Most mobile apps have encryption flaws
Encryption is not all it’s cracked up to be according to a recent security report, with coding flaws introducing a number of vulnerabilities into smartphones and their software.
Seven in eight Android apps and 80 percent of all iOS apps have encryption flaws, claims Veracode’s State of Software Security report.
New solution helps businesses offer single sign ons
As businesses grow and expand their online presence, they can end up with customers needing lots of different logins for blogs, support portals, forums and more. This can lead to frustration among users and mean that businesses lose sight of their system interactions.
Software company Inversoft is launching a solution to this problem in the form of Passport. This not only allows a single sign-on between applications, games, forums, help desks, user accounts and other offerings, but also gives companies a comprehensive view of user activity.
Google makes Android a little less dangerous with 'Safe Browsing' update
When I switched from Android to iOS earlier this year, it had nothing to do with being a fanboy, hating Google, or loving Apple. Truth be told, I have never ever owned a Mac -- although I have played around with Hackintosh -- and I continue to use many Google services like YouTube and Gmail. The reason I switched was simple -- security. Too many Android devices get abandoned by manufacturers, meaning users are expected to use devices with known vulnerabilities -- unacceptable. With iOS, I can be confident that I will get a steady stream of updates.
While Android continues to be a dangerous Wild-West-like experience when it comes to updates and vulnerabilities -- except for Nexus devices -- today, Google is making it a bit safer to use. As long as you use Chrome as your web browser on the mobile Linux-based operating system, the search giant will try to protect you from potentially dangerous websites. Yes, Android is becoming, arguably, a little less dangerous.
To avoid a data breach, look to your employees first
Nearly half of IT and security professionals across global businesses and government agencies have suffered a security breach in the last 24 months. Headline grabbing hacks such as Talk Talk and Sony are putting both personal and corporate data increasingly at risk as growing numbers fail to keep personal information secure.
Recent news has seen data breach after data breach including those of communications giant TalkTalk, whose customer information was compromised due to a data breach by a third party, and even the Sony hack, where a lack of secure computer systems led to a release of confidential data. Whether a result of malicious intent or simple human error, it is clear that mismanagement of sensitive information is commonplace. A data breach puts your businesses reputation at risk, damages consumer trust and can impact the bottom line. So who exactly is to blame when a data breach occurs?
How to disclose a security breach
The days and weeks after a major security breach can be trying, even for veterans of the security field. Chaos inevitably erupts as the organization attempts to assess and contain the damage. Often far down the list of priorities is the disclosure of the breach, but this can be one of the most critical steps for an organization to get right.
It is vital for financial reasons, to the recovery of the brand and for the viability of the company. It is not an easy task when customer’s personal information has been stolen. The reaction from customers is almost always the same: swift and highly critical of the organization and how it manages the aftermath.
How to enable Potentially Unwanted Application protection in Windows 8 and Windows 10
Enterprise users are always looking for ways to protect their systems, and Microsoft recently unveiled a new opt-in feature to protect against Potentially Unwanted Applications (PUA). PUA is a broad term that covers everything from adware to browser extensions, and users of Windows 8 and Windows 10 can enable the feature to block such nasties at a download level.
PUAs are described by Microsoft as "a threat classification based on reputation and research-driven identification", and includes unwanted components bundled with legitimate software. Venture into the registry, and a tweak can be used to enable protection against such unwanted elements.
Samsung updates Lollipop firmware to show Android security patch level
Responding to a spate of Android vulnerabilities and exploits, Samsung was one of the first companies to announce a move to monthly security updates for its handsets. This is great news for those concerned about the security of their phone, but for people running Lollipop there has been no way to check that the latest updates are installed.
Now this changes. Samsung is bringing the previously Marshmallow-only "Android security patch level" information to Lollipop handsets such as the Galaxy Note 5 and Galaxy S6 edge+. With just a few taps, it is now easy to check which month's security updates have been installed.
Windows Server 2016 switches to per-core licensing
Microsoft has always licensed Windows Server on a per-socket basis, but with the 2016 release this is due to change. When Windows Server 2016 launches in the second half of next year, things are being shaken up. As well as the two versions -- Standard and Datacenter -- including different features, there is also a move to per-core licensing.
In a couple of PDF datasheets, Microsoft reveals not only the change in licensing, but also that Windows Server 2016 and System Center 2016 Standard and Datacenter Editions are scheduled for release in Q3 of 2016. The licensing change is unlikely to be welcomed by many, as it complicates a system that had become familiar -- and could also push up pricing.
David Cameron's Facebook page reported for posing a 'credible threat of violence' over ISIS
The UK's decision to start a military campaign in Syria to fight ISIS has dramatically divided opinion. Support and opposition is not split neatly down party lines, but a vote this week led to almost immediate airstrikes being carried out.
Taking to social media, Prime Minister David Cameron -- or his representatives -- used his official Facebook page to crow about the fact that vote went the way he wanted it to. This has had something of an interesting side effect. Facebook users are reporting the page for threatening violence.
A third of businesses use mobile banking to make payments
Not only does every other top manager make payments from corporate accounts via mobile banking, but it was also discovered that over 30 percent of companies use mobile devices to access corporate bank accounts and to make financial transactions.
Those are the result of a recent joint survey conducted by Kaspersky Lab and B2B International.
Hackers hide malware inside Dropbox accounts to target media organizations
A new form of malware that targets mass media agencies has been discovered by researchers at the US-based security firm FireEye. The malware was detected in Hong Kong where it was being used to target a small number of media agencies with the initial targets of the attack being newspapers, radio stations and television studios.
The malware leaves a user vulnerable by offering a backdoor to their system. The way in which this is achieved is unique because its command and control or C&C server is hidden inside Dropbox accounts. FireEye was able to trace the malware back to a group of hackers by the name admin@338, who is believed to have ties with the Chinese government.
My fridge is listening to me
It seems oddly fitting that this week -- a week scarred by the bizarre and violent mass murder in San Bernardino -- that I received a LinkedIn invitation to connect with someone who listed this as their job description:
Install, maintain, and repair GPS, Wi-Fi, and security camera systems on tour buses. In 2010, working with grant money from Homeland Security, I installed security systems on a fleet of tour buses and I have been maintaining those systems since then. In 2011, I helped install multi-language listening systems on tour buses and have been the lead maintenance technician. Currently, I am project manager for upgrading a fleet of 50 tour buses with new GPS systems using Homeland Security grant monies. This requires coordinating with engineers of service providers to solve unusual, complex problems.
JD Wetherspoon's customer details leaked after cyber attack
Personal details of hundreds of thousands of JD Wetherspoon customers have been accessed and leaked following a hack of its database. The cyber attack affects more than 650,000 customers, the UK pub chain has announced.
The leaked data includes names, birth dates and email addresses, as well as the partial credit and debit card details of some customers who bought gift vouchers. Although the attack occurred back in June, JD Wetherspoon has only just gone public about it.
Barbie says hello to more security flaws
Hot on the heels of last Friday's news of the potential of the Wi-Fi enabled Hello Barbie doll to be hacked, new research has uncovered security issues with the mobile app associated with the doll and with its connections to cloud servers.
Application security specialist Bluebox working with independent researcher Andrew Hay has revealed that the app can be modified to reveal confidential information including passwords.
New privacy platform protects enterprise communication
Enterprise customers are increasingly concerned about the security of their mobile communications, as well as the ability to deliver auditing and compliance information.
Silent Circle, the Swiss company behind the privacy focused Blackphone, is launching its Enterprise Privacy Platform a set of secure software, services and devices designed to deliver privacy to business and government organizations of all sizes.
© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.