Articles about Security

OurMine leaks 3TB of Vevo data after hacking video streaming service

vevo mobile

Infamous hacker group OurMine has struck video streaming service Vevo. The group breached Vevo late on Thursday, gaining access to, and leaking, more than 3 terabytes of internal videos and documents.

OurMine -- more recently involved in HBO hacks and Game of Thrones leaks -- managed to get hold of office documents, videos and promotional materials. While many of the files and documents are fairly innocuous, at least some of them would be considered "sensitive" in nature.

Continue reading

New York State’s new financial services cybersecurity policy relies on encryption

New York

As of August 28, certain financial services companies based in New York now have to comply with the state’s new cybersecurity requirements, known by the (very long) acronym 23 NYCRR 500. On the line for affected banks and insurers are both penalties for non-compliance and potential business loss if they continue to expose their businesses to cyber threats.

The regulations took effect March 1, but included a three-month grace period for companies to get organized before needing to meet the first wave of mandates. Companies will have ongoing deadlines over the next two years as further layers of compliance continue to take effect. Notably, affected financial services companies will need to have an encryption strategy in place by September 2018.

Continue reading

Hurricanes lead to drop in malware infections

Hurricane

An interesting side effect of the recent hurricanes Harvey and Irma is that malware infections in the Florida and Texas areas have seen a dramatic fall.

Data released by Enigma Software Group, makers of the SpyHunter anti-malware software, shows that infections in the Houston area showed a 52.5 percent drop from the average on August 29th.

Continue reading

Face ID on iPhone X has a quick-disable anti-theft feature, says Apple

face-id

With the launch of the iPhone X, Apple unleashed Face ID biometrics on the world. During a demonstration of the feature there was a SNAFU when Face ID failed to work as intended (due, Apple says, to staff playing around with the device beforehand), and there are many questions hanging over the idea of using one's face to unlock a phone -- Senator Al Franken has many questions, for example.

Among the questions posed by Franken and others are queries such as "what's to stop someone using a photo or mask to unlock my phone?", and "if a mugger steals my phone, could they not unlock it just be holding it in front of my face?" Good points, though Apple Senior VP Craig Federighi says there are built-in measures to prevent such instances of unauthorized unlocking.

Continue reading

Google Chrome will stop trusting older Symantec certificates

Broken trust

Chrome will stop trusting any security certificates issued by Symantec, Google has confirmed.

In a blog post, Chrome Security's Devon O’Brien, Ryan Sleevi and Andrew Whalley say that certificates from the security firm will be "distrusted," starting with version Chrome 66. This affects all certificates issued before June 1, 2016.

Continue reading

Privacy: Senator Al Franken has a lot of concerns about Face ID on the Apple iPhone X

iPhone X Face ID

From the moment Apple started to talk about Face ID, there were concerns voiced about privacy and security. It's not just security experts and potential users who have these worries; Senator Al Franken has written to Tim Cook asking for details about the safeguards Apple has put in place to protect users.

On top of this, Franken wants to know more about how Apple trained the Face ID algorithm, and seeks assurances that third parties will not be able to access or be granted access to Face ID data.

Continue reading

Criminals hijack browsers to mine cryptocurrency

crypto currency

Cyber criminals supplementing their income by mining cryptocurrencies like Bitcoin is nothing new. Usually this has been done by installing malware or PUPs on the machines of unsuspecting users.

But now researchers at ESET have discovered a new method of mining cryptocurrencies, which can be done directly within your web browser, using JavaScript. This gives attackers the potential to reach a greater number of victims, by infecting websites, rather than by targeting individual machines.

Continue reading

Mobile apps still the 'Wild West' of online security

wild west mobile

Most app stores are still failing to adequately protect their users from malicious and fraudulent app downloads.

This is one of the findings of a new report by threat management company RiskIQ which analyzed 120 mobile app stores and more than 2 billion daily scanned resources.

Continue reading

Kaspersky software banned from US government systems over concerns about Russia

kaspersky-labs-sign

The Department of Homeland Security has told US government agencies to remove Kaspersky software from their systems. The directive was issued because of concerns about influence exerted over the company by the Russian government.

Government agencies have been given three months to identify and start to remove Kaspersky's security products. Kaspersky has constantly denied connections to the Russian government, but the US is simply not willing to take the risk.

Continue reading

Bashware: Microsoft refutes claims that Linux makes Windows 10 insecure

microsoft-black-shop-logo

A recent report from Check Point Research suggested that the presence of Windows Subsystem for Linux (WSL) in Windows 10 poses a security risk to Microsoft's operating system. Researchers from Check Point highlighted the issue of Bashware attacks which use WSL to bypass security products.

Microsoft, predictably enough, disagrees with the findings -- and so do other researchers. The Windows-maker says it views the risk of Bashware as "low". But is the company being too dismissive?

Continue reading

McAfee launches new range of consumer security products

Consumer home protection

With internet threats showing no signs of slowing down, it's vital to keep all of your devices protected and this applies in the home as much as the workplace.

With the launch today of its latest consumer products, McAfee is aiming to protect against threats as well as offering online privacy and safety for the whole family.

Continue reading

IT professionals are an underused resource for cyber security

Employee bored

It's widely accepted that there is a shortage of people with cyber security skills, yet a new study shows that companies are failing to give IT professionals -- the people implementing and operating security strategies for most organizations -- the training and responsibility they need to take on a more proactive cyber security role.

The study, from security training company (ISC)2 also reveals that many IT professionals feel their security guidance is being ignored by business leadership.

Continue reading

BlueBorne Bluetooth vulnerability 'exposes almost every connected device'

blueborne

Armis Lab, the Internet of Things security firm, has revealed details of BlueBorne, a Bluetooth vulnerability that affects millions of iOS and Android smartphones, IoT devices, and Windows and Linux systems. In all, 5.3 billion devices are believed to be at risk.

The BlueBorne attack makes it possible for an attacker to spread malware or take control of nearby devices. What's particularly concerning is that for an attack to be successful, there is no need for device pairing, or even for a target device to be in discoverable mode. There's also no need for any sort of interaction by the victim -- everything can happen completely silently in the background.

Continue reading

TP-Link releases KC120 Kasa Cam Wi-Fi security camera

Tp-Link-Kasa-Wifi_Camera-04

Every home should have a Wi-Fi security camera nowadays. They are convenient, easy to use, and very affordable. It used to be a rather expensive affair to have security cameras installed in a home. Now? Not so much. Not only do they let you monitor your home remotely for security reasons, but they can help you keep an eye on family members and pets too.

Today, popular network hardware manufacturer TP-Link releases an all-new Wi-Fi security camera, and it looks rather nice. Called "KC120 Kasa Cam," it is inexpensive, making it a product homeowners should consider. It even comes with free cloud storage. The camera has some nice features and specs, such as 1080p video, night vision, activity alerts, 2-way audio communication, and an adjustable magnetic base for easy placement.

Continue reading

Bashware attack makes Linux a security threat to Windows 10

linux_windows_logos

While many people welcomed the arrival of Windows Subsystem for Linux (WSL) in Windows 10, it has been found to be a potential security issue. A new technique known as a Bashware has been discovered by security researchers that makes it possible for malware to use the Linux shell to bypass security software.

While administrator access is needed to execute a Bashware attack, this is fairly easily obtained, and the technique can be used to disguise malicious operations from antivirus software and other security tools. Researchers from Check Point Research point out that the danger stems from the fact that "existing security solutions are still not adapted to monitor processes of Linux executables running on Windows."

Continue reading

© 1998-2017 BetaNews, Inc. All Rights Reserved. Privacy Policy.