Articles about Security

Tracking and tackling Ebola using mobile phone surveillance

Tracking and tackling Ebola using mobile phone surveillance

Mention web or mobile surveillance, and you're sure to raise a few hackles. But the current Ebola outbreak is showing that the data collected from handsets can be extremely useful. The idea of tackling a disease with 'big data' gathered from mobile phones might seem a little odd, but it's actually an incredibly valuable source of information. Telecom firms such as Orange have been working with data scientists, using anonymized data gathered from phones to track population movement in regions affected by Ebola.

The BBC points out that even in relatively poor countries in Africa, mobile phone ownership is still high. Experts have been able to use this data to determine the best places to set up treatment centers, and it's an idea that has been pounced upon by the CDC.

Continue reading

Mozilla will make Firefox 34 immune to POODLE, releases fix for older versions

Security Lock

Google yesterday disclosed a major security vulnerability it has found in the SSL 3.0 encryption protocol, that is still employed by many sites across the web, despite long being superseded. Dubbed POODLE (Padding Oracle On Downgraded Legacy Encryption), it allows attackers to steal private data, like cookies, and, possibly, use it to access user accounts on vulnerable sites. The search giant says its Chrome browser should be safe, but warns that others may be vulnerable.

Firefox is one of the vulnerable ones. To address this issue, Mozilla reveals that the upcoming version -- Firefox 34, to be exact -- will feature code which makes it immune to the POODLE attack. For those who use lesser versions of the open-source browser -- most users, basically -- the organization provides an optional fix.

Continue reading

Don't overlook the most important cloud storage feature: Security

cloud_security_header_contentfullwidth

The craze in the world of cloud storage today seems to be rolling out lists of additional features that match the features of every competitor out there, and presenting them as new and improved. Every company strives to be appear as the best possible cloud option on the market by continually adding "new" features right alongside competitors, and in all of the competition it can be a simple mistake to overlook what these features actually mean.

Before you let these lists of newly-added features dazzle you into choosing one specific cloud storage option over another, do a little research into what these features actually do. You might be surprised to find that many aren’t precisely new ideas, and they don’t increase the most important cloud storage aspect of all: secure file storage.

Continue reading

Security alert: Google drops SSL 3.0 after POODLE attack discovery

Security alert: Google drops SSL 3.0 after POODLE attack discovery

Google's security team has discovered a vulnerability in SSL 3.0 which can be exploited to steal secure cookies and other data. The 15 year old technology is still used as a fallback when connection problems occur as it helps maintain backward compatibility, but the security problems mean that Google will start to phase out support. Details of the exploit have been published and Chrome has today been tweaked to disable SSL 3.0 fallback.

Bodo Möller from Google's security team points out that this move will "break some sites" and that they will need to be updated. This does present some compatibility issues, and the advice is to support TLS_FALLBACK_SCSV instead, at least for the time being.

Continue reading

Security firms have created the next dot com bubble by 'scaring their customers'

Security firms 'scaring their customers' has created the next dot com bubble

There are too many security firms offering insufficient security. At least that's what Ilia Kolochenko, CEO and founder of High-Tech Bridge thinks. He points to the splitting of Symantec as proof that security companies are struggling, and suggests that the emergence of so many firms competing for attention is the start of a new dot com bubble that could burst at any moment.

Security is important to both home computer users and enterprise businesses. There is a huge amount of money to be made in the field, so it is perhaps little wonder that the number of companies muscling in on the market is on the increase. Kolochenko says that at the end of the century a lot of tech companies sprang up overnight and "most of these businesses were designed to create artificial problems or boost non-existent demand in order to make quick money. They didn't actually solve any real problems". There is a danger that the same could happen in the security world.

Continue reading

Public cloud security flaws: who’s viewing your files?

Cloud spy

Secure cloud storage is a challenge facing many professionals today, especially small and mid-sized businesses. It’s clear that the cloud is going to stick around for a long time, and so everyone is looking for a way to get on board with it while still protecting their professional data.

But, the unfortunate truth about public cloud storage is that you can’t control who handles your data or how it is protected. If you choose the wrong service, your company files are exposed to the dangers of hackers, data leaks, seizure, and nosy cloud employees. It’s difficult to know who is looking at your data, but if you know the risks and costs that come with different services and cloud functions, you can better protect your privacy.

Continue reading

Organizations struggle to balance security with systems integration

scales of justice

Many organizations are failing to meet data security and governance requirements according to a new Ovum survey sponsored by data flow specialist Axway.

The results reveal that 23 percent have failed a security audit in the past three years and 17 percent lack confidence in their ability to pass one today. It also puts the average cost of a data breach at $350 per record.

Continue reading

Why hackers love the holiday season [Q&A]

Credit card gift bow

Recent high profile security breaches involving retailers like Target and Neiman Marcus mean that people are increasingly aware they may be vulnerable when shopping online. Yet many don't fully understand the landscape that lies behind hacking and why it’s such a lucrative business.

With Christmas and its associated e-commerce peak fast approaching we spoke to Kelly Yee, Vice President of secure email provider Penango who has a wealth of security systems experience in both the public and private sectors. Here are her views on how hackers work and how we can guard against becoming victims over the holiday season.

Continue reading

Dropbox passwords held to ransom after third-party leak

Cloud box

Hackers claim to have stolen the login details of almost seven million Dropbox users. Having released a teaser file on Pastebin with details of around 400 accounts they’re offering to release more in exchange for a Bitcoin ransom.

Like the Snapchat photo leak it seems that this information has come from insecure third-party services rather than from Dropbox itself.

Continue reading

WordPress sites are a massive draw for hackers

WordPress_MP6_dashboard_contentfullwidth_contentfullwidth

According to research by Imperva, WordPress websites were attacked 24.1 percent more often than websites running on all other CMS platforms combined.

WordPress websites suffer 60 percent more XSS incidents than all other CMS platforms, and the research found that while WordPress is more likely to suffer fewer numbers of incidents for each attack type, it also suffers a higher traffic volume for each attack type.

Continue reading

Cloud burst: Dropbox confirms bug deleted user files

Cloud burst: Dropbox confirms bug deleted user files

There have been various headlines recently about cloud security breaches -- including the celebrity 'event' that shall not be named -- and the latest problem to hit the cloud affects Dropbox users.

This time around it's not a security problem, but it does involve losing control of one's files. A problem with the Selective Sync feature of some older versions of the Dropbox desktop app meant that files were deleted rather than synced. It's a problem that Dropbox users have been complaining about for a little while but the cloud storage provider has now confirmed the bug and issued assurances that the problem has been addressed.

Continue reading

100,000 mostly dull photos leak online -- behind the 'Snappening' hype

SnapChat

After all of the recent stories related to the Fappening you could be forgiven for thinking that stories about leaks of nude photos were becoming passé.

That didn't stop the media going into overdrive at the weekend when news emerged of 100,000 (or 200,000 depending on where you read the story) images from disposable message service Snapchat being leaked online.

Continue reading

The battle to wipe out revenge porn continues

The battle to wipe out revenge porn continues

In the wake of the Fappening, online porn and nudity has been thrust into the public consciousness once again. But porn is about much more than titillating celebrity photos -- even if research shows that we're finding it easier to waste our time online when we should be getting on with work. Revenge porn is on the rise, and steps are being taken to try to thwart its progress. As the Fappening showed us, taking saucy pictures of oneself or partner is far from uncommon. This is fun and exciting in the middle of a relationship, but if that relationship should break down, there's no knowing what could happen to those pictures and videos.

Disgruntled partners may decide to get revenge on their former lovers by sharing those intimate photos and movies online, or it may be obtained by a third party and used as a tool for bribery. Many US states have outlawed the practice, and now the UK is following suit.

Continue reading

Symantec to follow HP and eBay and split in two

Symantec to follow HP and eBay and split in two

There must be something in the air at the moment -- everyone seems to be splitting up. eBay and PayPal decided that it would be better to go it alone, and then HP announced it would be splitting into consumer and enterprise companies. Symantec now reveals that it plans to divide into two independent companies, one focusing on security, and the other on storage.

President and CEO, Michael A. Brown, says that the two markets face their own sets of unique challenges and by splitting in two, each business will have the flexibility needed to respond accordingly.

Continue reading

Is it the end of the line for the password?

passwords

In an era of increasing security threats the password is often the weakest link that allows attackers a way into a system posing as a legitimate user.

A new infographic from security company Ping Identity looks at the problem of poor passwords and how in the future they may give way to more sophisticated forms of authentication.

Continue reading

© 1998-2014 BetaNews, Inc. All Rights Reserved. Privacy Policy.