BrandPost: Emerging cybersecurity vulnerabilities
One unfortunate aspect of human psychology involves how people tend to deal with potential threats. As long as the threats are more abstract than actual, all too often we reason that there’s no rush to build defenses against them. Only after a threat materializes and does actual harm do we start to really take it…
IDG Contributor Network: Cybersecurity woes can be remedied through decentralization
Someone in some faraway place has my Social Security number. Or so suggests a notice I received recently from the US government. Along with an offer of one year of free credit monitoring, the notice informed me that my personal data was compromised in the 2014 breach of the Office of Personnel Management (OPM) computer…
Symantec acquisition has lawsuit-filled past
LifeLock, the identity protection vendor that Symantec today said it would acquire for $2.3 billion, has been the frequent target of lawsuits filed by customers, state attorneys general and the Federal Trade Commission (FTC). Less than a year ago, LifeLock paid $100 million to settle a contempt complaint brought by the FTC. That complaint originated…
Protect Sensitive Files With Document Security Management
When it comes to data security, documents matter. Most organizations have invested in tools that enable them to securely manage their sensitive documents. They are struggling, however, to compel employees to use these tools consistently and correctly. Throughout the IT industry, actual document management and security practices fall seriously short. Malware-infected files frequently penetrate networks…
NSA Chief Says DNC Email Leak Was Deliberate Act
In some of the most unequivocal comments on the issue so far, the director of the National Security Agency (NSA) Michael Rogers this week labeled the leak of emails belonging to the Democratic National Committee in July as a deliberate action by a state actor with specific motives. Rogers, who also heads the US Cyber…
IDG Contributor Network: If you are a KDE neon user, reinstall your distro now!
The lead KDE neon developer Jonathan Riddell released a security advisory in which he urged KDE neon users to upgrade their systems or reinstall it. The package archive of KDE neon was misconfigured, which allowed anyone to upload a package to the archive. It’s not known whether anyone uploaded any packages, but as a security…
Fake executive social media accounts threaten enterprises
New research has uncovered numerous duplicative Twitter and LinkedIn accounts among Fortune 500 leaders, raising concerns about potential security vulnerabilities. Analysts at BrandProtect reviewed profiles for the 54 CEOs at Fortune 500 companies using Twitter and the 187 CEOs using LinkedIn. Of these CEOs, 19 percent were represented online by multiple Twitter accounts, while 9…
Capgemini Leaks Data of Recruitment Firm PageGroup
Job-related information belonging to hundreds of thousands of individuals was exposed online after Capgemini inadvertently made public a database of Michael Page, a brand of UK-based global recruitment company PageGroup. France-based Capgemini, which last year had a revenue of nearly 12 billion euros, specializes in consulting, technology and outsourcing services. The company, contracted by the…
Tesco Bank hack shows that attackers continue to follow easy money
What happens when nearly 9,000 accounts at a financial institution experience fraudulent activity and clients have nearly £2.5 million stolen? People notice. The bank notices and shuts down activity, raising a chilling question for financial institutions: “Is this the new normal for banking in the age of cyber crime?” As we continue to learn more…
The Internet of Trouble: Securing Vulnerable IoT Devices
There are times when perception will coalesce around something that has been previously known, but not taken seriously. That is what happened recently with the distributed denial-of-service (DDoS) weaponization of the Internet of Things (IoT). Although government agencies have issued warnings about the potential problem of vulnerable IoT devices, nobody has ever really done anything…