Articles about Security

Privacy blow -- .UK websites must publicize registrant's name and address

Privacy

It seems there are new privacy worries at every turn. The latest cause for concern relates to websites in the UK. Nominet, the internet registry services provider for .uk domains, has changed one of its policies, and the change means that individuals running websites may have to reveal their home addresses. There are obvious privacy and security concerns associated with this, particularly for websites run by individuals who wish to remain anonymous -- full names of domain registrants must also be displayed.

Nominet's policy on opting out of appearing on WHOIS searches is not immediately clear. Things start off in a fairly simple fashion. "Only domain name holders that are non-trading individuals can opt out of having their address details published on the WHOIS". Great; my website is just a blog. There's no need to advertise my home address for the world to see, you might think. But 'advertise' could be the key word here. If Nominet classifies you and your site as a business, it is a completely different story and your home address must be displayed.

Continue reading

Hard drive failure responsible for two thirds of data loss

There may be a gradual move to storing more and more files in the cloud, but businesses and end users are still highly reliant on good old-fashioned hard drives. This technology, though convenient, does have its downsides; hard drives fail. A survey conducted by data recovery firm Kroll Ontrack found that nearly three quarters of those questioned (72 percent) had lost data from a drive in a laptop or desktop computer. A far lower percentage (15 percent) lost data from SSDs -- reflecting the fact that fewer SSDs are in use than mechanical drives -- while 13 percent attributed their most recent data loss to RAID or virtual services.

Not all of the data loss came as a result of hardware failure. Software and human error accounted for around 20 percent of data loss, but drive crashes and other hardware problems were responsible in two thirds of cases (66 percent). This is a significant increase from 2010's figures when just 29 percent of data loss was attributed to hardware failure. Paul le Messurier, Program and Operations Manager at Kroll Ontrack is very matter of fact about the findings:

Continue reading

Feedly suffering from a DDoS attack, service currently down due to extortion scheme

DDoS attack

If you moved to Feedly after the much lamented shut-down of Google Reader, as many RSS users did, then you may have noticed that the service is currently down. To prevent customers from wondering about the problems, the company has released an announcement.

Feedly says it is currently under a denial of service attack, with the attacker demanding money to bring an end to service interruption. In a brief post on the company blog, the developers let all customers know of the problem, and promise to update users as the situation develops.

Continue reading

Hackers use terrible passwords too

Password

Lots of people are putting themselves, as well as others, at risk by using weak passwords like their phone number, a loved one's name, date of birth, "password", "123456" or "qwerty". You would assume that those who can crack their passwords, or create malware, do not exhibit the same irresponsible behavior, right?

According to security company Avast, hackers are not much different from the rest of us. Sure, they may not use "123456", the most popular weak password of last year, but their passwords are not too far off, as the majority of them only contain lower-case letters. And, on average, a hacker's password is just six characters long.

Continue reading

Dell offers best practices for BYOD security

tablet worker

The rise in use of mobile and BYOD technology is great when it comes to giving employees anytime, anywhere access to data. But it presents new challenges for IT departments in terms of keeping data safe and secure across enterprise networks and mobile platforms.

In a recent Dell Global Security Survey BYOD was highlighted as a root cause of security breaches. Of those polled 57 percent ranked increased use of mobile devices as being a top security concern in the next five years. Part of the problem is employee resistance as people find workarounds to avoid restrictive security policies. An ever increasing choice of device types and different operating systems can also add to security risks. To help companies gain maximum benefit from mobile device usage whilst keeping data secure Dell has come up with five best practice recommendations for enterprises.

Continue reading

Apple device hijackers arrested in Russia

You may recall that at the end of last month, a number of iOS users were locked out of their devices by ransomware, being faced with a message that their iPhone or iPad had been "hacked by Oleg Pliss", and a demand for $100 to unlock it.

Well, the Sydney Morning Herald (via MacRumors) is now reporting that the device hijacking miscreants behind this scheme have been arrested by the Russian authorities. Some Russian folks were affected by the security incident, as well as those in Australia (and a few other countries such as the US and Canada).

Continue reading

Smart TVs can be hijacked using a $250 antenna

Smart TVs are the latest product to be exposed to dangerous vulnerabilities that can be exploited by burying malicious code in signals sent to the connected devices and even able to attack other devices in the home.

Researchers have found a loophole in the technology used in the advanced sets that allows attackers to hijack TVs in a straightforward way, leave no trace, and do anything that the owner of the TV can do.

Continue reading

Microsoft patches Windows 8.x but leaves Windows 7 vulnerable, according to researchers

Around 50 percent of PC users are on Windows 7, while just 12 percent are running Windows 8.x, yet Microsoft is leaving the more popular OS vulnerable to zero day attacks by choosing to only patch the newest Windows version. That’s the findings of two security researchers who built a tool to compare 900 libraries in Windows 8 with their Windows 7 counterparts.

"If Microsoft added a safe function in Windows 8, why does it not exist in Windows 7? The answer is simple, it’s money -- Microsoft does not want to waste development time on older operating systems. They want people to move to higher operating systems," security researcher Moti Joseph claimed in a presentation at the Troopers14 conference in Heidelberg, Germany.

Continue reading

The right way to keep your company data secure online

First Assange, then Snowden and now Heartbleed -- over the last year, the issue of data security has been thrust into worldwide consciousness and stuck there.

In 2013 alone, companies including Facebook, Microsoft, NBC, Evernote and Twitter were targeted by hackers. Google hasn't escaped unscathed. On many of these occasions no private data has been obtained, but data security has become a very real concern for businesses.

Continue reading

F-Secure releases one-click test for PCs infected by GameOver Zeus botnet

Lurking virus

Last week Microsoft boasted of aiding law enforcement in the take-down of the GameOver botnet, one of the leaders in the theft of banking information. However, Microsoft was not the only tech entity involved, and the death notice may have been a bit premature.

One of the others involved was security firm F-Secure, and it has pointed out some important aspects of exactly what happened. The thing people should be aware of is that this does not mean the threat is gone. F-Secure claims that it was "disrupted -- not dismantled".

Continue reading

Less than a third of attackers account for 80 percent of comment spam

You don't need to spend very much time on popular websites and forums to encounter the curse of comment spam, adverts or links embedded in fields intended for reader interaction.

Comment spammers are most often motivated by search engine optimization, using a busy site's comment fields and guest books to get views for advertisements and malware distribution. A new report by enterprise security specialist Imperva takes a close look at comment spam and looks at ways that companies can combat it.

Continue reading

Free cloud-based protection against spear phishing

Phishing password

The biggest threat to both organizations and individuals online comes from zero-day exploits that aren't picked up by conventional antivirus protection.

In many cases an infection starts with a phishing email which can appear legitimate but contains links to malicious content.

Continue reading

AVG reveals yet another OpenSSL security flaw

Hacker detection

OpenSSL, which runs on the servers for many websites, has been having a rough time in recent weeks. We all learned of the near fatal flaw named Heartbleed, which affected quite a number companies and services on the web.

Now a new, albeit less severe, flaw has been discovered. Security researchers at AVG have unveiled what they are calling CCS Injection, which the company terms a vulnerability, but points out that it is not easily taken advantage of.

Continue reading

The most popular stories on BetaNews this past week: June 1 -- 7

The biggest news of this week came from Apple which held a keynote speech at WWDC in San Francisco. One of the major announcements was the unveiling of iOS 8 which will be making its way to iPhone and iPads around the world sometime in the Fall. There was a lot to take in, including "Hey, Siri", HealthKit and iCloud Drive. OS X also got a new lick of paint with Yosemite, with beta versions made available for immediate download. There was also an intriguing change to the App Store Review Guidelines that suggests the doors may be opened to virtual currencies such as Bitcoin.

Windows 7 continues to grow faster than Windows 8.x, but if you're looking for an alternative to Windows, Linux Mint 17 "Qiana" could be worth a try. Windows XP is still managing to hang on it there for the time being. Microsoft celebrated the news that Windows Phone is becoming increasingly popular -- if not with developers -- particularly when security is important; which is just as well, because reports suggest that handsets need to be made more secure for enterprise. Microsoft also had cause for celebration after helping the FBI to take down the Zeus botnet.

Continue reading

One year on: Edward Snowden -- hero or villain?

Snowden: Facebook is allowing the government to see your messages

One year ago today, the world learned the truth about surveillance by the US and UK Governments.

Since then, the security industry and wider world have been made to decide whether the man behind the leaks is a hero or a villain? Surveying some key names in the security industry, Lancope’s director of security research Tom Cross said that it is hard to view the situation strictly in black and white terms.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.