Articles about Security

Apple’s debut at Black Hat started off on the wrong foot

Attack key


Apple recently made its first ever presentation at the Black Hat security conference, and despite being one of the most expected and highly anticipated moments of the event, the Cupertino, Calif.-based corporation hasn’t made the best possible initial impression. The audience was left somewhat disappointed, only to have Apple follow up a major security acquisition.

The keynote was presented by the manager of Apple’s platform security team, Dallas De Atley, who reiterated the iOS security paper that Apple released two months ago. The problem stems from the fact there were higher expectations for Apple's debut: updated information on steps the Cuppertino, Calif.-based corporation is taking to resolve their security issues and concerns would have been of far greater interest, and it would have shown how seriously Apple takes security.

Continue reading

Come fly the insecure skies, a lesson in IT deployment at one of the largest US airports

In July of 2011, Bryan Halfpap waited for his return flight home to Maryland. A network systems security professional working for a natural resource refiner and energy provider, he had just finished up the week of events at the DefCon security conference in Las Vegas.

Slumped in his waiting chair, tired, bored, and with time to kill, he popped open his laptop. Audio and visual confirmations of open wireless networks lit up his computer. McCarran International Airport, the gateway to the neon-colored pleasure island that is Las Vegas, had free Wi-Fi. For whatever reason, Halfpap wanted to kill some time by getting to know the airport he was sitting in.

Continue reading

Apple scoops up security firm AuthenTec for $356 million

Attack key

Apple has agreed to purchase security firm AuthenTec for $356 million, a Thursday SEC filing from the Melbourne, Fla.-based company indicates. Apple is likely looking to bolster the security credentials of its products, and with the recent focus by hackers on Apple's products, that might be a good idea.

AuthenTec produces a variety of software and hardware-based security solutions, including fingerprint sensors. Its VPN security software is already included in smartphones and tablets from Samsung, and its DRM platform is used to protect streaming content within the HBO GO application.

Continue reading

5 ways to put hackers on the defensive

Black Hat keynote speaker Shawn Henry, the former executive assistant director of the FBI’s Criminal, Cyber, Response and Service Branch, started off the day after opening remarks from Jeff Moss, founder of Blackhat. Moss wondered if now was the time for the cyber-security sector to take a more aggressive/offensive approach. Moss mentioned working for a former employer years back, a firewall manufacturer that had a product that would launch specially crafted code in response to an attacker, sort of an early offensive DoS attack. This was an early attempt by security professionals to cause pain by going on the offensive.

But since DoS attacks aren’t exactly a legal offensive tactic nowadays, what to do? He recommends civil action, a la recent Facebook actions where attackers were sued in civil court. But what happens when attackers are overseas? Mr. Moss is hopeful that responding in a civil manner would “encourage” other countries to implement legal protections to stop current and future attack attempts abroad.

Continue reading

Microsoft's Exploit Mitigation Tool (EMET) gets a new bag of tricks

security hand

Hackers are having a field day these days. No one is safe. But that doesn't mean that Microsoft or other companies aren't trying to design mitigation techniques to keep hackers out.

In that vein, Microsoft released the enhanced Mitigation Experience Toolkit (EMET) which is designed to help prevent hackers from gaining access to your system. Yesterday, the company made available a preview version of EMET 3.5, introducing four new mitigation features construed at mitigating Return-Oriented Programming (ROP) attacks.

Continue reading

Malware infects three-quarters of the world's top banks

File this story in the "Who do you trust with your money?" category.

Eighteen of the top 24 banks in the world have malware problems, security firm Lookingglass says on Wednesday. Even three-year old worms that have long had patches and fixes to address them continue to infect the PCs of banks, including Conficker, found (gasp) in the IT deployments of 10 of the top 24.

Continue reading

Simply set up Parental Controls with Kurupira Web Filter

If you’ve tried setting up parental controls before, you’ll know this can often involve a lot of work. You may need to create accounts for each one of your children, for instance, before defining in very precise detail exactly what sort of content they can access, and what they really shouldn’t.

And so we were very surprised to see how straightforward the free Kurupira Web Filter was, by comparison. No “per user” settings, no lists of content types, no real need to set up any web filtering options at all: the program automatically blocks “inappropriate” websites just as soon as it’s installed, without you having to take any additional actions.

Continue reading

Scam sites lure victims with fake YouTube-to-mp3 converters

Want to access the music tracks of YouTube.com videos on your iPod but don’t want to pay? You’re not alone. Recently, a crop of websites have popped up offering to convert the audio from videos to .mp3 files that you can then download at no charge. Sounds great, right? The catch: scammers are trying to capture the popular click traffic and redirect users to scam websites, where you might get more than you bargained for, in the form of free malware and other unpleasantness as a bonus.

Recently, we hosted a “cyber boot camp”, teaching high school students to attack and defend networks. One of our presenters, John Moffat, who often delivers security awareness seminars to teenagers and stresses the dangers of the “free” Internet, referenced this scam in his presentation. While Mr. Moffat doesn’t claim to be a malware expert, he knows a scam when he sees one, and does his best to help others avoid falling prey.

Continue reading

Beware tech-support scammers asking to remotely fix your PC

remote access

I received a sad report on the subject of PC support scams.

Yes, those same old scams where the perpetrator tells you that you have malware infections or system problems and tries to scare you into letting him or her connect to your PC so that he can install some software and fix it. For a price, of course, though that may not be immediately clear.

Continue reading

36 software downloads you shouldn't miss this week

This has been another action-packed week for software releases, but it is one dominated by one name -- Microsoft Office 2013 Consumer Preview. The latest version of Microsoft’s office suite has received a public preview, meaning that anyone keen to get a glimpse of the Windows 8-friendly, metro-interface suite can do so right now.

Olympic fever is starting to take hold and two new mobile apps BBC Olympics 1.0.0 (UK ONLY) and London 2012: Official Join In App for the Olympic and Paralympic Games 2.0 have been released to help you to keep up to date with the latest news and events, whether you are attending or not.

Continue reading

Avira Protection Cloud 'technical preview' released -- get it NOW!

cloud padlock

Avira has released a first public “technical preview” of Avira Protection Cloud, a simple cloud-based tool for detecting malware.

And we really do mean simple. There are no menus here, no toolbars, no options, settings anything else: all you have to do is launch the program, click “Cloud Scan” and wait for the results.

Continue reading

Researchers take down botnet responsible for a fifth of world's spam

If you notice a huge drop in the amount of pharmaceutical spam you're receiving, you're not imagining things. Security researchers say they were able to take down "Grum", the spam server behind about 18 percent of global spam.

The process began when researchers blocked the botnet's command servers in the Netherlands and Panama on Tuesday. Grum's administrators acted quickly to restore the server, and shortly thereafter had set up new command servers in Russia and Ukraine. Researchers were still hot on their trail, and Militpas, Calif.-based security firm FireEye along with UK-based anti-spam group SpamHaus worked with Russian security experts to take down Grum again on Wednesday morning.

Continue reading

Is your PC wonky? Try Microsoft Malware Prevention troubleshooter

SmartScreen, Windows Defender, User Account Control, the Security Center -- Windows now includes a host of tools and technologies that aim to keep your system safe and secure. But are they all configured to offer the best possible protection? It’s not easy to tell, as you have to browse lots of applets and dialog boxes to find out.

Microsoft have just released one possible answer, though, in their new Malware Prevention troubleshooter. It’s portable, so easy to run anywhere, and in just a few seconds will scan your system for issues and highlight anything it finds.

Continue reading

Anonymous supports Greenpeace, hacks oil companies

In what the loosely-tied hacker group Anonymous calls #OpSaveTheArctic, over 1,000 email credentials and Hash checks of email passwords from five major international oil giants were released. The companies targeted included Exxon Mobil Corporation, Shell Petrochemical Corp., and BP Global; as well as the Russian based Gazprom Corporation and Rosneft Petroleum Corp.

The data dumped on anonymous text post website Pastebin includes 317 emails and their unsalted MD5 hashed passwords from a hack on Exxon mobil from June. Added July 13th: a further 724 emails and hashed passwords from BP, Gazprom, and Rosneft, and 26 emails with clear-text passwords from Shell Petroleum. Also listed: all of the internal mail system information, detailing routers, operating system type, database details and server hardware vendor. Further detailing of the type of data gained is available at the DC/Nova/Maryland network security blog site NovaInfoSeco.com.

Continue reading

Panda Cloud Antivirus 2.0: Security gain, without PC resource pain

cloud padlock

Virus protection is a must for all computer users and in addition to the level of security that such software provides, it is also important to bear in mind the impact that such protection programs can have on your system. It is all well and good having a program that protects you from every known virus, but there is little point in it if running the software causes your computer to slow to a crawl. Panda Cloud Antivirus Free 2.0 takes the strain off your computer by ensuring that all of the hard work is done for you in the cloud.

This in itself is nothing new, but version 2.0 of the program, available in both free and paid for varieties, brings a number of changes, additions and enhancements that make this worth a second look if you have previously dismissed it. Probably the biggest change in this particular release sees the inclusion of the behavioral analysis engine that was previously only available to Pro users in the free edition of the software as well.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.