As organizations increasingly move their operations to the cloud, they need to remain vigilant against security breaches. IBM had this in mind as it prepared a new portfolio of services designed to help secure an enterprise’s cloud operations with the same rigor that has come to be expected with in-house operations. “The move to the […]more…
Computer scientists say meme research doesn’t threaten free speech
In a letter to lawmakers Tuesday, five of the nation’s top computing research organizations defended a research grant to study how information goes viral. The groups were responding to claims that the government-funded effort could help create a 1984-type surveillance state. The controversy arises over a nearly $1 million research grant to researchers at Indiana […]more…
Apple security checks may miss iWorm malware
Apple’s security technologies for Mac OS X may still miss iWorm, a piece of malware discovered in late September that infected thousands of computers. Apple released an update for its XProtect antivirus engine to detect iWorm, but the update only detects when iWorm’s installer is launched, which is a one-time operation, said Patrick Wardle, director […]more…
Microsoft’s top legal gun decries privacy "arms race"
The conflict between snooping governments seeking to defeat encryption and users demanding ever more robust privacy tools has turned into an arms race — and it’s time for arms control talks, Microsoft’s general counsel said on Tuesday. Resolving that conflict requires a new consensus on how to balance public safety and personal privacy, Brad Smith […]more…
Facebook reports a 24 percent rise in government requests for user data
Facebook received nearly 35,000 requests for user data from governments around the world during the first half of 2014, up 24 percent from roughly 28,000 requests made during 2013’s second half. The uptick indicates the value governments place on the personal information Facebook has on file for its 1.35 billion users who log in at […]more…
Popular messaging apps fail EFF’s security review
Some of the most widely used messaging apps in the world, including Google Hangouts, Facebook chat, Yahoo Messenger and Snapchat, flunked a best-practices security test by advocacy group the Electronic Frontier Foundation (EFF). The organization evaluated 39 messaging products based on seven criteria it believes such tools should meet in order to ensure the privacy […]more…
Startup promises to secure data centers, clouds workload by workload
Illumio, a well-funded startup with an impressive list of customers, is wheeling out a data-center/cloud security platform that imposes individual security policies on every workload. The company has amassed $42.5 million through two funding rounds from Andreessen Horowitz, General Catalyst, Formation 8, Data Collective as well as individual investors including Salesforce founder and CEO Marc […]more…
Banking Trojan DRIDEX Uses Macros for Infection
Included in our predictions for the upcoming year is that more severe online banking and other financially-motivated threats will arise. It seems that we didn’t have to wait for 2015 to see proof of this prediction. We recently came across banking malware that features new techniques to cast a wider net for victims and avoid […]more…
Schools keep track of students’ online behavior, but do parents even know?
Parents expect schools to keep track of their kids. But in the digital era, keeping track is vastly different than it was a generation ago, thanks to Big Data analytics. According to its advocates, this is a very good thing. Gathering individual information on students can lead to “personalized” and “adaptive” learning platforms. If technology […]more…
How to clear out cookies, Flash cookies and local storage
This quick fix will show you how to clear out cookies and the cookie-like things that can be used to track you online.more…
Google releases tool to test apps, devices for SSL/TLS weaknesses
Google released a tool that can be used to test whether the SSL/TLS encrypted connections opened by applications or devices are vulnerable to man-in-the-middle attacks. A man-in-the-middle (MitM) attack refers to a situation where an attacker is in a position to intercept and manipulate traffic between a client and a server. It is the kind […]more…
Scheduled Power Shutdown at Willard Building on Nov. 6, 2014
OPP has scheduled an electrical services shutdown at the Willard building on Thursday, November 6th, from 4:30am to 6:30am. The CLC labs in the Willard building may not be available during this time.more…
BlackEnergy cyberespionage group targets Linux systems and Cisco routers
A cyberespionage group that has built its operations around a malware program called BlackEnergy has been compromising routers and Linux systems based on ARM and MIPS architectures in addition to Windows computers. Security researchers from antivirus vendor Kaspersky Lab released a report Monday detailing some of the custom modules that the group has developed for […]more…
Government demands for Facebook user data soar by 24%
Government requests for Facebook’s user data rose by almost a quarter in the first half of 2014 compared with the second half of the previous year, according to the social network. Incoming search termsTEER NAIGTmore…
New Phishing Technique Outfoxes Site Owners: Operation Huyao
We’ve found a new phishing technique targeting online shopping sites that may significantly change the threat landscape for phishing sites. Conventional phishing sites require an attacker to replicate the targeted site; a more accurate copy is more likely to fool intended victims. This technique we found allows for the creation of nearly perfect copies – […]more…
SSCC 172 – Ransomware’s not dead! [PODCAST]
Here’s the latest episode of our weekly security podcast. News you can use!more…