We've all heard that the scale and number of cyber attacks are constantly increasing, and that the bad guys are only getting smarter -- but can you actually picture what the unfolding exchange of cyber attacks looks like around the world?
Well now you can, with security company Norse's real-time online map of global cyber attacks. The map uses honeypot servers around the world to entice attackers into launching their attacks, and then displays them in real time on the map. The result is pretty mesmerizing, and shows the true scale of the worldwide cyber war going on all around us.
Security breaches happen all the time but it's the biggest ones that hit the headlines and send ripples through the IT community. Security consultancy TSC Advantage has looked at the top ten breaches from the last five years and what effect they've had.
Top of the list is the Adobe hack of 2013, made possible by weak password requirements and affecting 152 million customers. In second place comes the recent eBay hack involving stolen employee credentials and affecting 145 million users.
Security company F-Secure has uncovered a new malware attack that blends together elements of two earlier threats in an attempt to compromise enterprise networks.
CosmicDuke includes elements from the MiniDuke advanced persistent threat (APT) Trojan combined with the info-stealing Cosmu family. MiniDuke first appeared last year and was used in attacks against NATO and some European government agencies.
VirusTotal is an excellent free web service which scans any file for malware against 50+ of the top antivirus engines. But it can take a moment to use, as you must visit the site, choose the type of scan you need (file or link), then point VirusTotal in the right direction.
VTzilla and VTchromizer are Firefox and Chrome add-ons which simplify this process by integrating VirusTotal scanning options into the browser, enabling you to check any file or URL with one or two clicks.
Microsoft has taken unprecedented action against million of cybercriminals by shutting down a barrage of servers used to infect PCs with dangerous malware across the globe.
The firm, which obtained a court order, gained control of a large number of domains being used to spread malware and in the process shut down legitimate sites due to what the domain owner called "heavy-handed" tactics.
A new report from research specialist Gartner says that the physical location of data is becoming increasingly irrelevant and that by 2020 a combination of legal, political and logical location will be more important.
Gartner research vice president Carsten Casper says that the number of data residency and data sovereignty discussions has soared in the past 12 months, and that this has stalled technology innovation in many organizations. Originally triggered by the dominance of US providers on the Internet and the Patriot Act, the perceived conflict has since been fueled by revelations of surveillance by the NSA made public by Edward Snowden.
One of the biggest concerns that businesses have about the increasing use of mobiles and BYOD is how to keep their data secure. Traditional security tools were built to cope with desktop devices rather than the on/off existence of mobile connections.
Mobile platform specialist Kinvey aims to help mobile developers to seamlessly secure mobile, tablet, and responsive Web apps with its newly-launched Mobile Identity Connect product.
The idea of connected devices means far more than wireless webcams and televisions that are connected to the internet. The Internet of Things is a buzzword, but it’s also a real, tangible thing. Consumers and businesses alike are looking to the ways in which connected devices can help to make life easier, more efficient, and more profitable. In many ways, this is Internet 2.0 -- we've had Web 2.0, now the Internet is being taken to the next level -- as the benefits of getting ever more devices not only online, but also communicating with each other, are realized. But just as with the web, the IoT needs protocols to ensure compatibility between devices, and this is what HyperCat hopes to bring about.
A collaboration between dozens of UK technology firms, HyperCat is… well… let's allow it to introduce itself. "HyperCat is a media type for the web allowing servers to list catalogs of resources. It is designed to make discovery of IoT services and assets easier". It's a protocol, a specification, a standard. It's an attempt to define the semantics of the Internet of Things, helping to level the playing field and start everyone off on an even footing. As we saw with the VHS and Betamax battle, and the Blu-ray vs HD-DVD format wars, there are just no winners when there are two or more competing formats. It makes perfect sense to pin down how the IoT should work as early as possible, and this is precisely what HyperCat aims to do.
Social networks are funny beasts, and this is certainly something that's true of Facebook. The site has a patchy history with regard to user privacy, and there are constant complaints about how personal content is used, who can gain access to it, and the privacy settings that are in place. But like all modern companies, Facebook likes to be seen listening to its customers -- or at least appear to listen. A recent example of 'listening to the people' is Facebook's reaction to the #FreeTheNipple campaign which ultimately led to the site bowing to pressure and permitting photos of breastfeeding to be published. There have also been numerous instances of responding to complaints and making privacy settings easier to control.
Like Microsoft, Google, Yahoo, and even the NSA, Facebook has released transparency reports that detail data requests and the like. Transparency reports are something that users all but demanded, and delivering them is excellent PR for the companies involved. Now Facebook is taking things up a notch, fighting for users' rights in court. Earlier this week it emerged that the social network is fighting a US court order which forced it to hand over user data. The data was requested as part of an investigation into benefit fraud. Facebook complied but complained that it was a violation of the Fourth Amendment.
NSA, Snowden, spying, yadda, yadda, yadda. This story is old, I know, but it goes on. The activities of the NSA and other government agencies have forced the online world to look very closely at how its data is being used, and how the companies handling it operate. Just about every online company worth its salt has gone out of its way to bemoan the NSA, their need to comply with data requests from the agency, and their inability to reveal everything they want to about what the NSA is asking about.
We have seen "transparency reports" from Google, Microsoft, LinkedIn and numerous other companies. But as suggested by my use of quotes, and as alluded to in the opening paragraph, there have been (severe) limits to the levels of transparency we have seen. "Quite opaque" might be a better description. Still, with the world and its dog falling over one another to release the most details, most comprehensive, and most self-congratulatory report, we probably should have predicted that pressure on the NSA would reach a point at which it felt forced to show its own hand. That time has come. The microscope has been turned around, and the security agency is now laying bare its own facts and figures.
The battle for dominance between Microsoft and Google continued, with Microsoft offering a huge storage boost for Office 365 and OneDrive users. This was quickly trumped by Google later in the week at 1/0 2014, when the company announced unlimited storage for Google Drive for Work users. Microsoft is basking in the glory of being heralded as cooler than Apple by Joe -- and stunts like offering cashback deals to sway MacBook Air owners into switching into Surface Pro 3 certainly helps. Microsoft opened a new store on Long Island, while Google branched out into new territory with a trial run of a new domain registration service. Microsoft also ventured into new waters with its first Android smartphone, the Nokia X2.
In something of an interesting twist, Microsoft opted to use Opera Mobile as the default web browser. Opera is also returning to Linux after the surprise release of Opera 24 Developer. Linux Mint 17 "Qiana" KDE was also released. Linux also managed to hit the headlines for facilitating the hacking of Google's Nest thermstats. If this hasn’t put you off, Logitech added support to its Harmony remotes.
Avast Software has released the fourth update to its Avast 2014 range of products with the unveiling of build number 9.0.2021 for Avast Free Antivirus 2014, Avast Internet Security 2014 and Avast Premier Security 2014.
As with the previous few updates, R4 contains no new features, but does include several important security enhancements among other tweaks and optimizations that once again make it essential for existing users.
Technology users are putting themselves at risk by ignoring how their personal information is being stored and the potential security risks that go hand in hand with digital devices.
This is the conclusion of a round table panel of security experts put together by hosting company UKFast. According to the panel the buzz of social media and the ever-evolving digital scene has created an ignorant culture of technology consumers.
In a bid to combat the threat presented by DDoS attacks, security specialist Corero Network Security has announced a powerful web-based analytics portal.
A cloned banking app which steals user login credentials has been discovered on the Play Store this week. Mobile security company Lookout discovered the app and informed Google which immediately removed it.
The malware, called BankMirage, targets the customers of an Israeli bank called Mizrahi Bank -- the fourth largest in the country. The authors of the app placed a wrapper around the bank's legitimate app and redistributed it on the Google Play store, pretending to be the financial institution.