Security

A new report from a government auditor suggests that the United States Healthcare.gov web site is missing basic security features. The most alarming findings include ineffective cyber security controls, such as resilient passwords and stable ... security patching. Healthcare.gov represents the central hub of the Obama administration's Affordable Care Act, which is intended to offer U.S. citizens an easier method of finding and acquiring health insurance. However, since the site's launch in October 2013 it has suffered from stability problems, with issues lingering well into 2014. ... (view more)

A company that helps protect websites against a popular form of cyber attacks says it's solved a major security concern. The change could mean high-profile websites can be much more resilient and secure. The company in question is CloudFlare, which ... offers services to defend against denial of service attacks (DoS) , including distributed denial of services attacks (DDoS) . That's where cyber attackers flood a website with bogus data requests, until the site (or server) is no longer able to deal with legitimate requests. Oftentimes such an attack will bring a web server to a grinding ... (view more)

Apple has denied any responsibility for the recent theft and publication of compromising photographs of celebrities. But some analysts say the pictures were vulnerable thanks to a combination of Apple's technical setups, plus the easy availability ... of password cracking software designed specifically for law enforcement authorities. Pictures and videos of famous females such as Jennifer Lawrence, Kirsten Dunst and Kate Upton began circulating earlier this week after being posted at controversial website 4chan. The US Federal Bureau of Investigation (FBI) is said to be investigating, but it ... (view more)

A new form of ransomware has reportedly infected more than half a million computers in the past six months, making its creators an estimated $1 million. Ransomware is a type of malicious software (or " malware ") that takes control of a computer ... system and then holds it for ransom. In many cases, if victims do not pay the ransom, the data on the computer is encrypted and rendered unusable. The ransomware program in question is known as CryptoWall. According to Dell SecureWorks' Counter Threat Unit (CTU), CryptoWall has been spreading rapidly since late last year. In fact, in ... (view more)

A new report suggests that consumers are concerned about digital security threats -- like the rapidly spreading 'Backoff' malware -- but very few make any changes in an effort to better protect their most sensitive information. The report comes from ... Russian security firm Kaspersky Lab, which recently carried out an online survey of 11,000 people based in 23 countries. (Source: kaspersky.com ) Kaspersky's survey revealed that over three-quarters of all respondents use several devices to connect to the Internet. About one in four respondents said they do most of their Internet ... (view more)

A new report suggests that roughly one thousand American businesses have been victimized by 'Backoff', a form of malware that exposes customers' most sensitive information, including credit card data. Backoff made headlines late last year when ... retail giant Target was hit , exposing credit card data of roughly forty million customers. Now, the National Cybersecurity and Communications Center (NCCIC) and U.S. Secret Service are suggesting that many more businesses have been exposed by the same malware. If an infection occurs, the Backoff malware is capable of recording keystrokes ... (view more)

A new survey suggests that the majority of hackers carry out their work simply because they find it fun and thrilling. The survey also found that only a small portion of hackers do their work in pursuit of financial gain. The survey was carried out ... by Washington-based security firm Thycotic, which asked hackers attending last week's Black Hat conference (held in Las Vegas, Nevada) what motivated them. More than half of the respondents, or 51 per cent, said they hack for the "fun" and "thrill" of it. Just 19 per cent, or about one in five of the hackers surveyed, said ... (view more)

A Russian gang is believed to have stolen more than a billion online passwords. But the security firm that discovered the breach has also caused controversy over its handling of the situation, including paid-for services to deal with the breach. ... Hold Security of Milwaukee discovered and publicized the breach. The company is legitimate, and its previous claims of breaches have checked out: it was responsible for detecting a massive breach at Adobe last year. The company says it discovered that a Russian group named CyberVor (which translates as cyber-thief) has gathered together data from 420, ... (view more)

A new report suggests that most USB flash drives (also known as thumb drives) have a critical security weakness that allows them to be reconfigured, giving hackers an opportunity to silently infect targeted computer systems with malware . The report ... comes from Germany's Security Research Labs, which says that most companies making USB flash drives fail to protect the firmware installed on their devices. That means attackers could easily hack and replace the firmware with a malicious version of the firmware, which is then capable of delivering a payload onto a victim's PC - usually with ... (view more)

For many users, installing antivirus software is one of the first things to do after purchasing a new computer. But one security researcher suggests that today's antivirus programs are anything but effective; in fact, he claims many antivirus ... programs are filled with security flaws. Fourteen Antivirus Products Vulnerable, Researcher Claims Joxean Koret is a researcher at COSEINC, a Singapore-based security firm. Over the past year, he's carefully analyzed a wide range of antivirus products in search of security vulnerabilities. Earlier this month Koret presented his findings at the ... (view more)