Stories by Antone Gonsalves

Researchers build security framework for Android

By Antone Gonsalves | 21 August, 2014 22:37

University researchers have modified the Android operating system to let developers plug in enterprise-class security enhancements that would normally require overhauling a mobile device's firmware.

Workers at U.S. nuclear regulator fooled by phishers

By Antone Gonsalves | 20 August, 2014 11:03

Nuclear Regulatory Commission employees were tricked into disclosing passwords and downloading malware in three phishing attacks that occurred over a three-year period.

Why it is time to intensify employee education on phishing

By Antone Gonsalves | 19 August, 2014 22:40

Companies should consider intensifying employee training to combat the increasing craftiness of phishers who are working harder to obtain personal details on targets in order to trap them in scams.

Two US supermarket chains report major computer break-ins

By Antone Gonsalves | 16 August, 2014 10:02

Supermarket chain Supervalu has reported that more than 200 stores were affected by a computer break-in that exposed customers' debit- and credit-card numbers and other data.

Why contractors' home networks are a security threat

By Antone Gonsalves | 15 August, 2014 23:28

Companies should take note of a recent poll that found contractors and IT administrators were the favorite targets of hackers.

How Google is heading toward safe, global Gmail

By Antone Gonsalves | 14 August, 2014 23:20

Google has made an important change to its Gmail spam filter that is expected to make targeted phishing attacks more difficult while allowing for a more global webmail service.

How to reduce the risk of insecure firmware in office gear

By Antone Gonsalves | 13 August, 2014 10:13

A firmware study that found dozens of security problems affecting more than 120 products is a reminder to businesses to segregate and control access to networked office gear, experts say.

How Yahoo email encryption could help your business

By Antone Gonsalves | 12 August, 2014 23:21

If Yahoo gets it right, then the end-to-end email encryption the Internet company is promising would be a big help to companies concerned with privacy in the use of webmail, experts say.

Why the password-only era is over and what to do about it

By Antone Gonsalves | 09 August, 2014 09:56

The Russian crime ring that amassed more than a billion stolen passwords has shown why businesses have no choice but to add other forms of authentication in securing access to websites and corporate networks.

How hackers used Google in stealing corporate data

By Antone Gonsalves | 08 August, 2014 09:30

A group of innovative hackers used free services from Google and an Internet infrastructure company to disguise data stolen from corporate and government computers, a security firm reported.

Android users warned of critical vulnerability

By Antone Gonsalves | 30 July, 2014 22:32

A critical vulnerability affecting millions of Android devices could let a hacker take control of a smartphone or insert malicious code in another app, security researchers say.

Georgia Tech launches early warning system for cyberthreats

By Antone Gonsalves | 29 July, 2014 22:27

Georgia Institute of Technology's applied research arm has launched an early warning system to help organizations prepare for possible cyberattacks.

Criminals ride Google coattails in DDoS attacks

By Antone Gonsalves | 26 July, 2014 22:59

The easy access Google's web crawlers have to sites is increasingly being exploited by cybercriminals in launching distributed denial of service attacks, a security vendor says.

How to prevent a website compromise like StubHub

By Antone Gonsalves | 25 July, 2014 23:12

The use of stolen passwords to compromise the website of ticket seller StubHub is a reminder that additional layers of protection are often needed for sites holding sensitive data.

When is your infrastructure safe from Heartbleed?

By Antone Gonsalves | 24 July, 2014 22:42

Now that IT departments have fixed the Heartbleed bug in most internet-facing software, security pros have started debating the risk of not patching software buried deep in the data center.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Secure Virtualization of Business Applications

Run your mission-critical applications in a secure and compliant virtual datacenter, or private cloud.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.