It's all a facade: Encryption may do nothing to reduce surveillance or increase privacy
Living in a technological age where there is a near-fanatical obsession with privacy, a move towards encryption seems to make perfect sense. While there have been calls from some governments to ban encryption and demands for decryption keys to be handed over, there is a drive by companies and online services to try to increase security and privacy with encryption.
But a new report (Don't Panic: Making progress on the encryption debate) from Harvard University's Berkman Center for Internet & Society suggests that encryption may be all but pointless when it comes to curtailing surveillance. While governments and surveillance agencies may balk at the idea of people using encryption to 'go dark' online, and many people embrace the idea as a means of increasing their privacy, the report suggests that the task of surveillance is not going to be made impossible, and could be helped by the Internet of Things (IoT).
BlackEnergy 3 malware targets Ukranian power facilities
The BlackEnergy malware first appeared in 2007 as a relatively unsophisticated program that that generated random bots to support Distributed Denial of Service (DDoS) attacks.
Endpoint security specialist SentinelOne has detected a new variant of the program which was used last month to attack a Ukranian power facility. It also believes that this latest variant may be state-sponsored.
Stop using Microsoft Edge's InPrivate mode if you value your privacy
It's possible that you reached this article purely by chance, or you may have Googled 'how to change the default search engine in Microsoft Edge'. However you got here, the fact that you're reading this indicates that you're either interested in Windows 10's Edge, or actively use it -- and this means there's something you need to know.
If you fall into the latter camp and use Edge's InPrivate mode to cover your online tracks, you might want to think about changing your web browser. Edge has already got some stick for its lack of extension support -- "it's coming, it's coming!" Yeah, whatever... so's Christmas -- but now it turns out that InPrivate mode is a privacy nightmare. It is possible to peak behind the curtain and see which sites have been visited when using a browsing mode that should mask this.
LG G3 'Snap' vulnerability leaves owners at risk of data theft
Security researchers have discovered a vulnerability in LG G3 smartphones which could be exploited to run arbitrary JavaScript to steal data. The issue has been named Snap, and was discovered by Israeli security firms BugSec and Cynet.
What is particularly concerning about Snap is that it affects the Smart Notice which is installed on all LG G3s by default. By embedding malicious script in a contact, it is possible to use WebView to run server side code via JavaScript. If exploited, the vulnerability could be used to gather information from SD cards, steal data from the likes of WhatsApp, and steal private photos.
Adobe pushes out betas for version 21 of Flash and Air
Lots of things are said about Flash, and most of them aren't good. The Adobe app has proven to be a security nightmare and constant updates do little to alleviate the problems. Now a new version is on its way and hoping to fix things.
New versions of Flash 21 and Air 21 are in the works, currently these products are codenamed "Sutter". Don't expect any major changes, the company points out it's just incremental advances.
Why did Google give $6,006.13 to MBA candidate Sanmay Ved?
Google's security bounty programs can be quite lucrative for those who discover problems, and the company has just published a report looking back at the security landscape in 2015. Entitled Google Security Rewards - 2015 Year in Review, the report reveals the financial rewards that have been paid out in the last 12 months.
In all, Google has paid out more than $2 million to more than 300 people, but Sanmay Ved is probably one of the more interesting reward recipients. He's the guy who -- very briefly -- managed to buy Google.com before having it taken off his hands. Google offered him a $6,006.13 reward, but there's a little more to the story.
How your servers might support a DDoS attack
The largest scale of internet attacks enlist thousands or tens of thousands of previously hacked computers to simultaneously attack and overwhelm the websites and e-commerce services of selected victims.
Whilst there is often media coverage of the victim organizations affected, and sometimes discussion about the motivation of the attackers, there is rarely any awareness by those computer owners that are participating in attacks and facilitating online crime.
Threat of cyber crime drives higher salaries for security professionals
Employers are offering salaries up by 14 percent on average for IT security specialists in the light of the growing threat posed by cyber crime.
A Global Salary Survey by UK specialist recruitment company Robert Walters also sees salaries for developers increasing as major employers look to overhaul their online presence.
HSBC online banking hit by DDoS attack
As workers eagerly awaited the arrival of their first payday of 2016, and others rushed to file their tax returns ahead of Sunday's deadline, HSBC's online banking services were knocked offline today.
The banking giant was hit by a DDoS, but it is not yet clear who is responsible. The attack meant that customers were unable to access their online accounts, and it is just the latest in a strong of high-profile security issues to affect well-known sites.
IT security professionals are looking for a challenge
The notion that IT security professionals are mercenaries when it comes to work and would most likely move if given an opportunity to earn more is, by a large margin, incorrect.
That’s basically what a new report by AlienVault says. The report, entitled Blood on HR's floor -- The Challenge of Retaining IT Security Skills, has a couple of interesting points.
Lenovo fixes SHAREit security flaw
Lenovo has issued updates to address a hard-coded password flaw and other security issues with its file sharing utility SHAREit.
Lenovo has addressed a serious flaw in its PC and Android versions of SHAREit, which enabled anyone on a LAN or wireless hotspot to potentially view and copy files from another computer or device running the SHAREit application. Though that was always the intention of the application -- to make file sharing painless -- it was probably not intended to be so open to anyone.
Wendy's investigating a possible credit card breach
There have numerous instances of credit card breaches recently, with many popular companies affected by the problems. News of one more seems to be expected these days, and now it is beginning to break that a fast food chain may be the latest in this growing line.
Before you panic, this is only being investigated at the moment, so everything may be fine. So far all that's known is that several banks reported a pattern of fraud charges and the common link was that each had been used at a Wendy's location.
One in three home routers will double as a public hotspot by 2017
Would you be willing to share your Wi-Fi router so that everyone around you could use it as a public hotspot? Your Internet connection would stay secured behind a firewall.
This is actually not a rhetorical question, but an inevitability, according to a recent Juniper Research report. According to the market analysts, by 2017, one in three home routers will be used as a public Wi-Fi hotspot, and by 2020 there will be a total of 366 million of these units worldwide.
Phishing attacks grow in volume and complexity
According to a new report from security awareness specialist Wombat Security phishing attacks are on the rise and are supported by increasingly aggressive social engineering practices that make them more difficult to prevent.
Organizations surveyed indicated they have suffered malware infections (42 percent), compromised accounts (22 percent), and loss of data (4 percent) as a direct result of successful phishing attacks.
Bittium Tough Mobile is ready to take on Blackphone for the most secure phone crown
Surveillance, privacy concerns and other issues have brought security into sharp focus for mobile users the world over. Apple, Google and Microsoft all offer encryption options, but for those with real security and privacy worries, the likes of Silent Circle's Blackphone 2 and the ARCHOS GranitePhone have a healthy following. Now there's a new security and privacy-focused handset vying for attention: the Bittium Tough Mobile.
At Mobile World Congress 2016 in Barcelona next month, Bittium will show off not only its secure smartphone, but also its Bittium Secure Suite device management and encryption software. With these and Bittium SafeMove -- a secure remote access tool -- the company hopes to increase business and enterprise confidence in mobile and the Internet of Things.
© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.