Microsoft released an emergency Windows update on Sunday after revealing that one of its trusted digital signatures was being abused to certify the validity of the Flame malware that has infected computers in Iran and other Middle Eastern Countries.
The compromise exploited weaknesses in Terminal Server, a service many enterprises use to provide remote access to end-user computers. By targeting an undisclosed encryption algorithm Microsoft used to issue licenses for the service, attackers were able to create rogue intermediate certificate authorities that contained the imprimatur of Microsoft's own root authority certificate—an extremely
RunningShoes.com CEO Chad Weinman lost more than $10,000 when GoDaddy went offline Monday. Photo: RunningShoes.comThese days when there’s trouble on the internet, there’s usually someone at the ready to jump up and take (or assign) blame for whatever went wrong, nevermind the facts. It can mean free publicity for your cause — whether it’s killing laws like SOPA or beefing up the federal budget for cyber security.Sometimes it doesn’t much more than a tweet and a Pastebin post to get a serious amount of free publicity. So in the spirit of yesterday’s GoDaddy incident where a random Twitter handle claimed to have downed the hosting giant, here
Kim Dotcom, like every smart founder of a startup in a crisis, is pivoting. Since his Mega empire of filesharing websites and financial assets were seized in an indictment over massive alleged copyright violations last year, he’s been working on a relaunch designed to transform the company’s reputation from a business focused on piracy to one focused on privacy–specifically, airtight encryption like no other storage site has ever offered.But the security community knows that the boldest claims about new encryption technology demand the most scrutiny. And some crypto researchers are already punching holes in the secure lining of Mega’s cloud.“
Digital video recorders have revolutionized home and business security, making it possible to easily store and play back hundreds of hours of surveillance camera footage. But a few design flaws in their software, it seems, can quickly turn the watchers into the watched.Eighteen brands of security camera digital video recorders (DVRs) are vulnerable to an attack that would allow a hacker to remotely gain control of the devices to watch, copy, delete or alter video streams at will, as well as to use the machines as jumping-off points to access other computers behind a company’s firewall, according to tests by two security researchers. And one of
NOTE: We will post each installment here for the security industry to garner feedback for about one week prior to posting to Forbes.com and a more mainstream and business readership. Please comment toward improving/clarifying the content.
More than anything, our goal was to cause thought – and get people talking. We believe we have done this. At the time, peers thought we were crazy to choose to tread on such volatile ground. At the time, researchers were afraid to mention the ‘A’ word, and journalists (for the most part) were miles off the mark of understanding the motivations and nature of “Anonymous”. While we may
Mathematician Zach Harris, 35, of Jupiter, Fl., poses for a portrait on Tuesday. Photo: Brynn Anderson/WiredIt was a strange e-mail, coming from a job recruiter at Google, asking Zachary Harris if he was interested in a position as a site-reliability engineer.“You obviously have a passion for Linux and programming,” the e-mail from the Google recruiter read. “I wanted to see if you are open to confidentially exploring opportunities with Google?”Harris was intrigued, but skeptical. The e-mail had come to him last December completely out of the blue, and as a mathematician, he didn’t seem the likeliest candidate for the job Google was pitching.
Posted on 29 January 2013. | Arbor Networks released its 8th Annual Worldwide Infrastructure Security Report offering a rare view into the most critical security challenges facing todays network operators.Posted on 29 January 2013. | Imperva announced a new report which examines the dangers of third-party code in cloud computing.Posted on 28 January 2013. | The past 12 months have been, to say the least, an active time for the information security landscape in Europe.Posted on 28 January 2013. | Help Net Security put SafeNet's new President and CEO in the hot seat to learn more about his background, as well as future plans.Posted on
Posted on 17 September 2012. | RSA Conference Europe 2012 is scheduled to be held in London on October 9-11, and Help Net Security is offering a free ticket to the event for one lucky reader.Posted on 14 September 2012. | While in August the percentage of adware-bundled apps dropped to 55.15 per cent, from Julys 77.34 per cent, June kick-started what would later be discovered to be an avalanche of adware.Posted on 14 September 2012. | The PCI Security Standards Council released best practices for mobile payment acceptance security.Posted on 13 September 2012. | A new version of BlackHole, one of the most popular exploit kits out there,
Hackers and foreign spies are bombarding government departments and businesses around the clock in what has become one of the “greatest challenges” of modern times. As well as targeting state or trade secrets, the cyber criminals and anarchists also try to disrupt infrastructure and communications, and even satellite systems. William Hague, the Foreign Secretary, told The Daily Telegraph that not an hour goes by when a system in the UK is not being attacked. But intelligence sources have revealed that it is much worse than that, with attempts being made minute after minute. In just a single attack during the summer, a
Posted on 4 December 2012. | PhishMe predicts that phishers will be changing their tactics in 2013 resorting to targeted spear phishing emails rather than the mass mails of the past.Posted on 4 December 2012. | This is a guide for managers who want to learn about cybersecurity and discover how to create and implement a plan to protect their organization.Posted on 3 December 2012. | The law created to protect children's online privacy actually increases risk, according to new research from Polytechnic Institute of New York University.Posted on 3 December 2012. | Large numbers of employees use Dropbox and other consumer file sharing services
- I Can See Clearly Now - E2 Conference Boston
- Discover the opportunities and challenges associated with mobile retail - Mobile Commerce World - Mobile Commerce World
- Explore best practices for marketers in the new mobile world - Mobile Commerce World - Mobile Commerce World
- The E2 Social Business Leaders - E2 Conference Boston - E2 Conference Boston
- How to Choose a SaaS Vendor - E2 Conference Boston
- The Untapped Potential of Mobile Apps for Commercial Customers
- Secure Cloud: Taking Advantage of the Intelligent WAN
- Using InfoSphere Information Server to Integrate and Manage Big Data
- The Untapped Potential of Mobile Apps for Commercial Customers
- Get Actionable Insight with Security Intelligence for Mainframe Environments
This Week's Issue
Free Print SubscriptionSubscribe
Current Government Issue
- The Government CIO 25: These influential and accomplished government IT leaders are finding ways to be cost efficient and still innovate.
- Rethink Video Surveillance: It's not just about networked cameras anymore. New technology provides analytics, automation, facial recognition, real-time alerts and situational-awareness capabilities.
- Read the Current Issue
- HP Newsletter with Gartner Research: Maximizing Your Infrastructure through Virtualization
- Understanding Holistic Database Security 8 Steps to Successfully Securing Enterprise Data Sources
- Information Protection: The Impact Of Big Data
- A How-To Guide on Using Cloud Services for Security-Rich Data Backup
- IBM index reveals key indicators of business continuity exposure and maturity