Midsize Insider is a valuable repository of expert content tailored for small-to-midsized business owners and IT decision makers. Expert insights and perspectives in the Midsize Insider are gleaned from actionable business experiences and will assist readers in creating efficiencies, cutting costs and delivering results.
I read a post on the IBM Midsize Insider blog that has remained with me (URL provided below). The post referenced research conducted by Gartner indicating that by 2017, “Half of employers may impose a mandatory BYOD policy and require ...
The biggest question of all in the world of bring your own device (BYOD) is: How can personal and business data remain separate? There have been many ways that the big question has been answered, for instance, by the implementation ...
Midsize businesses run on data. Most of this takes the form of numbers - financial spreadsheets, sales targets, and customer histories. But that's only half the picture; non-numercial, qualitative data is just as crucial for a company's success, and IT ...
Every department within a midsize business needs for data analysis tools. Whether one is considering IT, sales, customer service, or any other grouping, the collection and interpretation of data can improve products, interactions with customers, and the infrastructure of the ...
Securing your infrastructure is necessary to lower security risks. Fortunately, midsize firms have many solutions to choose from that can enhance productivity and enable a growing firm to remain as competitive as possible.The RisksTechnology is becoming more sophisticated. Virtualization, cloud, ...
Beginning a story with a dose of fear is sometimes warranted. I have several friends who own small businesses and I use them for feedback on what IT security means to them. It doesn’t astound me that most have rarely ...
As smartphones and other pieces of mobile technology become more and more fundamental to business life, many midsize businesses are adopting mobile technology policies on-the-fly, choosing mobile benefits over business security. A new report shines some light on just how ...
The nature of IT security has changed. Gone are the days of simple firewalls and the ability to "unplug" from network servers. Cloud computing, mobile devices, and wireless access points have made the business of security management not only highly ...
Midsize IT admins are understandably concerned about numbers. Gigabytes, megahertz, network latency, budget totals - all impact how well an IT department can do its job, and, with the rise of cloud computing, how well the department will be able ...
The power of the cloud offers fast performance and can lead to happy customers, but security in the cloud is a requirement for all midsize businesses to protect those customers' information from being leaked to competitors or black hat hackers. ...
Turning over application deployment to the cloud does not mean IT admins do the same for security. Instead, network security solutions for cloud computing is partially in the hands of the IT administrator for the midsize business. The cloud host ...
Midsize businesses grow in revenue through sales and the repository of information obtained through sales and reporting. Security intelligence software protects the midsize business investment, so a company's private data does not fall into the hands of a competitor or ...
Part of any midsize business technology structure is an IT security system. The system sets up the privacy, security, and integrity of the corporate data. All three of these concerns should be top priority for the IT manager who sets ...
Security is one of the biggest threats in the midsize business world today, and unfortunately, basic digital security has not really evolved since the 1980s. Simple passwords are used for everything from email accounts to cloud storage, and this method ...
Development of effective products is a multi-tiered affair. It involves collaboration between many employees in different departments located in numerous buildings across states and countries. It's anything but simple, and such complexity of collaboration is why midsize firms require proper ...
IT security is the first line in protecting a business from marauding technology thieves and the increasing amount of malicious software lying online in wait. Midsize admins are tasked with both making sure internal resources remain free of outside influence ...
One basic risk management definition describes it as the identification, assessment, and prioritization of risk, with "risk" typically governed by the ISO 31000 definition of "the effect of uncertainty on objectives." This uncertainty can be either positive or negative, but ...
Even the best systems can have cloud security flaws, but midsize businesses can avoid the pitfalls before disaster strikes by creating a checklist of security concerns before migrating to the cloud. If the IT manager creates a checklist and reviews ...
Managing risk is an essential part of any business endeavor; too much or too little can limit potential return on investment (ROI). Although IT professionals were once largely immune to these concerns, the increasing democratization of technology has created an ...
IT admins increasingly rely on networking to complete essential business tasks. Gone are the days of simple internal networks; now, midsize businesses must deal with distributed networks in the form of cloud computing, mobile devices leveraging both wireless and 4G ...
Officials at the Ponemon Institute, an independent research group that studies information security, found in a recent study that many IT professionals consider hardware-based encryption to be worth the cost of implementation. The total cost of ownership of an encrypted ...
To ensure IT dollars are well spent, admins must develop ways to not only develop but to test and implement software solutions. While the advent of software as a service (SaaS) cloud computing has led to an increasing amount of ...
Officials at an independent research center, the Ponemon Institute, recently discovered that a majority of Internet users are becoming jaded by the traditional user name and password authentication system that has become the standard for many websites. Users are faced ...
To effectively leverage the power of collected data, midsize companies need a way to visualize aggregate information. This has several beneficial effects: First, it allows admins to present easily understood displays of data to non-tech users, rather than trying to ...
IT network security is a constantly evolving area of midsize business infrastructure. As technology continues to innovate and the traditional device landscape to change, midsize IT professionals must develop coherent strategies to ensure their networks are well secured. Ensuring proper ...
As midsize companies continue to rely on computers for an increasing amount of mission critical tasks, it is vital for such firms to invest in using the services of an IT data center to ensure compliance with regulations, cut IT ...
It's not enough to protect customer data. Midsize businesses must have the IT security essentials to protect employee data, private corporate data, and any sensitive information that can leak to competitors or hackers that can sell it online or use ...
Effective IT security is about more than high-tech firewalls, anti-virus programs, and mobile device controls. To manage risk, midsize admins must start at the ground floor and consider all access points in both their wired and wireless networks. These critical ...
Facebook Home, the new Android launcher that was announced in early April, may be targeted towards socially-obsessed consumers, but in today's world of BYOD, many are asking questions about how this always-connected launcher will handle privacy and data collection. Though ...
When running a midsize company, it can be tempting to hand off all security responsibilities to the IT team. However, in today's increasingly digital society, it is crucial that employees in all departments have a solid understanding of basic security ...
It's every midsize IT admins worst nightmare: a system breach. A breach might result from poor policies, accidental network misuse, or a full-on malicious attack, but just like the National Transportation Safety Administration must accept the inevitable car accident, admins ...
Does your company use those out-of-date applications where the applicant must provide his or her Social Security number and driver’s license number? If so, throw them out immediately. You could be setting your business up for a potential lawsuit. In ...
When conducting business in a regulated industry such as medical, legal, or finance, all systems must conform to compliance standards. Failure to comply can lead to fines, sanctions, and negative PR. Although focusing on digital security is vital for the ...
The practice of using a managed service provider has been growing among midsize IT professionals. Midsize organizations make strong candidates for managed services, due in no small part to their often limited IT resources. It makes sense that they would ...
Information Technology can be a difficult endeavor for a small or midsize business, especially as the tech demands of today's marketplace continue to skyrocket as tech budgets seem to languish. One solution to the problem that's quickly gaining steam is ...
For many midsize companies, security is one of the toughest areas to tackle, because the field is vast and rapidly evolving. Although midsize companies often benefit from using internal staff for routine tasks, they should also employ corporate IT security ...
This post is not meant to be a primer on data breach protocols, but instead, is intended to raise the issue, create a discussion within your company, and get you (and your leadership team) to think about what to do ...
Ecommerce website owners have a cybersecurity responsibility to secure their customers' data. Hackers attack ecommerce sites for their large data repository of customer information, which can sometimes include very sensitive data such as credit card numbers and social security numbers. ...
The prevention and eradication of viruses, adware, spyware, and other computer infections is a persistent challenge for IT administrators. There is no single, magic elixir that will coat servers with a virtual shield of protection, and admins know they need ...
Security threats are nothing new and neither are the services created to stop them cold. Deploying the correct security service for the job has never been more important, however, as cloud based computing continues to grow and increasing amounts of ...
As Bring Your Own Device (BYOD) programs ramp up in offices around the world, it's fairly easy to assume that this shift in mobility will have some severe security ramifications. A new report out of the UK shows just how ...
To protect their bottom line, companies must protect their most valuable resource: information. Technologies such as virtualization, cloud computing, and increased mobile device use have conspired to create a continually-expanding dataset which includes everything from the innocuous to the mission-critical. ...
Application security solutions are a necessity in the modern IT environment. This is especially for midsize IT professionals, who often wear many hats throughout their careers, the most important of which is the role of network and system security watchdog. ...
Are you familiar with the term "secure web applications"? If not, it is time to learn a little about what it refers to and how it could affect your business. As stories of hackers and cybercrimes continue to make front ...
Bada Bing Bada Boom!!…………That’s the inner cry of an employee that has just pilfered proprietary information from your company. Whether it’s a new jean design or a developing software concept, your information can be taken and sold from within your ...
As computers are entrusted with more and more mission critical tasks, the number of hack attacks and data breaches has increased. Over the past couple of years, the increases have reached such a number that security needs to be made ...
Once upon a time, IT departments had only a couple of operating endpoints to handle. IT professionals fed input into a "giant electronic brain" from a card reader. They ran a process or batch of processes, and got reams of ...
Risk assessment has become a necessary evil for midsize IT professionals in today's increasingly connected world. Growing numbers of high-profile companies are making headlines as networks are breached and important data is leaked into unauthorized hands. While threats like this ...
The development process of software and technology systems is a crucial underpinning of any midsize IT project. This cycle encompasses not just design but implementation, testing, and evolution - when managed properly, the process not only shortens the time between ...
Security is one of the biggest challenges IT teams in midsize companies face in today's digital era. As technology usage has increased, IT teams have struggled to tackle security issues. The fact is that it is impossible for humans to ...
Today's computers have become such essential assets for companies that they are being increasingly tasked to perform mission critical tasks which have zero room for error. To combat modern digital threats, it is important for the IT staff in all ...
As midsize companies increasingly rely on computers for critical daily tasks, ensuring the integrity of corporate networks becomes more difficult because security is now much more than a firewall and intrusion detection system on company servers. Proper security now requires ...
Network security continues to be an area of great importance and scrutiny, as increasing portions of critical resources in midsize businesses are pushed onto the public and private cloud. Midsize IT professionals must routinely self-audit their own security strategies and ...
Email security has become part of the job description for every employee. All it takes is one employee to cause a breach that opens up the entire company. For example, consider The New York Times: the recent breach by Chinese ...
What is network security? The sum of all policies, provisions, and guidelines put in place by midsize IT admins to protect their network from misuse, unauthorized access, modification, or denial of service. Managing this type of security presents a number ...
Anti virus software has gained prominence over the last two decades, emerging as a leading force in the fight against not just computer viruses but malware, adware, spyware, keyloggers and worms, to name a few. Far from the self-replicating code ...
Midsize companies are increasingly called upon to provide substantive data security measures. For this, thanks is due to the democratization of information - a change that sees businesses of all sizes handling sensitive, confidential data. This responsibility has spurred a ...
As the proliferation of mobile devices continues unabated, organizations are force to incorporate new strategies and security testing tools to meet the unique challenges that arise. This responsibility falls largely on IT managers charged with protecting critical infrastructure from malicious ...
One of the most important and challenging areas midsize companies need to focus on is security and managed security services. Although many midsize companies currently utilize anti-malware software on their devices, automated systems are no longer sufficient for preventing attacks. ...
With exploits being released around the clock and attackers now developing customized attacks against specific midsize companies, IT teams in corporate settings are facing threats that will only worsen over time. To combat this trend, there are many security solutions ...
Cybersecurity issues will be a focal point of future US-China talks as the Chinese government has said that it is now willing to have a dialogue on the sensitive matter. The announcement comes not long after the US called on ...
Trying to keep up with the vulnerabilities and threats that assault enterprise applications is a difficult but essential activity: Difficult, because dozens of critical updates and vulnerabilities are disclosed week after week, as illustrated by a typical 10-week period in ...
No company can, nor should it want to, fully eliminate risk. Many of the best corporate decisions are made with an element of uncertainty. IT departments operate under a similar framework. Some risks, such as the choice to utilize cloud ...
Today, the world of mobile devices includes smartphones and tablets. This post doesn’t favor any specific brands, but let’s agree that the industry leaders are iOS and Android devices. The jury is still out as to whether or not BlackBerry ...
The midsize business world operates in a sea of data. Much of it - the sort that most people think of when they hear the term "data" - is quantitative. It is numerical, or at least it can easily be ...
Midsize businesses today face a new challenge: the rise of mobile devices. Tablets, smartphones, and other movable technology allow employees to work from home, make better use of company time, and they can help limit the amount of money a ...
Who says you can't take it with you? According to a new survey, employees are taking company information with them when they leave their jobs with. Their goal is to use it again at other companies. The findings are interesting ...
Today, information technology plays a vital role in many midsize companies. However many firms fail to properly maintain their systems due to a lack of funding for in-house expertise. And due to the vast nature of the computing industry, even ...
Risk is an unavoidable, and necessary in many respects for a midsize company to perform well in its market sector. Eliminating risk is impossible, and attempting to do so becomes a frustrating task for any IT admin. Instead, companies must ...
Recent survey data from research company Aberdeen predicts that the need for trained IT security personnel will rise sharply in the next few years as companies deal with increasingly complex threats and the desired skill set for midsize IT pros ...
Hybrid clouds offer great operating flexibility and economy, which is why IT managers at many midsize firms are looking at hybrid options. But the hybrid environment also poses a variety of cloud security challenges.Data and applications that once resided in ...
I have cut up all of my credit cards, no longer do any personal business on-line and am hiding under a rock. Why? Have you not read the papers? Media outlets are screaming about how many account passwords or credit ...
Today, computers can predict the purchasing habits of consumers so inventory levels can be adjusted in real time. Businesses are now able to target advertisements to interested consumers based on data gathered from an individual's browsing history, while internally companies ...
The Mobile World Congress, which took place at the end of February, had a lot going on, and no unveiling of technology was perhaps more relevant to the needs of midsize businesses than that of Samsung Knox, the mobile giant's ...
In the emerging era of cyberwar and highly sophisticated cyber-security threats, ensuring the security of computer systems is becoming more critical than ever. The IT community at midsize firms must not imagine that its systems are even slightly exempt from ...
Companies run on data. Decisions made without solid data underpinnings are the business equivalent of shooting in the dark - hitting the mark is as likely as shooting out a window. There's a divide in this resource, however, between qualitative ...
IT pros at midsize businesses are understandably concerned about quantitative data. Computers work - or don't - using sets of quantitative processes, and executives are increasingly concerned with how hard data impacts a company's bottom line. But despite the power ...
A System Development Life Cycle (SDLC) is the basic groundwork of a midsize firm's information infrastructure. SDLC is a guideline for developing systems and software and consists of several phases that involve the analysis, design, implementation, and maintenance of a ...
The UK joined the WEF (World Economic Forum) Cyber Resilience program recently, after British Foreign Minister, William Hague signed an agreement commiting the British government and companies to keeping national and international networks secure and strong. Britain joins over 70 ...
The Apple iOS 6.1.2 update to patch lockscreen passcode vulnerability and synchronization issues with Microsoft Exchange servers is expected to arrive before the end of February, according to the German blog site iFun and summarized by CNET. Apple acknowledged the ...
The traditional firewall is one viewed mainly as a bulky piece of machinery set up on a desktop or similar device, which singularly controls a series of inputs and outputs for an integrated system. Unfortunately for the firewall, the days ...
The advent of public cloud and virtual machine (VM) providers has widened the technology market and also provided a greater attack surface for hackers and criminals looking to steal, deface, or destroy company data. As a result, big providers and ...
Ask an IT manager what kind of event is likely to completely take down their systems, and you'll probably get extremely unlikely incidents like natural disasters or massive power failures. However, a new study of small and midsize businesses shows ...
Like Uncle Ben famously said to Peter Parker, "With great power comes great responsibility." In the IT world great power comes from big data, and big data is not going away. Having all that data is good for business in ...
The world of technology is becoming more complex with each passing day. Every time IT admins blink, a new tablet, phone, or server comes out with a faster, more efficient architecture and an increased set of demands for policy control ...
This post requires a quick disclaimer. Not only am I a member of the information security industry, but I am also a lifelong car guy. Growing companies tend to use technology to increase productivity and decrease overall costs per employee. ...
The continued issues regarding information security and mobile devices are leading to the development of corporate application stores, where employees have self-serve access to apps that have been tested and pre-approved for corporate use. If this trend continues as expected, ...
At this point there's a cloud-based solution for just about any IT problem out there, as the term continues to be the hottest trend in the industry. Still, a number of businesses and organizations, especially those with tight mandates regarding ...
In today’s work environment, costs are skyrocketing, but one way to reduce costs is to offer a telecommuting option for employees. While it may be easier for telecommuting employees to perform their work at home or in the field, the ...
Cybersecurity got a lot more than a passing mention in President Obama's State Of The Union speech before Congress. Information security issues, and the threat of cyber war, drew an extended discussion, covering two paragraphs of the written version. To ...
Enterprise risk management (ERM) is the overarching process that addresses operational factors that could conceivably impact the business financially or legally. Beyond basic liability considerations, ERM has entered the era of data security. IT staff play a critical role in ...
Risk is a constant problem for IT departments at midsize businesses, and it can come from a variety of sources, including outside aggressors, internal systems failures, and employee error. To some extent, risk is necessary for a business to survive. ...
The newest thing to hit computer interconnectivity is software defined networking. With this new networking framework comes a host of powerful and fast features--it is clearly the way to move forward in this area. However, as Avi Chesla mentions in ...
Many business executives don't have time to worry about the fine details of protecting their digital infrastructure. Security often is viewed as an area that only technical experts should touch, but with today's increasing use of computers for routine tasks, ...
It's any midsize IT person's worst nightmare: a security breach that leads to a loss of sensitive customer information.Most vulnerable to attack are e-commerce, medical, legal, and financial institutions for whom the trade of private information is a necessity of ...
Ask your enterprise end-users to name the applications they use the most – odds are that corporate email and web access will be at the very top of their list. As we saw in the previous blog on Securing Mobility, ...
Computer security is of paramount importance to all midsize IT admins, but implementing it isn't always straightforward. The rise of virtual and cloud technology has changed the security landscape, giving IT pros both a myriad of security options to choose, ...
Remember the show “Are You Smarter Than a Fifth Grader”? The premise was to pit intelligent everyday working class people against the average ten year old by asking questions from a fifth grade curriculum. We all watched, sometimes secretly, to ...
Internet security should be at the top of the list of responsibilities for midsize IT managers. Protecting sensitive information from the prying eyes of cyber criminals is critical. Protection from intrusion by hackers and malicious code is the first line ...
US Customs and Border Protection is field testing the Embodied Avatar as a potential state-of-the-art lie detection unit. The avatar, described in a recent Wired article as a "smoothly rendered, computer-generated young man," asks travelers at border crossings basic questions ...
Everyone’s talking about mobile devices (i.e., smart phones and tablets) these days, and the phrase “Bring Your Own Device” (BYOD) has come to refer to the growing use of employee-owned mobile devices – as opposed to traditional enterprise-owned, enterprise-provisioned approaches ...
One of the largest burdens on the shoulders of IT professionals at midsize business is the protection of public data. With the copious amount of data being gathered from every interaction with consumers, protecting data requires proactive, comprehensive solutions - ...
Electronics manufacturer Toshiba has announced four new self-encrypting, enterprise-grade solid state drives and mobile hard disks with cryptographic erase functionality. The 2.5-inch models feature government-grade 256-bit AES encryption and come in capacities up to 1.6 terabytes. These self-destruct hard drives ...
Gartner's reports on the security trends of the future are always eye-openers, but its latest may be even more shocking than normal. The combination of cloud computing, bring-your-own-device (BYOD) policies, and the rise of social media mean that 2013 is ...
The sheer number of network security breaches set records in 2012 and left many midsize businesses scrambling to keep up their defenses against advanced persistent threats (APTs), Trojans and other malicious infiltration. Experts now advise that enterprises completely restructure their ...
A report by a global panel of IT security specialists has described cloud security as the leading "disruptive" technology of 2013. Midsize firms and other organizations are in a rush to the cloud. The result: An ongoing challenge for security ...
What endpoint security solutions is your company deploying to cope with the ever-evolving security threat landscape? In a previous blog on Securing Your Networks, a similar question was asked about solutions for network security. The results from Aberdeen’s research are ...
Microsoft has issued a fix for a "zero-day" vulnerability in the Internet Explorer browser. A zero-day vulnerability is one that was previously undetected, and for which, therefore, no protective steps have yet been taken. The recently discovered vulnerability could have ...
Cobalt Iron, a new entry in the data protection market, seeks to give customers the flexibility to mix and match ...
The Internet has enabled cyber criminals to spread malware to unsuspecting targets like never before. Hackers can exploit vulnerabilities in plug-ins like Flash or Java to deliver by downloads, send spam containing infected attachments to thousands of victims, and use ...
Smartphone security is, currently, underwhelming, and utilizing smartphones for data storage is rising in popularity. The popularity of using smartphones at works lends itself to data breaches. According to a recent article, CSO states that information stored on our smartphone ...
Tablets are the class of mobile devices that add the most security risks to a BYOD environment. Many have mobility plus most of the capabilities of a desktop PC, including multiuser accounts. In the past, company IT departments would have ...
Mobile device use continues to expand across the business world, and with that comes the need for better encryption of the data being passed around wirelessly. Media technology company Tigerspike has patented an algorithm it claims is not only faster ...
A study on IT security performed by Dimensional Research and commissioned by information risk and security performance management vendor nCircle sheds light on some interesting attitudes shared by many SMB IT professionals. First, 4 out of 5 believe that their ...
A joint venture between three of Europe's most prominent tech companies just launched and is tasked with making the world of smartphone security just a little bit stronger. Businesses looking to expand their customer offerings into the mobile space, or ...
The Windows version of Google Chrome is one of the most widely used browsers. And Google is now tightening restrictions on browser extensions that install themselves without full notification to users.This may be frustrating for companies that bundle browser extensions ...
Cyberattacks exploded in number during 2012, and it's unlikely that the trend will stop at the end of the year. Numerous new reports predict that 2013 will be worse then 2012, although the degree of the problem varies by the ...
The Federal Communications Commission (FCC) has come up with a list of 10 customized steps that mobile users can follow to secure their devices. These steps have been released in the form of a smartphone security application which may be ...
Newly released documents indicate that the National Security Agency (NSA) is proactively looking for vulnerabillities in key computer systems and networks such as those at public utilities. Reportedly among the targeted systems are those associated with natural gas pipelines and ...
The start-up company Minteye has come up with a novel image-based CAPTCHA, which is the acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart." A CAPTCHA is usually a scrambled phrase or words presented to a ...
So Microsoft is changing the way they license users. Interesting to see that perhaps the balance of power has returned to the users. Software licensing has always been a strange animal. I recall well my days as an IT integrator ...
An IBM researcher at the company's Zurich Research Center has developed what's know as the Identity Mixer, aimed at protecting online privacy by authenticating only the bare minimum of required personal information. German data protection agency Unabhaengiges Landeszentrum fuer Datenschutz ...
The Internet has become a staple of professional lives; however IT departments at firms have, in the last decade, seen growing security threats coming from the Web. Viruses and fraud resulting from compromised Internet security has translated into financial loss ...
Why should the midmarket be any different than other markets when it comes to the question of BYOD? The BYOD ...
China has made improvements to its Great Firewall, designed to prevent encrypted communication and shut down the use of virtual private networks (VPNs.) Both businesses and individuals are affected by the change, which allows telecom providers like China Unicom to ...
The BYOD trend is one that certainly seems like it is here to stay, as it is cost-effective for midsize businesses and lets users have the freedom to decide what device they want to use. However, the trend is not ...
IT security threats are a common (and growing) concern for midsize IT admins. Combined with the recent rise in cloud computing and virtualization, it's more important than ever for companies to guard against potential problems--both inside and out.Outside-In These are ...
A recent study completed by security specialist Webroot provided some alarming statistics on the nature of BYOD models and the effect this policy has on the security of small and midsize firms. IT admins who work within a company that ...
Microsoft's Outlook.com, a webmail service designed to replace Hotmail, will support the DMARC (Domain-based Message Authentication, Reporting, and Conformance) email authentication standard. This standard is designed to strengthen protection against email spam and phishing attacks.For the IT community at midsize ...
Cloud-based options such as Software as a Service (SaaS) and Infrastructure as a Service (IaaS) are becoming increasingly more common among enterprises that wish to ship their software and storage needs to those with more time and those with more ...
The UK government will license the British MOD (Ministry of Defense) with the task of upgrading the country's online security. The MOD will recruit IT experts and businesses to combat and defend against Internet crime such as hacking attacks and ...
RIM is set to release its BlackBerry 10 next month, and that release will include a new security feature that is tough on weak passwords.A BlackBerry site discovered a list of more than a hundred passcodes that will be forbidden ...
IT security has become a top-level challenge for the tech community at midsize firms. Rarely does a week go by without new reports of security breaches targeting both large organizations and midsize firms. Many more threats do not make the ...
Apple has enjoyed a reputation for having its closed operating systems remain mostly malware-free and hacker-proof over the years, but a recent hire shows that the company has become more security conscious. Former Microsoft hacker Kristin Paget is confirmed to ...
When most midsize IT professionals think of dealing with an emergency they rarely think about it involving the police or emergency personnel. However, the new text-to-911 service that some major cell carriers will offer may require some involvement from the ...
Microsoft and Skype have announced updated password settings for Skype applications. This comes just in time for the holiday season, when security threats are common.An alleged bug enabled hackers to hijack Skype accounts only with the knowledge of a victim's ...
A bold statement, perhaps, and certainly one that does not make pleasant reading for midsize company owners or IT security professionals. However, as threats go, a company's own employees can allow threats to take place, unwittingly or not. As indicated ...
An 11-day UN Conference in Dubai scheduled to review decades-old telecommunication regulations has caused a stir. Technology giants like Google have stated qualms that talks at the World Conference on International Communication (WCIT-12) could result in a potential internet regulation ...
As the world increases its dependence on the Internet and other computer networks for its basic operations, from electricity generation to food production, the potential damage caused by a sophisticated cyber terrorism attack is greatly magnified. Companies, including midsize businesses, ...
The DSD (Defence Signals Directorate) in Australia provides a valuable resource to native companies and advises them on security issues that are common in an online environment. A recent document release was discussed on ZDNet, relating to BYOD security and ...
When it comes to file sharing, employees tend to ignore company IT policies and that's a trend small and midsize businesses should be aware of.A recent survey by enterprise storage vendor Nasuni revealed that nearly half of employees admitted they ...
New research shows hackers can steal cloud computing time based on a crafty new technique. The process is the subject of a white paper titled "Abusing Cloud-Based Browsers for Fun and Profit" written by researchers from North Carolina State University ...
What network security solutions is your company deploying to cope with the ever-evolving security threat landscape? Aberdeen routinely asks about the current use, planned use and current evaluations of a wide range of IT Security technologies, and in the area ...
Making the decision to switch over to Windows 8 isn't easy for most businesses; the process of transitioning to a new OS requires a great deal of preparation, and the process runs the risk of deploying an inferior replacement.Based on ...
The Internet is inundated with malware. Cyber criminals capitalize on popular technologies such as email, social networking, and browser plug-ins to infect their targets. Organizations are advised to use antivirus software to prevent such attacks, but based on the findings ...
Mobile devices invade every crevice of users' lives, and for midsize business this means that important data no longer stays within the walls of a firm. A new study finished by Symantec reports that nearly half of all data is ...
Mobile security is an extremely important issue for midsize businesses and for the individuals who work at those businesses. Norton is stepping up to the plate with their mobile security suite by combining their mobile licenses into one package that ...
Midsize IT admins are constantly bombarded with dire warnings about the security of mobile technology, but what about the stationary devices they take for granted? Data from the United States Computer Emergency Readiness Team (US-CERT) has uncovered a hardcoded account ...
According to research at North Carolina State University and the University of Oregon, "cloud browsers" pose a potentially serious threat to users. They can be exploited to perform substantial computing tasks anonymously. Now that many cloud-based browsers show up on ...
Malicious instant messages, bogus contact requests and now - scam calls. Skype has been a target for hackers, but the company says those sham calls are decreasing steadily. Still, small and midsize businesses should be aware of the issue.According to ...
Cyber security is a priority for the U.S. Government, according to a new study conducted by Lockheed Martin and its Cyber Security Alliance partners. It found that 85 percent of federal technology leaders and decision makers consider it a matter ...
While midsize businesses may be aware of potential security threats, they aren't aware of the damage breaches can cause to their business. That's according to the new "State of Cyber Security Readiness" survey conducted by the Ponemon Institute. The survey ...
A new malware arising in the Middle East targets and alters business databases. This is certainly the stuff of nightmares for an IT manager, but the specifics surrounding this piece of malware make it unlikely that it will ever harm ...
Microsoft Windows 8 may well be the future of basic business computing. But it is having its share of teething problems, many of which center around an unfamiliar user interface (UI). A buggy Windows 8 patch is the latest problem ...
Is it possible that in the near future the government could check anyone's personal email at any time without a warrant? Currently, the government needs to have a warrant to read personal e-mails, but a proposed bill aimed to change ...
Open source technology offers some important advantages for the IT community at midsize firms. It means freedom from large vendors and full access to the tools you are working with. But one thing open source does not provide is immunity ...
Chalk up one small win for email security and privacy. A proposal to expand warrantless email surveillance has been abandoned by the senator who proposed it. For the IT community at midsize firms (and other email users), this is a ...
Cyber-war is a fact of the contemporary world. It has had its most dramatic expression in the Stuxnet worm attack against Iranian nuclear centrifuges. But cyber-conflict remains exceptionally murky, as demonstrated by claims in a French magazine that the US ...
CEOs and other senior management positions often fail to consider IT issues when outlining future company objectives. For example, a sweeping decision to initiate a cloud-based CRM solution for customer support made by the CEO or midsize company owner often ...
The "Anonymous" hackers have found another cause and another target: Israel and pro-Israel organizations in the US and elsewhere. For Israelis, cyber-attacks may be a much less immediate concern than rockets launched from Gaza. But the latest attacks by Anonymous ...
Over just the past couple of years, the IT infrastructure for many organizations has gotten considerably more powerful – and considerably more complex: Back-end systems now refers not only to the hosts, storage and applications within the enterprise itself – ...
While many midsize IT professionals are busy upgrading employees' devices to Windows 8, a new threat could be trying to infect those devices. According to InfoWorld, "Symantec has discovered a new version of Backdoor. Makadocs, which uses Google Drive 'Viewer' ...
Millions of dollars are spent on IT security every year. Enterprise, midsize, even small businesses are constantly warned about vulnerable networks and potential attacks. In an evolving world of cyber crime, blurred international borders, and hacktivism, there's no question risk ...
In a recent written communication sent to all employees, NASA has indicated that, in the future, all laptops will include data encryption software that secures entire hard drives rather than relying on password protection alone. This communication is in response ...
The methods used to protect customer information vary widely from company to company and often are linked to the industry area involved. For example, financial institutions will record data in a different way from those primarily involved in online activities. ...
Michelle Lee, former chief patent strategist for Google, now has a new boss: the federal government. She is slated to become head of the US Patent and Trademark Office (USPTO) branch being established in Silicon Valley. This is bad news ...
I remember when I first started seeing virtualization really start popping up in the enterprise. It was slow and clunky. ...
The concept of bring-your-own-device (BYOD) has become firmly entrenched in modern businesses, with more and more leaders understanding the upside to the program. There remains, however, some serious security concerns surrounding the concept of allowing access to secure information or ...
Last month, a US congressional report came out swinging at Chinese technology firms Huawei and ZTE. Huawei got the lion's share of the congressmen's ire, including claims that its products were vulnerable to malicious attacks and cyber espionage because of ...
The development and evolution of cloud computing is a double-edged sword for midsize businesses. The technology enables companies to streamline processes and scale resources to meet the needs of the organization--all the while reducing or eliminating overhead--but just like with ...
The late 1980s saw the rise of Internet firewall technology as a way to separate "trusted" internal networks from the wilds of potentially hazardous online sites. But while firewalls offered substantive protection for personal desktops and local offices using a ...
IBM is rolling out a slew of IT security enhancements with which it promises to close security gaps associated with enterprise mobility, cloud, and big data environments. Although IBM has experienced slowing revenues over the last few quarters, it maintains ...
Not so long ago, talk about cyber-warfare fell somewhere between hype and science fiction. Killer robots have been wreaking havoc on the big screen for generations, but in the real world it all seemed a bit abstract. Then along came ...
Biometric authentication is becoming more commonplace in medical centers, financial companies and even the local gym. It is seen as a way to reduce fraud because it authenticates identity by way of a person's physical characteristic, like a fingerprint or ...
Small and midsize businesses today are looking for one major skill when it comes to hiring new employees: cybersecurity know-how.Survey FindingsA new survey released by the National Cyber Security Alliance and Symantec shows that 53 percent of small businesses need ...
The UK Information Commissioner's Office (ICO) recently released a set of data privacy and security best practices. Since these "suggestions" may also come with an almost $8 million fine for violation, enterprise, small, and midsize IT pros all need to ...
Mobile devices aren't strangers to business any longer. The "bring your own device" (BYOD) "trend" is now more accurately described as ubiquitous - companies can't afford to keep mobile devices out of the boardroom. As a result, midsize admins have ...
Psychology is defined as the science of studying the mind and related behavior. At first glance, it would seem to be far removed from technical areas involving IT security. However, as recently illustrated on ZDNet, it seems that psychology professionals ...
Amid persisting concerns about the security of Android mobile apps, Google is taking a page from Apple's book. It will start providing security screening for Android apps. But Google will do its borrowing with a twist, one that continues to ...
The federal government and US businesses are moving toward a closer working relationship when it comes to information security. That is the goal of the National Cybersecurity Center of Excellence. And the recent election results may reinforce that trend.Security concerns ...
In an age where smartphone data security issues are a universal topic of discussion, especially when it comes to the BYOD use in the workplace, malware, viruses, and other attacks are considered a reasonably high priority for IT administrators. However, ...
“Seek first to understand” – the wisdom attributed to St. Francis of Assisi – is sound advice for managing the threats and vulnerabilities that continuously plague your company’s IT infrastructure. Understanding the vulnerabilities that put your organization’s IT infrastructure at ...
Let the attacks begin. For Windows 8, the latest malware takes on the disguise of antivirus protection. According to the TrendMicro's Security Intelligence Blog, the firm was alerted to two that leverage the new release of the operating system. One ...
After a period of quiescence, the "Anonymous" hackers' group has emerged again, taking aim at high-profile targets such as Paypal and Symantec. The attacks were launched on Guy Fawkes' Day, a traditional British holiday.But the message for the IT community ...
Following accusations of inserting deliberate backdoors in its networking devices to allow international cyber espionage, Huawei is reaching out to its stern critic to discuss its security vulnerabilities. The company is sending a team of engineers to meet Felix Lindner, ...
Endpoint protection products do provide organizations some safeguards against hackers, but midsize businesses shouldn't put their trust in antivirus software to protect them from emerging threats. In fact, according to a report NSS Labs released on October 24, most leading ...
A recent Forrester report suggests most corporate data loss and security breaches come from risky employee behavior as well as an organization's inability to implement comprehensive IT security policies. The report finds most data breaches result from stolen or lost ...
Google Android isn't the most secure platform; the OS has several vulnerabilities that hackers can exploit to execute commands on the device and gain access to personal information like emails, contacts, and short message service (SMS) messages.But it's not just ...
Becoming a part of the bring-your-own-device (BYOD) movement isn't just something midsize businesses should take lightly. Failing to devise meaningful policies or implement protections against data theft or loss make an organization an easy target for cyber theft. Even if ...
Windows 8 has only been on store shelves and midsize business computers for a few days, but already French firm Vupen claims they've hacked the new OS. This comes despite a host of security improvements to the Microsoft operating system ...
Kindsight Security Lab, located in Mountain View, California, has released it's annual report, which shows that 13 percent of home networks are infected with malware. Although this is slightly down from last year, the Kindsight security report poses that 6.5 ...
A new study shows that small businesses aren't taking any proactive security measures when it comes to BYOD or bring your own device policies. The study, conducted by AT&T and the Polytechnic Institute of New York University, focused on 623 ...
The balance is way off when it comes to budgeting against hackers, and small and midsize businesses need to be aware of this trend. A recent study reveals that IT security budgets are poorly mismatched to hacker targets. The IT ...
The hottest operating system on the market right now is Windows 8, and it has yet another feature that will make it appealing to midsize businesses: Storage Spaces. This feature is a way of using software to manipulate hard disks ...
For the past several months, Apple has dominated the enterprise sector. The iPad's market share, for example, increased to 97.3 percent among enterprise users in the first quarter of 2012, according to a January report from mobile security vendor Good ...
Microsoft wants you to draw a picture. Ideally, it will be the same one every time, or you won't get access to your computer or tablet. Here's the deal: Windows 8 comes with a new "picture password" feature, similar to ...
These days, IT Security professionals are increasingly aware that to be effective, they need to communicate less in the language of technology, and more in the language of risk. “But we do that already,” you might say. “We’re constantly talking ...
Some popular websites were knocked offline by a precautionary utility-company power shutdown as Hurricane Sandy bore down on the New York City area. An unknown number of less widely known online services, "cloud" and otherwise, were presumably also affected by ...
Windows 8 is jumping out of the gate with a new style for one's eyes and a new interface for one's mouse and fingertips, but behind the scenes there are many features which have been implemented to secure the system. ...
Earlier this month, Symantec upgraded their Veritas Cluster Server software, VCS, to allow users to move one instance of a virtual machine to a separate instance using the capabilities of VMware VMotion. VCS is a server clustering program that can ...
ISMS Certification Does Not Equal Regulatory Compliance Last week I got the following question: “By becoming ISO 27001 certified does that automatically mean we comply with HIPAA and HITECH requirements? Are there any requirements of HIPAA/HITECH that are not required ...
Recently, a Florida based mathematician, Zachary Harris, unraveled a strange security hole in the email messaging systems of Google, Microsoft, and Yahoo. This flaw allowed attackers to spoof messages as if sent from a legitimate source. He also discovered the ...
The proliferation of smartphones and tablet computers has brought into sharp focus the security problems that were becoming more serious even prior to the BYOD movement. Laptops, remote workers, and portable memory sticks raised similar issues when there was a ...
As part of my duties with The CISO Group I recently spoke to the owner of a business who as ...
As smartphones and tablets steadily grow their way into permanent fixtures of business life, IT departments are often left with the unenviable task of ensuring that those devices don't harm the company's systems. While the mobile world has grown more ...
Eight percent of the Google Android apps available in the Google Play Store are vulnerable to Man-in-the-Middle (MITM) exploits, according to a recent study by German security researchers. Also, in June of this year, a malware called Android Dropdialer slipped ...
The news stories surrounding hacktivist groups like Anonymous might lead business professionals to think that cyber criminals focus their efforts on government agencies and multinational corporations, skipping smaller companies that receive minimal to no press.Midsize businesses, however, are just as ...
Cyber crime can cost an organization $8.9 million on average, and firms located in the U.S. are often the targets of the most expensive kinds of attacks, according to an recent article from NetworkWorld. Midsize businesses that fail to safeguard ...
Data migration happens much more often than businesses may realize. A recent survey found that a whopping 95 percent of companies move data at least once a year, while 44 percent move data more than five times a year. The ...
Android doesn't have the best reputation when it comes to security. Once every few months, experts discover new defects in the operating system that enable attackers to target vulnerable devices. Such flaws don't just overwhelm the mobile platform. They can ...
Cyber crime is becoming more rampant as hackers discover new ways to steal information. These days the valuable new target is small and midsize businesses. However, a new study by Symantec and the National Cyber Security Alliance found that more ...
The U.S. Department of Homeland Security suggested that companies should pool together resources to counter recent cyber attacks on American banks.A recent Computerworld article reported on the comments made by deputy undersecretary for cybersecurity Mark Weatherford. Weatherford addressed a security ...
"Bring Your Own Device" (BYOD) has been this year's security buzzword, raising potential security nightmares for IT administrators of midsize businesses. But perhaps this trend doesn't have to cause too many sleepless nights. Another option for businesses is "Corporate Owned ...
At the recent OpenStack Summit, security took center stage. Though often lauded for their open source efforts, this conglomeration of high-profile companies hasn't fared so well when it comes to locking down the virtual doors. The OpenStack Security Group (OSSG) ...
In what can only be described as a perfect example of the danger of unintended consequences, the FBI recently warned that a commercial spyware tool sold to law enforcement and governments to increase security has turned into a threat to ...
One new report after another is calling on businesses to put their security lockdown positions in check and open up their minds to the future of business mobility, namely the bring-your-own-device (BYOD) movement. Midsize business stand to gain a lot ...
Repost From Social Media to Lose Customers and Friends Fast Last week one of my Facebook friends started a “friends only” discussion on his wall. It was a very interesting discussion, and one of his friends took the discussion, pretty ...
Google finally has included the Do Not Track (DNT) privacy control feature in the latest developer's version of its Chrome web browser, and it plans to release this privacy tool in the stable version of the browser by the end ...
Link spam is a real problem for midsize IT admins charged with managing their company's online presence. While organic linking helps raise a business' profile with search engines, "spammy" links have the opposite effect and are often difficult to hunt ...
The latest virus to be discovered in ongoing cyber warfare between the U.S. and Iran, the "MiniFlame" is a "surveillance" super virus designed to perform surgical strikes on computing systems. Researchers have alluded that both this new virus and the ...
Many small and midsize businesses think that they have adequate IT security in place, and, according to Symantec, most of those businesses couldn't be more wrong. IT managers need to face up to the harsh realities of the modern tech ...
The famous (or notorious) Stuxnet worm, said to have wrecked thousands of centrifuges used in Iran's nuclear program, has turned out to be only the first in a series of "state-sponsored" cyber weapons to be deployed in the Middle East. ...
Computer and network security company RSA recently developed an approach called distributed credential protection that improves password security by splitting passwords into pieces. The pieces are randomized, half are used to create one string, and the other half used to ...
From 2009 until earlier this year, Microsoft applications were logging a steady decrease in security vulnerabilities. But starting earlier this year, Microsoft security has hit a bump in the road. Application vulnerabilities are on the upswing.By no means are the ...
Since its release several years ago, Windows 7 has become one of the most popular Windows OS products developed by Microsoft. However, the company is currently trying to solve malware problems regarding Windows 7.According to Computerworld, Microsoft has seen a ...
Security research firms Trend Micro and Sophos report a malicious worm spreading via Skype instant messaging. Identified as "Dorkbot," the worm initiates a click fraud scheme to lock Skype users out of their PCs, threatens to take control of valuable ...
A lot of IT managers at midsize firms would say that the bring-your-own-device (BYOD) trend has been one big security headache. But a bigger one could be on its way: bring your own network, or BYON.Mobile-device users can now easily ...
Just a glance at the ever growing number of cyber crimes may lead one to wonder about the state of IT security in an increasingly interconnected world, and it's just that subject that led many IT luminaries to question what ...
Wikipedia founder Jimmy Wales isn't shy about sharing his opinion on Internet privacy and access. In short, he doesn't support increased government nose-poking into personal data, but also takes a jab at Internet users: they're "clueless" when it comes to ...
As most IT professionals should know, service packs (SPs)--bundles of hot fixes, or patches, developed to repair bugs and add new, or improve existing, features or applications--can have a huge impact on the overall performance of an operating system. Windows ...
Mozilla pulled down the latest version of its open-source browser, Mozilla Firefox 16, only a day following its release, citing the discovery of critical vulnerabilities. The company made the decision in an attempt to pre-empt any in-the-wild exploits, though a ...
Microsoft released the 13th volume of its Security Intelligence Report (SIR) on October 9, and the software developer's findings could be a forewarning to IT professionals to expect a continued increase in malicious attacks on workstations running Windows 7.According to ...
Earlier this year in June, Google posted a statement visible to many users of its Google search, Gmail, and Chrome browser. Part of the unusual statement read: "Warning: We believe state-sponsored attackers may be attempting to compromise your account or ...
Botnets have for a long time prevailed as a widespread threat to businesses of all sizes, but according to a recent report from Blue Coat, a security firm based in California, malware networks, or "malnets," are the real threat. The ...
Microsoft has released updates for Adobe Flash Player, which the developer giant has built into Internet Explorer 10 for Windows 8 and is therefore contractually obliged to maintain, even though the latest version of its operating system won't be officially ...
In this election season we hear a lot of people talking about taking personal responsibility for their lives and fortunes. ...
Google users could find themselves caught up in the cyberspace front of Middle East conflicts, says Google. And many of the attacks could be state sponsored. The latest news of cyber attacks comes three months after Google began warning its ...
Apple and its users have long touted the superior security features of Mac OS and iOS when compared with competing operating systems. In fact, until a short time ago, Macs and iPhones were known for being nearly "virus-free" and unhackable. ...
A White House employee was the target of a spear phishing attack assumed to have originated from China. Although, it sounds like this was a major occurrence in the White House, it is not. These types of scams happen on ...
Microsoft has acquired PhoneFactor, a provider of multi-factor authentication protection aimed at business users. The move reflects growing concern that conventional security measures such as passwords are no longer enough, particularly given the fast-growing mobile environment and the bring-your-own-device (BYOD) ...
Midsize IT admins have good reason for concerns about network access. Thanks to both an increasing number of personal devices used in the workplace and telecommuting as expectation rather than exception, IT pros are tasked with not only ensuring access ...
In response the increasing need for better mobile security, a top security software products company recently announced a new version of its security solution for Android-based smartphones. Kaspersky Lab announced that its product, Kaspersky Mobile Security, now offers a wide-ranging ...
It is no news that the bring-your-own-device (BYOD) movement has produced its share of headaches for IT managers at midsize firms. And many of these headaches have to do with security and privacy issues. But as it turns out, IT ...
Cloud computing – whether manifested as server virtualization, Infrastructure as a Service, Platform as a Service or Software as a Service – continues to be one of the hottest topics in IT. And Aberdeen’s research confirms that when it comes ...
Please Don’t Tell Me You’re Still Using SSNs as IDs! Okay, I just finished the 3rd conversation in just the past two weeks alone with an organization that is using Social Security Numbers (SSNs) as their primary form of customer ...
Adobe is the latest in a recent string of major software vendors to be infiltrated by hackers, giving greater rise to concern by security experts over Advanced Persistent Threat (APT) opportunities. The company is revoking the affected Windows code signing ...
Wells Fargo, U.S. Bancorp, and several other financial institutions have been issued a fraud alert by the FBI, Financial Services Information Sharing and Analysis Center (FS-ISAC), and the Internet Crime Complaint Center (IC3).Several of the distributed denial-of-service (DDoS) attacks have ...
A new zero-day vulnerability exploit has been found in all current supported versions of Oracle's Java platform. This exploit affects more than 1 billion PCs and Macs running Oracle's software.This is just the latest in a tidal wave of issues ...
A pair of white-hat hackers were handsomely rewarded for detecting and reporting bugs in Microsoft Windows. But the $5,000 award they shared did not come from Microsoft. It came from Google. The award reflects the expansive approach that Google is ...
Hacktivists, calling themselves "Mrt. Izz ad-Din alQasssam Cyber Fighters," attacked Wells Fargo and posted on Pastebin that U.S. Bancorp and PNC Financial Services Group are next.The attacks are in retaliation for the anti-Islamic film "Innocence of Muslims." Earlier in the ...
The bad news is another critical, potential zero-day vulnerability, has been discovered in Java. Last month the code was the target of a major, widespread attack, prompting Oracle to go outside of its quarterly update schedule and issue an emergency ...
Arabian hacktivists have attacked nine websites in response to the anti-Islamic film "Innocence of Muslims." An email sent to Al Arabiya News Channel says that the army of four hackers--calling themselves the Arab Electronic Army--are from Syria, Morocco, and Saudi ...
Internet Explorer users, a large percentage of which are midsize enterprises, can breathe a little easier now that Microsoft has released Security Bulletin MS12-063. Microsoft lists the bulletin as "critical" and advises that users install it immediately.As reported in InformationWeek, ...
Not everyone likes Google. Some users prefer a different search engine, and some companies find its terms of service just a bit too broad or a bit too vague. Internationally, the tech giant isn't universally loved either. A number of ...
By Ed Abrams (left), IBM VP of Global Midmarket Business, & Shahin Pirooz (right), Chief Technology Officer, Centerbeam. Eighty-three percent of companies now allow employees to use their own mobile devices for work, Aberdeen Group research shows. With the added ...
The Oracle America's Cup sailing speedsters don't need to worry about being attacked and boarded by pirates. But on other security fronts the company continues to struggle. Its latest problem is a security flaw in Oracle Database that could allow ...
Cloud and database provider Oracle has several flaws in its database system, flaws that permit "easy" brute-force attacks. A team brought the issues to light in 2010. While the company did fix the problems in 2011, versions 11.1 and 11.2 ...
On September 19, the Chase Bank website went temporarily dark for some users, a day after the same thing happened at Bank of America. But while Chase was quick to tweet that they were experiencing "intermittent issues," a recent Pastebin ...
Cyber attacks against the mobile device industry have more than doubled in the past year. Everyone knows that it can be unsafe to click on a specific, unknown link or to visit an unknown site. But many do not know ...
The same hacker group responsible for recently exploiting a vulnerability in Java security is believed to have struck again, this time using the so-called Poison Ivy Trojan to sneak through a backdoor in several versions of Internet Explorer, reports Security ...
The rapid rise of the mobile market means that small and midsize businesses can no longer afford to ignore it, but like all new forms of technology, mobility is experiencing some growing pains when it comes to security. The Mobile ...
There are about 4.3 billion traditional IP addresses with the format of four blocks of three numbers separated by periods. They are assigned by five regional authorities responsible for the Asia-Pacific, European, African, Latin American, and North American regions. The ...
You've heard the stories, and hope it isn't any of your employees, but Password123 remains the most common network access phrase across multiple industries, and even among some IT admins. But beyond bad choices by overworked users, some technology companies ...
"Mobile device management is not about security." These are tough words one security firm executive made against mobile device management suppliers and vendors. The executive, Eric Green, who is the senior vice-president of business development at security firm Mobile Active ...
Security breaches are becoming a big problem for small and midsize businesses, thanks to BYOD policies.In a recent survey sponsored by cloud security specialist, Trend Micro, most small and midsize businesses found that employees with mobiles and computers connected to ...
Mobile security firm, Duo Security, conducted a study recently that showed more than half of Android devices have unpatched flaws. It's a disturbing finding considering that a majority of small and midsized businesses rely on Android technology. The news should ...
Mobile payments have been on the tip of everyone's tongue for what seems like years now. In response to the number of companies starting to adopt mobile payment systems, new guidelines for accepting these payments were just released, with the ...
Hackers are targeting SMS services more than ever, according to a new study. Small and midsize businesses should be on guard for this new type of mobile malware called toll fraud, which has grown steadily in the past year.According to ...
A little known app development firm from Florida called Blue Toad has come forward to take the responsibility for a million leaked iOS UDIDs (Unique Device Identifiers) that was previously attributed to an alleged laptop hack of a U.S. federal ...
Hack. For midsize IT pros, the word is frightening. If an individual or group manages to worm their way past tall defenses and blazing firewalls, anything could happen to a company's data: destruction, theft, or even alteration. But a recent ...
The largest Internet retailer in China, Taobao Marketplace, last week agreed to work with the Motion Picture Association (MPA), an affiliate of the Motion Picture Association of America, to stop the sale of counterfeit and copyright-infringing goods. According to Yahoo ...
Privacy Scares from the Ghosts of Job Applicants Past There is a topic that has been coming up, over and over and over again over the past 12 years, that I’ve never seen addressed in other publications. What does your ...
Search giant Google has entered the online security space in a big way with its recent acquisition of VirusTotal, a free, browser-based scanning tool that allows users to upload files or enter URLs to determine whether they contain malicious code. ...
There's unsettling news for small and midsize business that have implemented Android applications.According to a recent report by antivirus company McAfee, Android malware is on the rise. The report, featured recently in Techvibes, says that there were 1.5 million more ...
The new problem for Internet users is hackers uploading files with private information. Hackers from a group called AntiSec have obtained millions of iPhone serial numbers from the computer of a federal agent. For midsize businesses that own Apple iPhones, ...
On August 15, Saudi Aramco was attacked by the Shamoon virus, a new virus that deletes the hard drive once it has finished stealing files. A never-before-heard-from group, calling themselves the "Cutting Sword of Justice," claimed it was a political ...
GoDaddy.com has had more than its fair share of publicity over the last few years, mostly for risqué commercials that it runs in hopes of convincing business and personal users to register domain names or host their website with the ...
IT staff have been aware for some time of the dangers to data security that are presented by employees who use their personal portable devices, whether laptop or smartphone. A recent study by MIT, as reported in the Boston Globe, ...
Bring-your-own-device (BYOD) is one of the growing trends in the workplace, and it's likely to get even bigger. The end of summer has brought a rash of announcements from mobile device manufacturers about the new devices that people may want ...
Taking full control of a computer using Java 7 is a serious exploit, and it is a dangerous issue for corporations and midsize businesses using Java or other Oracle products that incorporate the Java language. Java is an interpreted language ...
Despite years of growing concerns over the state of IT security and a number of high-profile hacks making headlines around the world, a new report indicates that IT professionals are having a hard time getting security under control. With the ...
FireEye, a network security firm in headquartered in California, released its Advanced Threat Report on August 29, and IT professionals won't be too thrilled with the findings.According to the report, cyber criminals are using drive-by attacks to evade traditional security ...
Oracle was well aware of the bugs discovered in the latest version of the Java Runtime Environment (JRE) that are enabling hackers to infect computers with malware, claims Adam Gowdiak, founder and CEO of Security Explorations, a security research company ...
An independent survey commissioned by security firm CounterTack finds a growing awareness about global IT security threats among IT and security executives, but a lack of situational security awareness when it relates to their own business organizations. The respondents to ...
Pirated apps are nothing new and have been immensely popular despite the security risks. Consumers are eager to get their hands on the latest mobile apps from the Apple and Android app stores--a process that they would rather do for ...
On the Sunday, August 26, Atif Mushtaq, researcher at network security vendor FireEye, reported on a new Java zero-day vulnerability spotted in the wild. The next day, David Maynor, CTO of Errata Security, revealed that the vulnerability affects not just ...
Last month, security researchers attending Black Hat USA 2012 reported an increase in malicious attacks targeting Java vulnerabilities. The bulk of these attempts infect PCs via malware toolkits like BlackHole, which disable the antivirus application, log username and password combinations, ...
Adobe recently decided to stop allowing new Google Play users to download its Android Flash Player (AFP) through the Google platform, inadvertently leaving a gap for less savory individuals to exploit.The decision, announced on August 15, 2012, was a result ...
In a recent, lengthy analysis of the growing strength of password crackers, Dan Gooden of ars technica has given depth to the issue of the vulnerable modern password. A joint effort between users and IT professionals is needed to combat ...
Researchers have detected a new malware threat that could have a devastating effect on midsize businesses: DistTrack, also known as Shamoon, removes the data stored on an infected machine and modifies the hard disk drive's master boot record (MBR), a ...
No amount of laws and lawsuits keep hackers from experimenting, especially hackers that target browsers and websites. Google is one company that will pay hackers to find exploits and security issues in its products. The company recently paid $60,000 to ...
The wars on privacy between search engines and web browsers continue despite Google's $22.5 million fine after the company was caught placing cookies on users' computers. Google took advantage of an Apple Safari bug that allowed the search engine engineers ...
It's no surprise that users need password hints to remember the dozens of passwords they use in everyday life. Users have passwords for work computers, home computers, bank accounts, online forms and shopping carts, forums and social networks, and email. ...
Several months ago, the Crisis virus was thought to only execute on a Macintosh system. The virus made headlines, because it was notably one of the first Mac viruses caught in the wild. Long thought to be safe from viruses, ...
Every day I see yet another (often another dozen) situation where employees misused, abused or otherwise accused social media sites to the chagrin of their employers. Businesses need to make a coordinated effort, using a combination of policies, training and ...
There have been several high profile cases of midsized businesses having their employee’s passwords hacked and their emails published, or rude and embarrassing items posted via their social networks. There are several way it can happen, like clicking on a ...
Google is shutting down the Postini email service it bought in 2007. The email security and archiving system has about 26 million users. Businesses who use the service will have to transition to Google Apps by the end of 2013. ...
Apple believes that strong encryption for data stored on devices combined with hardware-controlled PIN entry requirements make iPhone security the best there is. It may be able to stop just about anyone (even the government), but some tech gurus disagree ...
Google is recruiting members for a "Red Team" of privacy and security experts who will be tasked with catching flaws in Google's products early in development. For the IT community at midsize firms, the move is a promising one. All ...
Enterprise software vendor SAP has joined forces with Onapsis Inc., a leading ERP systems security company, in a bid to enhance the security for its applications. Onapsis will provide the enterprise software giant with Intrusion Detection/Prevention Systems (IDS/IPS) designed to ...
Last month, security firms released a report on a new malware called Crisis, a Trojan horse that utilizes social engineering to infect its target. The Crisis malware arrives as a Java archive (JAR) file, often disguising itself with an inconspicuous ...
Usually acknowledged for its excellence in security software, McAfee began to receive numerous complaints about a faulty update that they released last Friday. The McAfee update exposed several consumers and enterprises to online threats, and even left some users without ...
Networking, databases, redundant servers, and IT security--these have long been considered bastions of the midsize IT admin and their staff. IT pros may jealously guard what they perceive as "theirs" in an organization; in the same way that the finance ...
Adobe has taken a roundhouse security punch from researchers at Google, who say that the company has failed to patch flaws in Adobe Reader. This tool is nearly ubiquitous as the standard tool for reading documents in PDF format.For IT ...
Even in the app era, sending and receiving text messages remains one of the most popular uses of mobile phones. But according to one researcher, iPhone texts could cause trouble for their recipients. The way that iOS handles incoming texts ...
Smartphone users' understanding of privacy laws may not be accurate, according to a recent survey by law researchers from the University of California at Berkeley. The survey considered data from 1,200 users telephoned on either a landline or a mobile ...
I recently asked the following question on the IBM for Midsize Businesses group on Linkedin as a basis for discussion and a means to crowdsource some tips and best practices for IT security: Security attacks often arrive unannounced, but a ...
Purely malicious malware is back. Symantec has spotted what it's dubbed as the Shamoon malware (also known by McAfee as Disttrack) that's attempting to ruin the day, in what appears to be an epic fashion, for those who favor the ...
Android malware has been a widely discussed topic in the past year, with news reports fueling most of the public's privacy concerns. In a press release, Kaspersky Labs, a trusted antivirus maker, warns users of a threefold increase in malware ...
At the end of July, Twitter suspended the account of Guy Adams, a reporter for the UK’s Independent, after he posted the corporate email address of Jim Bell, Producer of NBC Olympics, and said less than flattering things about his ...
The Reveton ransomware, a drive-by virus, is the latest malware to catch the eye of the FBI. A user only needs to click on an infected website, which delivers the virus that immediately freezes the computer. The user is then ...
According to security firm Kaspersky Labs, a new Trojan making the rounds has a close family similarity to Stuxnet and Flame. And like them, it is turning up mainly in the Middle East. But indications are that this latest Mideast ...
A new warning from the government marks a significant uptick in the presence of a certain kind of computer malware that tricks people into paying a nonexistent fine. While understanding this specific threat is important for IT managers, the biggest ...
Blackberry has long been considered the most secure smartphone option, especially when dealing with corporate information or government secrets. However, the Apple iPhone hasn't received the same kind of recognition; an acknowledgement that it most definitely deserves. Fitted with AES ...
Google has recently decided to enhance their search process with a brand new feature. Gmail users will be given the option to show relevant emails alongside their regular search results. Currently in the testing phase, the integration was only available ...
With the Cybersecurity Act stalled out in Congress, President Obama is potentially looking to use his executive power to mandate controls to protect computer networks. According to InfoWorld, many of the legislation's opponents were Senate Republicans who cited the act ...
A cybersecurity bill intended to strengthen protection of the US cyber infrastructure won a Senate majority, but it went down anyway, falling short of the 60 votes needed to defeat a potential GOP filibuster. Republican opponents of the measure criticized ...
For the second time in three days, hackers took over a Reuters web feed and sent out fake messages under the name of the venerable news agency. In the first incident, a false interview was posted on a Reuters blog. ...
Chinese router producer Huawei is now under fire for a number of a vulnerabilities in their technology, several of which were revealed at the recent Defcon event. Huawei routers are popular across Asia, Africa, and the Middle East. And thanks ...
While bring-your-own-device (BYOD) has proven tricky for many IT professionals at midsize businesses, recent news about Android security issues could provide yet another layer of concern. The smartphone, which has already seen an increase in security threats, is now suffering ...
Midsized businesses that allow workers to access Twitter while in the office should make sure all browser plug-ins are up-to-date. Hackers are spamming users with tweets that contain malicious links pointing to a Russian website designed to infect PCs with ...
Oracle doesn't have the best track record when it comes to protecting its customers from hackers. Just a few months ago, for example, Oracle claimed it had no intentions of patching a zero-day exploit affecting Oracle Database -- a vulnerability ...
Of all the different mobile operating systems, Android doesn't have the best track record when it comes to security; recent reports have revealed numerous vulnerabilities affecting the OS, and according to EE Times, British Telecom has gone on record with ...
Right on the heels of Flashback and Sabpab emerges a new threat to Mac users: Crisis, also known as Morcut. Crisis, a Trojan horse, doesn't exploit a vulnerability in order to infect its hosts, but rather seems to "rely primarily ...
The Apple iPhone has arguably been one of the best-selling technology devices on the market in the past decade. Millions of people have purchased at least one model of the popular iPhone, and millions are eagerly anticipating the release of ...
In 1995, Polish IT guru Tatu Ylonen developed SSH encryption as a way to secure data on computers, routers, and servers. Seventeen years later, the technology is still used in devices worldwide. But Ylonen is convinced that IT security has ...
Every year or so, an otherwise smart information security professional publishes some really bad information security advice about how awareness and training is a waste of time and money. The latest proclamation at CSO Online has generated a small bit ...
IT professionals keeping up with the recent news on Android should feel much less confident in the mobile operating system's ability to ward off attacks. However, according to Jon Oberheide, co-founder and CTO of Duo Security--a provider of two-factor authentication ...
A new report looking at the state of malware and spam in the first half of 2012 has some dark findings about the growth of IT's underworld. Midsize businesses that are sitting on unprecedented levels of sensitive business data need ...
A few weeks ago I wrote about recent situation in which the Des Moines public school system superintendent’s career was brought to a standstill (it is yet to see whether it is temporary or permanent) by using the public school ...
In the computer industry, there are several myths that have been around for many years. Two of the most popular concern Apple computers. The first myth is that Apple computers cannot get viruses, and the second myth is that Apple ...
Once upon a time, Apple had few security problems mainly because it was a niche company, not worth hacker's time and energy. Apple's resurgence--and especially its mobile devices--have changed all that. Now iPhone security (and its sibling, iPad security) are ...
The 2012 London Olympics have already drawn much of the world's attention --speculation abounds about their opening ceremonies, how they'll compare to Beijing's four years ago, and how exceptional athletes around the world will perform in their events. But along ...
It's no secret that iOS is a much safer mobile platform than Android or Windows mobile, but in recent months the cracks in Apple's usually tightly run ship have been showing. The most recent issue? A worm embedded in an ...
Though they wouldn't say it outright, Microsoft more or less confirmed recently they have been keeping instant messages sent through Skype, as well as voicemail left using the service, on their own Linux-based servers. As originally reported by ZDNet, a ...
Most jurisdictions in the western world have legislation in place that governs how individuals and organizations may collect and store personal data. While the laws are on the books, enforcement is sporadic and legal action is often confined to major ...
The Google Play marketplace has received considerable criticism for its lax security measures and propensity to deliver malicious applications. As a method of reducing the amount of malware on Android devices, in February Google launched a malware detection system called ...
Researchers have mined Wikileaks data, culled from the so-called Afghan War Diary, building an analytical model that predicts levels of violence in Afghan provinces. By extracting data parameters from about 77,000 classified incident logs from 2004 to 2009, the researchers ...
As an industry leader in cloud technology and antivirus protection, Trend Micro is helping businesses to eliminate the threats posed by a BYOD policy. The company's latest software, named Mobile Security 8.0, will combine multiple security features into a single ...
Another piece of Trojan malware has infected computers across the Middle East, especially in Iran and Israel. Called Mahdi, it is replete with Islamic theological references along with uses of the Farsi langauge, which is spoken in Iran. More substantively, ...
Charges that six employees of tech company LG Display stole Samsung tech have roiled the industry and provided a reminder that not all tech security threats involve hacking. Eleven individuals were charged with crimes in South Korea, including three Samsung ...
Urban dwellers know that maintaining their privacy in crowded apartment buildings can be a delicate task. The same is true for data stored in virtualized environments. This is why Cisco has acquired Virtuata, a firm specializing in virtual security.For the ...
As a marketing platform for midsize businesses, Facebook is a social networking resource that can help a company attract and draw in more customers. Business professionals can purchase ads on Facebook to build and expand upon their client base and ...
A recent update to Symantec antivirus software protected thousands of computers from everyone, including their owners and users. The update triggered Microsoft's dreaded "Blue Screen of Death" (BSOD) error message on machines running Windows XP.There are a few lessons to ...
Midsize businesses and IT professionals must always be diligent in monitoring their company websites for protection against potential security threats—even more so if their web-hosting server uses the Parallel brand Plesk Panel as the automated tool to monitor and manage ...
Hackers have copied the logins of about 450,000 Yahoo users from a Yahoo database and posted them on the Internet. It is surprising that a large Internet company like Yahoo would post such a database without adequate protection and post ...
When it comes to settling on a security budget, IT professionals don't always get what they want. For midsize businesses, balancing the cost of secure access against staying in the black isn't always easy, and IT admins are often unhappy ...
p>Recently on line file sharing vendor Dropbox announced that it was doubling the amount of space it offers to its paying customers. The reason they said they were doing this is that people are using more storage now. Others say ...
Microsoft has issued a security patch to address both a zero-day vulnerability, as well as 15 other key flaws in some of its most popular software. Three of the vulnerabilities were rated "critical"--the highest level of severity. Products affected include ...
Security researchers have found malware that went undetected for weeks at Google Play, the online Android app store. The malware was disguised as games. It was also "staged"--divided into separate sections--a feature that allowed it to defeat the upload site's ...
While much of Microsoft's focus is (understandably) on the upcoming Windows 8 release, they have also gone ahead and quietly developed a "Fixit" configuration tool for Windows Gadgets, which have been a part of the OS since Vista but haven't ...
Computer hackers have become a major problem for most businesses. There are thousands of incidents on record about hackers stealing customer data, employee data, and business data by breaking into business computer systems. Hackers have been known to shut down ...
A malware was created to infect AutoCAD software systems and send stolen data to email addresses running on the Chinese-operated Internet provider 163.com. According to an article on eWeek, the purpose of these cyber attacks is to gain information on ...
The enjoyable and worry-free days of having a virus-protected Apple computer is now a thing of the past. When Apple experienced resurgence in popularity, back in the late '90s through today, one of their most highly-valued marketing strategies conveyed Mac ...
Using personal devices at work is the hot new trend. Bring Your Own Device (BYOD) has become a common policy in a growing number of midsize organizations. The practice has intriguing implications and options for employer and employee, but it ...
A hack into a Yahoo server has resulted in a breach of over 400,000 email and password pairs. The hack was performed by a group known as D33Ds and affected one or more servers from Yahoo Voices. Voices is a ...
With the unwanted national attention that many businesses have received in recent years as a result of being the victims of hacker system attacks, a lot of businesses are taking the threat presented by hackers very seriously. These businesses are ...
The recent Colorado wildfires, which erupted on Saturday, June 23, 2012, have been called the worst wildfire on record in Colorado's history. The cause of the fires remains unknown, but they have so far forced the evacuation of 32,000 residents, ...
[View the story "IBM X-Force BYOD Tweetchat, 7/10/12" on Storify]IBM X-Force BYOD Tweetchat, 7/10/12Storified by Paul Gillin · Tue, Jul 10 2012 12:47:42Sales of smart phones and tablets now outstrip PC sales by more than 2:1 in North America, and ...
You've heard the hype about cloud computing; by and large, it's true. Used properly, cloud services can provide greater agility and improved redundancy, so it's no surprise that cloud spending is on the rise. What's interesting for IT admins is ...
The fast-paced IT landscape is becoming too complicated for SMBs to secure. According to a recent Sophos survey, SMBs are struggling to keep their IT up to date. Sophos and research company Vanson Bourne conducted a survey among 571 IT ...
Android users may find themselves the target of malware that is infiltrating their devices in the form of a spam botnet. Technology news security updates posted on InformationWeek and PCWorld are reporting the presence of malware in the form of ...
The recent growth of the Android OS, combined with its inherent openness, has led people in the security industry to speculate about a coming time when the OS could be crippled by malware. While it's still far too early to ...
No midsized IT admin wants a dirty network. When new staff are hired, managers come poking around for data, or collaborations with another company happen, no IT pro wants their network to be the laughingstock. Now, a UK cyber security ...
The era of bring-your-own-device (BYOD) in IT has brought a proliferation of consumer devices into the workplace. This in turn is producing network management headaches for IT managers at midsize firms. Now one vendor, AppNeta, is responding with tools specifically ...
Apple released a new version of its popular iOS software to address the continuing need for increased security in its iPhone and iPad devices. The 54M update available from the Apple iTunes site is termed iOS 5.1.1. It is designed ...
"I didn't get that email" or "no, I didn't send it to anyone else" are both phrases commonly heard by midsize IT admins when they go looking for the source of a security leak or try to discover where a ...
Concerned about security? If you're a midsize IT admin, the answer is undoubtedly "yes." But what scares admins is changing, with old problems like hackers and malware being replaced by issues that stem from internal sources: employees. A combination of ...
Moving to the cloud is a risk for any midsize business, and at the top of most risk assessments is the problem of security. This is especially concerning as it surrounds the "bring your own device" (BYOD) trend, which sees ...
Smartphone security isn't just a priority for businesses--the U.S. military is also seeking ways to make sure that its soldiers' communications aren't intercepted and that they can use their devices under any conditions, even those on a battlefield. Now, the ...
Canadian cyber security developer Arthur Kenzie has been sued in US federal court by the Gioconda Law Group. They allege that Kenzie used typosquatting schemes as a way to set up fake Web domains in order to intercept e-mail messages ...
At the most recent Hack in the Box Conference held in Amsterdam, security professionals discussed security flaws in Google services. Eight of these vulnerabilities where the focus of discussions, but the consensus was that more than 100 such bugs existed.Google ...
Business social networking site LinkedIn faces a $5 million lawsuit over the leak of more than six million hacked user passwords that were then published on the Internet, according to MSNBC. The lawsuit was filed in San Jose, and seeks ...
It appears that the Flame authors are once again one step ahead. The malware, which targeted PCs in the Middle East running the Windows operating system, was first discovered wreaking havoc almost a week ago. This frightening stealth malware, believed ...
July 4 Update to Original Post: See additional recent statements from the OCR and the Alaska DHSS about this case here. Here is a significant sanction, just applied, that all organizations, of all sizes, need to take notice of. Even ...
The powerful Flame malware, which used Microsoft's Windows Update process to spread itself, was created by the United States and Israel in order to gather intelligence about Iran's nuclear program. This has been generally suspected since the existence of Flame ...
Ever wonder just how important passwords are for network security? Password security is generally created on the fly by network administrators and users who log in to the company network. Most people don't understand the importance of long, complicated password ...
Advertising funds the web, but criminals and scammers can inject advertising into search engines or compromised sites in order to deliver malware, steal user credentials, and infect computers with ransomware, a type of virus that demands a payment before it ...
New tech startup Bromium will introduce new security technology that isolates suspect data from the core of the Operating System (OS) rather than just blocking untrustworthy data, as is the current security norm. The technology was introduced at the GigaOM ...
The Flame virus, apparently created as a cyber-weapon for use against targets in the Middle East, may have capabilities that go beyond intelligence gathering. According to security firm Symantec, Flame may also be able to delete files from infected computers. ...
An increase in online advertising has greatly contributed to data tracking collection activities across the web. A research study by Krux Digital posted on CNET notes that the level of visitor tracking activities when people navigate to different sites on ...
Search engine giant Google announced it will begin displaying banner warnings if it sees evidence of state-sponsored cyber attacks on your computer. The company made the announcement in a blog posting. It reiterates the company's constant vigilance for malicious activities, ...
Small and midsize businesses are starting to figure out just how important strong IT security is to their business as more and more attacks start to land on their doorstep. In light of this, a new report on security spending ...
Twenty-something workers today say that it is their right, rather than a privilege, to bring their own mobile devices to work. This growing attitude in the workplace is something that small and midsize businesses should be pay attention to and ...
Google Apps has had an option for two-step login (conventional password, plus a code sent to the user's phone) for a couple of years. This option provides much better login security than passwords alone. And now administrators can make use ...
We already knew that malicious websites are all too common, and proliferating rapidly. Now Google has provided some sobering numbers to fill in this picture. According to Google, it finds 9,500 new malicious sites each day. Some are innocent sites ...
Virtual machines (VMs) offer a host of benefits--lowered upgrade and power costs, greater agility and simplified disaster recovery--but they are often subject to security vulnerabilities that don't affect local servers. Recently, several virtualized VMware bugs were squashed by the company ...
You are what you eat. Likewise for your database. As a company operating on the Internet, database security is central to your success. What will happen if your data is stolen, deleted, or altered? An attacker can obtain or destroy ...
A new nonprofit research group called the Honeynet Project launched its "anti-USB malware" technology on June 14, 2012, with the aim of tackling malware that uses USB devices to infect computers on closed networks. Malware of this kind is used ...
A recent hack on the popular business networking site LinkedIn left over 6 million user passwords stolen, and the company red-faced as to how such a breach occurred. The LinkedIn hack has reignited the issue of password strength and the ...
The term botnet is popular in the virus-writing world, but for businesses it's an unfamiliar term. Hackers express their dislike for company policy by bringing down the company website using viruses, Trojan horses, and denial-of-service attacks. Bringing down popular websites ...
While the role of cloud providers in security and information protection is coming into sharper focus, it's important that IT admins not forget the possibility of breaches based solely on the physical hardware of their machines. A recent security advisory ...
Some widely used Intel chips have a security flaw that exposes them to a "local privilege escalation" attack. The US Computer Emergency Readiness Team (US-CERT) identified and reported the flaw, which adds one more security headache for IT managers to ...
The bring-your-own-device (BYOD) trend is gaining momentum, and not just among young digital "natives" who have grown up using smartphones and tablets, but also with senior management who have the capital to afford the latest devices and the seniority to ...
A new report on information security from Mcafee takes a look at the US energy infrastructure and details both its growing vulnerabilities and the best solutions to secure it. This same information can be applied to IT infrastructure at midsize ...
While no company wants to admit that its been the target of cyber attacks, this is often a necessary part of the IT learning process. Without solid data--and, often, help from other outside agencies--midsize and even enterprise-level businesses can leave ...
One survey and study after another repeats the same refrain: cyberattacks are consistently on the rise, especially for midsize businesses. Some IT security professionals are beginning to take matters into their own hands, entering the dangerous game of active defense. ...
An email address used by presidential candidate Mitt Romney has been hacked. News reports indicate that a email address and online storage account once used by Romney were infiltrated by a hacker. The unnamed hacker claims to have guessed a ...
The recent leak of LinkedIn passwords has social media and tech companies up in arms across the market, though much of it is feigned indignation at security practices (or a lack thereof) that are common across the industry. But while ...
First there was SaaS, software as a service. Then there was infrastructure as a service (IaaS) and platform as a service (PaaS). Now Microsoft and Symantec are teaming up to offer cloud-based disaster recovery as a service (DRaaS). The intent ...
A recent report from Gartner revealed that the adoption Android tablets and smartphones was lagging in the enterprise market--and for good reason. Unlike its competitors, Apple iOS and RIM Blackberry, Google offers limited support for mobile device management (MDM) software, ...
June 22 update to this topic: Today the judge refused to block the release of the emails as Sebring and her lover requested. See http://www.desmoinesregister.com/article/20120622/NEWS/120622012/Judge-announces-decision-on-Sebring-email-release In the past few weeks the use of emails at work has been in the ...
This is certainly an exciting time in the IT world, with a confluence of new technologies like the cloud and mobile computing rapidly changing the face of IT. However, as important as these changes are, they also bring with them ...
In response to recent reports of malware referred to as Flame, Microsoft has issued a security update. The emergency security update is an out-of-cycle release by the company to address attack vectors used by the newly discovered malware. It was ...
Malware is becoming increasingly more uproot with every coming month. Governments are now using cyber warfare against their enemies and allowing their technology to leak across the continents. Hackers are making money, not only by breaking into secure systems, but ...
In a surprising turn of events, one of the most destructive virus attacks in history was created, developed, and implemented by U.S. officials. Intimate details have been made public about the attacks, which had previously been known only by a ...
The head of California's Department of Health Care Services (DHCS) says he has a solution to his state's budget shortfall that seems to be working: BYOD. According to an article in Network World, Chris Cruz, deputy director and chief information ...
The Flame virus is all over the tech news in recent weeks due to its attack on Iran's nuclear and oil export facilities and its accidental release into the public. After the virus was found and its information hit the ...
The recent release of InformationWeek's 2012 Strategic Security Survey shows more than 52-percent of IT departments' security teams have difficulty managing their security risks due to the complexities many face. Only focusing on meeting compliance requirements has most IT departments ...
Microsoft is hustling to modify the Windows Update process to eliminate the security gaps that allowed the Flame virus to infect Windows machines. But security experts are already criticizing Microsoft for being vague about how it will bolster the security ...
SAP patches were the focus of a security test by Onapsis, an ERP security and research firm, in which 95 percent of about 600 SAP systems were found susceptible to a security breach. This is a claim made by CTO ...
Facebook has started a trial of a new file-sharing feature where Facebook users can share files in a low-security environment. Facebook file sharing could be problematic not only for the policing of pirated or copyrighted material, but also because it ...
The upcoming World Disaster Management Conference, held in Toronto, will add a new theme to this year's program: cyber crime. The Disaster Management Conference typically deals with the latest improvements and technologies around traditional disaster scenarios such as large-scale riots, ...
Apple devices and IT security haven't always seen eye to eye. According to the company, these devices are bastions of locked-tight information and programming that no hackers will be able to slip inside--at least, that was the case until iOS ...
Nations have never been particularly forthcoming with their methods for handling data or with what type of security protocols they have in place to defend against attacks. But the concept of every country as an information island is quickly coming ...
If a banner has recently appeared at the top of Google's search page informing you of a possible computer virus infection, do not ignore it. Google is issuing the following statement to some users: "Your computer appears to be infected. ...
Bouncer, the Android malware scanner that checks uploaded apps, got bounced itself by security researchers who have found a way to bypass it. Google developed Bouncer to scan apps submitted to Google Play (formerly Android Store). The apps are tested ...
Security solutions provider McAfee has released some alarming statistics about the state of computer protection in its latest security study, "Global Unprotected Rates 2011." McAfee's study analyzed data from approximately 28 million computers in 24 countries and found that on ...
A user on a Russian forum has claimed that he gained access to over six million passwords to the professional networking site, LinkedIn. While the company hasn't confirmed the leak as of Wednesday morning, the evidence is mounting that this ...
Botnets, a collection of compromised computers, are the leading Internet security threats in the world. Over 5 million computers were affected between the months of January and March of this year. The White House held a summit last week consisting ...
With "bring your own device to work" becoming more and more popular with many companies and their employees, the chances of unintentional data leaks could begin to soar. Many applications, including iPhone's Siri, Dropbox, and Wi-Fi hotspot creators, could potentially ...
Everyone has a Facebook account, or at least that's what Mark Zuckerberg and his struggling IPO would like users to believe. Still, it does seem that every employee, every CEO, and every manager is logging on to update their respective ...
A lot has been said in the wake of the recent discoveries regarding Mac OS X vulnerabilities. Of course, many Mac enthusiasts have been caught off-guard, as it is almost unfathomable that Apple's operating system has become the target of ...
McAfee's Risk and Compliance Outlook 2012 only reinforces what many IT pros have been grumbling about for years: The IT job is a juggling act that's hard to maintain, thanks to any number of unwelcome surprises. Risk management and compliance ...
Russian antivirus software supplier Kaspersky Lab has identified a new computer virus it calls "Flame," after the name of a key section of the malware program. The company has found the virus in over 100 computers in Iran as well ...
Hackers released a free toolkit designed to defeat the audio version of Google's reCAPTCHA system, a challenge-response test used on an estimated 200,000 websites to discriminate between humans and bots. A proof-of-concept attack, dubbed Stiltwalker, showed a stunning 99-percent accuracy ...
In a quiet and unexpected move, Apple released a document detailing the security practices and features of its mobile operating system, iOS. After years of secrecy about such things, this release can only be seen as a play for the ...
Law enforcement agencies are fighting an uphill battle in the emerging world of cloud technology; when data is no longer physically connected to a business, finding it, let alone obtaining the proper permissions to access it, can be a nightmare. ...
In 1975, IBM released the first "portable" computer. It weighed 55 pounds and cost just under $20,000. Adjusting for inflation, it would cost more than triple that as of 2012. We've come a long way since then; computers are now ...
In recent months, businesses have worried about the Stop Online Piracy Act (SOPA), the Protect IP Act (PIPA), the Anti-Counterfeiting Trade Agreement (ACTA), and most recentlu, the Cyber Intelligence Sharing and Protection Act (CISPA). Which, if any, of these proposed ...
The task of protecting midsize business from hackers, virus infections, and advanced persistent threats (APT) to date has been primarily focused on "defensive" measures. But some organizations use a different strategy, combining both offense and defense in their quests to ...
Employees remain the number one threat when it comes to IT security breaches, and thanks to the emerging "bring your own device" (BYOD) trend, such users are often a thorn in the side of IT pros attempting to manage the ...
Flame and sKyWlper are names given to the data-retrieving virus found on several Iranian servers. A recent wipe of data on Iran's energy industry computer networks flushed out the 20 MB of code that should not be there. Security experts ...
Businesses are constantly urged to get more social, but could making that move bring the risk of malware? Recent news suggests that it could. Security experts from Kaspersky Lab, the antivirus company, are warning that a cross-browser worm could spread ...
Mobile smartphones, laptops, and wireless and cloud computing make business processes quick and available for better sales and support for midsize productivity. The convenience of technology has made sales and customer support instant for the midsize business. However, with increased ...
Security analysts go out of their way to make the latest security threats known to businesses on a regular basis. However, businesses are endlessly trying to secure their data and IT infrastructure because much of the information about the latest ...
A complex malware known as Flame has reared its ugly head and has security research firms scratching their heads with wonder, trying to find the answers to several questions. Just how long this sleeping giant has been around is not ...
An interesting article by Kevin Casey over at Information Week seeks to throw water on the idea that SMBs are ...
A threat-prevention software company released a report that shows malware problems are increasing in both quantity and in breadth of devices affected. McAfee produces quarterly reports that provide threat statistics across categories of malicious software, including messaging, network, and web ...
CERT announced new tools to help developers produce more secure code. The three new tools are the Failure Observation Engine (FOE), Linux Triage Tools (LTT), and an improved version of Basic Fuzzing Framework (BFF).CERT is a program within the Software ...
As cloud providers of all kinds continue to focus on security as the last remaining barrier between many organizations and cloud computing, Google announces that its Google Apps for Businesses suite has achieved ISO 27001 certification. While on the surface, ...
A shadowy cyber war being waged across the Middle East has been taken to a higher level of scale and sophistication, a leading security research firm reported. The newly reported attack is apparently on a much larger scale than Stuxnet.The ...
A couple of weeks ago I was doing a consulting call with a small startup business (that in a short span of time is already performing outsourced cloud processing for a number of really huge clients) about information security and ...
Data breaches, hacking intrusions, and attacks due to weak and insecure software are reported in the news with troubling frequency. Each event and incident contains unique and newsworthy circumstances, but with each newly uncovered problem, there are similarities and patterns ...
Powerful new code called Flame is being called an "industrial vacuum cleaner" for sensitive information. At present, the malware is affecting only Middle Eastern countries. The global nature of the Internet, however, can cause a rapid spread to other locales, ...
A team of software security experts have uncovered eight new vulnerabilities in a number of popular Google cloud-based products. The announcement of the new vulnerabilities was made at a "Hack in the Box" security conference in Amsterdam.The team claimed to ...
In the latter part of 2011, the Trojan known as DNSChanger affected nearly 4 million PCs across the globe, from consumer machines to those used by enterprise and midsize businesses. Although the group responsible for the malware was arrested in ...
I am fresh off of spending a week in Singapore teaching a security workshop. The attendees were from Singapore and ...
Search engine giant Google is using its size and breadth to help stop the spread of a click-jacking malware infection. DNSChanger is a Trojan-style piece of malware that makes unauthorized changes to domain name system (DNS) settings on infected computers. ...
A discovery by researchers shows a vulnerability in many cellular networks which could allow hackers to hijack Internet connections and inject malicious code. Computer science researchers discovered a flaw described as an "off-path" style attack, different from so-called "man-in-the-middle" attacks. ...
IBM is serious about security and privacy--so serious that they've put into place measures to protect information such as banning employees from using the Apple iPhone4S voice-activated assistant Siri.In an unprecedented move - it is the only company reported to ...
There's some recent bad news for IT pros: Security company McAfee reports that the first quarter of 2012 saw the biggest spike in malware in the last four years. At the top of the list were password-stealing Trojans, rootkits, and ...
Yet another Trojan, this one disguised as an Adobe Flash update, is gaining access to unsuspecting users through a supposed courtesy message from Facebook, reports The Register. Users receive an email apparently advising them that their Facebook account has been ...
It is probably not what Facebook wanted in the news right after its IPO: Users are being attacked by worms. But every new technology option provides a new vector for malware. And the latest Facebook malware is a cross-browser worm ...
Microsoft released the latest volume of its Security Intelligence Report (SIR) this last April, and while the software corporation was able to boast a lower infection rate for its old flagship product, Windows XP Service Pack 3 (SP3), the same ...
The evolution of mobile computing has led to an explosion in tablet and smartphone sales among business professionals, with PCs now lagging behind. Consumers are drawn to the convenience and portability that mobile devices offer and are eager to use ...
According to analysts, one of the best specializations to have in the tech industry today is in the field of cybersecurity. American enterprises are actively seeking talented experts to fight the security battle in all types of industries. This demand ...
A whopping 9 in 10 employees are using their personal mobile devices for downloading work-related information. This trend suggests many companies still must enforce a tough mobile security policy for their employees.According to a recent CSO article, about half of ...
Sophos has launched its latest line of data protection packages, this time with small to midsize businesses (SMBs) specifically in mind. SMBs generally do not have the resources to employ large IT departments--making "ease of use" just as much a ...
Even midsize businesses must deal with social networking and the viruses that come along from users' private use. Midsize businesses that run social networking for SEO and marketing are susceptible to viruses, because they arrive as an email attachment and ...
Hackers, ranging from individual actors to large coordinated teams, continue to cause harm and worry to organizations across the globe. They exploit weaknesses and vulnerabilities in the code of web applications to steal information, damage corporate reputations, and extort behavior ...
The Android smartphone is enjoying its moment in the sun. The phone has made up 56 percent of the global sales thus far in 2012. According to a study by Gartner via ABS-CBN News, it beat out Apple's iPhone for ...
Small and midsize businesses (SMBs) are increasingly targeted for hacker attacks because they’re such tempting victims. Most small business owners are too busy managing their operations to worry about computer security or to acquire the knowledge needed to provide it. ...
New facts were released regarding the attacks at credit card processor Global Payments, and it is not good news for the company. The breach, initially thought to have occurred during a limited time in early 2012, now seems to have ...
One of the most significant issues posed by recent advancements in new computing technology is cloud security. The idea of placing sensitive company data on server stacks outside the control of in-house IT doesn't sit well with many midsize business ...
So, you've decided on a new mobile device policy which allows employees to use their own devices at work. "Bring your own device" (BYOD) policies have quickly gained popularity in many organizations.Business and technical executives buy into the allure of ...
An executive at security firm Kaspersky recently made some interesting comments to an industry publication, suggesting that Apple isn't nearly ready for the Mac OS and iOS malware issues on the horizon. Some quick corrections about the interview by Kaspersky ...
Mid-market IT executives should be taking steps to improve their security at an accelerated pace, in response to trends noted in a popular data breach report. An annual study by Verizon shows that hackers are changing their targets and tactics. ...
I was recently speaking with a friend on the phone, and she said, “I just had the most embarrassing thing happen! I had one of my Facebook friends send me a text teasing me about reading a rather sleazy article ...
Adobe is the leader in graphics and illustrations for the web. Most midsize businesses use graphics created by the Adobe Photoshop and Flash applications, and Adobe's Reader software is the primary application for viewing read-only documents. When the news was ...
A member of a notorious hacktivist group stated in an interview that there are 50,000 members in the group, that "eventually [they'll] win" over law enforcement officials, and that they can access every U.S. classified database.Christopher Doylan, known in hacking ...
Juniper Networks' recent survey results shouldn't be shocking to any IT professional at a midsize business who has had to contend with "Bring Your Own Device" (BYOD). The survey, formally titled A Global Study Indexing Consumer Confidence in Mobility, paints ...
The U.S. Federal Bureau of Investigations (FBI) issued warnings to travellers to be wary of malware infections from Internet connections at hotels.In an intelligence note from the FBI's Internet Crime Complaint Center (IC3), investigators have found that hackers and fraudsters ...
Keeping personal and sensitive data secure is an ongoing task for both individuals and businesses. Location tracking of mobile device users can compromise security. Most companies have information they don't want publicly available. In addition to proprietary data on processes ...
There are few givens in the world of technology, and those briefly got one fewer this past week when Adobe surprised the tech world with a radical decision to not patch a security hole in a few of its popular ...
IT admins are under the constant threat of attack from a variety of sources--cyber criminals, hacktivists, and malware. The greatest risks for midsize business IT, however, stems from employees and a new breed of malware, dubbed "ransomware," that has recently ...
Hacking and intrusions into web applications have increasingly become more common news events. A recent report from a software application-testing company reveals that an astounding 84% of web accessible applications were vulnerable to well-known, easily resolved risks.Appsec--short for "application security"--is ...
There's a new product on the market aimed at helping IT professionals at a midsize business weather the "bring your own device" (BYOD) storm. Avaya, a business communications company, recently released their Identity Engine (AIO) 8.0. As reported by InfoWorld, ...
The head of Interpol, the international police agency, said that organized criminal gangs are behind most cyber-crime attacks. Cyber-crime is also increasingly international in structure. The message for midsize firms and their IT managers: You are a prime target.Unlike politically ...
The PHP development group had to put in a rush effort to patch a critical vulnerability it thought it had already repaired. In this case, the failed patch was caught quickly, and the corrected version should be out by now. ...
Cloud computing is set to revolutionize IT, or so say the predictions of research firms across the globe. What often goes unmentioned along with such data is the way in which consumer clouds, which include the use of social media ...
A new malware infection denies access to computers until the victim pays ransom. The infection, now widespread across Europe, falsely claims that users have violated copyrights. For example they may accuse the user of possessing pirated music. The attacks are ...
A Chinese firm lost its Microsoft partner relationship after evidently leaking sensitive Microsoft security information. The incident is a further blow to China's security reputation. It is also a warning to IT managers at midsize firms doing business in China ...
SQL servers are an integral part of every small or midsize business (SMB) dynamic website. For this reason, SQL injection is one of the most common hack attacks against business websites. SQL injection uses the SQL language and security flaws ...
The Intel-McAfee partnership is set to take on cloud security issues, with the outlining of the companies' strategy to provide enterprises with data security products for use in hybrid and public clouds.Intel acquired McAfee in early 2011 with plans to ...
New information regarding a data breach at credit card processor Global Payments now suggests that the event began in 2011, months earlier than initially reported. Security researcher Brian Krebs reported on his KrebsonSecurity website that new details are emerging that ...
The FBI wants to create backdoor access to social networks, websites, and Web mail. Its goal is to make the Web accessible to FBI surveillance: the digital equivalent of wiretapping. The issue pits the post-9-11 security state against online privacy ...
Hactivism was the leading cause of compromised data in 2011, said Verizon in a recent study. Cyber criminals caused a greater number of breaches, but hactivists stole much more data. The investigation also showed that several of the breaches performed ...
Researchers behind Microsoft's latest biannual Security Intelligence Report found that the 3-year-old Conficker worm is still causing issues in many enterprises. Although Microsoft released a patch shortly after the malware was detected in 2008 and researchers haven't discovered a new ...
Facebook and Google have come under fire for using too much legal speak in their privacy policies. A survey performed by global strategy firm Siegel+Gale shows that most users do not understand Google's privacy agreement, despite Google's recent update for ...
Security outfit SANS recently did a survey on log and event management that reveals that although midsize business IT professionals are no longer struggling with how to collect, store, and archive log data, they still aren't using said data to ...
IT professionals at midsize businesses take note--May is no longer a light month for Microsoft patches. The computer giant is issuing seven patches to nix 23 bugs, almost three times the number they issued in May 2011.An Uptick in PatchesAccording ...
Most people don't put much thought into how the Internet works or how traffic is routed between networks, but to protect against data theft, midsize businesses should have a firm understanding of the technologies responsible for managing the Web. While ...
Since the Path app debacle earlier this year, a spotlight has been thrown on the issue of mobile privacy. It seems like just about everyone has thrown in their two cents as to who is responsible for protecting the privacy ...
Law enforcement agency websites are often the targets of "hacktivist" groups, though the reasons for such attacks are frequently muddled. On May 2, 2012, the British Serious Organized Crime Agency (SOCA) was forced to take its site off-line following a ...
IT professionals at midsize businesses beware: Conficker malware isn't totally out of the picture. The ubiquitous worm that was first detected back in 2008 caused numerous problems for IT professionals because of its ability to spread through networks without human ...
Selling or recycling electronic devices from the workplace may seem like the good, eco-friendly thing to do, but discarded data may pose a problem. IT managers should map out a policy to completely wipe company proprietary information that may exist ...
One would think that a reduction in the number of vulnerabilities across the world's systems and networks would result in a reduction in the number of malicious attacks as well, but new information from Symantec shows that the opposite is ...
Apple took a beating from the head of security firm Kaspersky Lab, who described the company as a decade behind Microsoft when it comes to security. But for IT professionals at midsize firms, the most interesting part may be the ...
GlobalSign, a firm that issues SSL digital Internet security certificates and related services, was embarrassed last year when a hacking attack knocked it offline for a week. Newly revealed, the cause of the security breach: A piece of open source ...
The security industry has followed a moat and castle strategy of defense for some time now. Collectively, tens of millions if not hundreds of millions of dollars or more has been spent on placing security technology at the perimeter of ...
My 12-year-old son said to me yesterday after getting home from school, “Hey, Mommy, did you know that Wal-Mart can tell when you’re pregnant? And so can Target! Even before anyone else knows! They got a girl in trouble when ...
Japanese automaker Nissan Motor Company indicated it experienced a security breach that compromised its systems and sensitive information contained therein. Executive vice president Andy Palmer said, "We have detected an intrusion into our company's global information systems network."The news release ...
Cookies are back in the news. Video content provider Hulu has asked a U.S. District Court to dismiss a 2011 lawsuit involving a more advanced version of web tracking code called a cookie. Supercookies, also called super cookies, Flash cookies, ...
With government networks no strangers to unwanted attacks and with the ever-increasing amount of Big Data being created each day, it's no wonder the White House wants to bring in effective security legislation. But while the latest offering, the Cyber ...
In a recent advisory, Oracle was crediting a security researcher with discovering a major hole, but poor communication between the researcher and the company led to the information being released to the public before Oracle had fixed the problem. This ...
According to a recent report from antivirus firm Sophos, it's not just Flashback Mac OS X users should be worried about--Windows malware is prevalent on Apple computers as well.That might not mean much to most consumers, but for midsize businesses, ...
Common network security threats were the focus of a hearing in Washington, D.C., this week. The hearing, dubbed "America is Under Cyber Attack: Why Urgent Action is Needed," comes just a few days before the controversial Cyber Intelligence Sharing and ...
HTTPS was supposed to be the secure Internet protocol. It was supposed to prevent "eavesdropping," among other things. When you entered passwords into a secured field, you were supposed to know that there was virtually no risk in doing so. ...
Google Drive, Google's long-awaited cloud storage response to things like Dropbox and SkyDrive, finally launched this week amid great fanfare and almost greater confusion. This confusion stems in large part from several clauses in Drive's terms of service, which make ...
Many companies now allow employees to use their own smartphones and personal tablets to carry out their work. They have been allowing secure remote access of employee computers to company networks for some time. Policies and procedures governing these practices ...
Mac users had a rude awakening with the recent Flashback Trojan epidemic, the biggest incident for OS X to date. Though Apple released patches, removal tools, and instructions over the past week, the decline in infected systems isn't what Symantec ...
The FBI warns that a DNS changer malware that infected hundreds of thousands of computers in late 2011 may cause users to lose Internet access in July. Midsize businesses need to be aware, particularly if they support users who log ...
Midsize businesses dependent on Macs beware: Flashback malware is still on a rampage. The collective sigh of relief after Apple finally issued not one, but two Java updates last week, was unfortunately too early. While it seemed like the botnet ...
No piece of malware, at least in recent years, has been as determined to stick around as Conficker. Despite patches and warnings, the worm continues to exist on over a million systems around the world, and new information from Microsoft ...
Bunking down behind the wall often seems like a good idea. It worked for defenders of medieval castles--at least when they were readying for a protracted siege--and many IT security pros see the supposedly strong and high defense of their ...
Virtualization source code from VMware, from 2003-2004, was obtained and placed online. The effects remain uncertain, though the company is downplaying the consequences. Even if these indeeed turn out to be minimal, the incident stands as one more warning about ...
That was the question raised at a recent House subcommittee hearing. And the subcommittee chairman's answer was "yes." The House of Representatives is not a hype-free environment. But under the breathless rhetoric lies a real concern.And the risks extend to ...
The cyber attack on Iran's oil facilities over the weekend of April 21, 2012, highlights the vulnerability of process and facility control systems and the lack of control system security. While IT has evolved extensive protections against data theft and ...
Google is increasing its cash rewards to white-hat hackers who identify vulnerabilities in its services. If you can hack Google, you now stand to earn up to $20,000. The rewards underline the ever-growing threats to cybersecurity. Google's program also underlines ...
Videos and written statements from "hacktivist" group Anonymous abound on the Web, and IT admins across the globe are concerned that their company might be next on the list; just last week, the Formula One racing website in Bahrain was ...
A computer virus infection hit Iran's oil ministry, wiping out data and forcing the ministry offline. The source of the Iran virus infection is not yet known, but in the wake of Stuxnet, it could be a further indication that ...
Oracle security patches are typically released on a quarterly basis. Tuesday was the release date for this quarter's patches, and the release was a big one. Oracle announced they were releasing 88 patches to cover 10 different Oracle products. That ...
Microsoft believes that the consumerization of IT is here to stay and is easing the path for "bring your own device" (BYOD) Windows gadgets in the workplace. This is a smart move for Microsoft. It is also good news for ...
The Cyber Intelligence Sharing and Protection Act (CISPA) is encountering growing resistance as it heads toward a vote in the House of Representatives. The bill is intended to allow firms to share cyber-security information and is supported by several major ...
I am working with the IBM Midmarket group on a webinar on May 15th at 2pm eastern time. The webinar: ...
For many mid-market and SMB firms one of the benefits of using Apple Macs was that you didn’t have to ...
Cloud-based storage targeted at the consumer market has seen some explosive growth over the past few years, with big players like DropBox, Apple, Microsoft, and Amazon using similar tactics to provide people with a stable, reliable, and simple storage system. ...
There are many weapons in the computer security arsenal, but if you want to defend your company's computers from the wide variety of security risks out there, just one isn't going to be enough. Each potential issue requires a protocol ...
A hacking attack on Utah police agencies that left the Salt Lake City Police Department website offline for nearly three months has led to the arrest of an Ohio man. The man accused of the Utah hack is said to ...
Defending local data has long been a priority for midsized business IT, and with greater network connectivity and hacker sophistication, the need for strong walls around secure data has only increased. Now, cloud technology offers businesses a golden opportunity for ...
It's no surprise that IT pros aren't exactly enamored with the practices of most employees when it comes to keeping a network secure. Partly it's apathy by end users that helps fuel breaches big and small in a company's network ...
The IT world is constantly evolving, taking the innovation of yesterday and building on it to create robust new technologies that change the entire face of the industry. Currently, both the advent of cloud computing and the bring-your-own-device (BYOD) movement ...
The Utah breach of data systems at the Department of Health on March 30 has highlighted the increasing vulnerability of sensitive data to cyber attack. Eastern European hackers are believed to be behind the breach and have downloaded the social ...
Just when everyone is saying that that the consumerization of IT, and especially "bring your own devices" (BYOD) is inevitable, two news stories highlight the mobile security problems posed by consumer devices. One threat is direct; the other is more ...
When it comes to data storage, the midsize business has a number of options, from storage in the cloud to digital tapes. There are a wide number of digital archival solutions available. With a carefully planned backup procedure, security provisions ...
Last week I provided Howard Anderson at HealthInfosecurity.com with some of my thoughts about the recent Utah Department of Health breach of the files of 900,000 individuals, and counting. He included some of my thoughts in his blog post, along ...
Apple's turn in the malware spotlight doesn't mean Windows is in the clear when it comes to attacks. A brand new ransomware variant is leaving users unable to boot up their computers unless they pay a fee.The Trend Micro blog ...
There used to be a simple truth in the IT market: if you used Microsoft products, you were vulnerable to IT security threats. Windows and its subsidiary systems were known as not simply flawed but almost ludicrously so, while Macs ...
The U.S. Court for the Ninth Circuit has rendered a decision that changes how organizations and companies can use security measures to protect their data and intellectual property (IP) against employee theft.In its ruling in U.S.A. v. Nosal, the Court ...
The "Anonymous" hackers may have been stung by the FBI, but they have not been perceptibly slowed down. Their exploits continue, most recently aimed at the Chinese government on the one hand, and tech and telecom trade associations on the ...
IP theft is one of the top three cyber-security problems, yet very few cases are investigated every year. While instances of large-scale neighborhood bandwidth theft cases were prosecuted in the last year, it is a lack of legal protections under ...
Despite spending major amounts of money to secure data and applications, organizations that rely on electronic media are missing the boat when it comes to the most important aspect of network security. Poor use and choice of password is one ...
The prevalence of enterprise technology consumerization is increasingly prompting industry leaders to begin taking a closer look at the implications of consumer technology in the workplace. It seems that some companies are moving forward without completely understanding all the impacts--especially ...
T-Mobile, AT&T, Verizon Wireless, and Sprint have all agreed to join forces with the Federal Communications Commission (FCC) and local police departments to create a stolen phones database. According to MSNBC, the database promises that phones and cellular tablets that ...
Security and the cloud go hand-in-hand, though many experts still consider the security half of the duo lacking a firm grip. Many midsize companies cite security (or a lack thereof) as one of their main reasons for steering clear of ...
Cyber criminals are taking it to the cloud. The Zeus malware, an online banking malware, is now targeting cloud-based payroll services. According to PCWorld, the researchers affiliated with the security firm Trusteer have come across a configuration of the ubiquitous ...
As Windows Vista and Microsoft Office 2007 reach the five-year mark after their arrival on the scene, Microsoft is moving the two programs off their mainstream support policy and into extended support. The move is a part of the natural ...
News of the now widespread Mac malware, the Flashback Trojan, has inundated newspapers, magazines, forums, and social networks. Over 600,000 Macs have been infected with the malicious software--and the worst part is that affected users could have done little to ...
IT professionals working in the industrial sector should be on alert for two new exploits that could allow a hacker manipulate critical infrastructure. The exploits are similar in nature to the notorious Stuxnet, the worm that enabled attackers to take ...
Now is the time to check how your company's computers are using Java. Enterprises that favor Macs are unfortunately at risk for a new variant of Flashback malware, thanks to a Java plug-in vulnerability that has yet to be patched ...
Microsoft security patches for April include one described as "interesting" and a "head-scratcher." That particular patch evidently involves a deep-level function that affects several Microsoft applications.While this set of patches is exceptional, it highlights the unending toil of maintaining security. ...
"Bring your own device" (BYOD) is an ongoing and growing headache for IT managers. Employees, including top executives, want to bring their mobile devices to work and use them on the job. ("Mobile devices" seem to especially signify iPads.) And ...
Executives at MasterCard and Visa have alerted management teams at U.S. banks of a potential breach that may affect over 1.5 million credit cards. The compromises were reported to have occurred between January 21 and February 25, 2012, according to ...
Most workers--sometimes even members of the IT staff--download extensions from places like the Google Chrome Web Store or the Mozilla website without a thought. People expect these websites to be safe and assume that each add-on is checked for malicious ...
IT professionals should expect to see improvements in digital security as microchip manufacturers direct their focus towards protecting mobile devices against fraud and other cyber crimes.On Tuesday, ARM announced a joint venture with Europe-based security firms Gemalto and Giesecke & ...
Google Chrome is now the browser of choice for the U.S. Department of State, but what does this imply for the average consumer? In an announcement made by the Secretary of State Hillary Clinton reported by Tech Republic, a possible ...
Google's cloud services for hosted development are getting reinforced security protections. The new security layer employs certificate-based Service Accounts. These systems rely less on human factors than conventional measures such as passwords or shared keys.This beefed up security coincides with ...
A recent Microsoft security failure, a zero-day exploit, seems to implicate precisely the system designed to prevent zero-day exploits. And this in turn points to the deepest challenge of security: Who keeps watch on the security guardians?Security measures must be ...
A data breach at Global Payments left 1.5 million credit card numbers across all major card brands exposed; the hackers may have gained access through an administrative account that was not sufficiently protected. According to a CNN Money article, Visa ...
A recent report from Seculert should drive home the need to follow best practices when securing networks and network-capable devices from malware. Social networking is widespread, with Facebook capturing over 800 million users, so it should come as no surprise ...
Many if not most hackers are amateurs, in it for the thrill. The same goes for the many security enthusiasts who fight back against them--which is one reason why Britain's Cyber Security Challenge event is seeking to enlist amateur talent ...
Over the last several years, the credit card industry has tightened the rules on how merchants and processors must secure credit card data, but the security measures themselves may no longer be effective to prevent a data breach. The rules ...
Though the Do Not Track (DNT) mechanism has been around for a while, Yahoo announced that it's joining the bandwagon and going to implement the service on all of its websites starting this summer. DNT lets users opt out of ...
Though it happens infrequently, security researchers have discovered an email-based attack that installs a remote access Trojan horse onto Mac OS systems via Microsoft Office. According to InfoWorld, the emails target Tibetan activists groups by sending out infected Word documents ...
Google has recently decided to combine its more than 60 user agreements into a single user agreement. They have also decided to link and store all information gained from users who access their services into a single database. In other ...
Many leading web technology companies rely upon a standard Single Sign-On (SSO) web service for authenticating user's login information. A study performed by Rui Wang and XiaoFeng Wang from Indiana University and Shuo Chen from Microsoft found several security flaws ...
AVG released an update to both the paid and free versions of its popular security suite. The update includes the ability to block "tracking" ads that follow users around the Internet. Other consumer-oriented protections in the mid-season update include protection ...
Mozilla has announced that its popular Firefox browser will soon use encryption of Google searches as its default. Last December the two organizations renewed the Firefox-Google search alliance, with the browser continuing to use Google as its default search engine. ...
De-identification is a great privacy tool for all types of businesses, of all sizes. If you have personal data that you want to use for research, marketing, testing applications, statistical trending or some other legitimate purpose, but you don’t need ...
After patching 14 Chrome bugs in early March and dishing out a whopping $47,500 in rewards to the researchers who discovered the vulnerabilities, the ubiquitous search giant is once again patching and paying for it. According to ComputerWorld, in its ...
Stories about the latest exploits of Anonymous and its offshoots appear in the headlines almost once a week; distributed denial-of-service (DDoS) attacks are the group's claim to fame, and most of the cyber criminals' victims never see it coming. Of ...
A Microsoft civil lawsuit filed under the Racketeer Influenced and Corrupt Organizations (RICO) Act was the impetus for a raid on two data centers. Microsoft and its partners conducted a raid on Continuum Data Centers and BurstNet, seizing servers and ...
The battle over Internet piracy is not dead; it currently resides in Davy Jones' Locker. Both the Stop Online Piracy Act (SOPA) and the Protect Internet Protocol Act (PIPA) have been postponed indefinitely. But that has not stopped supporters of ...
Microsoft, along with its 79 antivirus security partners in the Microsoft Active Protections Program (MAPP), is rightly concerned with the concept of zero-day attacks. A Microsoft security leak isn't exactly uncommon, and the last several years have seen a number ...
At the behest of a U.S. Federal Communications Commission (FCC) advisory committee, four major U.S. Internet service providers (ISP) have agreed to put cybersecurity at the top of their list of priorities. According to Infoworld, Verizon Communications, AT&T, Comcast, and ...
Hacktivisim, the act of stealing data from companies as an act of political or social protest, is on the rise. Enterprise-level companies were the victims of significant data thefts over the course of 2011, and many midsized businesses are understandably ...
IT departments should be on the lookout for a different kind of malware--one that installs itself not to the hard drive, but to the RAM. Security experts at Kaspersky Lab discovered the malicious program after receiving a tip from an ...
The Defense Advanced Research Projects Agency (DARPA) recently announced that it would fund research to develop a new type of authentication technology. Dubbed "cognitive fingerprint" technology, DARPA envisions that users will one day be able to begin working at a ...
Microsoft Security Essentials, the company's lightweight security suite, is gaining users rapidly. It has now muscled its way into contention with established security market leaders such as AVG and Symantec.The significance of this market success goes beyond the product itself. ...
The bring-your-own-device (BYOD) movement is on, whether businesses want it or not. Employees are increasingly taking their own tablets and smart phones into the office, and the big problem is that there usually aren't any security steps taken by their ...
In case you’ve not paid attention to the news in the past week, there has been a barrage of stories (over 1500 turned up in a quick online search) about organizations asking job applicants and employees for their Facebook, Twitter, ...
Security experts have discovered a growing trend among malware authors: some attackers are now signing infections with stolen digital certificates. IT departments should brace themselves in preparation for this emerging threat, as most malicious software using this technique can circumvent ...
Midsized businesses should be aware of a functional "Anonymous operating system" possibly riddled with Trojans that is available for download from Source Forge. According to an article from BBC News, the operating system has already been downloaded 26,000 times. The ...
IT security challenges are increasing because of the growing volume of information and increased connectivity due to mobile platforms. At the same time companies are connecting critical infrastructure control systems to IT networks and placing them at risk. While all ...
A hacker who claims to be affiliated with the "Anonymous" group hacked into a British abortion provider's database and stole 10,000 client records. The event marks the merging of the hacking wars with the contentious politics of abortion.Twitter Boast Led ...
Microsoft released six security updates on March 13 to patch holes in Windows, Visual Studio and Expression Design. One update is ranked "critical," four are ranked "important," and one is ranked "moderate." The critical update affects all versions of Windows ...
Sponsored by the British Government Communications Headquarters (GCHQ), the UK Cybersecurity Challenge (UKCSC) recently named its champion: a 19-year-old from Jesus College, Cambridge. The challenge, supported in part by companies like HP and Cassidian, aims to mimic an actual cyber ...
In a society where knowledge is power, data breaches are an absolute disaster. But despite security programs, passwords, encryption, and urgings of secrecy from higher-ups, much of the data that companies harbor still manages to find itself into the wrong ...
US Senator Charles Schumer has asked the Federal Trade Commission (FTC) to examine two of the world's largest companies, Apple and Google, over reports that programs operating on their mobile operating systems are violating rules and policies regarding user privacy, ...
The National Cancer Institute (NCI) performed a study to determine the effectiveness of cloud computing versus the old paper trail. The study, started in 2010, has proven that transforming the pharmaceutical industry into an electronic environment is both secure and ...
Not too long ago, Kaspersky released information regarding the Duqu Trojan, which included evidence suggesting that the virus had been in the works for several years--far longer than originally thought. Now they have discovered that parts of the Trojan's code ...
On the morning of March 6, 2012, law enforcement agencies in the United States and the United Kingdom made six arrests of suspected hackers belonging to high-profile groups Anonymous, Lulzsec and AntiSec. Those arrested were described as "principal members" of ...
Top government officials appear to finally begin paying much more attention to cyber threats. In a series of public meetings and classified closed-door meetings, FBI Director Robert Mueller, members of the Defense Department, and White House National Security Adviser John ...
Security is always at the forefront of people's minds at the RSA Conference in San Francisco. At the recent conference, keynote speakers warned IT managers that the full-time job of keeping their data secure is harder than ever and that ...
Now that I have had a few days home from the RSA Conference to digest what I saw and heard, ...
Times, they are a changing. It seems as if big business is finally opening up to the benefits of social networking sites like Google+, Facebook, and Twitter. While employees may rejoice over the fact that they are no longer blocked ...
NASA has a $1.5 billion technology budget, but only $58 million of that allotted cash was spent on security, according to Paul Martin, the NASA Inspector General who reported on NASA's security issues. The announcement shows that even high budgets ...
The "Anonymous" group of so-called hactivists took its revenge on the FBI for arrests that agency made after one prominent member of Anonymous became an FBI informant. But the revenge did not target the FBI. Instead, the hackers hit a ...
Zscaler ThreatlabZ, the research team for the Zscaler security company, recently released their 2011 "State of the Web" report in which they analyze enterprise web traffic in order to identify vulnerabilities and potential threats. The results were fairly unsurprising. According ...
It seems like a week can't go by without Google being in trouble for their privacy practices. Only a few days after rolling out their controversial new privacy policy, the search engine is once again in hot water both in ...
Smartphones are an enormous convenience and an unavoidable fact of life. Mobility should be a boon for IT as well. But security worries have made mobile devices a leading IT headache. Vodafone hopes that "Secure SIM" will help alleviate this ...
One of the most important trends in current IT security is the use of talent--no matter where it's found--to correct security issues in browsers, legacy systems, and virtualized server stacks. While IT pros remain the preeminent source of all things ...
Cisco announced its new "context aware" firewall technology, designed to give IT professionals more insight and access over applications, devices, and users' level of access to resources on the network. An article on CNN cites a Gartner report that identifies ...
The National Security Agency (NSA) has developed a secure Android phone, dubbed the "Fishbowl," with 100 of the devices currently deployed in a test of the technology. Further, the agency has shared the system specifications by publishing them online in ...
Google and mobile apps providers have been collecting personal information without asking permission, the former by circumventing the settings of the Safari browser and the latter by downloading address books. While such actions are clearly against the basic principles of ...
IT security is a key element in the fortunes of midsized businesses and something IT departments want to educate other employees about in order to minimize the number of security breaches. But even with an increased awareness, a number of ...
Vendors and industry representatives at this year's biggest security conferences, the RSA conference, the CSU's CISOA/SecureIT Joint 2012 Conference, and the InfoSec World Conference & Expo 2012, are focused on security, as usual. Whether product vendors are addressing the hazards ...
Apple and its popular iPhone and iPad are the focus of another security and privacy issue for the third time this year. Software application developers are indicating that the latest issue is related to enabling location for particular apps.Many apps ...
It's no secret that "bring your own device" (BYOD) is not favored among many IT professionals. Unfortunately though, as smartphones and tablets become more integral to the work day, it looks like asking employees to leave their personal devices at ...
Executives who question the value of their security programs and the associated costs may want to consider talking with leaders at Best Buy. Officials for Best Buy in Greenville, South Carolina, apologized to a woman who complained to store managers ...
Scott Charney of Microsoft and Art Coviello of RSA opened the recent RSA conference by telling the audience members that they should no longer focus on attempting to defend the perimeter of cyber networks from potential hackers. Instead, they should ...
The United States government will be testing the next wave in mobile security this spring. LG, while not known for the most secure mobile devices in the world, will be providing the U.S. government with prototype phones that have two ...
It looks as if malware and hacking have once again topped the list as the predominant causes of enterprise data breaches. As a precursor to their Data Breach Investigations Report (DBIR), Verizon has released a glimpse of their caseload called ...
As of March 1, 2012, Google's new privacy policy rolled out along with promises from the company that it would make for a "beautifully simple, intuitive user experience." But while that's the line the company sells, many small and midsized ...
I am looking forward to the day when we can look at the news headlines and not see some report about a lost or stolen computing device or storage device that contained unencrypted personal information and/or other sensitive information. And, ...
Keynote speakers addressing the audience at the RSA Conference 2012 warn IT executives that with changes in how data is used and accessed through cloud computing and mobile technology, they should begin to review how they secure their information. Rather ...
Mobile devices, such as Androids, new BlackBerry and iOS devices are currently susceptible to malware attacks that can take control of the mobile device, leaving the user helpless to retake the device. The vulnerability exists in the WebKit browser, the ...
Stricter mobile privacy policies are in place thanks to new California laws that will require mobile apps to post privacy policies. These policies should send a wake up call to small and midsized businesses that understand the importance of mobile ...
If you speak to many analysts in the information security space they will tell you that all roads lead to SEIM. Security Event and Information Managers represent the pinnacle of security technology. They proverbially tie the bow around all of ...
The newly consolidated Google privacy policy is set to take effect March 1, 2012, but not without skepticism from several well-respected critics. The European Union has asked the Internet giant to put the policy on hold, while 36 U.S. attorneys ...
In early February, Google released a new service that is code-named Bouncer and which is designed to scan the Android Market for malicious applications. Unfortunately, scammers have adapted and found a new way to spread malware to unsuspecting users--through Facebook.Vanja ...
As businesses become more dependent on Internet sales and service to support their bottom line, the desire to capture customer data is also increasing. Midsize business IT professionals, for example, are often tasked with not only delivering Web sites that ...
Smartphones have come into the workplace in a big way, and there is no stopping the trend. The devices have simply become too pervasive. And smartphone security is a major headache for IT managers and security professionals. The devices are ...
A blog post from a software developer shows step-by-step hacking instructions for a popular Internet dating website. It describes how to use photos tagged on Facebook to reveal the name of an owner's confidential profile on Match.com.The method uses a ...
Ask IT professionals what concerns them most and they'll likely talk about increased movement to the cloud or virtual servers, along with a greater demand from management for integrated systems--even across hardware that isn't local. Mention security concerns, and they're ...
Security professionals use a portfolio of defense measures against attackers who use a variety of offensive weaponry to cause harm or embarrassment or to steal sensitive and valuable data. One of the more troublesome of these offensive weapons are known ...
Security continues to dominate headlines with news of breaches and attacks. For many years, security was considered to be exclusively a technical function, one that was only the concern of technical teams. The frequency and magnitude of problems, combined with ...
Officials at Internet giant Facebook today revealed that they have knowingly read user email messages. The release of the practice is only the latest story which follows a recent string of other events that have heightened privacy concerns from users ...
Google has received a lot of flack since news emerged last week that the tech conglomerate had circumvented privacy settings in Apple's Web browser, Safari. Now, lawmakers and interest groups are requesting that the Federal Trade Commission (FTC) investigate the ...
Researchers recently discovered a new Android app store that exists solely to distribute malware. The malicious app store is almost identical to the actual Android Marketplace, but the app store isn't the real deal and neither are the apps. Instead ...
Google recently announced their work with Bouncer, a tool they're using to scan the Android Market for malware. In the original release, they didn't specify how long they had been testing it, only that it had been "a while." It ...
Social media site Twitter is rapidly becoming a necessity for businesses of all sizes to both connect with customers and ensure they stay on the leading edge of trends instead of falling behind. Tweets have become instrumental in not only ...
IBM isn't sitting quietly by while other companies carve up the new technology marketspace--they've been busy acquiring start-ups of all types over the last year. In fall 2011, Big Blue got their hands on the QRadar security solution from Q1 ...
Security professionals and business professionals share something in common with medical professionals: They all agree that a small measure of prevention is preferable to a large measure of cure. But justifying security program improvements to executives can be a challenge. ...
McAfee reported that over 75 million unique malware samples were identified in 2011, with mobile malware quadrupling to 400 in the year's fourth quarter. According to an article in ZDNet, The large spike was largely due to Android mobile malware, ...
In the case Facebook v. Power Ventures, it looks like the social networking site has claimed the victory. Facebook initially sued the owner of Power.com, a site that allows users to gather data about themselves from various networking sites, back ...
“Is a W-2 form protected health information?” is a simple question with a complex answer that begins (I know, to the nail-biting chagrin of many), “It depends…” First the full question: “If a scan of a W-2 is submitted as ...
Windows 7 was initially released mid-2009 as Microsoft's newest operating system. A report released this week titled Windows 7 Security Deep Dive examines the new security features of Windows 7, which with over 500 million licenses sold globally, is the ...
User identity is the next big issue in cloud computing safety according to security firm Ping Identity, which recently announced their 2012 Cloud Security Summit in Vail, Colorado. New cloud technology is quickly making legacy security programs that rely on ...
As the top stand-alone security and antivirus firm, Symantec remains in the headlines about its precious software codes being exposed--and small and midsize businesses are left to wonder where they stand. Just recently, TechWorld reported that exploit code targeting vulnerability ...
Mobile payments provider Braintree is offering tools for making mobile payments through an app--without a browser. The development underlines the growth of smartphone payments technologies and the security challenges they bring.This fast-growing industry will pose challenges for some firms, notably ...
It seems Google doesn't think you should trust users with their passwords. Google has started developing a new feature, the Chrome password generator. And it is a good point to consider. While the IT crowd is smart with their passwords, ...
Many employees are no longer satisfied with company-issued devices for Internet access, company network access and business email. They prefer to use their own smartphones or tablets to seamlessly transition from private use to company business. They resist having to ...
U.S. and European officials are claiming that Iranian engineers have neutralized and removed Stuxnet, a worm designed to target industrial systems, from nuclear facilities in the Islamic Republic of Iran.VirusBlokAda, an antivirus software vendor based in Belarus, first announced the ...
Stuxnet has gained notoriety as the first cyber weapon reported to be deployed with impressive results. Thousands of Iran's nuclear centrifuges were apparently destroyed by the computer virus. Now Iran is telling its side of the story.Iranian security officials are ...
Is the FBI really going to turn off the Internet on March 8? Don't worry, the web will only go dark for computers infected with the DNSChanger virus. You can make sure that your company's computers are virus free with ...
Smartphones are hot. Shipments grew an estimated 54% in the fourth quarter of 2011, driven by holiday giving and by attractive new and updated devices. But for enterprise security and risk teams, more smartphones around the office mean more work ...
A new round of privacy concerns about search giant Google surfaced after researchers revealed an apparent bypass of privacy settings in Apple's Safari browser. At issue is the method of how cookies are installed in browsers, and whether Safari users ...
A recently released FireEye Advanced Threat Report 2H 2011 shows that, in the second half of 2011, pay-per-install malware is the fastest-growing threat, along with information stealing programs. Reports such as these are critical for IT professionals to assess where ...
Google updated its Chrome browser this week, fixing 12 security flaws, including 7 rated as critical. The new release also includes an updated version of the Adobe Flash video player, also patching seven critical security flaws.The bad news is that ...
Recent communications between Symantec and a hacker linked to Anonymous underscore the need for businesses to protect against potential security threats. According to an e-mail exchange posted to Pastebin on February 6, 2012, a Symantec employee named Sam Thomas agreed ...
IT security is an ever-changing branch of the Internet marketspace--one that is by nature reactive rather than proactive. No matter how well paid IT security admins may be or how much effort is put into developing security countermeasures, they are ...
On Wednesday, Adobe released seven critical patches for Flash Player addressing vulnerabilities. The list includes a cross-scripting flaw in the browser plug-in that targets Internet Explorer users in a phishing attack. According to PCMag.com, attackers could potentially take control of ...
Facebook has begun allowing celebrities to use pseudonyms. On the face of it (so to speak) this is a substantial change for a company that has always insisted on use of real names and identities. But even apart from the ...
Researchers have discovered an infrastructure flaw in the method of public key generation. The result of that flaw is that a small percentage of public keys are insecure. The problem was identified as a flaw in the random number generation ...
Though it was purely coincidence, it's rather bittersweet that Microsoft announced some serious vulnerabilities in Internet Explorer 9, 8, and 7 on Valentine's Day. It's as if they were showing their love for their users by warning them of these ...
iPhone users think twice before downloading apps--you may be inadvertently allowing a third-party access to your business contacts. This week Apple found itself under fire from the U.S. House subcommittee on Commerce, Manufacturing and Trade for its policy--or lack there ...
Security programs have always been both boon and bane for midsized business IT; while they're necessary to keep thieves and hackers away from sensitive data, they often seem to be more trouble than they're worth. Typical security consoles are unwieldy, ...
The "Anonymous" hacker group has caused headaches for Western organizations including the FBI. Now the group has also hacked the Syrian government. And Anonymous had some help--from user carelessness about passwords.The government of Bashar al-Assad has more immediate concerns than ...
A recent vulnerability discovered in several varieties of HTC handsets serves as an important reminder of the security risks personal mobile devices present. These phones had access to network credentials and likely leaked WiFi passwords. As a senior IT professional, ...
Security expert Larry Clinton called for businesses and government to "modernize our notion of what constitutes cyber defense," saying that organized advanced persistent threat (APT) attacks are a main cyber-security concern. According to an article from Federal News Radio, which ...
Security breaches were the norm for VeriSign during 2010. No one knew until the company admitted that there had been multiple security lapses in late 2011 leaving many questioning whether the company can still be trusted. Of course, management can't ...
Security firm Trustwave reported that the most likely time for email viruses to strike companies is between eight and nine in the morning. This peak time correlates with the time when employees are most likely to check their email. August ...
Google Wallet has suspended use of prepaid cards after two hacks that exploit them were identified. The episode is not just an embarrassment for Google Wallet, it is also a setback to industry efforts to establish mobile phones as a ...
Should you be worried about Rootsmart malware on your company phone? The Internet's been buzzing over a recent report by a renowned malware researcher that set Google's Bouncer on its ear, but the latest patches enabled for Android phones may ...
Search giant Google is constantly looking for ways to improve user experience. The company's browser, Chrome, is now used by approximately 20 percent of the online population. Internet Explorer remains the dominant player in the game, however, especially among IT ...
The Electronic Privacy Information Center is going to court to try and block changes to Google privacy policies. At stake: not only the legal framework for online privacy and security, but the future of big data and targeted advertising.Another legal ...
The new Path social network, advertised as a "smart journal" that you can share, was found to be uploading users' mobile address books without consent. According to an article in PC World, the apparent privacy breach was uncovered by iOS ...
Digital security is an increasingly important part of any midsize business IT strategy, and IT admins have the unenviable job of making sure users are correctly accessing services and taking the heat if something goes wrong. Part of ensuring a ...
Vice president of Android-engineering Hiroshi Lockheimer recently announced a new app-scanning service called Bouncer. As you probably know, the Android Market is riddled with malicious apps that are often indistinguishable from legitimate apps, at least to the average naked eye. ...
When FBI officials held a conference call about cyber crime with their counterparts at Scotland Yard, someone else listened in. The "Anonymous" hackers publically released a transcript of the call.The episode is only the latest demonstration of Anonymous' technological prowess. ...
The initial public offering (IPO) by tech security vendor AVG may not be getting the media buzz that a certain social networking firm's IPO has been attracting. But for IT professionals at small and midsize businesses (SMBs), developments in the ...
IBM recently released its beta version of Endpoint Manager for Mobile Devices. The tool is their attempt at solving the prominent issue of the "bring your own device" (BYOD) movement. This is pretty self-explanatory and not even really news, considering ...
Under European Union law, the responsibility for protecting personal data falls on the company that collected the information. The 1995 Data Protective Directive outlined what are now the current Internet laws that the EU follows. When this directive was created, ...
Carrier IQ is a software used by several cell phone carriers to record the data of their users. Trevor Eckhart found the Big Brother-esque software hiding deep in the root of many cell phones' operating systems. The software records what ...
Symantec is facing a class action lawsuit for allegedly scaring users into purchasing the full versions of their products. While this is common of malware-delivering applications posing as legitimate anti-virus products, it's relatively unheard of from the legitimate companies themselves. ...
Two security firms looking into suspicious activity at defense contractors and government agencies found that hackers had been exploiting weaknesses since 2009. The methods used to exploit these companies offer a prelude for the next few years of security headaches.Invitation ...
Security continues as a top priority for businesses moving any or all of their IT into the cloud--even giants like Sony have seen their servers compromised, and investigations into hacker groups such as LulzSec have spilled over to businesses who ...
Security start-up AlienVault recently drew attention by making off with seven security execs from Hewlett-Packard. Now it is turning more heads by drawing $8 million in funding. The double coup testifies to strong IT interest in security information and event ...
Google, Facebook, Microsoft, and 12 other major firms are developing an antiphishing standard. The new standard is designed to protect both firms and consumers against "phishing." This widespead cyber-crime tactic exploits trusted company names and logos to trick consumers into ...
"Frankenmalware"--a virus-infected hybrid malware--is a new and growing security threat. BitDefender recently found that about 0.4 percent of 10 million infected files sampled contained the hybrid and believe that this is representative of about 260,000 hybrids in the wild, according ...
Not too long ago, Microsoft announced a new login option for Windows 8 where you touch certain points on a picture in a specific pattern. The inventor of RSA's SecurID token said it was cute, but not serious Windows 8 ...
Mykonos, a San Francisco based web intrusion prevention systems (WIPS) start-up, raised $4M in early stage venture funding for a security system that uses deception to potentially "hack the hacker." Instead of merely blocking access, the system gives the hacker ...
In a move unheard of among technology and security experts, Symantec, maker of both the Norton line of antivirus products and remote-PC program pcAnywhere, has announced that not only was its security breached in 2006 by an unknown organization and ...
The European Commission has issued new rules to provide stronger privacy protections across the European Union. The new rules will impact the privacy and security procedures of all firms doing business in Europe.At one time, European regulations would have mattered ...
Sourcefire recently announced the release of its FireAMP software, which harnesses the power of the cloud to provide malware protection to businesses. The release is one more example of the rise of cloud-based security, which uses the massive computing power ...
A YouTube video purportedly posted by Anonymous threatens to take down Facebook on January 28 using a distributed denial-of-service (DDoS) attack. Using the tagline "We are uniting humanity," the video invites the public to become part of the "first official ...
The National Security Agency (NSA) recently released Security Enhanced Android (SE Android). As you probably know, the Android operating system (OS) used in various tablets and smartphones is rather disappointing when it comes to security. Numerous reports state that malware ...
A security expert at Rapid 7 found that common videoconferencing equipment could give hackers access to company conference rooms and boardrooms. An investigation led by chief security officer HD Moore with Rapid 7 began when he wrote a program to ...
In a tear across the Internet, Anonymous unleashed its fury in retaliation for the shuttering of Megaupload, using the unwitting public to take part in massive distributed denial of service (DDoS) attacks against US government sites and entertainment industry sites. ...
The controversial Stop Online Piracy Act (SOPA) is dead, or at least on life support. But the online protest that blacked out several prominent websites has been followed by a murky series of events.First Congress abandoned, at least for now, ...
Social media sites are booming. The amount of personal information folks are choosing to post to them, such as photos, videos, original stories, thoughts, gossip, and so on, is exploding. Marketers are drooling at the prospect of using all that ...
Securing port 80 is always a good idea, but for a long time, many IT departments may have only been securing this port and ignoring other less frequently used ports. A new report from Palo Alto Networks shows that this ...
On January 17, 2012, Oracle released its first Critical Patch Update (CPU) of the year, which addressed a total of 78 security issues found in a variety of its products. But with many small and midsize business (SMB) users pleased ...
An old episode has resurfaced in an awkward way for Symantec. The firm admitted that 2006 vintage source code for its flagship Norton security suite was stolen from Symantec itself, not a third party.The Symantec security breach is doubly embarrassing ...
There's a fight brewing over cloud access, but it isn't big providers slugging it out for a share of the market or start-ups trying to get their foot in the door--it's governments like those in the United States, France and ...
The Koobface botnet has been amassing a huge number of zombie PCs since its inception in 2008, but new reports about the identities of the people behind the scheme could bring the system down. The Koobface episode, which is far ...
When Congress convenes on January 17, 2012, one of the bills on the table for consideration and vote is the Stop Online Piracy Act (SOPA). While piracy, copyright infringement, and theft of important intellectual property should not go unpunished, this ...
IBM recently announced the launch of its new "Security Role and Policy Maker" software, which is now part of the company's IBM Security Identity Manager suite. The software is designed to make the process of applying security permissions significantly easier ...
Role-based security is a powerful concept in security policy: In a nutshell, the job responsibilities of people in an organization determine what access permissions they should have. The bad news is that defining roles can be a tedious process. And ...
Shoe and clothing retailer Zappos reported that 24 million customers' personal information may have been snagged by hackers. The incident is the latest to highlight the risk of large-scale data security breaches.As a further complicating twist to the Zappos hack, ...
Japan is developing a defensive cybersecurity virus that tracks down attacks to their source. It can follow a chain of "springboard" computers, disabling the attack software as it goes as well as sending back intelligence information.The account of this cyberweapon ...
Last year showcased a number of vulnerabilities in IT security for big and small companies alike--with standouts like Sony, Facebook, and Amazon taking much of the brunt of consumer displeasure. Hacker organizations in the form of Anonymous and Lulzsec also ...
According to security experts, hacktivist-led cyber attacks will escalate in 2012 with more attacks against businesses and government. What is even worse is that because of the inherent nature of independent hackers, most will get away with it and not ...
The Ramnit virus has evolved into a serious threat to the enterprise, largely due to its modification with ZeuS botnet code. The result is hybrid malware with the ability to infiltrate and capture almost any web session data. According to ...
A new HTTP-based threat, dubbed a "Slow Read attack" aims to cause an undetected Denial of Service (DoS) by exploiting a transmission control protocol (TCP) persist timer vulnerability. According to an article in ARS Technica, the attack sends a legitimate ...
Completing a process that was first hinted at back in October, Google is now officially incorporating Google+ information into its search results. While the change is certainly a good one for users interested in sharing everything about their life, for ...
Intel and SecureKey recently announced a partnership that will bring the security company's authentication technology to Intel devices. The results of this collaboration will begin to hit the market in the middle of 2012, and will add another layer of ...
At long last, use of the Microsoft browser Internet Explorer 6 (IE 6) in the United States has fallen below one percent. Microsoft continues to push for the demise of the 10-year-old browser worldwide, directing its users to more modern ...
When looking ahead to what may happen in this new year it is necessary to first look back. Not only to 2011, but when making plans to move forward even further back to help make the best decisions moving forward. ...
Although no customer has reported a breach, Hewlett-Packard (HP) released a firmware update for their HP LaserJet devices to mitigate any potential issues in regards to unauthorized device access. An article at CNET News describes a "specific vulnerability" that could ...
Microsoft's new password option for Windows 8 was recently revealed. The father of RSA's SecurID token, Kenneth Weiss, found it "cute" and didn't think it was "serious security." Microsoft is certainly making it hard for IT pros to take them ...
Nearly 40 percent of Facebook users are accessing the social site from their mobile devices. This should come as no surprise to anyone who has ridden a city bus filled with mobile Facebook users in the last few months. Nonetheless, ...
Twitter recently acquired Whisper Systems, a company focused on the business of mobile security solutions--specifically for Android smart phones. Both companies have yet to comment on what Twitter plans to do with its acquired technologies; however, it is pretty obvious ...
As you probably know, email accounts are a desirable target for hackers and phishers, making them a high-risk factor in small and midsize businesses (SMBs). In fact, the two are often side-by-side: attackers like hacking accounts to propagate scams. They ...
A major vulnerability was recently found in Adobe Reader 9.4.6 following in the wake of several attacks against "high value" users. Though Adobe stresses the importance of upgrading to Reader X, they still issued a fix and released it in ...