Network World

Syndicate content
The latest security news, analysis, reviews and feature articles from
Updated: 43 weeks 2 days ago

Risk Considerations: Tracking services monitor your every move

Tue, 10/08/2013 - 02:46
Last month, CSO presented findings from Skyhigh Networks, which outlined the types of risky applications that exist on a given network. The study noted that many popular applications were monitored and controlled, but lesser-known applications were given free-reign for the most part.

Release of Yahoo dispute documents by FISA court may be delayed

Tue, 10/08/2013 - 01:15
The declassification and release of documents in a case that Yahoo believes will prove it resisted government demands for data collection will likely be delayed after the government said its staff cannot work on it during the shutdown of the U.S. government.

Four suspected users of Silk Road Internet drug marketplace arrested in the UK

Tue, 10/08/2013 - 00:38
Four men have been arrested by the U.K.'s National Crime Agency (NCA) for drug offenses in connection with their involvement in Silk Road, an Internet underground marketplace for drugs and other illegal items.

EU ministers agree in principle to new data protection oversight

Mon, 10/07/2013 - 11:43
Despite disagreements, Europe's justice ministers Monday agreed "in principle" that companies doing business in the European Union will have to answer only one data protection authority rather than 28.

Symantec uses vulnerability to take out part of the ZeroAccess botnet

Mon, 10/07/2013 - 09:45
Symantec has announced that they've successfully taken down a significant part of the ZeroAccess botnet, by exploiting a weakness discovered in its code.

Study links phishing vulnerabilities to personality traits

Mon, 10/07/2013 - 09:40
A new report from the Polytechnic Institute of New York University has linked susceptibility to phishing scams to personality traits, noting that women may be more vulnerable to men.

AppRiver filters catch 3.5 billion spam emails in August, US largest point of origin

Mon, 10/07/2013 - 09:38
AppRiver, an email and web security solutions provider, has released its Global Threatscape Report for the month of September, documenting the amount of spam traffic caught by the company's email filters in August of this year. While the report does provide information about specific malware threats -- like the fact that X.UPX.App.pakuberc was the most common malware threat in August based on frequency of appearance in email traffic -- it also offered valuable information about the fluctuation of spam frequency and its countries of origin.

Hosting provider LeaseWeb falls victim to DNS hijacking

Mon, 10/07/2013 - 09:36
Hosting provider LeaseWeb became the latest high-profile company to have its domain name taken over by attackers, highlighting that DNS (Domain Name System) hijacking is a significant threat, even to technically adept businesses.

Facebook's new Graph Search features create phishing wonderland

Mon, 10/07/2013 - 09:33
Facebook has announced new changes to the way Graph Search discovers information, including the fact that status updates, photos, check-ins, and comments are now included in search results. This new stream of information offers criminals developing phishing campaigns all-new attack surfaces to exploit.

Silk Road bust demonstrates feds penetration of Deepnet

Mon, 10/07/2013 - 09:30
By shutting down the notorious Silk Road criminal marketplace, federal law enforcement is succeeding at infiltrating the most sinister areas of the hidden Internet, experts say.

NSA data center suffers 'meltdowns,' is delayed by a year, report says

Mon, 10/07/2013 - 07:50
A massive data center being built by the National Security Agency in Utah has been plagued by "chronic electrical surges" that have destroyed equipment and delayed its opening for a year, according to a report Monday.

Chinese hackers miss Google network, but the checks go on

Mon, 10/07/2013 - 06:48
Eric Schmidt, Google's executive chairman, put a question to a large audience Gartner's Symposium ITxpo here on Monday. 'Raise [your] hand if you're sure the Chinese are not inside your corporate network.' Only five hands were raised.

Adobe hack shows subscription software vendors lucrative targets

Mon, 10/07/2013 - 06:03
Adobe on Thursday admitted that hackers broke into its network and stole personal information, including an estimated 2.9 million credit cards, illustrating the lucrative target that software-by-subscription providers have become to cyber criminals.

Attention, CISOs: Strategy is the only security

Mon, 10/07/2013 - 02:26
According to the 2013 Chief Information Security Officers survey by the Open Web Application Security Project (OWASP), 75 percent of CISOs responded that external attacks had increased. When asked what the main areas of risk as percentage of the overall risk are, 70 percent of CISOs responded that web applications represent an area of risk higher than network infrastructure.

Despite looming end of life, study shows XP remains primary OS

Mon, 10/07/2013 - 02:10
Examining data from one million devices, Fiberlink, a mobile management firm, examined the often forgotten part of mobility in the workforce -- laptops. While IT and security vendors focus on Google's Android, Apple's iOS, tablets, and smartphones, Lenovo's ThinkPad and Dell's Latitude chug along, remaining a stable fixture in the workplace. According to Fiberlink, almost 50 percent of the laptops observed in their study are running Windows XP.

Add technologists to surveillance tech review panel, IT groups say

Mon, 10/07/2013 - 00:45
U.S. President Barack Obama should add actual technologists to a group reviewing the nation's surveillance technologies, IT-related groups have said.

Raising awareness quickly: Explaining BYOD and mitigating mobile risks

Mon, 10/07/2013 - 00:14
As part of National Cyber Security Awareness Month, Rapid7 is publishing a series of easily emailed awareness tips. Last week, CSO shared the letter addressing the topic of phishing. Today, the topic is BYOD and mobile risk.

WHMCS Zero-Day vulnerability used against PureVPN

Mon, 10/07/2013 - 00:11
Hong Kong-based PureVPN faced problems this weekend, after someone used a Zero-Day vulnerability in WHMCS to send the networking firm's customers an alarming message. The rogue email stated that the VPN service was going to shutdown due to legal issues, and that customer information was handed over to the authorities.

Raising awareness quickly: A brief overview on phishing

Mon, 10/07/2013 - 00:07
In a series of posts for National Cyber Security Awareness Month, Rapid7 is releasing a set of easily emailed user awareness notes. With permission, and because we fully support the notion of raising awareness when it comes to security topics, CSO has published the letter below.

Shutdown affects government sites, but remains up as storm looms

Fri, 10/04/2013 - 11:11
As a tropical storm and possible hurricane bears down on the Gulf Coast of the U.S., the National Weather Service's website was churning out weather alerts Friday, despite a partial U.S. government shutdown that has affected citizens' access to other online resources.