Xbox Live certificate keys exposed according to Microsoft
A lot of Xbox customers shill out the extra money for a Live account to improve the gaming experience. With the vast amount of Xbox consoles out there, that is quite a few customers. Now Microsoft is acknowledging that the keys for some of those faithful users have been exposed.
Before you panic, this doesn't necessarily mean you've been hacked, but the possibility is there. In a new security bulletin the company claims that the SSL/TLS digital certificate keys for xboxlive.com were exposed and that this could be used by hackers for man-in-the-middle attacks.
Windows 10: Security features for the enterprise
The introduction of mobile into the workplace has destroyed previous enterprise security models, introducing a modern operating system (OS) architecture that puts the employee in the driver’s seat.
At the same time, breaches targeting traditional Windows operating systems are at an all-time high, with over 1 billion records compromised in the last two years.
Humans reclaim the web from the bots
For the first time in five years, humans were the ones responsible for the majority (51.5 percent) of all online traffic, up from just 38.5 percent in 2013.
This is according to the latest Imperva Incapsula Bot Traffic Report which shows that good bot traffic decreased, from 31 percent in 2013 to 19.5 percent in 2015, while bad bot traffic remained static, at around 30 percent.
[Updated] Webhost Easily hit by malware attack
UK webhosting company Easily has emailed its customers to inform them that it has fallen victim to a malware attack. COO Edwina McDowall says that the assailant is, as yet, unknown but steps have been taken to eliminate the malware.
The company warns that all customers should change their passwords as a precautionary measure, but seeks to assure people that credit card details have not been compromised.
Retail data breaches threaten customer loyalty
A high percentage of Americans would change their shopping habits if their favorite retailer was hit by a data breach according to a new study.
Data security specialist Vormetric commissioned the survey over 1000 US adults from Wakefield Research which found that for 85 percent of respondents the significant personal consequences that can result from a breach would cause them to find a new place to shop.
EU signs its first cyber-security rules
European legislators have reached an important agreement, as they sign first cyber-security rules for the Union.
The rules, comprised in the Network and Information Security Directive have, among other things, asked tech giants such as Google and Amazon to be more open and transparent about their security, as that will help protect EU’s essential infrastructure, such as air and road traffic control systems and the electricity grid, from cyberattacks.
Connected toys and the IoT could be the next weapons of mass surveillance
Just a few days ago, we heard about the potential for the web-enabled Hello Barbie to provide hackers with personal data. Numerous vulnerabilities open up the potential for data to be stolen, but this could be the start of a worrying trend. If you thought the surveillance activities of the NSA and GCHQ are disturbing, things could be about to get much worse.
There is a movement underway that sees every conceivable device being transformed into a connected device. This is more than just the Internet of Things -- security experts are warning that not only could any devices connected to the internet (including web-enabled toys) could be used to spy on users, placing children at risk.
All businesses share the same cloud security concerns
All organizations have the same key concerns regarding the security of their data in the cloud, according to a new report.
The study by security-as-a-service specialist CloudLock reveals that every organization shares five primary cloud cyber security concerns, regardless of industry. These are: account compromise, cloud malware, excessive data exposure, over-exposed personally identifiable information (PII) and payment card industry (PCI) data, and collaboration.
Patch Tuesday December 2015: The most-important patches
There we are: the last Patch Tuesday of 2015. It turns out to be about average, with maybe a bit more severity in the bulletins than usually. We have eight critical bulletins in the total 12, including one that fixes a 0-day vulnerability, currently in use by attackers to escalate privileges in Windows. 0-days used to be very rare occasions, but this year they have become almost mainstream.
After all the year started off with a string of 0-days in Adobe Flash and since then we have seen almost every month a patch for a vulnerability that is already under attack. Definitely a sign of the increasing technical capabilities that attackers are wielding and a reminder that IT Managers should not only patch their systems promptly, but also look for additional robustness.
McAfee's enterprise security software can be bypassed with a 'specially crafted username'
A kind word will open any door, but a special kind word will open all doors to an otherwise safe computer system, a McAfee advisory says.
The advisory has said that "a specially crafted username" can get past the Security Information & Event Management logins without authentication, and without a password, "if the ESM is configured to use Active Directory or LDAP".
SMBs lack the resources to protect themselves from cyber attacks
Only 37 percent of SMBs believe that their organizations are fully equipped to handle IT security according to a new survey.
The study by security company Webroot reveals that in most small to medium businesses, IT teams are expected to handle all cyber security management and concerns. IT employees at almost one in three companies (32 percent) juggle security along with their other IT responsibilities, which leaves them limited time to cope with security tasks.
5 reasons why web apps are so frequently insecure
The unrelenting move to the cloud means that web apps are becoming ever more common. They have also increasingly become targets for hackers and this is often because of security failings; many of the recent high-profile security breaches have come about because of web app security vulnerabilities.
Ilia Kolochenko, CEO of High-Tech Bridge suggests a quintet of things companies do -- or fail to do, that make the life of hackers easier.
Myths and facts about backup, restore and disaster recovery
With the rise of digital data, changing technology, and common usage of personal devices, the IT world has become ever more complex with new challenges around every corner. In the wake of such quick changes and complexity, many individuals end up exaggerating the difficulties found within these new systems and thereby begin spreading some major falsehoods within this vast IT sphere.
Even though the influx of information and discovery has given way to the creation of several urban legends, below you will see what is true and what is not.
Panda Internet Security 2016: Good protection, small performance impact [Review]
We already know the importance of defending endpoints to keep business systems secure. The latest release of Panda Internet Security offers protection for PC, Mac, iOS and Android devices, and aims to provide a wide spectrum of security in an easy-to-use package.
For businesses looking to help staff protect their BYOD devices or smaller organizations looking for desktop protection, what does it have to offer?
Retailers aren't doing enough to protect their data in the holiday season
Retailers believe they're doing a good job of protecting their sensitive data, but may in fact be ignoring major security holes.
This is among the findings of a retail risk report from threat protection company Bay Dynamics, based on a survey of IT decision makers in 125 large US retail organizations.
© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.