Having your private information leaked is bad enough, but having it put on BitTorrent is really the final insult.Ithappened before with MySpace photos. By most accounts, the private images made available earlier this year via peer-to-peer networks consisted largely of poorly snapped photos of people you didn't know getting drunk at parties you weren't at.Then there was theincident with Harvard, which placed private information, including Social Security numbers (SSNs) from 6,600 of the world's brightest college applicants, in a place vulnerable to hackers. All that info somehow got seeded into BitTorrent too.When pro hackers steal your data, you can usually comfort yourself a little with the notion that your info is in the hands of professionals. Sure, they're professional crooks, but you can at least tell yourself that they probably have millions of peoples' info, it's shared only among customers who are willing to pay, and even though they're targeting your finances, at least it's a … [Read more...] about TECH BLOG Social Security, Social Anxiety
Saving social security
With global organizations depending on the sharing of sensitive information to support everything from financial transactions to patient care records, many believe they are relying on secure methods to exchange data with trusted partners. However, there is often a significant and alarming gap between perceived security and real vulnerability.To handle transmission of valuable company data, typical methods that are considered secure include FTP technology, "secure email," regular email, courier services and the postal service.However, contrary to popular belief, the aforementioned most common methods used for file transfer are often not secure enough, and lack manageability and governance. Let's take FTP technology, for instance. A shortcoming with traditional FTP and even encrypted FTP sessions is that after the data stops moving (aka "data at rest"), it sits on the FTP or SFTP server in plain text. If that FTP or SFTP server is directly connected to the Internet -- as it most … [Read more...] about EXPERT ADVICE Perceived Security vs. Real Vulnerability: Is Your Data at Risk?
In the last U.S. presidential election the candidates clashed on the issue of privatizing the Social Security system.I'll leave the political debate to the professional politicians, but I would like to address this matter from the standpoint of millions of U.S. workers. Many of them are already banking on their 401(k)s as the largest part of their retirement savings, and they barely have enough time to check their balances, much less make insightful investment decisions.There are 42 million Americans holding an estimated $1.9 trillion in assets in their 401(k)s, and they tend to rely on the simple guided selling interfaces that investment firms had five or more years ago. Overly simplistic views of risk vs. return and incomplete investment selection tools were commonplace, leaving many individual investors shortchanged relative to the expertise available to them, for free, from these firms.Think of what that the Bush Administration proposal will do to the total assets held in … [Read more...] about Social Security Administration: The Next Salesforce.com?
The findings weren't very sweet when researchers tested Android 4.2 Jelly Bean's beefed-up security.Of the 1,260 malware samples the team at North Carolina State University tossed at the OS, only 15 percent of them were detected by Google's app verification service.By contrast, Android anti-malware programs from 10 third-party software makers had detection rates ranging from 51 to 100 percent, the researchers found.The blacklisting approach used by Google is an ineffective one, said Jerry Hoff, vice president for static code analysis at WhiteHat Security, told TechNewsWorld.. "The malware blacklist approach, which originated on the desktop and seems to be bleeding over to the mobile side, is outdated and will always be vulnerable to new forms of malware."Even though Google has tried to boost its security capabilities by purchasing Virus Total, it apparently hasn't improved the security picture, according to Alexandru Catalin Cosoi, chief security researcher at BitDefender."It's no … [Read more...] about SPOTLIGHT ON SECURITY Study: Nefarious Apps Easily Slip Past Jelly Bean Security
When Russian authorities nabbed the alleged master hacker behind the Blackhole malware kit last week, they sent a shockwave through the digital underground.As soon as news spread that Blackhole's author, known as "Paunch," and his partners had been arrested, the malware apparently began to suffer. Blackhole, typically updated once or twice a day, wasn't updated for four days.What's more, the service used to encrypt the Blackhole kit went offline almost as soon as the first tweet about the pinch of Paunch hit Twitter."Paunch is a big deal," Mikko Hypponen, chief research officer at F-Secure, told TechNewsWorld."According to our statistics, Paunch has been the biggest provider of exploit packs for the past two years," he said."Blackhole and Cool Exploit Kit -- both from Paunch -- have fueled the underground economy," added Hypponen. "Now that Paunch is off the market, we're probably going to see a fight on who will take his place."Paunch's departure likely will hurt the Blackhole … [Read more...] about SPOTLIGHT ON SECURITY ‘Paunch’ Arrest Puts Blackhole Hackers on Data Diet
Computer security, until now, was a matter of bolting on third-party hardware products or adding on software to screen out unauthorized users. Not so any more.Keyboard-bound passwords, smart cards and dongles are becoming a thing of the past. These staples of the old school of computer security are as archaic as the small, single-toothed lock and key that was once standard on pre-Windows IBM-style personal computers.The new age of computer security is fast becoming a matter of what is built into the box to give approved users access. Biometrics devices like fingerprint readers and voice scanning tests give consumers and enterprise IT managers new hope that data and networks are secure.A new generation of security-minded desktop and laptop computers is giving new marketing life to the IBM Personal Computing Division. Add to this new line an innovative, out-of-the-box approach to user authentication, and computer security takes on a much safer atmosphere.A new security platform for … [Read more...] about INDUSTRY REPORT Computer Security Comes of Age
Fanned by a security community hungry for the next Stuxnet, a new so-called superworm called "Flame" made headlines last week.Comparisons to the now infamous worm that attacked Iran's nuclear development program quickly appeared. Flame may have been created by a nation state. It apparently targets countries in the Middle East. It gathers information, not money.But there are more ways to turn information into money than the naked snatching of credentials with a banking Trojan."In my experience, there are mercenary hacker crews out there who steal intellectual property and then find buyers for it," Jeffrey Carr, CEO of Taia Global, told TechNewsWorld."The ultimate customer may be a foreign government, but they're just a customer," he continued. "The tool itself could have been created by a professional group. They have the money and the skill."Flame has very little in common with Stuxnet, he added. "Stuxnet was created to cause damage, which would qualify it as a weapon," he explained. … [Read more...] about SPOTLIGHT ON SECURITY Flame Is No Stuxnet
Swipes, taps, cursor movements and other ways of interacting with electronic devices can be used to protect online merchants from Net fraudsters.Many people are familiar with biometric authenticators like irises, fingerprints and voices, but it turns out that how we behave with our machines can be a means of authenticating our identities, too."We're able to profile users based on their interaction on the Web," said Natia Golan, product manager at BioCatch.If you're browsing an e-commerce website, for example, BioCatch can create a profile based on your behavior at the site, and compare it to behavior during subsequent visits.Then, anyone who appears on the site claiming to be you, but behaving in a way that doesn't jibe with your profile, can be flagged as a fraud risk.BioCatch's behavioral profiles catalog more than 500 parameters -- things like mouse movement, typing speed, special keys used while typing, and cursor movement."Just the way you move your cursor with a mouse has over … [Read more...] about SPOTLIGHT ON SECURITY Swipes, Taps and Cursor Movements Can Foil Cyberthieves
Social CRM is quickly transforming from a concept to a reality. However, because of the diverse nature of customers and the broad range of options they have among social media channels, the best practices for capitalizing on Social CRM vary from segment to segment.That means some industries may have a more difficult path to Social CRM success. But there are some that have a natural affinity for winning with Social CRM, where conditions already lend themselves to acceptance by both the customer and the organization.These are where the best-publicized successes are likely to originate in the next 365 days. Their stories are likely to be more inspirational than informational -- again, the best practices for Social CRM will be specific to each organization's circumstances -- but they should serve notice that with some focused thinking and proper devotion to the concept, Social CRM can be successful in boosting the fortunes of any business that commits to it.Where are those success stories … [Read more...] about OPINION 3 Industries Geared for Social CRM Success
The steady stream of reports on government surveillance of Americans has taken a toll on the image of high-tech companies, according to a Harris poll.More than two-thirds of Americans (67 percent) feel technology companies violate their users' trust by helping the government spy on its citizens, suggests the poll of 2,000 consumers, which was sponsored by ESET. Sixty percent of respondents said they were less trusting of those companies because of their involvement in government surveillance."Technology companies have something to be seriously concerned about," ESET Security Evangelist Stephen Cobb told TechNewsWorld. "That's going to be especially true for those selling into the IT infrastructure -- people in switches and routers and cloud services. All of them will face a longer selling cycle."More than half of the participants in the survey (52 percent) said technology companies should cooperate in government surveillance efforts, with an even higher number of respondents (57 … [Read more...] about SPOTLIGHT ON SECURITY Americans Distrust Tech Companies