No more Chrome updates for Windows XP from April 2016
Anyone still desperately clinging to Windows XP only has another six months of updates for Chrome. Google has decided that the time has finally come to sever ties with the ancient operating system, and the same applies to Vista and OS X 10.6, 10.7, and 10.8.
Just as Microsoft has stopped issuing updates for Windows XP, so too has Google set a cut-off point of April 2016 for Chrome support on older OSes. These versions of Windows and OS X have been dropped by Microsoft and Apple, so it makes sense that other companies will move on as well. But as well as not getting new versions of Chrome, there will also be no more security updates.
The three don'ts when choosing an IT security budget
With high-profile data breaches continuing to make headlines with disturbing regularity, the general consensus on the cyber security front is that we need to be doing more. Of course, if you’re sitting down to discuss your company’s IT security budget, you’re going to need to get more specific than that.
Determining the right cyber security budget can be a challenge, especially for companies that are looking into security seriously for the first time and unsure where to start. While one approach is to look to industry benchmarks -- averages by vertical, percentage of overall IT spending, etc. -- the truth is there is no universal right answer to determining your security budget.
RoboForm boosts security with two-factor authentication
Two-factor authentication is increasingly common as a way of verifying logins to websites so that you’re not relying on just a password.
Now Siber Systems maker of the popular RoboForm password manager is adding 2FA to allow users to receive a password via text message to verify trusted desktop, laptop and mobile devices for repeat use with the software.
Twitch flips the switch on two-factor authentication
Enabling two-factor authentication is a simple and effective way to beef up the security of your online accounts. Also known as 2FA, it introduces an additional step in the log in process, which typically requires the user to enter a code received via SMS or retrieved from an app, after their password is validated.
To take advantage of two-factor authentication the services that you use have to offer this feature, which is not always the case. But, as far as Twitch is concerned, two-factor authentication is no longer missing from the options.
Addressing the mobile app trust gap
According to a new survey 80 percent of consumers would stop being a customer if there were a security breach in a company's mobile app. But app developers admit in the same study that many apps are not secure due to pressure to release them to market before they are ready.
These findings come from mobile security and analytics company Bluebox Security which talked to over 400 consumers and approximately 300 developers.
The next target for surveillance: the dark web
The surveillance activities of the NSA and GCHQ are well known, and many people hoping to slip under the radar have taken to the 'dark web'. Famous for sites such as Silk Road, as well as being home to illegal content such as child pornography, the dark web may not be a safe haven for much longer.
Joint Operations Cell (JOC) is a new venture in the UK which sees the National Crime Agency (NCA) and GCHQ joining forces. Described as a "genuinely innovative development", the operation aims to home in on online criminals, with a particular focus on crimes involving child exploitation.
Linux users targeted by new Linux.Encoder.1 encryption ransomware
Extortion is just the latest in a series of weapons being used to terrorize computer users and technology companies. One of the most recent victims was ProtonMail which found itself the subject of a DDoS attack and a ransom demand -- and despite paying up, the attacks continued. But individual users also have their feet held in the fire by ransomware.
It's something that mobile users have become familiar with. Android users have been hit by malware that encrypts the contents of their phones and renders it inaccessible until a ransom is paid. It's a problem that has also affected Windows users, and the latest target is Linux. Web servers powered by Linux are being targeted by the Linux.Encoder.1 crypto-ransomware.
New incident response platform aims to improve cyber resilience
According to a recent study by the Ponemon Institute, more than 90 percent of organizations recognize cyber resilience as an essential part of protecting their core assets and business interests.
Part of creating that protection is to have an effective plan for when things go wrong and incident response solutions specialist Resilient Systems is releasing version 24 of its Incident Response Platform (IRP). The release features strategic integrations with IBM X-Force's threat intelligence feed and HP ArcSight, enabling organizations to gain insight more quickly and respond more intelligently to cyber threats and attacks of all types.
What's the real cost of the UK's Investigatory Powers law?
The Home Office has issued an Impact Assessment, looking into the price of the proposed Investigatory Powers law, which would allow government agencies to intercept digital communications.
Secretary of State Theresa May’s department estimates a price of some £247m over a 10-year-period to cover the costs of the spy law, but according to The Register, which calls upon industry sources, little to no consultation has taken place so far. The true price of the bill can be significantly larger and can go up to £2 billion, with the bulk of finances going to telecom firms to cover the costs of storage.
Apple IDs targeted in global phishing scam
A new phishing threat is targeting businesses and consumers with Apple IDs in an effort to steal IDs, passwords and credit card information.
The attack has been identified by Comodo Antispam Labs and looks like an official Apple email. It has the Apple logo and includes Apple's physical address, as well as an email address that, at a quick glance, appears to to be from Apple -- giving the recipient the illusion of the message being authentic.
Post-Stagefright analysis shows Android users remain indifferent to attacks
In the past few months, Android users have seen a series of attacks by hackers exploiting bugs, collectively putting more than a billion devices at risk worldwide.
In late July, Stagefright hit the news as a weakness in the system that was being exploited by hackers. This was followed by Stagefright 2.0 and Kemoge, making for massive malware attacks on Android phones in three out of the last four months.
Poor management of admin accounts puts businesses at risk
Login details for an administrator or other privileged account falling into the wrong hands can have serious consequences for a business.
But a new global security survey from Dell reveals that organizations have haphazard processes for managing administrative or other privileged accounts, making them vulnerable to security breaches.
Most IT pros are against UK's Investigatory Powers bill
Late last week, the UK government introduced a new Investigatory Powers bill, which requires Internet service providers to keep a record of the Internet activity of everyone in Britain, as well as cracking down on encryption and increasing government surveillance.
The initial reaction from industry professionals was mixed, but a new survey from Swiss data bank Artmotion has found that a massive 87 percent of IT leaders disagree with the government’s plan to reduce the strength of data encryption.
Facebook censors links to social network Tsu.co
Anyone who tries to post links to Tsu.co on Facebook, Facebook Messenger, or Instagram will find that they are unable to do so. If you've not heard of Tsu.co, it's another social network, and your initial thought may be that Facebook is trying to censor people from talking about rivals.
Facebook blocks any messages containing the URL from being posted, warning that the site is 'unsafe'. Tsu.co different from other social networks in that it is invite-only and promises to share ad-revenue with users. This has resulted in huge levels of Tsu.co-related spam appearing on Facebook and the susequent ban.
The NSA keeps 9 percent of the vulnerabilities it discovers to itself
Openness and the NSA are not happy bedfellows; by its very nature, the agency is highly secretive. But in recent years, post-Edward Snowden, the organization has embarked on something of a PR campaign in an attempt to win back public trust.
The latest manoeuvre sees the NSA promoting the fact that when it discovers security vulnerabilities and zero-days in software, it goes public with them in 91 percent of cases... but not before it has exploited them. No information about the timescale for disclosures is given, but what most people will be interested in is the remaining 9 percent which the agency keeps to itself.
© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.