The cloud is ubiquitous -- and so is its security
The tabloids are abuzz with tales of hackers stealing salacious celebrity selfies stored on the Cloud, and of course the furor dies with next week’s issue of People Magazine.
The thought of Cloud based business data being compromised is a different matter, and you’re right to be concerned about ubiquitous computing resulting in ubiquitous hacking attempts. Fortunately, efforts to secure the cloud are maintaining the pace of the unprecedented growth of the cloud itself.
Investigation finds 'anonymous' Whisper app secretly tracks user location
Following all of the NSA revelations, mass surveillance has increased the general level of paranoia to be found online -- although it could be argued that not all surveillance is bad. With everyone on such high alert it's little wonder that an app that described itself as "an anonymous social network that allows people to express themselves" should be so popular. Whisper encourages users to embrace the supposed anonymity it offers and reveal secrets they would not otherwise feel comfortable sharing.
An investigation by the Guardian found that the app is tracking the location of its users -- even those who have opted out of such tracking. As a result of the Guardian's report, Whisper amended its terms of service and introduced a new privacy policy. But the revelations will cause concern to users of the service, who sent more than 2.5 million messages per day.
Protecting your PC is like defending a castle
Most people are aware that they need to have some form of protection on their PC if it's attached to the internet. Yet it seems that a lot of users still don't know how to properly protect themselves.
Many believe that the security software that comes with their PC is enough to protect them. Security company Check Point ZoneAlarm has released an infographic which shows that 71 percent don’t have both a firewall and antivirus solution on their PCs.
How can consumers stay secure as payment systems evolve? [Q&A]
Data breaches continue to make the news on a regular basis and payment details are high on the hacker’s shopping list when it comes to protecting information. We reported yesterday on Intel introducing a new secure solution for protecting payments and card providers are engaged in a continuing arms race to stay secure. The latest part of this is the introduction of more secure EMV (EuroPay, MasterCard and Visa) compliant payment terminals around the world. Banks are issuing the new chip cards as current cards expire or need replacement. Retailers are installing new chip-enabled terminals.
As the holiday shopping season approaches keeping your details safe as you hit the shops is at the top of many people's thoughts. We spoke to Carolyn Balfany, SVP, Product Delivery and EMV of payment card specialists MasterCard to find out about what consumers can do to help protect themselves as they shop.
Thieves beware: Android 5.0 Lollipop packs kill switch
We have known for quite some time that the next incarnation of Android will pack a kill switch. This feature has long been requested, as it would prevent unauthorized reuse and, therefore, make a serious dent in smartphone and tablet theft. It is even imposed under Californian law, going into effect next year. But even though Google has not mentioned it yet, the kill switch is indeed baked into Android 5.0 Lollipop.
The kill switch in Android 5.0 Lollipop is officially known as "Factory reset protection", and is offered as an opt-in feature which only works in conjunction with a passcode. After it is enabled, the user's credentials (Google account and password) are required in order to reset the device, to allow a person other than the original user to use the device as intended.
The best tools for removing malware 2014
Independent testing organization AV-Comparatives has released the results of its latest Real World Protection and File Detection tests showing which security products perform best at dealing with malware.
The Real World Protection test results are based on over 600 live threats including drive-by downloads, malicious URLs, and infected email attachments. 22 products were tested and rated against the 'out of the box' protection provided by Windows (80.4 percent).
New Intel technology helps safeguard the payment process
Recent high profile data breaches involving retailers have led many people to have doubts about the security of transactions.
Chip maker Intel has today announced a new data protection technology that will both address these concerns and help speed up the roll out of internet of things devices in retail environments.
Cloud-based security and why it's here to stay
As the popularity of cloud services has grown, so have concerns over the security of the data that's stored on them. This has led security vendors to adapt and develop solutions for the new environment.
A new report by security company NSS Labs looks at the rise of cloud security solutions and at the business demands driving their adoption, as well as the limitations and potential hidden costs in their use and recommendations for enterprises.
Thinking unconventionally is how you protect an entity the size of Google
We are at the 27th annual Information Security Solutions Europe Conference (ISSE), one of Europe's largest gatherings of cyber security experts.
Stephen Somogyi of Google Safe Browsing gave an amazing keynote speech about how Google goes about protecting its billions of users around the world. Here are some of the highlights:
Bitcoin will do nicely -- the state of Russian cyber crime
Banking fraud is down, mobile threats are up and cryptocurrency is the preferred payment method in the world of Russian cyber criminals.
Fraud prevention and cyber crime investigation specialist Group-IB has released a report on the Russian high-tech crime market in 2014. The report provides detailed assessments of the who, what, where and how of high-tech crime, who is behind what crimes, where they originate and who they target.
Tracking and tackling Ebola using mobile phone surveillance
Mention web or mobile surveillance, and you're sure to raise a few hackles. But the current Ebola outbreak is showing that the data collected from handsets can be extremely useful. The idea of tackling a disease with 'big data' gathered from mobile phones might seem a little odd, but it's actually an incredibly valuable source of information. Telecom firms such as Orange have been working with data scientists, using anonymized data gathered from phones to track population movement in regions affected by Ebola.
The BBC points out that even in relatively poor countries in Africa, mobile phone ownership is still high. Experts have been able to use this data to determine the best places to set up treatment centers, and it's an idea that has been pounced upon by the CDC.
Mozilla will make Firefox 34 immune to POODLE, releases fix for older versions
Google yesterday disclosed a major security vulnerability it has found in the SSL 3.0 encryption protocol, that is still employed by many sites across the web, despite long being superseded. Dubbed POODLE (Padding Oracle On Downgraded Legacy Encryption), it allows attackers to steal private data, like cookies, and, possibly, use it to access user accounts on vulnerable sites. The search giant says its Chrome browser should be safe, but warns that others may be vulnerable.
Firefox is one of the vulnerable ones. To address this issue, Mozilla reveals that the upcoming version -- Firefox 34, to be exact -- will feature code which makes it immune to the POODLE attack. For those who use lesser versions of the open-source browser -- most users, basically -- the organization provides an optional fix.
Don't overlook the most important cloud storage feature: Security
The craze in the world of cloud storage today seems to be rolling out lists of additional features that match the features of every competitor out there, and presenting them as new and improved. Every company strives to be appear as the best possible cloud option on the market by continually adding "new" features right alongside competitors, and in all of the competition it can be a simple mistake to overlook what these features actually mean.
Before you let these lists of newly-added features dazzle you into choosing one specific cloud storage option over another, do a little research into what these features actually do. You might be surprised to find that many aren’t precisely new ideas, and they don’t increase the most important cloud storage aspect of all: secure file storage.
Security alert: Google drops SSL 3.0 after POODLE attack discovery
Google's security team has discovered a vulnerability in SSL 3.0 which can be exploited to steal secure cookies and other data. The 15 year old technology is still used as a fallback when connection problems occur as it helps maintain backward compatibility, but the security problems mean that Google will start to phase out support. Details of the exploit have been published and Chrome has today been tweaked to disable SSL 3.0 fallback.
Bodo Möller from Google's security team points out that this move will "break some sites" and that they will need to be updated. This does present some compatibility issues, and the advice is to support TLS_FALLBACK_SCSV instead, at least for the time being.
Security firms have created the next dot com bubble by 'scaring their customers'
There are too many security firms offering insufficient security. At least that's what Ilia Kolochenko, CEO and founder of High-Tech Bridge thinks. He points to the splitting of Symantec as proof that security companies are struggling, and suggests that the emergence of so many firms competing for attention is the start of a new dot com bubble that could burst at any moment.
Security is important to both home computer users and enterprise businesses. There is a huge amount of money to be made in the field, so it is perhaps little wonder that the number of companies muscling in on the market is on the increase. Kolochenko says that at the end of the century a lot of tech companies sprang up overnight and "most of these businesses were designed to create artificial problems or boost non-existent demand in order to make quick money. They didn't actually solve any real problems". There is a danger that the same could happen in the security world.
© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.