Cybersecurity whistleblowers: Get ready for more

It is not a public problem yet. But according to multiple experts, it will be.“It” is the cybersecurity whistleblower – an employee who sees a flaw, or flaws, in his or her company’s network security, brings the problem to management but gets ignored or punished – marginalized, harassed, demoted or even fired.And then the worker either goes public or files a complaint with a federal regulatory agency like the Securities and Exchange Commission (SEC).Such a scenario is unlikely to end well – almost certainly for the company (if the complaint is credible) and perhaps even for the whistleblower, notwithstanding laws meant to protect them.To read this article in full or to leave a comment, please click here

Facebook, Google, Twitter, Woz, Trump, McAfee, Snowden, and more take sides on Apple vs. the FBI

Apple is challenging a federal court order to help access an iPhone used by one of the shooters in the San Bernardino terrorist attack, claiming that doing so would create a “dangerous precedent.”Now, other tech companies and politicians are publicly debating whether Apple’s dead-set protection of user privacy is justified and whether the FBI has a right to enter people’s iPhones via a “backdoor” to ensure national security. Shortly after Apple CEO Tim Cook posted an open letter detailing Cupertino’s refusal, tech leaders, presidential candidates, and other public figures began taking sides.To read this article in full or to leave a comment, please click here

VTech not backing down on terms change after data breach

Despite widespread public condemnation, Hong Kong toy maker VTech is not backing down from a change in its Terms and Conditions ducking its responsibilities in the event of a breach.European customers now have to agree to a Terms of Service that includes the following sentence: “You acknowledge and agree that any information you send or receive during your use of the site may not be secure and may be intercepted or later acquired by unauthorized parties."MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers This was in response to a data breach the previous fall which affected about 5 million parent accounts and more than 6 million children's' accounts. The children profiles included names, genders, birthdates, headshots and chat logs while the parent accounts included email addresses, passwords, secret questions and answers, IP addresses, and mailing addresses.To read this article in full or to leave a comment, please click here

We’re hosting a Null Singapore meetup!

We're happy to announce that next week CloudFlare is hosting the Null Security meetup in Singapore. You are invited!

Null is a community for hackers and security enthusiasts. Monthly meetups are organized in a number of Asian cities. Read more at http://null.co.in/.

The lineup for the February meetup:

  • All you ever wanted to know about DDoS attacks Marek Majkowski
  • Security News Bytes Drupan Chandarana
  • DNS Hijacking Michael Smith

If you’d like to sign up for the event, you can do so here:

What: Null Singapore - The Open Security Community meetup

When: February 24th: 6:45pm-8:45pm

Where: The Working Capitol, "The Commons" Room, 1 Keong Saik Road, Singapore 089109

Registration is required

CloudFlare is actively hiring in Singapore!

A new Android banking trojan is also ransomware

A new kind of Android malware steals online banking credentials and can hold a device's files hostage in exchange for a ransom, delivering a particularly nasty one-two punch.The malware, called Xbot, is not widespread yet and appears to be just targeting devices in Australia and Russia, wrote researchers with Palo Alto Networks in a blog post on Thursday.But they believe whomever is behind Xbot may try to expand its target base."As the author appears to be putting considerable time and effort into making this Trojan more complex and harder to detect, it’s likely that its ability to infect users and remain hidden will only grow," Palo Alto wrote.To read this article in full or to leave a comment, please click here

Not even Google can convince Americans to trust online voting

Google this week has been awarded a patent for “a voting user interface” that some are speculating may eventually lead to the United States conducting presidential elections online.Call me skeptical.From a Computerworld story on our site: The new technology easily could go beyond entertainment-oriented online campaigns, though. Patrick Moorhead, an analyst with Moor Insights & Strategy, said the new online election technology would set up Google to handle both fun campaigns and serious political campaigns.To read this article in full or to leave a comment, please click here

Obama taps former NSA CEO to head up cybersecurity

In the waning months of the Obama administration, the White House is racing to lay the groundwork for an enduring plan to shore up the nation's critical digital infrastructure.Yesterday, President Obama described the digital age as a sort of double-edged sword, at once delivering "incredible opportunity, incredible wealth," while also presenting a new set of complex and evolving security challenges that arise from an environment where "more and more of our lives are being downloaded, being stored, and as a consequence are a lot more vulnerable."[ Related: Government ranks last in fixing software security holes ]To read this article in full or to leave a comment, please click here

1 3,145 3,146 3,147 3,148 3,149 3,855