Security

Imagine finding out that your neighbor's identity was stolen and their life savings cleaned out by criminals who entered through their 'smart' washing machine. Ridiculous, you say? Well, have you checked your home Wi-Fi network lately? You might have several connected household gadgets and other dev...

Businesses are flocking to software-as-a-service applications as a means to improve the efficiency of their operations and the productivity of their employees, but weak control of access to cloud apps is putting the data of many organizations at risk. According to a study by DoControl, the average 1...

People are freaking out about reports of NSO Group's Pegasus surveillance tool being used to spy on journalists, political dissidents, and other opponents of regimes worldwide. It's disheartening, and worth discussing. But why are we shocked? In Pegasus' case, the game theory is clear: some company ...

A number of popular commercial applications in categories ranging from browsers to messaging and meeting apps all contained open-source components with security vulnerabilities, according to new research performed by Osterman Research for GrammaTech. Online meetings and email clients, which contain...

Bitdefender security researchers have uncovered a Romanian-based threat group active since at least last year targeting Linux-based machines with weak Secure Shell Protocol (SSH) credentials. The researchers discovered the group was deploying Monero mining malware used to steal cryptocurrency.

Anyone with a stake in keeping ahead of cybersecurity assaults and enterprise network intrusions through API vulnerabilities can now tap into expert advisories and security reports. API security company Salt Security last week launched Salt Labs, a now-public forum for publishing research on API vul...

Clients of SolarWinds, which experienced a high-profile data breach last year, are being targeted in a probe by the U.S. Securities and Exchange Commission, according to a Reuters report. "The impact of these large-scale breaches clearly has the potential to destabilize stock prices and the broader ...

Open source software is now the foundation for the vast majority of applications across all industries, however many of those industries are struggling to manage open source risk. Organizations, regardless of industry, must do a better job maintaining open source components given their critical natu...

That old adage about crime never pays could not be more false, at least when it comes to modern-day cybercriminals. For those bad actors using ransomware as their weapon, crime is paying more than ever. A new report by the eSentire security research team found that six ransomware gangs claimed at le...

Cybercriminals are deliberately targeting phones, tablets, and Chromebooks to increase their odds of finding a vulnerable entry point. The Financial Services Threat Report from Lookout disclosed that 20 percent of mobile banking customers had a trojanized app on their devices when trying to sign int...

HOW TO

Bolt-On Security the Linux Way

In this piece, I aim to provide a range of simple but effective options for encrypting a small number of files. In particular, these options are salient for use cases like tax filing, where users are sending sensitive documents to recipients with an unknown degree of technical proficiency. Fond as I...

As cryptocurrency values continue to rise, cryptojacking becomes more attractive to cybercriminals. Now, a powerful hardware-based threat detection technology is being integrated into a Microsoft enterprise security product to help protect businesses from cryptojacking malware. The action integrate...

Jonathan Cran, founder and CEO of Intrigue, a cybersecurity startup based in Austin, Texas, used his company's network security tools to compile a list of Fortune 500 companies still exposed to last month's Microsoft Exchange breach. Potentially, many of those companies may not know their networks a...

Google is now paying developers more money to work on securing their Linux kernels this year. The gesture may well be the start of the company's bid to enforce a tighter grip on open source. Google's action comes on the heels of rising threats to Linux that unfolded in the last year, as hackers pivo...

LinuxInsider Channels