Tech giant Juniper Networks just found unauthorized code — essentially a backdoor — in the operating system running some of its firewalls. The hidden backdoor, found in versions of the company’s ScreenOS software dating back to at least August 2012, enable hackers to take complete control of Juniper NetScreen firewalls as well as decrypt encrypted traffic running through the Virtual Private Networks (VPN) on the firewalls. The FBI is investigating the breach, which appears to be the work of a foreign government. Continue reading Juniper Networks Backdoor Hack Likely From Foreign Nation

Cybersecurity technology from Los Alamos National Laboratory is now available to banks and other private sector businesses, via the consulting firm Ernst & Young. The New Mexico lab, benefitting from the $1 billion the U.S. spends a year on unclassified cybersecurity research, has developed a great deal of relevant technology, but is not set up to market the results of its own research. Ernst & Young, which consults on cybersecurity, will communicate the lab’s products and add its own expertise. Continue reading New Initiative: U.S. Offers Cybersecurity Tech to Private Sector

Some Lenovo laptops that have shipped since August include a pre-installed adware program known as Visual Discovery by Superfish. While Superfish is designed to serve ads, it reportedly does so in a dangerous way that leaves users vulnerable to hackers. While Lenovo claims that it has investigated the tech and does “not find any evidence to substantiate security concerns,” Internet security analysts suggest a major problem still exists. The Department of Homeland Security warns that Superfish makes users vulnerable to SSL spoofing. Continue reading Security: Government Urges Removing Superfish from Laptops

Virginia-based PFP Cybersecurity has developed a technology that may prevent future “zero-day” hacks from happening, such as the ones recently experienced by Sony, Target, JPMorgan Chase and Anthem. The technology reportedly detects hackers within milliseconds of an attack by identifying pattern changes in the power that devices use. PFP is currently testing the technology in South Carolina working together with the Department of Energy’s Savannah River National Laboratory.  Continue reading PFP Cybersecurity Develops Tech to Prevent Zero-Day Hacks

In 1987, programmer Brian J. Fox wrote one of the Internet’s most widely used tools. The software is named “Bash” (short for Bourne-Again Shell) and now appears in more than 70 percent of devices connected to the Internet, including computers, routers, servers and some mobile phones. Yesterday, security experts warned that Bash contains a software bug called “Shellshock” that could potentially be used to take over hundreds of millions of machines, including Mac computers and smartphones that run Android. Continue reading Security Experts Warn of Potentially Dangerous Shellshock Bug

Home Depot has confirmed that hackers have breached its store payments system and may have stolen up to 60 million credit card numbers. The breach could affect customers who paid with a credit or debit card at any of the 2,157 stores in the U.S. and Canada between April and September. This latest hacking incident has led retailers to speed up the installation of chip-reading credit card terminals at their stores. Credit card companies are also adding security to their cards. Continue reading Recent Home Depot Hack Prompts Retailers to Upgrade Security