020 in Las Vegas. It also introduced the low-power Arduino Portenta H7 module, a new family of Portenta chips for a variety of hardware applications. Arduino has achieved prominence as a go-to developer of an innovation platform for connecting IoT products.
Cybersecurity 2020: The Danger of Ransomware
January 10, 2020
Ransomware tops the list of cybersecurity threats for 2020. While there have been efforts to convince individuals, corporations and municipalities not to pay ransoms, the simple fact is that whenever one is paid, the attack becomes a success that encourages cyberthieves to try again. Ransomware attacks increased 18 percent in 2019, up from an average 12 percent increase over the past five years.
Tech Strides, Tech Worries and Tech Visions: ECT News Roundtable, Episode 1
January 8, 2020
If you're turned off by the mere thought of talking heads vying to speak the loudest or the longest in a TV "discussion" of some pressing issue of the day, read on for a refreshing dose of sanity. ECT News Network recruited five smart people with plenty to say about the state of technology, and we gave them plenty of time to say it. The result is a far-ranging intercourse.
Tech Firms Join Forces to Create Smart Home Connectivity Standard
December 19, 2019
Amazon, Apple, Google and the Zigbee Alliance are teaming up on a new Internet Protocol-based standard for smart home device connectivity. Connected Home over IP will be an open source project. A working group will define a specific set of IP-based networking technologies for device certification. The goal is to enable communication across smart home devices, mobile apps and cloud services.
Should Discord Be in Your Incident Response Toolbox?
December 11, 2019
Cybersecurity incident response teams have choices when it comes to communication tools: Microsoft Teams, Slack, Zoom and numerous others. Some require a subscription or commercial license -- others are free. Some are niche tools specifically designed for incident response. Some are generic business communication tools that IR teams have adapted for use during a cybersecurity incident.
How the Quantum Tech Race Puts the World's Data at Risk
November 27, 2019
The technology one-upmanship between the United States and China is fast becoming the new space race. There's been a lot of talk in the press about the competition to reach 5G, but little traction outside of the tech community about something more momentous: the dangers of computing in a post-quantum world. The recent news from Google about its quantum capabilities is exciting.
Consider Service Mesh as a Security Tool
November 26, 2019
If you're like most security pros, chances are you're starting to get frustrated with microservices a little -- or maybe a lot. Microservice architectures -- that is, architectures that leverage REST to build a number of small, distributed, modular components -- are powerful from a software architect's point of view. Want to make a change to a component quickly? Add new functionality?
Windows 7 End of Life
November 19, 2019
Microsoft will end support for Windows 7 on Jan. 14, 2020. Windows 7 will continue to run on Jan. 14 as it did on Jan. 13. So why is it so important to upgrade to Windows 10? The answer: cybercrime. End of support means that Windows 7 no longer will receive the OS patches or security updates that keep your IT systems safe. Uusing an unpatched out-of-date system is like leaving the door wide open.
The Thorny Problem of 5G Security
November 15, 2019
A few years ago, putting the words "mobile telecoms security" in the title of an article would be a license to write whatever you wanted below, because no one was likely to read any of the words after the title. Sprinkling the magic ingredient 5G has changed this, and "5G security" is a hot topic now. What has changed? There is a geopolitical aspect to 5G security, but it is not the full story.
'Serious' Linux Sudo Bug's Damage Potential Actually May Be Small
October 16, 2019
Developers have patched a vulnerability in Sudo, a core command utility for Linux, that could allow a user to execute commands as a root user even if that root access was specifically disallowed. The patch prevents potential serious consequences within Linux systems. However, the Sudo vulnerability posed a threat only to a narrow segment of the Linux user base, according to Todd Miller, a maintainer of the open source Sudo project.
Security First: The Double-Edged Sword of Collaboration
October 14, 2019
Online tech support scams have been on the rise for the past decade, as hackers found new ways to trick consumers into providing remote access to their computers in order to steal information. This tried-and-true scam currently relies on sophisticated social engineering, fueled by detailed user information that creates enough credibility to dupe even the most savvy and skeptical users.
Setting Up Roadblocks to Social Engineering
October 11, 2019
Since the dawn of the Internet age, criminals have looked for ways to profit on unsuspecting people while they browse the Web. Viruses, malware and other schemes were invented to infect and infiltrate systems, both at the enterprise and consumer levels. One of the most successful forms of cybercrime is social engineering, also known as the con man of the Internet.
Stop Cyberattacks in Their Tracks: Secure IT
October 10, 2019
Stopping cyberattacks requires diligent behavior. One of the themes of this year's National Cyber Security Awareness Month, or NCSAM, is that all computer users should take steps to Secure IT. That means shaking up the passphrase protocol by using not just strong passwords but strong and unique passphrases. Everyone should double login protection through multifactor authentication.
Tackling Economic Security Governance
October 8, 2019
If you've ever played chess, you know that each move you make has to be the best move. At one level, this is painfully obvious -- after all, who would choose to make a terrible move instead of a better one? -- but it's illustrative of an important concept. Specifically, the core reason it's true is that each individual move in a game like chess comes with an associated "opportunity cost."
Spotlight on Cybersecurity Awareness: Own IT, Secure IT, Protect IT
September 27, 2019
Cybersecurity should be a concern for all businesses -- large and small. Cybersecurity also should be a concern for consumers, government agencies, and basically anyone who relies on the Internet in our increasingly connected world. Among efforts to focus attention on the threatscape is designating October as National Cyber Security Awareness Month.
Multi-Cloud Strategy May Pose Higher Security Risk: Study
September 6, 2019
Users of a multi-cloud storage strategy may be twice as likely to face a security breach as those that use hybrid or single clouds, suggests a report from UK-based security specialist Nominet. Fifty-two percent of survey respondents who adopted a multi-cloud approach suffered a data breach over the past 12 months, compared to 24 percent of hybrid cloud users, and 24 percent of single-cloud users.
Report: Chinese Hackers Eye US Cancer Research
August 27, 2019
Hackers affiliated with the Chinese government have been making a concerted effort to steal medical research, particularly cancer research, from U.S. institutions. The step-up in medical research theft by Chinese APT hacker groups appears to be linked to China's growing concern over cancer mortality rates and increasing healthcare costs. Cancer in the leading cause of death in China.
Security Pros: Be on High Alert for Certificate Changes
August 22, 2019
They say that the key to good security is constant vigilance. As a practical matter, this means that it's important for security and network pros to pay attention to two things: changes in the threat landscape, so they can be on the alert for how their systems might be attacked; and changes and developments in the technologies they employ. These consequences matter quite a bit.
Yubico Offers Dual Lightning, USB-C Dongle to Secure Devices
August 21, 2019
Owners of iPhones looking for an extra measure of protection when using applications and logging into websites can get it with a new dongle from Yubico. Its new YubiKey 5Ci, which retails for $70, supports both USB-C and Apple's Lightning connectors on a single device. The dual connectors can give security-conscious consumers and enterprise users strong hardware-backed authentication.
Faulty Driver Coding Exposes Microsoft Windows to Malware Risks
August 15, 2019
Numerous driver design flaws by 20 different hardware vendors expose Microsoft Windows users to widespread security compromises that can cause persistent malware attacks. A report titled "Screwed Drivers," which Eclypsium security researchers presented at DEF CON, urges Microsoft to support solutions to better protect against this class of vulnerabilities.
28M Records Exposed in Biometric Security Data Breach
August 15, 2019
Researchers associated with vpnMentor, which provides virtual private network reviews, discovered a data breach involving nearly 28 million records in a BioStar 2 biometric security database belonging to Suprema. "BioStar 2's database was left open, unprotected and unencrypted," vpnMentor said. "After we reached out to them, they were able to close the leak."
Microsoft Exposes Russian Cyberattacks on Phones, Printers, Video Decoders
August 7, 2019
The Russian hacking group known for stealing sensitive emails from the Democratic National Committee during the 2016 presidential election season has been cracking into printers, phones and video decoders to gain access to corporate networks, the Microsoft Security Response Center Team reported. The group is known by a number of names including "Strontium," "Fancy Bear" and "APT 28."
Capital One Discloses Massive Data Breach, Hacker Arrested
July 31, 2019
Capital One Financial Corporation has announced a data breach affecting some 100 million people in the U.S. and another 6 million in Canada. The FBI arrested the alleged perpetrator of the breach in Seattle. Capital One on July 19 discovered someone had accessed its data stored online and obtained personal information of credit card customers and people who had applied for credit card products.
Equifax Data Breach Settlement No Wrist Slap
July 23, 2019
The United States Federal Trade Commission announced that Equifax has agreed to pay a minimum of $575 million as part of a global settlement of claims against it arising from a 2017 data breach that affected 147 million Americans. The settlement with the FTC, the Consumer Financial Protection Bureau, and 50 states and territories potentially could reach $700 million.
Isn't It Time to Buy Cyber Insurance?
July 15, 2019
Every day we read stories about data breaches and cyberattacks on business and government websites, and the resulting the loss of personally identifiable information. Cybercrime is on the rise, and given the ever-evolving methods of attack, meaningful relief and reliable measures to fend off cybercriminals are unlikely in the foreseeable future. Companies need to insure against cybertheft.
See More Articles in Enterprise Security Section >>
Women in Tech
Which type of articles do you find most useful when reading about technology?
Analysis / Case Studies
Breaking News
Features / Special Reports
"How To" Tips and Advice
Opinion and Commentary
Reviews
Q&A / Interviews