Explore Newsletters from ECT News Network » View Samples | Subscribe
Welcome Guest | Sign In
ECommerceTimes.com
5G Rollout Includes Challenges to Supply Chain, WFH Value
August 13, 2020
The growing work-from-home movement amid the coronavirus and its likely continuing challenges has created the need for additional broadband capacity in more places. Mobile telco and other service providers are rallying around 5G wireless as the most promising solution for reliably faster Internet connectivity. But the path to rolling out 5G has been rocky and spotty.
California's Early Warning Quake Alerts to Be Standard on Android Phones
August 12, 2020
Earthquake alerts are being incorporated into Android, Google's mobile operating system. The feature will be included in a refresh of Google Mobile Services, so a full operating system upgrade won't be necessary. That means the new addition will be available to most Android users -- except those in China, which doesn't use GMS.
New Open Source Initiative Consolidates Security Goals
August 5, 2020
The Linux Foundation on Monday announced the formation of the Open Source Security Foundation as the latest initiative to improve software security. This cross-industry collaboration brings together industry leaders to improve the security of open-source software by building a broader community with targeted initiatives and best practices.
Congress vs. Big Tech: Breaking Up Is Hard (and Stupid) to Do
August 3, 2020
Like a lot of you, last week I watched the congressional testimony from the CEOs of Amazon, Apple, Facebook and Google -- and there were a lot of apparent things that were problematic. One is that there are folks in Congress that likely shouldn't be in Congress, and another is that each company has some serious issues they haven't dealt with.
Digital Sales Boom Puts Spotlight on Fraud Control Systems
July 30, 2020
The move by retailers to online and mobile selling to survive the pandemic has resulted in a significant increase in digital fraud activity. The "2020 True Cost of Fraud Study: E-commerce/Retail Edition" by LexisNexis Risk Solutions found this to be partly because some fraud control systems are outdated, and partly because of increased transaction volume.
New Security Hole Puts Windows and Linux Users at Risk
July 29, 2020
If you are a Windows or Linux user, brace yourself for a long siege of vulnerability nightmares. The fix will be long and treacherous and could brick your computers. Eclypsium researchers have detailed a set of newly discovered vulnerabilities dubbed "BootHole" that opens up billions of Windows and Linux devices to attacks.
Garmin Confirms Services Upended by Ransomware Attack
July 28, 2020
Garmin on Monday confirmed that many of its online services have been disrupted by a cyberattack on its systems that occurred on July 23, 2020. Services disrupted by the attack, which encrypted data on the systems, included website functions, customer support, customer facing applications, and company communications.
The Case Against Full-Disk Encryption
July 27, 2020
The information security industry, with all its raging debates, has rallied around a small corpus of best practices. One of the highest on this list is full-disk encryption, which security experts regard as sacrosanct. This is the encryption that ensures that someone who snatches your device won't be able to know everything you've got saved on it. I'm here to make the case that most of you are better off not using it.
Beware of Counterfeit Network Equipment
July 24, 2020
Counterfeit hardware, especially in corporate settings, is a recurring problem that often goes unnoticed. Having such gear online poses serious financial, operational, and security risks. Cybersecurity company F-Secure has released an investigative report detailing counterfeit Cisco Catalyst 2960-X series switches. The report highlights challenges facing organizations that discover counterfeit devices in their IT infrastructure.
Rancher Labs and Fujitsu Form Kubernetes Partnership as Suse Readies Merger
July 21, 2020
Rancher Labs and Fujitsu on Tuesday announced an alliance to hasten the adoption of Kubernetes container orchestration technology industry-wide, starting within public sector institutions in the U.K. and Ireland. The alliance was forged partly in response to the growing requirement by the U.K.'s Government Digital Service for public organizations to embrace a 'cloud first' policy.
The Past, Present and Future of Attribute-Based Encryption
July 21, 2020
Encryption is an obscure but critical part of everyday life. That padlock in the address bar of the website you're visiting represents the 's' after 'http' -- which stands for the latest version of Transport Layer Security. Together with Secure Sockets Layer, which TLS replaced, these digital security technologies allow encrypted communication between two parties, such as web sites or servers, and web browsers.
Digital Fraud Flourishing During Pandemic: Report
July 9, 2020
If you conducted e-commerce transactions since the pandemic struck, you have probably been the target, or even a victim, of online fraud. A report from Sift titled "Q2 2020 Digital Trust & Safety Index" details a 109 percent increase in content abuse and growth of the fraud economy from January through May 2020.
John McAfee Emerges With Private Cell Phone Data Service
July 8, 2020
The Ghost Cell Phone Data Service is part of a larger ecosystem which includes McAfee's Ghost cryptocurrency and GhostX Exchange for private cryptocurrency exchange. "The Ghost brand will encompass a range of practical, real world tools for people to protect our rights and take back our privacy," McAfee said. "Privacy is a human right."
New DoD Security Regulations Have Ramifications for IT Contractors
July 7, 2020
With billions of dollars of federal contracts at stake, information technology providers are being swept up in the tide of a new U.S. Department of Defense information security requirement that will become mandatory for IT providers and other companies doing business with DoD. While IT companies already incorporate data protection elements in the products and services they provide to DoD, the department is raising the bar on the way vendors should handle information security.
Cybersecurity and Your New Remote Workforce
June 30, 2020
For most organizations, COVID-19 has been a literal transformative agent. Our organizations have almost overnight gone from environments where teleworking was an exception, to where it's the norm. As any student of human nature will tell you, people tend to view "the new" with reservation. There's a temptation when things are new to assume the worst about them. For security pros, this means we often view new things as riskier than things we're familiar with.
Twitter's Security Blunder: More Dangerous Than You Think
June 29, 2020
Twitter had a data security problem last week that might sound trivial. Email addresses, phone numbers, and the last four digits of the credit cards used to buy ads on Twitter were left in browser cache after the transaction, and that cache was not secured. This may seem trivial, but the consequences could be far more significant than you might think. Let's explore how.
Email Scammers Using Old Tricks With New Twists
June 26, 2020
With much of the workforce conducting business from home to escape the pandemic, scammers have revved up their trickery to scare victims into falling for credential harvesting schemes. Two new reports lay bare the new twists digital scammers are putting on old approaches to get you to unwittingly give up login credentials.
Open Source Security Issues Exist: Deal With Them, Report Urges
June 25, 2020
Open Source Software is becoming much more commonplace within organizations, bringing a different set of risks and perceived challenges compared to closed source or proprietary software. The Information Security Forum has released a report to help security professionals recognize the benefits and perceived challenges of using Open Source Software.
Twitter Apologies for Data Security Incident
June 24, 2020
Twitter on Tuesday notified business clients that their personal information, including email addresses, phone numbers, and the last four digits of their credit card numbers may have been compromised. Self-serve advertisers that viewed billing information on ads.twitter.com or analytics.twitter.com were affected. The issue occurred prior to May 20, 2020. However, Twitter only notified customers about it on June 23.
Macs Move to Apple Silicon Announced at WWDC
June 23, 2020
Apple's 2020 Worldwide Developers Conference will probably be known for two things: it was the first time the forum was staged virtually, and it's when Apple announced it would start making Macs based its own processor designs. "Now it's time for a huge leap forward for the Mac, because today is the day we're announcing that the Mac is transitioning to our own Apple silicon," Apple CEO Tim Cook said during the virtual keynote presentation.
Intel Says 'Tiger Lake' Will Drown Control-Flow Malware
June 16, 2020
The next generation of Intel mobile processors will include malware protection built into the chip. The protection, provided by Intel's Control-Flow Enforcement Technology, will first be available in the company's "Tiger Lake" mobile processors. CET is designed to protect against the misuse of legitimate code through control-flow hijacking attacks, which is widely used in large classes of malware.
New Flaws in Intel's CPU Software Guard Extensions Revealed
June 11, 2020
Two separate teams of academic researchers have published papers describing flaws in Intel's Software Guard Extensions. SGX enhances application security by letting developers partition sensitive information into enclaves with hardware-assisted enhanced security protection. The aim is to protect application code and data from disclosure or modification.
Brave Browser Caught Redirecting URLs for Cash
June 9, 2020
A browser that has received plaudits for privacy protection has been exposed for redirecting Web searches to make money. Brave, a browser with some 15 million monthly users, has been redirecting searches for cryptocurrency companies to links that produce revenue for the browser's owners through advertising affiliate programs. Brave CEO Brendan Eich said the company would correct the "mistake."
Google Sued for Tracking Chrome Users While Incognito
June 5, 2020
Google is facing a class-action lawsuit for tracking people who used the Chrome browser's Incognito mode. Law firm Boies Schiller Flexner filed the complaint on behalf of people who used the privacy mode during the past four years. "Google tracks and collects consumers' history and other Web activity no matter what safeguards consumers undertake to protect their data privacy," it states.
'New Normal' Security Era Begins for US Agencies, Cloud Providers
June 4, 2020
U.S. government agencies and cloud technology providers are heading toward a reset in how they cooperate on cybersecurity challenges. The expected growth of cloud use will create a more complex federal security landscape, according to a report from Thales. Federal agencies actually have moved ahead of businesses in cloud adoption, with 54 percent of agency data already embedded in the cloud.
Apple-Google Contact Tracing App Gets First Trial in Switzerland
May 29, 2020
Switzerland has launched a pilot program for SwissCovid, a contact tracing app based on Apple and Google's jointly developed APIs. The APIs will work with iOS 13.5 and devices running Android 6.0 or higher. The pilot involves several thousand workers at Ecole polytechnique fédérale de Lausanne, ETH Zurich, the Swiss Army, and staff at some hospitals and cantonal administrations.
How to Stay Safe on the Internet, Part 4: Fighting the Power
May 15, 2020
Category 2 adversaries are nothing to sneeze at, but their resources are finite. If you armor up enough, they will give up, and move onto an easier comparable target. In confronting the threat of category 3, everything you have learned ratchets up to a whole new level of paranoia. Category 3 adversaries have functionally unlimited resources for pursuing top targets.
Microsoft, Intel Combine Deep Learning and Pixels to Nix Malware
May 13, 2020
Microsoft and Intel researchers have found a way to combine artificial intelligence and image analysis to create a highly effective means to combat malicious software infections. The researchers call their approach "STAMINA" -- static malware-as-image network analysis -- and say it's proven to be highly effective in detecting malware with a low rate of false positives.
Abandoned Open Source Code Heightens Commercial Software Security Risks
May 13, 2020
Outdated or abandoned open source components are persistent in practically all commercial software, putting enterprise and consumer applications at risk from security issues, license compliance violations, and operational threats, concludes the Synopsys 2020 Open Source Security and Risk Analysis Report. The report highlights trends and patterns in open source usage within commercial applications.
Thunderbolt Flaw Opens Door for 'Evil Maid' Attack
May 12, 2020
A Dutch researcher has revealed a novel way to crack into a PC through a Thunderbolt port. The method, dubbed "Thunderspy" by researcher Björn Ruytenberg, sidesteps the login screen of a sleeping computer, as well as its hard disk encryption, to access all its data. "Thunderspy is stealth, meaning that you cannot find any traces of the attack. It does not require your involvement," he explained.
See More Articles in Security Section >>
digital to-do list for turning customers into fans
How important is the availability of curbside service when you consider a physical store to do your shopping?
Critically Important - I will not shop at an establishment that does not provide curbside service.
Quite Important - During the pandemic I prefer not to go inside a physical location. Still, I will consider a business that does not offer curbside service.
Somewhat Important - I like a curbside option, but it’s not part of my decision-making process when I choose where to shop.
Not Important - I do not use curbside pickup. When I go out to shop I want to select everything myself.
digital to-do list for turning customers into fans