Tokenization is the way to prevent e-commerce security breaches

By GIXnews

By Avery Buffington, Information Security Architect, SecureNet, Network World | August 25th, 2014 E-com security breaches are increasing in frequency at an alarming rate, but there is a way to prevent them from: tokenization. This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely…

Your living room is vulnerable to cyber attacks

By GIXnews

By Tony Bradley, PC World | August 22nd, 2014 A Kaspersky Labs researcher hacked his own home and found a number of serious security concerns. At the Black Hat security conference in Las Vegas earlier this month, researchers demonstrated how a Nest thermostat can be hacked, to show how easily connected appliances–the household technologies that…

Security spending gets boost from mobile, social and cloud, says Gartner

By GIXnews

By Mikael Ricknäs, IDG News Service | August 22nd, 2014 Worldwide spending will increase by almost 8 percent this year. The increased adoption of mobile, social and cloud computing is driving growth in security spending among organizations that are also becoming more aware of threats on all those fronts. Worldwide spending on information security will…

NIST taking input for mobile security guidelines

By GIXnews

By Joab Jackson, IDG News Service | August 21st, 2014 A new NIST publication aims to alert enterprises of potential security dangers within commercial apps. The U.S. National Institute of Standards and Technology (NIST) is developing a guide for testing third-party apps to ensure that they are secure and don’t introduce any vulnerabilities. The government…

Researchers build security framework for Android

By GIXnews

By Antone Gonsalves, CSO | August 21st, 2014 University researchers have modified the Android operating system to let developers plug in enterprise-class security enhancements that would normally require overhauling a mobile device’s firmware. The code added to the OS is called the Android Security Modules (ASM) framework, which is described in a paper from security…

Healthcare organizations still too lax on security

By GIXnews

By Jaikumar Vijayan, Computerworld | August 19th, 2014 Data breach at Community Health is symptom of broader problem, security experts say. The data breach at Community Health Systems that exposed the names, Social Security numbers and other personal details on more than 4.5 million people is a symptom of the chronic lack of attention to…

Community Health Systems blames China for recent data breach

By GIXnews

By Steve Ragan, CSO | August 18th, 2014 Community Hospital Systems (CHS), which operates just over 200 hospitals in 29 states, reported a data breach impacting about 4.5 million people on Monday. The incident, blamed on actors in China, was made public via an 8-K filing with the U.S. Securities and Exchange Commission. The 8-K…

Hackers steal data on 4.5 million US hospital patients

By GIXnews

By Martyn Williams, IDG News Service | August 18th, 2014 Community Health Systems says the breach occurred in April and June. A major U.S. hospital operator says hackers based in China broke into its computer systems and stole data on 4.5 million patients. Community Health Systems said the attack occurred in April and June of…

How Google is heading toward safe, global Gmail

By GIXnews

CSO | August 14th, 2014 Google has made an important change to its Gmail spam filter that is expected to make targeted phishing attacks more difficult while allowing for a more global webmail service. The Internet company recently took a step toward more global email by accepting non-Latin and accented Latin characters approved by the…

New security tools from Tenable, HP, Co3 attempt the impossible

By GIXnews

By John Breeden II, Network World | August 11th, 2014 Automated incident response promises total network security by combining threat detection, prevention and response. Automated incident response is one of the fastest growing fields in computer security. Alternatively called threat monitoring, vulnerability management or threat management, it encompasses the seemingly impossible task of defending a…

Mobile chips face lockdown to prevent hacks

By GIXnews

By Agam Shah, IDG News Service | August 11th, 2014 Chip makers are adding more security layers to protect mobile device users from malicious attacks and code injection. Chip makers want to make hardware the first layer of defense against data breaches and other attacks on tablets and smartphones. Mobile devices are becoming increasingly vulnerable,…

PCI Security Council moves to boost service providers’ credit card security

By GIXnews

By Jaikumar Vijayan, Computerworld | August 8th, 2014 Growing use of outsourcing companies by merchants drives need for stronger controls. The Payment Card Industry Security Standards Council (PCI SCC) has updated its guidance to help merchants better determine whether third party service providers have implemented security measures to protect credit and debit cardholder data. The…

The Internet of Things Brings Far-Reaching Security Threats

By GIXnews

By Kenneth Corbin, CIO | August 8th, 2014 Bringing new devices online at home and in the enterprise raises a host of security concerns that will require a more hands-on rethinking. WASHINGTON Security pros routinely cite poor cyber hygiene as one of their top concerns. But if they’re lying awake at night worried about lazy…

Black Hat 2014: How to steal security codes from home alarm systems

By GIXnews

By Tim Greene, Network World | August 4th, 2014 A $50 device made with off the shelf hardware can. For $50 attackers can build a radio device that cracks home alarm systems and other common security devices, Black Hat 2014 attendees will hear this week. A combination of a microcontroller and a single-board computer comprises…

Cisco patches traffic snooping flaw in operating systems used by its networking gear

By GIXnews

By Lucian Constantin, TechWorld | August 4th, 2014 The vulnerability affects the OSPF routing protocol implementation on Cisco networking equipment. Cisco Systems said attackers could disrupt or intercept traffic in many of its networking products unless a new security update is applied to the software they run. The issue affects the implementation of the Open…

Attackers use domino effect to compromise your accounts

By GIXnews

By Tony Bradley, PC World | July 31st, 2014 The two-factor authentication used to “protect” your accounts is often insecure and poses a weak link that can be exploited by attackers. Data breach after data breach has illustrated just how weak and ineffective passwords can be for protecting accounts and sensitive information. Many sites and…

BlackBerry focuses on security for the enterprise

By GIXnews

By Joab Jackson, IDG News Service | July 29th, 2014 BlackBerry says it can offer levels of security that can not be replicated on Apple, Android or other mobile devices. Now that BlackBerry has fallen significantly behind Apple and Google in the race to offer features and third-party apps for its smartphones, the company is…

Security must evolve to be ‘all about the data’

By GIXnews

By Taylor Armerding, CSO | July 24th, 2014 There is a fierce debate about whether GMOs — genetically modified organisms — with built-in resistance to pests, fungus, drought and other agricultural threats, are a good thing when it comes to our food supply. But there was little debate Thursday morning in Boston at a panel…

Are IT groups really ready for BYOD security challenges?

By GIXnews

By John Cox, Network World | July 24th, 2014 Privately-owned mobile devices, backed by a corporate BYOD policy, are still fairly rare in business, according to a LinkedIn survey. A new survey of IT security professionals shows that many businesses are barely starting to exploit mobile technology, and some of them may be a mobile…

AirMagnet Wi-Fi security tool takes aim at drones

By GIXnews

By Stephen Lawson, IDG News Service | July 21st, 2014 It can identify a Parrot AR Drone nearby to help narrow down the search for the rogue APs. In its quest to help enterprises seek out and neutralize all threats to their Wi-Fi networks, AirMagnet is now looking to the skies. In a free software…