Don't-Miss Business security Stories

malware

AutoIt scripting increasingly used by malware developers

AutoIt, a scripting language for automating Windows interface interactions, is increasingly being used by malware developers thanks to its flexibility and low learning curve, according to security researchers from Trend Micro and Bitdefender.

Use of 'honeywords' can expose password crackers

Researchers propose foiling password thieves by salting password databases with red herrings called 'honeywords.'

Pentagon accuses China government, military of cyberattacks

China's government and military appear to be directly involved in cyberattacks against the U.S., according to a report released Monday by the U.S. Department of Defense.

security

Aging networking protocols abused in DDoS attacks

Aging networking protocols still employed by nearly every Internet-connected device are being abused by hackers to conduct distributed denial-of-service attacks.

Why changing your LivingSocial password won’t save you

Changing your LivingSocial password is a good first step, but the attackers already have crucial information you can’t change or undo.

Security of hosted services is top priority for Adobe's first CSO

Adobe Systems has appointed Brad Arkin, the company's senior director of security for products and services, to become its first CSO. With a mature product security program already in place, the top priorities for Adobe's new security chief are to strengthen the security of the company's hosted services and its internal infrastructure.

Samsung delays launch of Knox Android security software until 'later date'

Samsung's Knox software is expected to give the company's Galaxy phones a seriously business-friendly boost, but it may be facing delays.

SecurEnvoy falls back on fixed line to better two-factor authentication reliability

SecurEnvoy has upgraded its SMS-based system for two-factor authentication with the ability for users to receive one-time passwords via a landline telephone call and enter them using the telephone keys.

Take steps to secure what little online privacy you still have

Living in a connected, online world is encroaching on our privacy, but if you use the security tools available you can maintain some sense of control.

Online security: your two-factor authorization checklist

As Twitter gets ready to roll out two-factor authentication into its service, here's a rundown of how other major online services use the security feature.

java

Researchers: Serious flaw in Java Runtime Environment for desktops, servers

Java vulnerability hunters from Polish security research firm Security Explorations claim to have found a new vulnerability that affects the latest desktop and server versions of the Java Runtime Environment (JRE).

Verizon: One in five data breaches are the result of cyberespionage

Even though the majority of data breaches continue to be the result of financially motivated cybercriminal attacks, cyberespionage activities are also responsible for a significant number of data theft incidents, according to a report released Tuesday by Verizon.

CA Technologies buys Layer 7 for API smarts

CA Technologies is acquiring Layer 7 Technologies, a purveyor of tools for managing and securing application programming interfaces (APIs).