Tech News

Home/Tech News

Symantec Says AV Is Dead, World Rolls Eyes

By |May 27th, 2014|Categories: Tech News, Virus Alerts|

The rumors of AVEarlier this week, Symantec’s senior vice president Brian Dye declared to the Wall Street Journal that antivirus “is dead.” That’s a bit surprising, considering it still accounts for a reported 40 percent of Symantec’s revenue. Plus, Symantec continues to churn out Editors’ Choice award winning products like Norton 360. So is AV really dead? The short answer is “no,” and the long answer is “no no no no no nononononononono.”

Nail in the Coffin?
Dye told the WSJ that the company doesn’t consider AV as “a moneymaker in any way.” Not only that, Dye bemoaned that they simply can’t keep hackers out. In the interview, Dye estimated that AV only catches 45 percent of cyber attacks. Those are pretty damning numbers, and a pretty grim outlook, but other cybersecurity experts just don’t agree. Or rather, they know that saying […]

What is ‘Covert Redirect’ and Should You be Worried?

By |May 27th, 2014|Categories: Security, Tech News, Virus Alerts|

When Heartbleed struck in April, it shook the Internet to its core in an almost literal sense: the vulnerability, which could allow hackers to trick servers into surrendering sensitive data, took advantage of how communications are made online. Now, there’s a new vulnerability in town claiming to be the next core-shaking Internet threat. But is it really? Let’s take a look.

Covert Redirect: A look inside

The vulnerability in question has been dubbed “Covert Redirect,” due to its stealthy tactics. Discovered by Wang Jing, a mathematics PhD student in Singapore, Covert Redirect enables hackers to trick users into surrendering personal information by posing as an authorization window (a popup window which asks for authorization to connect to a third party website or application). If the faux-authorization is successful, the hacker can redirect the user to a website loaded with malicious software. If successfully executed, it can […]

Narrowing the Breach Discovery Gap

By |May 26th, 2014|Categories: Tech News|

Verizon’s recent release of the 2014 Data Breach Investigations Report (DBIR) provided its usual valuable insights into the state and scale of cyberattacks. But those of us who spend our waking hours enhancing and fine-tuning cybersecurity defense tend to watch for one measurement in particular in such reports: the breach discovery gap.

The breach discovery gap is the time it takes IT security practitioners to discover a data breach after they have been breached by a cyberattack. As an industry, we strive to constantly improve the detection capabilities of our products to stop attacks before breaches occurs or, when they aren’t stopped, to narrow the breach discovery gap to zero. Ideally, the enterprise’s security infrastructure detects attacks in progress, immediately alerts enterprise security teams, and takes steps to mitigate and deflect the attack.

Unfortunately, Verizon’s research showed that more than 90% of attacks are successful in a day or less, but […]

Microsoft seeds doubt by erasing XP line in the sand

By |May 26th, 2014|Categories: Microsoft, Security, Tech News, Virus Alerts, WinXP|

Move may end up encouraging some customers to stick with XP even longer

May 7, 2014
(Computerworld)

Microsoft’s decision to erase its support line in the sand has sowed confusion and will likely encourage bad behavior by some customers, analysts said today.

“If next month someone finds another zero-day like this one, Microsoft could just move the line again,” said John Pescatore, director of emerging security trends at the SANS Institute, a security training organization.

“In a way, this encourages bad behavior. There’s a risk that people will look at it that way,” said Michael Silver, an analyst with Gartner, referring to those who will now question Microsoft’s determination to end XP support, and thus slow or even suspend their migrations to newer editions of Windows.

The experts were talking about Microsoft’s move on May 1 to issue fixes for a critical vulnerability in Internet Explorer […]

Kaspersky Helps Watch_Dogs Developers to Get Hacking Right

By |May 26th, 2014|Categories: Security, Tech News|

Talk to any security researcher or hacker of a certain age, and he will likely tell you that back in his day–say, the late 1990s–hacking wasn’t cool. It was a solitary, often frustrating pursuit, done mainly for the intellectual rewards it provided and the respect of one’s peers. But the culture has turned of late, and hacking and the security culture are having something of a moment.

watchdogs

Privacy and pervasive surveillance are now topics of conversation well outside of the tech community, and the idea of having your every move monitored, tracked and recorded doesn’t seem as ridiculous as it did when George Orwell laid it out more than 60 years ago. Average citizens don’t have much in the way of options when it comes to fighting the spread of surveillance technology–at least in the real world. But the new Ubisoft video game […]

The NSA’s mysterious coded tweet

By |May 26th, 2014|Categories: Security, Tech News|

No, the NSA was not drunk when they sent this garbled tweet earlier this week.
No, the NSA was not drunk when they sent this garbled tweet earlier this week.

    • The NSA sent a mysterious coded tweet to its 10,000 followers this week
    • Internet sleuths solved the mystery in minutes
    • The tweet was a recruiting tool for the intelligence agency

(CNN) — When the National Security Agency sent a tweet Monday filled with garbled nonwords like “tpfccdlfdtte,” the Internet was confused, and intrigued.

Was the NSA drunk? Had a cat skittered across someone’s keyboard?

Or maybe the spy agency, under fire for eavesdropping on Americans, had accidentally blurted a secret of its own — a coded, classified message not meant for public eyes.

The truth proved to be less scandalous. Internet sleuths, armed with cryptogram-solving Web tools, solved the mystery in minutes. Turns out […]

Researchers find a global botnet of infected PoS systems

By |May 26th, 2014|Categories: Security, Tech News, Virus Alerts|

The botnet contained almost 1,500 compromised point-of-sale and other retail systems from 36 countries, researchers from IntelCrawler said

May 23, 2014
(IDG News Service)

Security researchers uncovered a global cybercriminal operation that infected with malware almost 1,500 point-of-sale (POS) terminals, accounting systems and other retail back-office platforms from businesses in 36 countries.

The infected systems were joined together in a botnet that researchers from cybercrime intelligence firm IntelCrawler dubbed Nemanja. The researchers believe the attackers behind the operation might be from Serbia.

The size of the botnet and the worldwide distribution of infected systems brings into perspective the security problems faced by retailers from around the world, problems that were also highlighted by the recent PoS breaches at several large U.S. retailers.

Past incidents suggest an increased attention from cybercriminals toward retailers and small businesses that use PoS terminals, the IntelCrawler researchers said Thursday in a […]

Bug bounty program outs 7-month-old IE zero-day

By |May 26th, 2014|Categories: Microsoft, Security, Tech News, Virus Alerts, WinXP|

No sign that hackers are exploiting the unpatched vulnerability in IE8; XP users will never see the fix

May 22, 2014
(Computerworld)

An HP bug bounty program yesterday published information about a critical vulnerability in Internet Explorer 8 (IE8) because Microsoft did not meet its patch-or-we-go-public deadline.

HP TippingPoint’s Zero Day Initiative (ZDI) revealed some details about the vulnerability Wednesday in an online advisory after its 180-day grace period had expired without Microsoft providing a patch to customers.

The bug, which was reported to ZDI by Belgium security researcher Peter Van Eeckhoutte, was handed to Microsoft on Oct. 11, 2013. At the time, ZDI had a 180-day patch policy: If the vendor did not patch the vulnerability in that time, or failed to explain why it could not, ZDI would go public with the flaw.

Since then ZDI has shortened the window to […]

Google to buy satellite startup Skybox?

By |May 26th, 2014|Categories: Tech News|

kyushujapan20140515.png

A photo of Saga Prefecture in Kyushu, Japan, from Skybox Imaging’s SkySat-1 satellite.
Skybox Imaging
Is Google ready to plunk down a billion dollars or so to acquire a company specializing in satellite imaging?

One possible target is Skybox Imaging, a Mountain View, Calif.-based firm with its own satellite cluster that specializes in data analytics and highly detailed images and video of Earth, according to a report in TechCrunch. Skybox was valued between $500 million and $700 million at its last fundraising round in 2012, the report said.

Skybox Imaging declined to comment. Google did not respond to a request for comment.

Word of Google’s alleged interest in owning satellite imaging technology comes on the heels of its April purchase of drone maker Titan Aerospace to help further develop high-altitude Internet-broadcasting balloons as part of Google’s Project Loon. That pickup was also seen as […]

HP plans to invest $1B in open cloud services

By |May 26th, 2014|Categories: Cloud Computing, IT Industry, Tech News|

IDG News Service – Following a similar move by IBM, Hewlett-Packard is unifying its cloud portfolio under a single architecture and brand name, called HP Helion.

The company has pledged to invest $1 billion in open cloud products and services over the next two years, along with community-driven, open-source cloud technologies.

“Just as the community spread the adoption of Linux in the enterprise, we believe OpenStack will do the same for the cloud,” said Hewlett-Packard CEO and President Meg Whitman, in a webcast announcing Helion Tuesday.

Customers have been asking for open-source-based cloud technologies, Whitman said. Harnessing the collective effort around open-source projects such as OpenStack, “the result is something that is more flexible, secure and affordable than any one company could do alone,” she said.

A distribution of OpenStack, called Helion OpenStack, is the first Helion component HP has released. Helion OpenStack will serve as the cornerstone for the Helion line of […]