Articles about Security

Facebook teams up with Yahoo to create safe email standard

Facebook teams up with Yahoo to create new, safe email standard

A new email standard called RRVS (Require-Recipient-Valid-Since) has been unveiled by Facebook. The new standard comes through the social network working in conjunction with Yahoo, and is designed to protect users against potential account hijacking.

It's now over a year since Yahoo decided that the time had come to start recycling email addresses that had lain dormant and unused. Concerns were voiced that little used email addresses could end up falling into the wrong hands and be used for nefarious purposes. With email addresses used for much more than just email communication -- often doubling up as login credentials -- the need for security in this area is apparent.

Continue reading

Employees' bad habits could put businesses at risk

Password post-it

Individuals are frequently the weakest link in the chain when it comes to protecting business data, often through simple day-to-day lapses that can have a serious consequence.

Atlanta-based IT Services company Leapfrog Services has identified five common bad habits of employees that businesses need to manage in order to guard their information.

Continue reading

Point of sale malware infections show sharp rise

Malware spy

Threat protection specialist Damballa has released its threat protection report for the third quarter, highlighting that the malware threat is still growing.

Based on analysis of traffic from the company's ISP and enterprise companies, the report looks at one of the biggest challenges facing IT security teams, that of identifying genuine attacks amongst a plethora of security alerts. In the last quarter it says that the 'noisiest' enterprises experienced some 138,000 events in a day. This represents a 32 percent increase over Q2, with customers experiencing an average of 37 infected devices a day.

Continue reading

42 percent of American PC users suffer daily or weekly attacks on personal data

42 percent of American PC users suffer daily or weekly attacks on personal data

A new survey conducted by Microsoft shows that more than one in four PC owners in the US is suffering weekly, or even daily, attempts by criminals to gain access to their private data. Microsoft found that 22 percent of tablet users suffered similar data access attempts, and that general levels of concern about scams has increased. While "traditional" scams -- such as those asking for upfront payments or relating to fake lottery winnings -- have actually decreased, there are now more social media-based scams than a couple of years ago.

It's not all bad news. While scams might be on the increase, web users are seemingly more aware of the risks involved in using the internet and take proactive steps to protect themselves and their data. As more people use mobile devices to get online, more phone and tablet users are taking precautions.

Continue reading

How to combat cyber attacks using speed and sophistication

attack

During a cyber attack, every second counts. While an attack can happen in an instant, it can take months to remove it from an organization’s infrastructure. For some organizations, there can be more attacks in one hour than a well-staffed security team can address in an entire day. That's a big problem.

Historically, attackers have had the advantage over defenders by being able to choose from a broad array of tools, around-the-clock attack windows, and innumerable attack types. If one type of attack failed, an attacker could simply try again and again until vulnerabilities were discovered. Moreover, cyber attacks are easy to organize and cheap to enact.

Continue reading

Windows 10 to include built-in two-factor authentication

Windows 10 to include built-in two-factor authentication

We've looked at the two public builds of the Windows 10 Technical Preview -- the initial, disappointing, embryonic build 9841, and the very slightly less disappointing build 9860 -- but of course the best is still to come. There are many features we expect to find their way into the final build, such as Cortana, and there are sure to be many surprises. One interesting inclusion is built-in two-factor authentication.

The presence of this valuable security feature is revealed by Jim Alkove in a post on the Windows blog in which he talks about the importance of identity protection and general security. He explains that Windows 10 will start to move users away from single factor authentication -- the humble password -- in favor of more secure options.

Continue reading

Staples is the latest US store to suffer a credit card data breach

Staples_800x450_contentfullwidth

The office supply store Staples has announced that it is investigating a possible breach of payment card data, making it the latest US store to be targeted.

The retailer has notified the relevant authorities, but has not disclosed details of the data breach publicly.

Continue reading

Proximity Unlock hitting Android L and ChromeOS Preview builds

easy unlock

Google has long been unhappy with traditional passwords. And rightly so, they are a headache. If they are easy to remember, they can become easy to guess. There are problems with reuse, attackers are getting them through compromised third party applications, and there are more problems than I care to list. It is hard enough to follow good practice as an informed and security conscious individual -- imagine the struggle for the "non-techy".

Google has long been looking into proximity based credentials as alternatives, and placing them in objects like rings. Last Google I/O, the company released an upcoming feature in Chrome OS that uses your authorized, unlocked phone to unlock your computer simply by having them near to each other (unlocking your phone indicates you are near your computer).

Continue reading

Log into Gmail with a USB drive -- Google adds support for Security Key

Log into Gmail with a USB drive -- Google adds support for Security Key

Two factor authentication (or two step verification, if you prefer) is very a la mode at the moment. Actually, it has been pushed by companies for some time, but a number of high profile security problems recently has brought it back to public attention again.

Enabling the security feature usually means entering a password as normal, in addition to a passcode sent to a mobile device. Today, Google makes things a little easier for, in its own words, "particularly security-sensitive individuals" by introducing support for Security Key.

Continue reading

XCom takes advantage of Marriott's Wi-Fi debacle, issues security alert

Hotel wi-fi business

If you happened to miss it, then some background information is in order. The Marriott hotel chain, or actually one branch of it, was caught red-handed blocking Wi-Fi hotspots that its guests brought along on their trip. The hotel giant claimed security reasons, but people didn't buy the excuse. More importantly, the FCC didn't bite on it either.

It seems the Gaylord Opryland Hotel would have preferred customers to pay the exorbitant rates it charges for internet access. The Federal Communications Commission saw things differently and slapped the hotel with a $600,000 fine.

Continue reading

Avira 2015 offers optional Dropbox install, online product management

avira200-175

Avira has announced the arrival of its 2015 product line, including Avira Free AntivirusAvira Antivirus Pro and Avira Internet Security.

The main highlight is a "superior" engine to improve PC protection, along with enhanced Android and iOS apps.

Continue reading

5 essential tips for staying safe online

5 essential tips for staying safe online

The security of the internet is an on-going concern. Whether you're online for fun, or you're conducting business, there are all manner of pitfalls you may encounter. Issues such as viruses and malware are now widely known about, but these are far from being the only security issues to concern yourself with. Security has been thrown into the limelight once again by high-profile stories like the Fappening, problems with SnapChat, concerns about the Whisper app, and the POODLE SSL 3.0 vulnerability.

A large proportion of companies and individuals are aware of the importance of anti-virus and anti-malware tools, firewalls and the like. Security tools are all well and good, but there's also a lot to be said in favor of changing online behaviors; it's something that the online community and businesses are increasingly coming to understand. Much of what this entails -- taking care about the personal information you share and educating yourself about services before you use them -- is common sense, but it bears repeating.

Continue reading

Snapchat talks API, warns about a hacked third-party app

Breakup Smartphones

Snapchat has enjoyed a meteoric rise in popularity. But for software and apps popularity also means becoming a bigger target. There's been no shortage of news recently regarding systems being breached, with Kmart being the most recent victim.

In this case the victim isn't Snapchat, at least not directly, but a third-party app that uses the chat service's API. While the company is happy that so many want to use its API, it felt forced to issue a warning to the folks who decide to use these apps.

Continue reading

The cloud is ubiquitous -- and so is its security

cloud

The tabloids are abuzz with tales of hackers stealing salacious celebrity selfies stored on the Cloud, and of course the furor dies with next week’s issue of People Magazine.

The thought of Cloud based business data being compromised is a different matter, and you’re right to be concerned about ubiquitous computing resulting in ubiquitous hacking attempts. Fortunately, efforts to secure the cloud are maintaining the pace of the unprecedented growth of the cloud itself.

Continue reading

Investigation finds 'anonymous' Whisper app secretly tracks user location

Investigation finds Whisper app secretly tracks the location of users

Following all of the NSA revelations, mass surveillance has increased the general level of paranoia to be found online -- although it could be argued that not all surveillance is bad. With everyone on such high alert it's little wonder that an app that described itself as "an anonymous social network that allows people to express themselves" should be so popular. Whisper encourages users to embrace the supposed anonymity it offers and reveal secrets they would not otherwise feel comfortable sharing.

An investigation by the Guardian found that the app is tracking the location of its users -- even those who have opted out of such tracking. As a result of the Guardian's report, Whisper amended its terms of service and introduced a new privacy policy. But the revelations will cause concern to users of the service, who sent more than 2.5 million messages per day.

Continue reading

© 1998-2014 BetaNews, Inc. All Rights Reserved. Privacy Policy.