Articles about Security

93 percent of US organizations are vulnerable to insider threats

Insider threat

In the past few years the adoption of new methods to access corporate data has led to traditional endpoint security being less effective. At the same time there are concerns about the number of employees who have access to data and how much of a threat they present.

Data security specialist Vormetric has released its latest Insider Threat Report which reveals that 93 percent of US organizations polled believe that they’re vulnerable to insider threats.

Continue reading

Facebook aims to wipe fake news stories from your newsfeed

Facebook aims to wipe fake news stories from your newsfeed

The queen is dead, boys! President Obama has announced he's going to step down! You can rewrite Facebook's privacy policy to your liking! Sick of seeing fake news stories cluttering up your Facebook newsfeed, getting in the way of content you actually want to see? Facebook feels your pain and is taking steps to cut back on the hoaxes.

Stop me if you think that you've heard this one before, but not everything that appears online is one hundred percent true. In fact, there's a huge amount of content that is twaddle, pish, balderdash -- and lots of people fall for it. Facebook is introducing a new feature that lets you report a story as being fake, and if enough other people do the same, the power of crowd sourcing means the story will be culled.

Continue reading

The worst passwords in the world -- is yours on the list?

The worst passwords in the world -- is yours on the list?

Did you resolve to increase your security in 2015? If the list of top passwords used in 2014 is anything to go by, a lot of people should have had this right at the top of their list of New Year's resolutions. Security and password firm SplashData has published its annual list of the most common (worst, in other words) passwords that are in use.

If there's anything positive to be taken from this terrifying list of insecurity, it's that 'password' is still not the most used password out there. It only slipped to second place last year to be replaced by '123456'. The top two positions remain the same this year, so there's not really that much cause for celebration. But the list makes for interesting reading, particularly when you consider these (supposedly) security-conscious times we live in.

Continue reading

Poetic Justice -- DDoS service operated by Lizard Squad gets hacked, user data leaked

Hacker detection

The past few weeks have not been kind to hacking group Lizard Squad. They've managed to raise the ire of the last possible group of folks you'd wish to anger -- Anonymous. The organization is also experiencing arrests of its members, thanks to poor procedures put in place for identity protection. But the latest blow may come as poetic justice to many people.

The loosely-knit hacker communicative has been trying to sell its wares online -- namely DDoS for hire services. Unfortunately for it, and rather fortunately for the rest of us, the offering has been hacked. According to multiple reports LizardStresser.su was compromised.

Continue reading

Minecraft usernames and passwords leak online

minecraft thumb

Minecraft is a phenomenon. The online game is incredibly popular with well over 100 million PC downloads to date. When Microsoft bought developer Mojang last September it had to shell out a cool $2.5 billion to do so.

So it’s perhaps no surprise that players of the game have been the target of hackers keen to get their hands on poorly guarded gaming credentials. Armed with a valid user name and password, anyone can log into a game, or download a full copy of Minecraft.

Continue reading

US government -- 'Do as we say, not as we do' when it comes to hacking

hacker malware

While the news of the recent Sony hack has died down, it certainly isn't forgotten. The simple fact remains that we still have no clear answer on who was responsible. The US government blamed North Korea and initiated sanctions on the nation, though no real evidence was put forth to support this alleged misdeed, leaving the move to reek of political motivation.

The simple fact that the hackers originally asked for money, as if it were a hostage situation, seems to point away from state-sponsored wrongdoing, but we simply don't know the real truth, and perhaps never will. All we really know is there's a lack of evidence for this case. We'd be safe in speculating a jury would be unlikely to convict the country.

Continue reading

North Korea blamed for Sony hack because NSA had been spying since 2010

North Korea blamed for Sony hack because NSA had been spying since 2010

When Sony Pictures was hacked, the US was quick to point the finger of blame at North Korea. Security experts may have disagreed, but newly declassified documents show that the NSA had been monitoring the nation as far back as 2010 -- and there are even hints that the US was aware of the possibility of North Korea launching some form of cyberattack.

With the help of allies such as South Korea, US intelligence services were able to tap into North Korean web traffic. The NSA also went as far as installing malware on North Korean computers with a view to monitoring the activity of key systems. New papers published by Der Spiegel show that it is this spying that helped to pin the blame for the Sony attack on NK.

Continue reading

'Easy Disk Drive Repair' is not what it seems

ProcessKO-200-175

"Easy Disk Drive Repair" looked like a promising program. "An incredibly easy to use, yet powerful drive repair and maintenance tool", the developer claimed. Works with all drive types. More than one million downloads, five star awards plastered all over their product pages, and listed at big sites like Softpedia and ZDNet.

Sounded great, but we don’t like to copy and paste a developer’s description onto our own pages. We wanted to try it out, first.

Continue reading

Listen up, Microsoft -- Verizon fixes critical email security flaw in two days

Listen up, Microsoft -- Verizon fixes critical email security flaw in two days

When it comes to fixing security problems, it's better for everyone involved if a patch can be released as quickly as possible. A few days ago, a critical vulnerability was discovered in Verizon's FiOS app by Randy Westergren when he found it was possible to access the mail account of any Verizon customer with relative ease.

In stark comparison to the unhurried approach adopted by Microsoft to fixing problems identified in Windows -- on more than one occasion failing to hit a public disclosure deadline set by Google -- Verizon acknowledged, investigated and fixed the problem within two days. The problem itself was worrying, but the speed of reaction is impressive.

Continue reading

Google reveals two more unpatched Windows security bugs

Google reveals two more unpatched Windows security bugs

Earlier in the week, Google managed to raise the ire of Microsoft by publishing details of a vulnerability in Windows before a patch had been published. Now the same thing has happened again, but this time it's a double whammy. Google Security Research has revealed two more security holes that Microsoft is yet to fix.

Just as was the case a few days ago, Microsoft had been warned about the security problems and Google agreed to keep details private for a period of 90 days. Now the three months is up, details of the security issues have been automatically published, running the risk that users could be targeted.

Continue reading

UK man arrested for Christmas Xbox Live and PlayStation Network attacks

UK man arrested for Christmas Xbox Live and PlayStation Network attacks

Cyber crime investigators have arrested an 18-year-old man in the UK for the attacks of the Xbox Live and PlayStation Network that took place over Christmas. This is something that Lizard Squad has claimed responsibility for, but at the moment it is not clear whether the man who has been arrested is associated with the group.

South East Regional Organised Crime Unit (SEROCU) worked in conjunction with the FBI and the UK's National Cyber Crime Unit to home in on the unnamed man believed to have been involved in the DDoS attacks. Thousands of gamers had their Christmases spoiled after the gaming networks were rendered inaccessible, leading Sony to offer compensation to those affected.

Continue reading

Frequent flyer miles no longer safe as American and United airlines get hacked

american airlines airplane

Those who travel regularly count on the frequent flyer miles that almost all airlines offer. Customers use these to build up for free trips or upgrades to a better class seating section. But what happens when these miles get swiped away from you? American and United airlines are finding out.

Both flight providers have experienced theft of these miles, carried out by hackers that got hold of access from customer account information. The miles were used to book free trips and upgrades.

Continue reading

IObit launches safe payment environment for mobile users

mobile payments NFC

Perhaps best known for its SystemCare products for Windows, software company IObit is launching a new version of its Android app, AMC Security.

AMC Security is a combined security and device optimization app. Among the new premium features included in this release is Payment Guard, which is designed to protect mobile users' financial data and the mobile payment and banking process.

Continue reading

The cost of dealing with false positive malware alerts

security padlock

False positives are often accepted as a fact of life with anti-virus programs but a new survey commissioned by breach detection specialist Damballa reveals that they have a significant cost for businesses.

The study produced by the Ponemon Institute reveals that enterprises spend $1.3 million a year dealing with false positive cyber security alerts, which equals nearly 21,000 hours in wasted time.

Continue reading

War is declared: US and UK to engage in cyber attacks

War is declared: US and UK to engage in cyber attacks

The US and UK usually get on pretty well, but plans are afoot for the two nations to stage cyberwar on each other. Later this year, Wall Street and the City of London will be subjected to a series of attacks that is being described as "unprecedented".

But this does not signal a breakdown in the "special relationship" that extends across the Atlantic, rather the "war games" are part of a venture between the two countries to help improve security. The aim is to expand information sharing in a bid to stave off real cyber attacks that could be launched by other nations.

Continue reading

© 1998-2015 BetaNews, Inc. All Rights Reserved. Privacy Policy.