In looking for new opportunities in security and many other sectors, we look for the echoes of the current IT mega-trends: cloud, mobile, big data. These trends, and especially the interactions between them, are dramatically changing security needs. Add to that the changing profile of would-be hackers — now a frightening mix of international organized crime and employees of enemy governments — and we see the potential for several new solutions that can each be the foundation of one or more successful companies.
In light of recent hacks, you might be interested in the groups that pose the greatest threats to our cybersecurity.
Ironically, the hacker groups that you should be afraid of also have the least intimidating names. Deep Panda, Putter Panda, and Flying Kitten have been listed by security technology firm CrowdStrike as the groups to watch out for. While they may seem cuddly, these hackers continue to be some of the most dangerous in the world.
An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the $9.4 million scheme.
In a Friday release, the FBI detailed the hacker's role in the racket.
Josh Pitts of Leviathan Security Group has uncovered a malicious Tor exit node in Russia. The node wraps Windows executable files inside a second, malicious Windows executable. The wrapping is only attempted on uncompressed Windows PE (Portable Executable) files.
An odd new pattern of credit card fraud emanating from Brazil and targeting U.S. financial institutions could spell costly trouble for banks that are just beginning to issue customers more secure chip-based credit and debit cards.
Over the past week, at least three U.S. financial institutions reported receiving tens of thousands of dollars in fraudulent credit and debit card transactions coming from Brazil and hitting card accounts stolen in recent retail heists, principally cards compromised as part of the breach at Home Depot.
One of Apple's competitors in the mobile payment space sent out an email Wednesday telling users it had been breached.
CurrentC, which is a mobile payment system backed by the Mercantile Exchange (MCX), sent out an email to its pilot users stating that an unauthorized third party had obtained email addresses of some of its users, the MCX confirmed to CNBC in an email statement.
Microsoft has released a Fix It to disable the feature which was the subject of the POODLE attack. The Fix It, a program which implements changes in the registry, makes the process simpler than the alternatives.
POODLE is the name given to a vulnerability in SSL version 3.0 found earlier this month by a Google researcher. SSL was supplanted by TLS and the current version is 1.2, but systems may fall back to older versions if the server does not support the newer ones.
The security team for Drupal project is warning users that websites running unpatched installations of version 7 of the popular open source content management system (CMS) may be compromised by automated attacks.
"You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15, 11pm UTC, that is 7 hours after the announcement," the security team said.
Skype for Windows desktop has shed the beta tag in its latest version and is now available for download.
Earlier in the month, Microsoft made a preview version of Skype for Windows and Mac OS X available, which introduced a new user interface similar to that seen on Skype's mobile apps, closely following Microsoft's modern design language while making it look a bit like MSN/Windows Live Messenger.
The cuts of approximately 3,000 employees today are believed to be largely support staff in human resources, finance, sales and marketing and IT. They are part of the 18,000 employees Microsoft officials said back in July that they'd be laying off over the course of a year.