Articles about Security

It's all a facade: Encryption may do nothing to reduce surveillance or increase privacy

Encryption

Living in a technological age where there is a near-fanatical obsession with privacy, a move towards encryption seems to make perfect sense. While there have been calls from some governments to ban encryption and demands for decryption keys to be handed over, there is a drive by companies and online services to try to increase security and privacy with encryption.

But a new report (Don't Panic: Making progress on the encryption debate) from Harvard University's Berkman Center for Internet & Society suggests that encryption may be all but pointless when it comes to curtailing surveillance. While governments and surveillance agencies may balk at the idea of people using encryption to 'go dark' online, and many people embrace the idea as a means of increasing their privacy, the report suggests that the task of surveillance is not going to be made impossible, and could be helped by the Internet of Things (IoT).

Continue reading

BlackEnergy 3 malware targets Ukranian power facilities

Malware

The BlackEnergy malware first appeared in 2007 as a relatively unsophisticated program that that generated random bots to support Distributed Denial of Service (DDoS) attacks.

Endpoint security specialist SentinelOne has detected a new variant of the program which was used last month to attack a Ukranian power facility. It also believes that this latest variant may be state-sponsored.

Continue reading

Stop using Microsoft Edge's InPrivate mode if you value your privacy

Microsoft Edge

It's possible that you reached this article purely by chance, or you may have Googled 'how to change the default search engine in Microsoft Edge'. However you got here, the fact that you're reading this indicates that you're either interested in Windows 10's Edge, or actively use it -- and this means there's something you need to know.

If you fall into the latter camp and use Edge's InPrivate mode to cover your online tracks, you might want to think about changing your web browser. Edge has already got some stick for its lack of extension support -- "it's coming, it's coming!" Yeah, whatever... so's Christmas -- but now it turns out that InPrivate mode is a privacy nightmare. It is possible to peak behind the curtain and see which sites have been visited when using a browsing mode that should mask this.

Continue reading

LG G3 'Snap' vulnerability leaves owners at risk of data theft

Security researchers have discovered a vulnerability in LG G3 smartphones which could be exploited to run arbitrary JavaScript to steal data. The issue has been named Snap, and was discovered by Israeli security firms BugSec and Cynet.

What is particularly concerning about Snap is that it affects the Smart Notice which is installed on all LG G3s by default. By embedding malicious script in a contact, it is possible to use WebView to run server side code via JavaScript. If exploited, the vulnerability could be used to gather information from SD cards, steal data from the likes of WhatsApp, and steal private photos.

Continue reading

Adobe pushes out betas for version 21 of Flash and Air

Lots of things are said about Flash, and most of them aren't good. The Adobe app has proven to be a security nightmare and constant updates do little to alleviate the problems. Now a new version is on its way and hoping to fix things.

New versions of Flash 21 and Air 21 are in the works, currently these products are codenamed "Sutter". Don't expect any major changes, the company points out it's just incremental advances.

Continue reading

Why did Google give $6,006.13 to MBA candidate Sanmay Ved?

Google's security bounty programs can be quite lucrative for those who discover problems, and the company has just published a report looking back at the security landscape in 2015. Entitled Google Security Rewards - 2015 Year in Review, the report reveals the financial rewards that have been paid out in the last 12 months.

In all, Google has paid out more than $2 million to more than 300 people, but Sanmay Ved is probably one of the more interesting reward recipients. He's the guy who -- very briefly -- managed to buy Google.com before having it taken off his hands. Google offered him a $6,006.13 reward, but there's a little more to the story.

Continue reading

How your servers might support a DDoS attack

The largest scale of internet attacks enlist thousands or tens of thousands of previously hacked computers to simultaneously attack and overwhelm the websites and e-commerce services of selected victims.

Whilst there is often media coverage of the victim organizations affected, and sometimes discussion about the motivation of the attackers, there is rarely any awareness by those computer owners that are participating in attacks and facilitating online crime.

Continue reading

Threat of cyber crime drives higher salaries for security professionals

Employers are offering salaries up by 14 percent on average for IT security specialists in the light of the growing threat posed by cyber crime.

A Global Salary Survey by UK specialist recruitment company Robert Walters also sees salaries for developers increasing as major employers look to overhaul their online presence.

Continue reading

HSBC online banking hit by DDoS attack

As workers eagerly awaited the arrival of their first payday of 2016, and others rushed to file their tax returns ahead of Sunday's deadline, HSBC's online banking services were knocked offline today.

The banking giant was hit by a DDoS, but it is not yet clear who is responsible. The attack meant that customers were unable to access their online accounts, and it is just the latest in a strong of high-profile security issues to affect well-known sites.

Continue reading

IT security professionals are looking for a challenge

Business mobile devices

The notion that IT security professionals are mercenaries when it comes to work and would most likely move if given an opportunity to earn more is, by a large margin, incorrect.

That’s basically what a new report by AlienVault says. The report, entitled Blood on HR's floor -- The Challenge of Retaining IT Security Skills, has a couple of interesting points.

Continue reading

Lenovo fixes SHAREit security flaw

pixel padlock

Lenovo has issued updates to address a hard-coded password flaw and other security issues with its file sharing utility SHAREit.

Lenovo has addressed a serious flaw in its PC and Android versions of SHAREit, which enabled anyone on a LAN or wireless hotspot to potentially view and copy files from another computer or device running the SHAREit application. Though that was always the intention of the application -- to make file sharing painless -- it was probably not intended to be so open to anyone.

Continue reading

Wendy's investigating a possible credit card breach

There have numerous instances of credit card breaches recently, with many popular companies affected by the problems. News of one more seems to be expected these days, and now it is beginning to break that a fast food chain may be the latest in this growing line.

Before you panic, this is only being investigated at the moment, so everything may be fine. So far all that's known is that several banks reported a pattern of fraud charges and the common link was that each had been used at a Wendy's location.

Continue reading

One in three home routers will double as a public hotspot by 2017

Would you be willing to share your Wi-Fi router so that everyone around you could use it as a public hotspot? Your Internet connection would stay secured behind a firewall.

This is actually not a rhetorical question, but an inevitability, according to a recent Juniper Research report. According to the market analysts, by 2017, one in three home routers will be used as a public Wi-Fi hotspot, and by 2020 there will be a total of 366 million of these units worldwide.

Continue reading

Phishing attacks grow in volume and complexity

Phishing

According to a new report from security awareness specialist Wombat Security phishing attacks are on the rise and are supported by increasingly aggressive social engineering practices that make them more difficult to prevent.

Organizations surveyed indicated they have suffered malware infections (42 percent), compromised accounts (22 percent), and loss of data (4 percent) as a direct result of successful phishing attacks.

Continue reading

Bittium Tough Mobile is ready to take on Blackphone for the most secure phone crown

Surveillance, privacy concerns and other issues have brought security into sharp focus for mobile users the world over. Apple, Google and Microsoft all offer encryption options, but for those with real security and privacy worries, the likes of Silent Circle's Blackphone 2 and the ARCHOS GranitePhone have a healthy following. Now there's a new security and privacy-focused handset vying for attention: the Bittium Tough Mobile.

At Mobile World Congress 2016 in Barcelona next month, Bittium will show off not only its secure smartphone, but also its Bittium Secure Suite device management and encryption software. With these and Bittium SafeMove -- a secure remote access tool -- the company hopes to increase business and enterprise confidence in mobile and the Internet of Things.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.