Recent Posts

Facebook Mum On Future Of Ghost User Accounts

Facebook acknowledged on Friday that a flaw in a feature that lets users download their own profile information exposed personal information on approximately six million users, including phone numbers and e-mail addresses that were not shared with the site, but is staying mum on the future of wide ranging information harvesting practices revealed by the bug. In a blog post, the social networking giant said the security hole was disclosed by an independent security researcher and forced the company to disable the Download Your Information (DYI) feature until it could be fixed. Despite the large number of people affected, Facebook said individual pieces of private data like an e-mail address or telephone number were only exposed to one or two other Facebook users. However, Facebook has not said whether it will cease using non-public data from users’ contacts to fill out dossiers on other Facebook users, a practice that has […]

Continue Reading

HBR: Internet Of Things Has ‘Profound’ Impact On Risk

The advent of a global network of Internet connected devices – sometimes referred to as the “Internet of Things” will bring about a “data democratization” that will upend traditional IT security models and pose considerable risks for organizations.   That’s the conclusion of two leading authorities on the so-called “Internet of Things” (IoT), Christopher J. Rezendes and W. David Stephenson, who write that its impact on businesses will be “profound,” and that cyber security will be one of the biggest challenges that organizations must address. In a guest post on the Harvard Business Review blog on Friday, Rezendes, the president of INEX Advisors, and Stephenson, an author and consultant specializing in the Internet of Things argue that  “the very principle that makes the IoT so powerful — the potential to share data instantly with everyone and everything (every authorized entity, that is) — creates a huge cybersecurity threat.” The authors predict […]

Continue Reading

Late To The Party, Microsoft Offers Mega Bounties For Software Bugs

Microsoft on Wednesday announced its first ever formal program to pay security researchers for finding software vulnerabilities in its newest products. The bug bounty program will launch on June 26 and be formally unveiled at the upcoming Black Hat Briefings hacker conference in Las Vegas at the end of July.  And, though late to the party, Microsoft is making up for lost time by going large. The Redmond, Washington software maker will pay researchers up to $100,000 for “truly novel” exploitation techniques that defeat protections built into the very latest version of Windows, 8.1 Preview. It will additionally pay $50,000 for ideas for defensive strategies that accompany a bypass, raising the total potential purse for an exploit and accompanying remediation to $150,000. Additionally, Microsoft announced a short-term bounty program for its Internet Explorer 11 Preview, with the company paying up to $11,000 USD for critical vulnerabilities that affect Internet Explorer […]

Continue Reading

Don’t Call It A Hack Back: Crowdstrike Unveils Falcon Platform

Lots of aspiring technology start-ups dream of getting their product written up in The New York Times or Wall Street Journal when it launches. For Crowdstrike Inc. a two year-old security start-up based in Laguna Niguel, California, media attention from the papers of record hasn’t been an issue. This reporter counted twelve articles mentioning the company in The Times in the last year, and another two reports in The Journal. Much of that ink has been spilled on stories related to Crowdstrike research on sophisticated attacks, or the company’s all-star executive team, including former McAfee executives George Kurtz (CEO) and Dmitri Alperovitch (CTO), as well as former FBI cybersecurity chief Shawn Henry (Crowdstrike’s head of services), who left the Bureau in April, 2012 to join the company. For much of that time, Crowdstrike has been known mostly as a security services and intelligence firm, but the goal was always to […]

Continue Reading

Beware BitCoin Users: The Tax Man Cometh!

Beware you barrons of BitCoin – you World of Warcraft one-percenters: the long arm of the Internal Revenue Service may soon be reaching into your treasure hoard to extract Uncle Sam’s fair share of your virtual treasure. That’s the conclusion of a new Government Accountability Office (GAO) report on virtual economies, which found that many types of transactions in virtual economies – including bitcoin mining and virtual currency transactions that result in real-world profit – are likely taxable under current U.S. law, but that the IRS does a poor job of tracking such business activity and informing buyers and sellers of their duty to pay taxes on virtual earnings. The report, “Virtual Economies and Currencies: Additional IRS Guidance Could Reduce Tax Compliance Risks” (GAO-13-516) was released this week. It was prepared in response to a request from the U.S. Senate Committee on Finance, which asked GAO to look into virtual […]

Continue Reading
1 368 369 370 371 372 397