Industry News

Senator wants curbs placed on fitness data use

Security Alerts by Computerworld - Mon, 11/08/2014 - 20:29
Sen. Charles Schumer (D-N.Y.) wants the U.S. Federal Trade Commission to investigate the data gathering and sharing practices of makers of personal fitness devices and applications.
Categories: Industry News

Windows tech support scammers take root in the U.S.

Security Alerts by Computerworld - Mon, 11/08/2014 - 19:17
In a new trend, Windows tech support scams have gone home-grown, with twists that include bogus warnings from malicious websites urging users to call a toll-free number for "help."
Categories: Industry News

Testing service rolls out vast federated identity management system using Oracle

Security Alerts by Computerworld - Mon, 11/08/2014 - 18:33
The Educational Testing Service, a non-profit organization that provides academic assessment tests, says it has gained efficiencies by centralizing its identity and access management (IAM) for on-premises, cloud and hosted applications. But it had to cope with a few bumps in the road along the way, especially in extending IAM into the cloud.
Categories: Industry News

IBM focuses on identity management with Lighthouse buy

Security Alerts by Computerworld - Mon, 11/08/2014 - 17:08
IBM has purchased Lighthouse Security Group and plans to combine it with another recent acquisition to build a set of identity management software and services.
Categories: Industry News

RHSA-2014:1036-1: Important: java-1.5.0-ibm security update

Red Hat Errata - Mon, 11/08/2014 - 17:00
Red Hat Enterprise Linux: Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2014-4209, CVE-2014-4218, CVE-2014-4219, CVE-2014-4244, CVE-2014-4252, CVE-2014-4262, CVE-2014-4263
Categories: Industry News

RHSA-2014:1032-1: Important: redhat-ds-base security update

Red Hat Errata - Mon, 11/08/2014 - 17:00
Red Hat Enterprise Linux: Updated redhat-ds-base packages that fix one security issue are now available for Red Hat Directory Server 8. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. CVE-2014-3562
Categories: Industry News

RHSA-2014:1033-1: Critical: java-1.6.0-ibm security update

Red Hat Errata - Mon, 11/08/2014 - 17:00
Red Hat Enterprise Linux: Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2014-4209, CVE-2014-4218, CVE-2014-4219, CVE-2014-4227, CVE-2014-4244, CVE-2014-4252, CVE-2014-4262, CVE-2014-4263, CVE-2014-4265
Categories: Industry News

RHSA-2014:1034-1: Low: tomcat security update

Red Hat Errata - Mon, 11/08/2014 - 17:00
Red Hat Enterprise Linux: Updated tomcat packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. CVE-2014-0119
Categories: Industry News

Security Manager's Journal: Peering behind the firewall

Security Alerts by Computerworld - Mon, 11/08/2014 - 13:36
The corporate firewall is like a dike keeping out a raging sea of malware. Where does it all come from?
Categories: Industry News

New security tools from Tenable, HP, Co3 attempt the impossible

Security Alerts by Computerworld - Mon, 11/08/2014 - 13:20
Automated incident response is one of the fastest growing fields in computer security. Alternatively called threat monitoring, vulnerability management or threat management, it encompasses the seemingly impossible task of defending a network from active threats as they happen, in addition to detecting every possible vulnerability that could be exploited by an attacker.
Categories: Industry News

Even crooks couldn't profit from Microsoft's Surface flop

Security Alerts by Computerworld - Mon, 11/08/2014 - 11:39
A former Microsoft finance manager was sentenced to two years in federal prison Friday after pleading guilty to an insider trading scheme that netted he and a partner more than $400,000.
Categories: Industry News

China's Xiaomi faces privacy hurdles ahead of international expansion

Security Alerts by Computerworld - Mon, 11/08/2014 - 10:24
China's Xiaomi has apologized for causing privacy concerns, after the fledgling smartphone maker faced scrutiny over whether it can be trusted with users' personal data.
Categories: Industry News

Mobile chips face lockdown to prevent hacks

Security Alerts by Computerworld - Mon, 11/08/2014 - 04:44
Chipmakers want to make hardware the first layer of defense against data breaches and other attacks on tablets and smartphones.
Categories: Industry News

Seven ways DARPA is trying to kill the password

Security Alerts by Computerworld - Sun, 10/08/2014 - 23:01
A seemingly constant stream of data breaches and this week's news that Russian hackers have amassed a database of 1.2 billion Internet credentials has many people asking: Isn't it time we dumped the user name and password?
Categories: Industry News

Many home routers supplied by ISPs can be compromised en masse, researchers say

Security Alerts by Computerworld - Sun, 10/08/2014 - 13:33
Specialized servers used by many ISPs to manage routers and other gateway devices provisioned to their customers are accessible from the Internet and can easily be taken over by attackers, researchers warn.
Categories: Industry News

Hacker coalition sets out to improve critical device security, challenges car makers

Security Alerts by Computerworld - Sat, 09/08/2014 - 17:11
A collective of security researchers issued a letter Friday from the DefCon hacker conference in Las Vegas urging the automotive industry to adopt five principles for building safer computer systems in vehicles.
Categories: Industry News

Microsoft, Google, others back Facebook in New York privacy dispute

Security Alerts by Computerworld - Sat, 09/08/2014 - 06:43
Key technology companies including Google, Microsoft and Twitter have filed in support of Facebook's dispute with the New York County District Attorney's office over the collection of user data in bulk under a gag order for a fraud investigation.
Categories: Industry News

Payment cards with chips aren't perfect, so encrypt everything, experts say

Security Alerts by Computerworld - Sat, 09/08/2014 - 01:18
There's a push to adopt chip-equipped payment cards in the US following high-profile breaches at large retailers and restaurant chains during the past 12 months, but experts warn that switching to this payment system will not make fraud disappear.
Categories: Industry News

Does your business need a "Data Protection Officer?"

Security Alerts by Computerworld - Fri, 08/08/2014 - 18:53
New data-privacy regulation for the European Union expected to gain approval as early as October of this year would break new ground by requiring businesses selling goods and services to European citizens to appoint a so-called "Data Protection Officer" to be in compliance with the new law.
Categories: Industry News

Security vendor Gemalto to acquire SafeNet for $890M

Security Alerts by Computerworld - Fri, 08/08/2014 - 18:52
Gemalto plans to acquire SafeNet for US$890 million in a deal that would combine a big vendor of portable secure elements such as payment cards with a provider of enterprise data protection technology.
Categories: Industry News