Inside the BriefcaseToday in international tech news: A pair of teenagers are arrested in Norway for cyberattacks on, among others, Britain’s Serious Organized Crime Agency and Germany’s Bild newspaper. Elsewhere, India mulls a retroactive tax bill that could net the nation $3.75 billion from Vodaphone, Twitter is aflutter with false Margaret Thatcher news, and the Netherlands, once again, orders ISPs to block The Pirate Bay.
Analysis of 130+ interviews presents a new class of security chiefs; CISO role follows the evolution of CIO and CFO with more strategic organizational responsibilities
U.S. natural gas companies have been under persistent attack from malicious hackers for several months, the Department of Homeland Security has disclosed. Based on the information that’s been made public, the intrusions have characteristics of both the Night Dragon and Stuxnet attacks, according to Computer Sciences’ Donald “Andy” Purdy.
The FBI is pushing for a change in 1994’s CALEA law that would make social networking websites and online chat services more easily accessed by law enforcement surveillance teams. The bureau has asserted that a change in the way people communicate has lessened its wiretapping ability, a problem it refers to as “going dark.”
There were an average of 94 targeted cyberattacks per day in November of last year, according to Symantec, and the trend appears to be growing. Targeted attacks are aimed at specific individuals inside an organization based on the information they have access to or the type of work they do. HR professionals, for example, are often targeted since opening email attachments is part of their day-to-day routine.
Today in international tech news: A British politician sounds the warning bell on cyberattacks during the Summer Olympics, claiming “the threat is accelerating.” Elsewhere, The Guardian says the UK may have to create a China-esque firewall to execute its block on The Pirate Bay — which, by the way, experienced a huge traffic surge following the UK ban.
U.S.-based credit card processor company Global Payments is about to announce more details about the security breach that recently saw millions of credit card numbers stolen. It doesn’t look good.
A flaw in Skype apparently allows users to learn the Internet protocol addresses of other users. Finding out that someone’s snooped your IP address may not sound as alarming as finding out your Social Security number’s been exposed, but the information could be used by a determined and talented hacker to build up more sophisticated attacks.
The specter of a hacktivist cyberattack is chilling to IT security pros, even though they don’t consider the methods hackivists typically use the most worrisome. “They were really more concerned about the types of attacks and the data that is more the target of cybercrime and cyberespionage,” said Harry Swerdlove, CTO of Bit9, the firm that surveyed the pros.
Hacker Hardcore Charlie says he’s managed to get his hands on source code for VMware’s ESX hypervisor. If released in full, it could theoretically put some users at risk. Any threat will likely be most pronounced in cloud deployments; however, “these solutions tend to be a bit more resilient than most,” said analyst Rob Enderle. “Right now, this is more of a nuisance than anything else.”
The consumerization of IT has created its share of headaches and sleepless nights for security professionals tasked with keeping corporate technology borders airtight. However, the trend of employees using personal devices for work could have some upsides and opportunities for IT security as well, if you know where to look and how to implement the right policies.
Just as the Flashback rash appears to be subsiding a new strain of malware has apparently hit the Mac platform. SabPub is regarded as an advanced persistent threat, meaning that it has the capability and intent to persistently and effectively go after a specific target.
To fully leverage the potential of the Internet as an efficient, far-reaching medium for electronic communications, business, and commerce, enterprises and service providers need a commonly accepted framework for securing online applications that can build a consistent expectation of trust for the user or consumer. Today, most enterprises rely on Secure Sockets Layer (SSL) certificates for that framework. SSL certificates enable users to authenticate websites, digitally sign documents, and encrypt sensitive data.
Advances in attacks on network security over the last few years have led to many high-profile compromises of enterprise networks and breaches of data security. A new attack is threatening to expand the potential for attackers to compromise enterprise servers and the critical data on them. Solutions are available, and they will require action by company officers and administrators.
Symantec™ Extended Validation (EV) SSL Certificates can be a key factor in helping increase customer confidence during online business transactions. More confidence can mean more conversions for customers with EV SSL certificates. Symantec EV SSL turns address bars green in high-security browsers for an extra layer of website security that customers can see and trust.
TIBCO Software Inc. today announced that it has entered into a definitive agreement to acquire LogLogic Inc., a privately held company based in San Jose, California that offers one of the industry’s leading scalable log and security management platforms specifically designed for the enterprise and cloud.
TLS, widely known as SSL, is the standard for secure application network communications both within the enterprise and across the Internet. TLS can help secure your applications by strengthening authentication, encrypting data communications, and ensuring integrity of data in transit.
SSL stands for “Secure Socket Layer.” It is a technology that establishes a secure session link between the visitor’s web browser and your website so that all communications transmitted through this link are encrypted and are, therefore, secure. SSL is also used for transmitting secure email, secure files, and other forms of information.
The Shortcut Guide to Business Security Measures Using SSL examines current information security threats to business and describes techniques for developing a security management strategy that leverages established best practices.
Businesses face an increasingly complex set of threats to their Web applications—from malware and advanced persistent threats (APTs) to disgruntled employees and unintentional data leaks.
Facebook has responded to reports of employers who insist on gaining complete access to prospective employees’ Facebook accounts. Users, the network said, shouldn’t be required to give up their logon info. Facebook warned employers that accessing a job seeker’s account under such conditions violates the network’s policies, infringes on the privacy of the user’s friends, and could expose the employer to legal risks.
ManageEngine, the real-time IT management company, today announced HTML5-powered, first-in-class remote login mechanisms for Password Manager Pro, its privileged password management solution. Now, end users can launch secure, reliable Windows RDP, SSH and Telnet sessions from their browser windows, with a single click.
The full version of 2012 Verizon Data Breach Investigation Report is being released soon. However, the report’s preliminary findings show that a vast majority of data breaches in 2011 were the result of outsiders trying to break in for malicious purposes.
Tweet SOURCE: IBM ARMONK, N.Y. – 22 Feb 2012: IBM (NYSE: IBM) today unveiled new capabilities planned for its security intelligence platform designed to combine deep analytics with real-time data feeds from hundreds of different sources to give organizations, for the first time, the ability to help proactively protect themselves from increasingly sophisticated and complex […]
ControlScan, a provider of PCI compliance and security solutions designed for small merchants and the ISOs and acquirers that serve them, announced its expansion into the security market with ProTect Managed Security Services.
Hackers and cybercriminals are constantly refining their attacks and targets; you need agile tools to stay ahead of them. By using automated vulnerability assessments to identify exploitable weaknesses and taking corrective action, you can reduce the risk of hackers finding your site and attacking it.
SSL certificates enable encryption and authentication. These are essential for securing Web applications and protecting customers from eavesdropping, data leaks, and spoofing attacks.
Businesses face a double threat from cybercriminals: the loss of information and the loss of customer trust. You do not have to be an IT professional to have an understanding of the risk of data losses and the subsequent fraud and identity theft that can follow.
Tweet TORONTO, Dec 02, 2011 (BUSINESS WIRE) — WinMagic(R) ( www.winmagic.com ), the global innovator in disk encryption, has been named the Encryption Innovator of the year by SC Magazine. The December, “Innovator,” issue recognizes companies that have the vision, imagination and creative management that reflects leadership in the security industry. WinMagic was recognized for […]
Symantec has identified a new SMS Android Trojan horse that modifies its code every time it gets downloaded.
