In the past year, the search engine giant has detected close to 800,000 sites infected with drive-by download malware and other malicious content aimed at nabbing unsuspecting visitors. Google has spotted some 16,500 newly infected websites each week over the past year -- a total of around 800,000 compromised sites worldwide.
A researcher has identified a security issue for Apple's Mac operating system, due to an older version of Git that comes bundled with OS X versions.
The problem resides in Git, a version control system (VCS) that allows developers to manage source code repositories, keeping track of code changes from version to version.
Sensitive health data is being increasingly targeted by hackers just when health and fitness wearables – like the one on your wrist now – are exponentially increasing the pool of data for the stealing.
As reported by eWeek.com, a new study by U.S. law firm BakerHostetler revealed that hacking has over taken human error as the leading cause of security incidents. The report analyzed data from over 300 data security incidents the firm advised on.
You may remember that last year, a hacker exposed the inner workings of Hacking Team, a company that makes spyware for governments. Now that the dust has settled down, someone claiming to be the hacker has posted all the details on how he did it.
The hack itself was executed using a common weakness: first, an embedded device within the network was found with a known zero-day weakness. From there, the hacker was able to get into an unencrypted backup and find the passwords for a Domain Admin server, which basically gave him the keys to the kingdom.
Today marks an exciting development in the often monotonous rehashing of vulnerability disclosure. The ISO standard that began about 11 years ago with the emotionally loaded title “Responsible Vulnerability Disclosure,” and was finally published in early 2014 as ISO/IEC 29147 Vulnerability disclosure, is now available for download at no cost.
Warnings about U.S. critical infrastructure’s vulnerabilities to a catastrophic cyber attack – a cyber “Pearl Harbor” or “9/11” – began more than 25 years ago. But they have become more insistent and frequent over the past decade.
Former Defense Secretary Leon Panetta warned in a 2012 speech of both a “cyber Pearl Harbor” and a “pre-9/11 moment.”
Although patch management plays a critical role in minimising business risk caused by outdated software in any IT infrastructure, its mere mention can frighten many companies and their IT departments.
This can result in a lack of action, meaning many organisations find themselves with outdated systems, with the number of patches available to fix potential vulnerabilities and exploits becoming increasingly overwhelming.
Whether you are looking to introduce patch management or have an existing policy in place, here are some tips that will help develop a concrete strategy:
A group of cybercriminals have combined two powerful malware programs to create a new online banking Trojan that has already stolen millions of dollars from customers of 24 U.S. and Canadian banks.
The new threat has been dubbed GozNym by researchers from IBM X-Force because it combines the stealthy Nymaim malware and the Gozi banking Trojan.
The results are in: We have made zero progress since 2010. This was the year that IDC published results of a survey regarding cloud computing, and it found that security was the biggest barrier toward adoption. This statistic has found its way onto pretty much every presentation about cloud computing since 2010.
For a week in March, Website security firm CloudFlare analyzed the traffic hitting its customers' sites from the anonymous Tor Network.
The results of the study illustrate the double-edged nature of online anonymity. The Tor Network—a peer-to-peer collection of volunteered servers linked together to create an anonymizing Web service—allows people in oppressive countries to surf the Internet, enables activists to communicate freely and helps journalists evade government surveillance.
