60% of companies cannot detect compromised credentials say security pros surveyed

60% of companies cannot detect compromised credentials, according to Rapid7’s incident detection and response survey results. Rapid7 That is just one of the yikes revealed when 271 security professionals from all size organizations and industries responded to the survey so Rapid7 could learn more about challenges to security teams, strategic initiatives and current security tools being used. It is little wonder why over 90% of respondents admitted to being worried about attacks that use compromised credentials.To read this article in full or to leave a comment, please click here

How secure are wearables, anyway?

Congratulations on getting that new wearable device over the holidays. You're on your way to a new, trackable, data-filled life. Or you’re about to be hacked. "Every digital technology, as its use has expanded, has drawn attention from hackers and criminals," says Stephen Cobb of ESET. "So if wearables get to the point where criminals can see a way to exploit them for gain, they will try to do that." In his role as senior security researcher at ESET, Cobb says he hasn't seen that happen yet, but that doesn't mean it isn't on the horizon. He points to a recent issue with VTech, which makes a wearable for kids. Its customer database, which includes the information of 5 million parents and 200,000 children, was recently compromised. To read this article in full or to leave a comment, please click here

Seagate inhales, uses helium to create 10TB HDD

Seagate today announced its first use of helium in a hard disk drive (HDD), making it the company's highest capacity drive to date with 10TB of storage space.The new Enterprise Capacity 3.5-in. HDD is being targeted for use in cloud-based data centers. The HDD contains seven platters and 14 read/write heads. It uses a hermetically sealed case and helium to create a turbulence-free interior, which decreases friction on the platters.By using helium, Seagate was able to increase disk density by 25% over previous air-filled HDDs. The HDD also delivers higher performance and reduced power and weight, the company stated.To read this article in full or to leave a comment, please click here

Faulty ransomware renders files unrecoverable, even by the attacker

A cybercriminal has built a ransomware program based on proof-of-concept code released online, but messed up the implementation, resulting in victims' files being completely unrecoverable.Researchers from antivirus vendor Trend Micro recently spotted a new file-encrypting ransomware program distributed as a Flash Player update through a compromised website in Paraguay.After they analyzed the program's code, they realized that it was a modification of a proof-of-concept file encryptor application called Hidden Tear that was published on GitHub in August by a Turkish security enthusiast.Hidden Tear comes with a disclaimer that the code may only be used for education purposes and a warning that people using it as ransomware could go to jail.To read this article in full or to leave a comment, please click here

U.S. patent numbers decline; IBM retains top spot in IFI ranking

The number of U.S. patents granted declined for the first time since 2007, ending a seven-year run of increases.According to IFI Claims Patent Services, there were 298,407 utility patents granted during the 2015 calendar year. That represents a decrease of almost 1% compared to 2014, when patent grants hit 300,674 and surpassed the 300,000 threshold for the first time. IFI, which specializes in patent analysis, tracks utility patents from the U.S. Patent and Trademark Office (USPTO), and each year it releases its annual ranking of the top 50 recipients.To read this article in full or to leave a comment, please click here

Microsoft fixes critical flaws in Windows, Office, Edge, IE and other products

Microsoft has released the first batch of security updates for 2016 and they include critical fixes for remote code execution flaws in Windows, Office, Edge, Internet Explorer, Silverlight and Visual Basic.The company has also fixed remote code execution and elevation of privilege vulnerabilities in Windows and an address spoofing flaw in Exchange Server, that were rated important, not critical, due to various mitigating factors.In total, Microsoft issued 9 security bulletins covering patches for 24 vulnerabilities.According to Wolfgang Kandek, the CTO of security firm Qualys, administrators should prioritize the MS16-005 security bulletin, especially for systems running Windows Vista, 7 and Server 2008.To read this article in full or to leave a comment, please click here

1 3,098 3,099 3,100 3,101 3,102 3,754