Feed aggregator

Netflix Open Source Security Tools Solve Range of Challenges

Threatpost for B2B - Tue, 08/26/2014 - 15:10
Netflix engineers released two new application security tools to open source this week, a continuing effort from the streaming services company.

South Korean Data Breach Compromises 27 Million

Threatpost for B2B - Tue, 08/26/2014 - 12:55
A data breach in South Korea appears to have impacted as many 27 million citizens, up to 70 percent of the nation’s population.

50 Security Flaws Fixed in Google Chrome

Threatpost for B2B - Tue, 08/26/2014 - 10:40
Google has fixed 50 security vulnerabilities in its Chrome browser, including a critical string of bugs that can allow an attacker to execute arbitrary code outside of the browser’s sandbox. This is one of the larger batches of fixes that Google has produced for Chrome recently. The company releases frequent updates for the browser and often […]

Secret Service Warns 1,000 Businesses Hit by Backoff PoS Malware

Threatpost for B2B - Mon, 08/25/2014 - 14:30
DHS and the Secret Service warned businesses to be proactive about scanning for point-of-sale malware, especially Backoff, which has hit more than 1,000 businesses already.

AdThief iOS Malware Affecting 75K Jailbroken Devices

Threatpost for B2B - Mon, 08/25/2014 - 13:21
A relatively new form of malware on iOS is estimated to have stolen revenue from 22 million ads and infected upwards to 75,000 devices so far.

Side-Channel Android Weakness Likely on Other Platforms

Threatpost for B2B - Mon, 08/25/2014 - 12:32
Researchers have discovered a weakness in Android that is likely present in other leading operating systems that can be abused and lead to information leakage.

Mozilla Adding Granular App Permissions to Firefox OS

Threatpost for B2B - Mon, 08/25/2014 - 11:06
Mozilla is set to add a feature to its mobile Firefox OS that will give users the ability to revoke any application’s permissions on a granular basis. Firefox OS is the open source operating system that Mozilla built for smartphones. The software runs on a variety of devices from manufacturers such as Alcatel, ZTE and […]

PlayStation Network Back Online Following DDoS

Threatpost for B2B - Mon, 08/25/2014 - 10:25
Sony's PlayStation Network is back online following a bizarre series of events over the weekend involving a large-scale DDoS attack and a bomb threat against a commercial airline.

Internet Law Summer School 2014

Secure List feed for B2B - Mon, 08/25/2014 - 06:54

The end of each summer always gets me excited, because one of my favorite events is taking place: the Internet Law Summer School organized by ELSA - The European Law Students' Association. This summer school is the perfect opportunity to meet young, smart and talented law students and discuss privacy, security or internet threats with them.

These students will become the lawyers, prosecutors and judges of tomorrow - so it's very important for them to get them in touch with the real world problems of fighting cyber-crime and ensuring the security and privacy of personal data.

Law students from 12 European countries

Fighting cyber-crime through all means possible has always been our mission here at Kaspersky Lab. But we can't do this alone. Sure, our products and technologies are protecting hundreds of millions of users worldwide, but stopping cyber-crime is something we can not do just by ourselves.

Cyber-crime is a huge problem worldwide and it is always very frustrating to see that those persons responsible for cyber-attacks very rarely have to face the consequences of their actions. In the last 24 hours, we've discovered more than 300.000 new viruses, trojans and worms. How many cyber-criminals have received prison sentences in the same 24 hours period?

The reason why cyber-criminals usually get away with their crimes is that both law enforcement and judicial systems around the world are having a hard time trying to keep up with the evolution of technology, or threats on the internet specifically. This is why it's so important to train law enforcement officers. This is why it's so important to train judges and prosecutors. At the end of the day, they are the ones actually fighting cyber-crime by sending cyber-criminals to jail.

This year, the main focus of the summer school was on freedom of media and private life. I focused on the privacy and security side, of course - with a workshop titled "Private life in cyberspace - securing your personal data online".

My main message? Trust and use encryption in order to thwart prying eyes - but don't forget that no matter how good the encryption you're using is, an insecure operating system will always offer the attacker the chance of accessing your data before it gets encrypted. You can't have privacy without first having good security.

 

NIST Releases Secure Shell Guidance Document

Threatpost for B2B - Fri, 08/22/2014 - 14:08
NIST released Interagency Report 7966 this week, a guidance document for organizations using the Secure Shell network protocol for automated access.

Akeeba Patches Bypass Vulnerability in Joomla

Threatpost for B2B - Fri, 08/22/2014 - 13:10
The developers behind Akeeba fixed an outstanding issue this week that could have let anyone download users' site backups, passwords and user lists.

Tor Exec: Intelligence Insiders Disclose Bug Information With Tor Developers

Threatpost for B2B - Fri, 08/22/2014 - 13:03
Tor Executive Director Andrew Lewman told the BBC that intelligence agency insiders share bug information with Tor developers under their bosses' noses.

UPS Admits 51 Stores Hit With Malware For Five Months

Threatpost for B2B - Thu, 08/21/2014 - 14:04
UPS reported this week that 51 of its stores suffered a “broad-based malware intrusion” earlier this spring.

Amazon CloudFront Turns on Perfect Forward Secrecy

Threatpost for B2B - Thu, 08/21/2014 - 13:46
Amazon Web Services announced that it has turned on Perfect Forward Secrecy and other SSL improvements for its CloudFront content delivery platform.
Syndicate content