Stories by Ellen Messmer

Researchers crack satellite encryption

Researchers at a university in Bochum, Germany claim to have cracked encryption algorithms of the European Telecommunications Standards Institute (ETSI) that are used to secure certain civilian satellite phone communications.

By Ellen Messmer | 09 February, 2012 09:27

Tags: Telecommunication, security, satellite, Ruhr University, ETSI, encryption, crypto; satellite;

Why one insurance company ditched its own hardware- for a cloud -based SAN

Why do some enterprise managers decide to brave their way into the new and unknown of cloud-based services? Sometimes it's simply because the old technology just isn't working out that well anymore.

By Ellen Messmer | 09 February, 2012 01:29

Tags: TwinStrata; encryption, Twinstrata, Strata, storage, security, SAN; cloud; IBM mainframe, network storage, network-attached storage, Lloyds, Kemp, internet, hardware systems, encryption, Data Center, Configuration / maintenance, cloud computing, amazon

Symantec verifies stolen source code posted by Anonymous is "legitimate"

Symantec is in an ongoing fight against hackers in the group Anonymous that last January attempted to extort a payment of around $50,000 from Symantec in exchange for not publicly posting stolen Symantec source code they had stolen for various older Symantec security products dating to 2006.

By Ellen Messmer | 08 February, 2012 06:29

Tags: symantec, security, legal, cybercrime, Anonymous; Symantec; extortion; security; pcAnywhere; Norton Internet Security, anonymous

Data breach? Blame your third party's remote access systems

An in-depth study of data-breach problems last year where hackers infiltrated 312 businesses to grab gobs of mainly customer payment-card information found the primary way they got in was through third-party vendor remote-access applications or VPN for systems maintenance.

By Ellen Messmer | 07 February, 2012 22:33

Tags: vpn, visa, trustwave, security, networking, hacker, data breach

Mobile device management: Apple's extra little tricky requirement

Anyone wanting to buy mobile-device management (MDM) software to manage Apple iOS devices will find they need a special digital certificate from Apple to activate it, a requirement that doesn't apply to the same MDM software that would be used to manage Google Android devices, for instance.

By Ellen Messmer | 07 February, 2012 06:29

Tags: wireless, symantec, sybase, smartphones, security, networking, MobileIron, Mobile device management, mcafee, Google, Good Technology, consumer electronics, Apple, Android

Google, Microsoft, Facebook, Bank of America team to wipe out phishing

Can industry heavyweights Google, PayPal, Microsoft and AOL -- along with 11 others in high-tech such as Facebook and LinkedIn, as well as the financial world's Bank of America and Fidelity Investments -- succeed in stopping phishing attacks right in their tracks? In uniting behind an effort called DMARC.org unveiled today, the group says it can through policy-based steps filter out spoofed email that attackers use for phishing.

By Ellen Messmer | 31 January, 2012 00:36

Tags: security, paypal, Microsoft, LinkedIn, Google, Facebook, DMARC.org, DMARC, Bank of America, AOL, anti-malware

Security roundup: The triumph of hactivists, the sorrow of Symantec

It was another busy week for hactivists attacking the online targets of their ire. This time, hackers under the banner AntiSec appeared to have hacked the website of OnGuardOnline.gov, the U.S. government's online security website, in protest against the much-railed-against legislation Stop Online Piracy Act (SOPA) as well as other bills regarding intellectual protection. Similarly, the group Anonymous is believed to be behind the distributed denial-of-service attack on Thursday that brought down the European Parliament's website in what is thought to be retaliation for European support for the shutdown of the Megaupload file-sharing site the week before. Anonymous also opposes a treaty being ratified in Europe now called the Anti-Counterfeiting Trade Agreement. That deals with infringement of intellectual property rights.

By Ellen Messmer | 28 January, 2012 06:22

Tags: symantec, sourcefire, security, rsa, privacy day, OnGuardOnline.gov, megaupload, legal, Kelihos, European Parliament, cybercrime, AntiSec, anti-malware, anonymous

Hacking stunt: Stealing smartphone crypto keys using plain old radio

Encryption keys on smartphones can be stolen via a technique using radio waves, says one of the world's foremost crypto experts, Paul Kocher, whose firm Cryptography Research will demonstrate the hacking stunt with several types of smartphones at the upcoming RSA Conference in San Francisco next month.

By Ellen Messmer | 27 January, 2012 08:27

Tags: wireless, smartphones, smartphone; Cryptography Research; security, security, rsa, networking, consumer electronics, anonymous

Can Cloud-based collaborative data-sharing be secure enough for defense systems?

Though wariness about the perceived lack of security in cloud-based services is often voiced, there are some situations where the opposite is the case. Some businesses mindful of security say the cloud services that are important to them have done a lot of work to meet their expectations about security.

By Ellen Messmer | 26 January, 2012 09:25

Tags: security, Microsoft, lockheed martin, internet, cloud computing; security; Boeing; Exostar; Lockheed Martin, cloud computing, boeing, BAE Systems

Sourcefire debuts anti-malware software FireAMP for enterprise

Sourcefire today announced anti-malware software for Windows-based devices that combines signature- and behavior-based detection methods to identify malicious code trying to invade the enterprise network, tracking it down through cloud-based analysis.

By Ellen Messmer | 24 January, 2012 07:40

Tags: sourcefire, security, FireEye, FireAMP, anti-malware, anonymous, amp

Security roundup: Anonymous attacks DOJ, RIAA sites; Israeli-Palestinian cyberconflict escalates

Angered by the move by federal authorities to shut down the popular website Megaupload on charges it illegally shared movies, TV shows and e-books, hackers said to be working on behalf of the hactivist group Anonymous late yesterday launched denial-of-service attacks against a number of websites, including that of the Department of Justice (DOJ) and the Recording Industry Association of America (RIAA).

By Ellen Messmer | 21 January, 2012 08:26

Tags: SOPA, software programmer, software code, security, scada, riaa, Recording Industry Association of America, megaupload, legal, kodak, fbi, cybersecurity, cybercrime, anonymous

Analysis: Can employee-owned devices save companies money?

The bring your own device (BYOD) phenomenon is sweeping through the enterprise, and some businesses have embraced it with gusto, offering stipends to employees to use their own mobile devices for work.

By Ellen Messmer | 20 January, 2012 06:33

Tags: Wireless Management, wireless, verizon, tablets, sprint, smartphones, security, networking, mobile-device management, iPhone, iPad, hardware systems, consumer electronics, byod, at&t, Android

New Facebook attack targets e-cash users

Security firm Trusteer Wednesday said it's identified a new browser-based malware attack against Facebook users that's aimed at stealing money through e-cash payment system Ukash.

By Ellen Messmer | 19 January, 2012 03:30

Tags: Ukash; Carberp Trojan; security; Facebook, Trusteer, security, legal, Facebook, cybercrime

Zappos data breach response a good idea or just panic mode?

In acknowledging a data breach in which information related to as many as 24 million customers was stolen, online shoe and clothing retailer Zappos has taken assertive steps, including compelling customers to change passwords, plus temporarily foregoing 800-number phone service in an effort to redeploy customer-service representatives to respond to customer email.

By Ellen Messmer | 18 January, 2012 07:29

Tags: Zappos, security, passwords, legal, data breach, cybersecurity, cybercrime

Survey: Security deployments, training reduce cyberattack wipeouts, downtime

A survey of 1,425 information technology managers in 32 countries about the type of security they deployed on their network endpoints, as well as security training for employees, indicates that these technology investments paid off in mitigating cyberattacks and downtime.

By Ellen Messmer | 17 January, 2012 22:29

Tags: security, mobile devices, IPS, APT

 
rhs_login_lockGet exclusive access to Techworld news, reports & analysis.

Twitter Feed

Whitepapers

- + c

Latest News

- + c
more