Cybersecurity

Researchers at FireEye on Monday made public the existence of the Masque Attack, which threatens iOS and Mac OS X operating systems. Masque Attack exploits a flaw in Apple's OSes that allows the replacement of one app by another so long as both apps use the same bundle identifier. All apps, except t...

Hackers siphoned off data from United States Postal Service servers for more than eight months before being detected, the USPS said. Personal data -- including names, dates of birth, Social Security numbers, addresses, beginning and end dates of employment, and emergency contact information -- was s...

SPOTLIGHT ON SECURITY

New Tool Alerts Etailers to Suspicious Characters

As thoughtful as mobile phone makers are when they design their products, there are always punters who want something that isn't there and are willing to hack a device to get it. In the Android world such a hack is called "rooting" a phone; in the iOS world, it's called "jailbreaking." Either can tu...

Palo Alto Networks on Wednesday reported that more than 400 apps infected with a malicious program it calls "WireLurker" have been downloaded 356,104 times by Chinese Mac owners from Maiyadi, an online app store unaffiliated with Apple. The malware does no harm to the Macs it infects but when the co...

SPOTLIGHT ON SECURITY

Russian Cyberspies Caught With Mittens in Cyber Cookie Jar

Russian cyberspies have a reputation for stealth, so it's unusual when two digital espionage operations linked to the Kremlin come to light in a week. FireEye early last week released a report detailing how hackers working for the Russian government have been using sophisticated techniques over a se...

Facebook recently announced that it was providing access directly over the Tor network. Its purpose was to let users access Facebook without losing the cryptographic protections provided by the Tor cloud. Facebook is providing an SSL certificate which cites its onion address. It will add onion addre...

SPOTLIGHT ON SECURITY

Mobile Malware Takes Victims by Surprise

Malware writers behind Koler, a bad app that attacks Android devices, have upped their game with a new variant of the pernicious program. In its original version, Koler hijacked phones it landed on and wouldn't set them free until a ransom was paid. This latest strain of the malapp also does the ran...

Chinese authorities have launched man-in-the-middle attacks on Apple's iCloud.com and Microsoft's Login.live.co that are ongoing, according to Greatfire.org. Qihoo 360 browser users' local connections to iCloud.com are being rerouted to a dummy site that's identical to Apple's login page. Users of F...

SPOTLIGHT ON SECURITY

Black Box Keeps Cybersnoops in Dark

Following Edward Snowden's revelations about indiscriminate government snooping on U.S. citizens, many Net surfers would like to find a way to lower their visibility on the Internet. There are a number of tools in cyberspace that can help a soul do that, but they can take time and savvy to set up. T...

FBI director James Comey, in a speech last week at the Brookings Institute, reiterated his concerns about encryption built into iOS 8 and Android stymieing law enforcement. "I'm a huge believer in the rule of law, but I also believe that no one in this country should be beyond the law," he said. H...

iSight Partners this week revealed that a cybergang it dubbed "Sandworm" has been exploiting a zero-day vulnerability that impacts all supported versions of Microsoft Windows, including Windows Server 2008 and 2012. The announcement was held off until Microsoft issued its patch earlier this week. If...

SPOTLIGHT ON SECURITY

Phishers Find Apple Most Tasty Target

"Follow the money" isn't just the war cry of journalistic bloodhounds hot on the trail of political corruption. It's the mantra of Web predators, too. That's why PayPal consistently has been the top brand targeted by phishers -- although that appears to have changed. Apple now has the dubious distin...

The Food and Drug Administration last week released long-awaited recommendations aimed at better managing cybersecurity risks to protect patient health and information in a document titled "Content of Premarket Submissions for Management of Cybersecurity in Medical Devices." The new standards recomm...

Most of today's books about Big Data delve into highly technical tools, cloud technology, and high-level computer-assisted math calculations and algorithms. For most people in the business world, this is far from motivating readers to appreciate just what Big Data does and how to let it get you ther...

SPOTLIGHT ON SECURITY

Consumers Fed Up With Data Breaches

Consumers are beginning to lose their patience with the custodians of their personal information. Survey results from 2,000 consumers released last week by HyTrust, suggest that 51 percent of those polled would bolt from any business involved in a data breach that compromised personal information su...

Technewsworld Channels