Apple has announced its new “security bounty” initiative that will offer payments up to $200,000 to any hackers who inform the company about critical vulnerabilities to its products. In doing so, Apple joins major tech companies that have similar programs in place. Alphabet, Facebook and Microsoft “have paid out millions of dollars in bug bounties over the past few years,” reports The Wall Street Journal. Automobile companies such as Tesla and GM are also introducing bounty programs as vehicles are relying more on software to control their systems. Continue reading Apple is the Latest Tech Giant to Launch Bug Bounty Program

Defense Advanced Research Projects Agency (DARPA) has launched the Cyber Grand Challenge (CGC), to create a program that — without any human interference — can find security vulnerabilities abused by hackers, then create a fix and distribute it. If the Challenge is successful, power plants, air traffic and water infrastructure would eventually become safe from computer viruses and hackers, and ordinary citizens would know their computers and digital devices are safe from malware and viruses. Continue reading DARPA Announces Competition to Combat Computer Viruses

According to Twitter, the personal data of nearly 33 million of its users are presently at risk due to malware that may have trolled the information from users, not the company. Millions of usernames, emails and, in some cases, passwords are listed for sale on the dark web. Similar leaks in the past month have impacted users of LinkedIn, Myspace and some Russian-language sites. “The website that published the Twitter passwords, LeakedSource, says it has more than 1.8 billion records in its database,” reports The Wall Street Journal. “LeakedSource sells access to these records for a fee.” Twitter is encouraging its users to change their passwords. Continue reading Personal Credentials Leaked From Millions of Twitter Accounts

Movie studios that use Facebook to promote upcoming films — such as “Batman v Superman: Dawn of Justice,” which has 4.4 million likes on its Facebook movie page — have discovered a potent downside to the extra publicity. Pirates post links to copyright-infringing streams; spam includes chain letters, pornography, phishing, malware and hate speech. Illegal sites are harvesting personal data and running money scams and now targeting publications with embedded Facebook comments, including BuzzFeed, ESPN and Huffington Post. Continue reading Pre-Release Piracy Grows Across Facebook and Publications

For advertisers, ad blocking is a problem that’s quickly getting bigger, as more consumers download ad-blocking apps and browsers. Mobile marketing company Tune just released a new report that predicts that ad blocking could comprise 80 percent of smartphone owners by Q3 2017. In response, advertisers are exploring ways to block the ad blockers. Digital advertising trade group Interactive Advertising Bureau has written a primer on how to block the blockers, and even The New York Times is testing ways around them. Continue reading Advertisers Seek New Ways to Combat Growth of Ad Blocking

Intel unveiled Authenticate, a technology that introduces a new, heightened level of security and computing performance. Authenticate makes it easier for multifactor authentication by which users put in place up to four safeguards before they are able to log in to their computer. That could be any combination of a password, fingerprint, set of numbers on a touchscreen or presence of an authorized employee smartphone. Authenticate is already built into new versions of Intel’s Core chips, which are used in business PCs. Continue reading Intel Technology Debuts Multifactor Security for Business PCs

For the first time, Apple’s iOS mobile operating system was targeted with a large-scale malware attack, infecting several popular Chinese apps and exposing vulnerability in Apple’s mobile platform. The origin of the hack was an unauthorized version of Apple’s developer tool kit, hosted on the Baidu Pan cloud, which was touted as taking much less time to download than the official toolkit, Xcode. An unknown number of apps were infected, but one Chinese security company, Qihoo 360 Technology, estimates 344. Continue reading Malware Attacks Apple iOS App Store, Infects Over 300 Apps

When Facebook launched ThreatExchange in February, the idea was to create a platform where companies could share information on potential cyberattacks, malware and other malicious hazards. Now, the Silicon Valley company says that the number of companies on the platform has reached 90, after 23 joined last week when the application process became easier. Facebook, which isn’t alone in offering a platform for centralized cyberthreats, is continuing its work to integrate these other information-sharing platforms. Continue reading Companies Share Cyberthreat Info on New Facebook Platform

A recent Check Point Software survey determined that enterprise network vulnerabilities often result from the ease in which company employees can now connect their mobile devices to insecure wireless networks. The study suggests that the threat level increases with larger organizations. For example, companies that use 2,000 or more devices experience a 50 percent chance that at least six devices have become infected with malware (something to consider since 82 percent of companies now have a BYOD plan in place). Continue reading Mobile Devices Now the Largest Threat to Enterprise Security

A privilege-escalation bug was identified in the latest version of Apple’s OS X this week by security researcher Stefan Esser. The vulnerability reportedly provides hackers with root user privileges that make it possible to infect Macs with rootkits and other malware. This type of bug is commonly used to bypass security protections created for applications and operating systems. According to Esser, the vulnerability can be found in OS X Yosemite 10.10.4 and the beta version of 10.10.5, but not in the recent beta version of El Capitan 10.11. Continue reading Security Researcher Reports Privilege-Escalation Bug in OS X

To patch two critical zero-day vulnerabilities, Adobe Systems issued an emergency update for its Flash media player. That’s in addition to a previously unknown vulnerability discovered over a week ago in a 400-gigabyte data dump published after hackers rooted the servers of Hacking Team. That bug allowed hackers to covertly install malware on end-user computers. Mozilla now blocks the hacker-susceptible Flash, and several industry leaders are calling for Adobe to pull the plug on the bug-infested media player. Continue reading New Emergency Patches for Flash Steps Up Calls for Its Demise

Virginia-based PFP Cybersecurity has developed a technology that may prevent future “zero-day” hacks from happening, such as the ones recently experienced by Sony, Target, JPMorgan Chase and Anthem. The technology reportedly detects hackers within milliseconds of an attack by identifying pattern changes in the power that devices use. PFP is currently testing the technology in South Carolina working together with the Department of Energy’s Savannah River National Laboratory.  Continue reading PFP Cybersecurity Develops Tech to Prevent Zero-Day Hacks

In a speech at CES earlier this week, Edith Ramirez, chairwoman of the Federal Trade Commission addressed her concerns about the current state of privacy regulations related to companies that rely on the collection of consumer data. Ramirez urges tech companies to spend more time developing security measures to ensure consumer data remains protected from potential hackers. Ramirez also advises companies to take careful precautions now and be more transparent about their use of data. Continue reading FTC Chairwoman Concerned About Data Security and Privacy

Security researchers at antivirus company Symantec recently discovered malware that has been used to target and spy on researchers, governments, businesses and telecommunications infrastructures across as many as ten different countries. The malware, called Regin, is being traced back to 2008 and is being identified as a highly sophisticated spying tool built to access a computer’s most sensitive information including secured files and documents, passwords and memory. Continue reading Regin: Symantec Researchers Uncover Sophisticated Spy Tool

Researchers at security firm Lookout have been tracking mobile malware for almost two years. As the firm predicted, millions of mobile users have been affected by a recent mobile epidemic of viruses and spam. Hackers are finding new ways to deceive mobile device users via techniques involving email and implanting harmful codes on websites. As attackers become more sophisticated in their methods, mobile users should be more careful of their online activity.   Continue reading Android Users Warned They Are at Risk of Malicious Software