Can industry heavyweights Google, PayPal, Microsoft and AOL -- along with 11 others in high-tech such as Facebook and LinkedIn, as well as the financial world's Bank of America and Fidelity Investments -- succeed in stopping phishing attacks right in their tracks? In uniting behind an effort called DMARC.org unveiled today, the group says it can through policy-based steps filter out spoofed email that attackers use for phishing.
It was another busy week for hactivists attacking the online targets of their ire. This time, hackers under the banner AntiSec appeared to have hacked the website of OnGuardOnline.gov, the U.S. government's online security website, in protest against the much-railed-against legislation Stop Online Piracy Act (SOPA) as well as other bills regarding intellectual protection. Similarly, the group Anonymous is believed to be behind the distributed denial-of-service attack on Thursday that brought down the European Parliament's website in what is thought to be retaliation for European support for the shutdown of the Megaupload file-sharing site the week before. Anonymous also opposes a treaty being ratified in Europe now called the Anti-Counterfeiting Trade Agreement. That deals with infringement of intellectual property rights.
Encryption keys on smartphones can be stolen via a technique using radio waves, says one of the world's foremost crypto experts, Paul Kocher, whose firm Cryptography Research will demonstrate the hacking stunt with several types of smartphones at the upcoming RSA Conference in San Francisco next month.
Though wariness about the perceived lack of security in cloud-based services is often voiced, there are some situations where the opposite is the case. Some businesses mindful of security say the cloud services that are important to them have done a lot of work to meet their expectations about security.
Sourcefire today announced anti-malware software for Windows-based devices that combines signature- and behavior-based detection methods to identify malicious code trying to invade the enterprise network, tracking it down through cloud-based analysis.
Angered by the move by federal authorities to shut down the popular website Megaupload on charges it illegally shared movies, TV shows and e-books, hackers said to be working on behalf of the hactivist group Anonymous late yesterday launched denial-of-service attacks against a number of websites, including that of the Department of Justice (DOJ) and the Recording Industry Association of America (RIAA).
The "bring your own device" (BYOD) phenomenon is sweeping through the enterprise, and businesses such as Chicago-based design firm Holly Hunt have embraced it with gusto, offering stipends to employees to use their own mobile devices for work.
Security firm Trusteer Wednesday said it's identified a new browser-based malware attack against Facebook users that's aimed at stealing money through e-cash payment system Ukash.
A survey of 1,425 information technology managers in 32 countries about the type of security they deployed on their network endpoints, as well as security training for employees, indicates that these technology investments paid off in mitigating cyberattacks and downtime.
In acknowledging a data breach in which information related to as many as 24 million customers was stolen, online shoe and clothing retailer Zappos has taken assertive steps, including compelling customers to change passwords, plus temporarily foregoing 800-number phone service in an effort to redeploy customer-service representatives to respond to customer email.
