Tech content trusted by users in North America and around the world
6,369 Reviews & Articles | 40,322 News Posts
TRENDING NOW: HTC surprises with a new VR headset 'Vive', partnering with Valve

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 12

Software Advice: Only 56% of employees feel their passwords are secure

Just 56 percent of employees believe their password habits in the workplace are secure, according to Software Advice's "Password Use in the Workplace" report. Companies are struggling to teach their employees to hold more responsibility with security, and the problem will continue throughout 2015.

 

software-advice-56-employees-feel-passwords-secure_01

 

"Our findings suggest that users either remain unaware of the rules despite the hype, do not believe them to be good advice or simply find them too burdensome, and thus opt for less secure passwords," according to the report.

 

Proper cybersecurity must start from the top and trickle down to regular employees, though that doesn't seem to be happening, according to the survey. Only 54 percent of employees report their employers require them to create complex passwords.

Continue reading 'Software Advice: Only 56% of employees feel their passwords are secure' (full post)

Rising demand for cybersecurity to prevent insider threats

US government departments are increasingly worried about high-profile data breaches, with cyberattacks targeting US infrastructure increasing, according to General Dynamics. US military spending has declined, but due to rising cybersecurity threats, spending to help defend networks has grown significantly in certain sectors.

 

rising-demand-cybersecurity-prevent-insider-threats_01

 

Cybersecurity related to preventing insider threats has proven popular, with up to five government departments interested in insider threat protection over past few months. Trying to defend against threats from the inside can be extremely difficult, but cybersecurity experts tend to look for unusual employee behavior before information is compromised.

 

"Across the board, I see this as still being a growth area for us," said Nadia Short, VP and GM of cyber systems at General Dynamics, when speaking to Reuters. The contractor has merged its cyber and engineering departments, providing additional expertise and streamlined security developments.

Pentagon says its US F-35 fighter jet information secure

It would appear China was able to steal details regarding F-35 fighter jets being sold to the Australian military, according to former NSA contractor Edward Snowden - but the US Pentagon said classified data on its F-35 fighter program remains safe.

 

pentagon-35-fighter-jet-information-secure_01

 

"Classified F-35 information is protected and remains secure," according to a statement published by Reuters. US government departments and its contractors face a high volume of Internet-based attacks, with criminals interested in stealing information - which can be used or sold - as organized state-sponsored attacks continue to increase.

 

Meanwhile, the Chinese government said the accusations revealed by Snowden are "groundless," though China is known to conduct cyberespionage campaigns against military and political rivals.

Study: More than half or companies increased security budget by 34%

Sixty-one percent of companies increased their cybersecurity budgets by an average of 34 percent in 2014, despite a number of high-profile data breaches still taking place, according to Identity Finder and the Ponemon Institute. Companies showed the most interest in the following security resources: Security incident and event management (SIEM), endpoint security, intrusion detection and prevention, encryption, and Web application firewalls.

 

study-more-half-companies-increased-security-budget-34_01

 

Companies want to step up spending related to cybersecurity, but must ensure they are investing resources in the appropriate places. For companies breached, the information is rather frightening: 95 percent didn't discover a breach for at least three months, while 46 percent admitted they found a data incident on accident.

 

"This study shows that organizations are dedicating greater attention and financial resources towards managing sensitive information and preventing data breaches, which is certainly encouraging news," said Dr. Larry Ponemon, founder and chairman of the Ponemon Institute. "However, 2015 is predicted to be as bad or worse as 2014 as more sensitive and confidential data and transactions are targeted by attacks and collateral damage."

Report: Nearly all US weapons systems in 2014 faced security issues

The US government has increased concerns related to cybersecurity, and a new report compiled by Michael Gilmore, director of operational test and evaluation (DOT&E), likely won't help alleviate those worries. In the published 366-page report, it was discovered that almost all U.S. weapons programs tested during 2014 faced "significant vulnerabilities" related to cyberattacks.

 

report-nearly-weapons-systems-2014-face-security-issues_01

 

Problems included unpatched and aging software, misconfigured network protocols, and similar issues - opening the door to potential security concerns.

 

"Cyber adversaries have become as serious a threat to U.S. military forces as the air, land, sea and undersea threats represented in operational testing for decades," according to the report. "The continued development of advanced cyber intrusion techniques makes it likely that determined cyber adversaries can acquire a foothold in most (Department of Defense) networks, and could be in a position to degrade important DOD missions when and if they chose to."

Continue reading 'Report: Nearly all US weapons systems in 2014 faced security issues' (full post)

Chinese cyberattacks left Microsoft's Outlook vulnerable, reports say

The Microsoft Outlook.com email service reportedly was breached by Chinese authorities, using a "man-in-the-middle" type attack, according to the GreatFire watchdog group.

 

chinese-cyberattacks-left-microsofts-outlook-vulnerable-reports_01

 

MITM attacks typically rely on hijacked online connections used to monitor and control communications through an online communication - with email users relying on IMAP and SMTP to access Outlook, Mozilla Thunderbird and other apps left vulnerable.

 

"We suspect that the Cyberspace Administration of China, which is directly in charge of censorship... is directly responsible for the MITM attack against Outlook, and the recent related MITM attacks in China," according to the report.

Continue reading 'Chinese cyberattacks left Microsoft's Outlook vulnerable, reports say' (full post)

Java software becoming more secure, as hackers target Silverlight

Cybercriminals are always-on the lookout for software bugs they can exploit, allowing them to hopefully compromise users. Keeping software updated, for example, helps close backdoors and make it harder to find access points - but many people fail to update software, and avoid potentially preventable security incidents.

 

java-software-becoming-more-secure-hackers-target-silverlight_01

 

Another aspect to good cybersecurity is understanding what types of software are being targeted - and why - with clues gathered from this type of information. Java, which has been a longtime favorite for exploits, has increased focus on security, so users have shifted attention to Microsoft Silverlight. As such, experts have seen a strong uptick in Silverlight-based attacks:

 

"We saw a 34 percent drop in exploits in Java," said Jason Brvenik, principal engineer of security business at Cisco, in a statement to SCMagazine.com. "Java has become more secure. Attackers have noted this, so we saw a rise in the exploit of Silverlight consequently."

Edward Snowden: GCHQ snooped on emails sent, received by journalists

The GCHQ collected emails sent to and from journalists in the United States and UK, according to documents released by former NSA contractor Edward Snowden. It took less than 10 minutes to harvest up to 70,000 emails during the GCHQ exercise, intercepted from fiber-optic cables, and included correspondence between writers and editors.

 

edward-snowden-gchq-snooped-emails-sent-received-journalists_01

 

As part of its surveillance campaign, the GCHQ archived emails related to journalists from BBC, Reuters, The New York Times, Le Monde, the Guardian, NBC, the Sun and the Washington Post - with data saved on its intranet.

 

It's no surprise that the NSA and GCHQ have invested in a number of different digital surveillance efforts, but the widespread campaigns have shocked critics. The GCHQ is under increased pressure to ensure journalists' emails are protected, as confidentiality is important - despite government skepticism.

Continue reading 'Edward Snowden: GCHQ snooped on emails sent, received by journalists' (full post)

SplashData unveil their most popular passwords of 2014 list

Once again, SplashData have released their annual list of compiled stolen passwords made public throughout the year of 2014, once again showing that people really don't put much thought, time or effort into protecting their own security.

 

splashdata-unveil-popular-passwords-2014-list_05

 

If your password is anything like these below, please change it immediately for your own safety. It's nice to see these users really confusing hackers and 'changing it up' by pushing '12345' up 17 places to a number three placing - it's definitely going to confuse those nasty criminals from guessing the old '123456' code that was set.

Continue reading 'SplashData unveil their most popular passwords of 2014 list' (full post)

Ex-UK spy: Peace between government, tech firms needed to stop terror

Government agencies in the United States and UK increasingly rely on wide-scale surveillance programs, in their efforts to collect intelligence. It's not uncommon for politicians and department heads to claim efforts are designed to prevent terrorism, which is the line being used by a former high-level spy from the UK.

 

ex-uk-spy-peace-between-government-tech-firms-needed-stop-terror_01

 

"There needs to be some new compact between the technology companies and those who are responsible for security if we're not to see events like we saw in Paris last week... becoming more and more features of our lives," said John Sawers, former head of the Secret Intelligence Service, in a statement published by BBC.

 

British elections take place in May, and national security is expected to be a major political talking point.

Continue reading 'Ex-UK spy: Peace between government, tech firms needed to stop terror' (full post)

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Or Scroll Up Or Down