Windows systems are vulnerable to FREAK, a decade-old bug that was discovered only this week affecting Android and Apple devices.
FREAK — short for Factoring attack on RSA-EXPORT Keys — allows hackers to decrypt HTTPS-protected Web traffic between browsers and millions of websites. Microsoft confirmed that Windows could be compromised the same way as Android, BlackBerry, iOS and OS X devices in an advisory published today.
Insurance provider Anthem has reportedly refused to let the US Office of Personnel Management’s Office of Inspector General (OIG) perform a full security audit of its systems, in the wake of a massive data breach that potentially affected 70 million Americans.
According to an anonymous spokesperson, the company first refused to allow the agency to perform "standard vulnerability scans and configuration compliance tests" both last summer and in 2013—so the refusals aren’t directly linked to the breach.
From April 1, Telstra customers will be able to access metadata that the telco is keeping on them for a fee that is expected to begin at AU$25.
"We believe that if the police can ask for information relating to you, you should be able to as well," Telstra said in its announcement.
By using private email, Hillary Clinton put her data at risk every time she clicked on a link or downloaded an attachment as secretary of state. But the American public, and even Clinton herself, will probably never know if hackers were able to monitor her communication from 2009 to 2013, the four years she served as the most powerful U.S. diplomat.
D-Link has begun to push out firmware updates for some of its home routers, to address three separate vulnerabilities that could allow remote code injection via access to the local area network, perform DNS hijacking, or exploit chipset utilities in the router firmware that expose configuration information.
The company said in an advisory that it will release several updates between now and March 10. The most critical flaw is a “ping” issue, which opens the door for all kinds of nefarious activity, according to the researchers that first discovered it.
Data storage and security provider Imation, which continues to evolve far beyond its legacy tape storage business, on March 3 unveiled a home-developed Secure Data Movement Architecture to give enterprises a holistic approach to managing high-value data files throughout their lifecycles.
In other words, this SDMA software -- developed by Imation's Nexsan storage software arm -- enables individual users to manage their own business-related files while at the same time supporting an organization's control and management policies.
A security system undergoing testing by a San-Francisco-based company aims to speed up the detection of websites and domains used for cybercrime.
The technology is being developed by OpenDNS, which specializes in performing DNS (Domain Name System) lookups. The DNS translates domain names such as idg.com into an IP address that can be called into a browser
OpenDNS offers a secure DNS service for ISPs and organizations that blocks requests from Web browsers to sites that may be associated with cybercrime or spoof a company like PayPal.
Criminals are a tricky bunch. One of their favorite scams targets those who own a computer, but lack any real technical knowledge other than how to browse the Web.
The scam starts with a call that warns of problems, and immediately offers to connect you with a Microsoft support staffer. Their goal is to remotely control your system and install malware and rogue anti-Virus software.
Home and small business router security is terrible. Exploits emerge with depressing regularity, exposing millions of users to criminal activities.
Many of the holes are so simple as to be embarrassing. Hard-coded credentials are so common in small home and office routers, comparatively to other tech kit, that only those with tin-foil hats bother to suggest the flaws are deliberate.
Employees are putting business data at risk with their email and file sharing habits. This is among the findings of the latest survey by email encryption specialist DataMotion.
Although companies are increasingly putting security and compliance policies in place nearly 44 per cent of respondents admitted that these are only moderately enforced at best.
