security

The US government has been accused of embedding spyware directly onto hard drives using secret manufacturer information. Russian security software manufacturer Kaspersky Lab made the claims, and stem from its efforts to find and eliminate malicious ... software. Kaspersky says officials appear to have only used the spyware to target specific, foreign-based individuals. Kaspersky says that the spyware is part of an operation controlled by the National Security Agency (NSA) , under the name Equation Group. It claims the NSA figured out how to put spying software in the firmware of hard drives made ... (view more)

Chinese spies have reportedly infected the Forbes website in order to steal data from staff at defense and finance organizations. The attack is unlike most attacks on large websites, as the motive was for intelligence, rather than profit. The Forbes ... website attack reportedly took place in November 2014, with the security gap plugged by approximately three days later. To propagate the attack, hackers replaced a legitimate file on the web server used for the "Thought of the Day" feature, which appeared on every page of the Forbes website. The malicious file was then automatically ... (view more)

A survey of 2,000 households in the United Kingdom has revealed that few people take their WiFi network's security seriously enough. In fact, the security software firm behind the study, Avast, says our approach to home WiFi security is comparable ... to attitudes towards PC security in the 1990s -- which is not very good at all. Weak WiFi Passwords a Serious Problem Avast's survey revealed a number of alarming issues. First, the company found that more than 50 per cent of all home routers have little or no protection, making them easy to hack. In far too many cases, Avast found people ... (view more)

A new report suggests that hackers are using fake email orders with malicious links to fool victims into installing malware onto their machines. Security experts are therefore warning all Internet shoppers to take extra care when opening their ... emails this holiday season. According to Brian Krebs, a former Washington Post writer who covers cyber crime, the problem is becoming more and more prevalent. "If you receive an email this holiday season asking you to 'confirm' an online e-commerce order or package shipment, please resist the urge to click the included link or attachment, ... (view more)

Security firm Symantec says it has found a sinister and highly sophisticated piece of malware, which has somehow managed to evade security experts for more than six years. Dubbed 'Regin', the malware showcases high levels of technical competence, ... suggesting that it was likely developed by cyber espionage experts. "The development and operation of this malware would have required a significant investment of time and resources, indicating that a nation state is responsible," Symantec said in a recent white paper on the subject. "Its design makes it highly suited for persistent, ... (view more)

Microsoft has patched a security vulnerability that somehow evaded detection for roughly twenty years. The bug has reportedly existed in every single version of the Windows operating system since Windows 95. According to reports, the bug can allow a ... hacker to execute code remotely when a user visits a malicious website. IBM security expert Robert Freeman says the bug is related to a flaw in VBScript, which first debuted with Internet Explorer 3.0 in the late 1990s. Freeman says that the bug remains invulnerable to Microsoft's anti-exploitation tools, otherwise known as the Enhanced ... (view more)

The Home Depot recently revealed that its systems had been hacked, leaving approximately 56 million customer credit cards and 53 million email addresses vulnerable to cybercriminals. Now, the retailer is apparently blaming Microsoft's Windows ... operating system (OS) for its security vulnerabilities, and has reportedly switched many top-ranking employees to Macintosh computers and iPhones. The Home Depot announced additional findings of its security breach on November 6, 2014. In the days that followed, customers whose data was affected received an email from the company, which read: " ... (view more)

Industry analysts at Gartner have released their list of the top trends in information technology (IT) for 2015. The general theme appears to be a growing -- and perhaps troubling -- reliance on web-connected devices and the cloud. Topping Gartner's ... list is the 'computing everywhere' concept, also known as ubiquitous computing . The research firm believes 2015 will be about expanding access to computing capabilities, from placing touchscreens in connected cars , to washing machines and dryers. To many, it's an exciting trend that will allow people unprecedented access to their devices ... (view more)

A new report from a government auditor suggests that the United States Healthcare.gov web site is missing basic security features. The most alarming findings include ineffective cyber security controls, such as resilient passwords and stable ... security patching. Healthcare.gov represents the central hub of the Obama administration's Affordable Care Act, which is intended to offer U.S. citizens an easier method of finding and acquiring health insurance. However, since the site's launch in October 2013 it has suffered from stability problems, with issues lingering well into 2014. ... (view more)

Apple has denied any responsibility for the recent theft and publication of compromising photographs of celebrities. But some analysts say the pictures were vulnerable thanks to a combination of Apple's technical setups, plus the easy availability ... of password cracking software designed specifically for law enforcement authorities. Pictures and videos of famous females such as Jennifer Lawrence, Kirsten Dunst and Kate Upton began circulating earlier this week after being posted at controversial website 4chan. The US Federal Bureau of Investigation (FBI) is said to be investigating, but it ... (view more)