XFER Blog

Those who believe that smartphones are secure from threats are in for a rude awakening. Modern businesses need to apply adequate security practices to maximize the protection of mobile devices, or risk everything.

Is the password an outdated type of security measure? This question seems to be getting asked around quite a bit, especially with more powerful threats loose all over the Internet. Unfortunately, the fault in passwords generally lies in the fact that humans generally don’t pick passwords that are secure enough. Thanks to a new method called “spaced repetition,” it seems there might be some hope left for the password after all.

Malware often takes the form of certain unrecognizable web entities, which can make detecting threats tricky at times. New features in popular web browsers, most notably Google Chrome, are making progress toward identifying these threats before they cause your business harm. Chrome’s “Safe Browsing” feature is a good tool to augment your current network security practices.

While most search engines are pretty good at weeding out malicious sites and not displaying them, some are better than others. According to AV-Test, a German independent testing lab, the top search engines, Bing and Google, are miles apart in terms of secure searching.

We’ve mentioned distributed denial of service attacks (DDoS) before, and we’ve emphasized the importance of protecting yourself from threats which can cause downtime. However, we think the recent attacks by Lizard Squad take DDoS to an entirely new level.

Technology plays a crucial role in the healthcare industry, and thanks to the Health Information Technology for Economic and Clinical Health Act (HITECH), healthcare providers and insurance companies in the United States have to abide by a specific set of regulations when it comes to handling patient data.

After a long 19 years, a critical vulnerability found in the Windows series of operating systems has been patched. IBM informed Microsoft of the flaw back in May 2014. The flaw, which allows for remote code execution via a packet to a Windows server, is found in every Windows operating system since Windows 95.

Passwords are slowly becoming obsolete in the face of more powerful security solutions. This is especially true considering how a hacker can input millions of characters every second in an attempt to break into your account and unleash who knows what into your business’s network. While using a password is still a good idea, professionals are working tirelessly to bring the new face of two-factor authentication to light.

Naturally, if you saw your lamp levitate, you would believe it to be the work of a ghoul and you would cry out in terror. What then would you believe if you saw your PC’s cursor begin to move on its own? In a spooky scenario like this, your computer isn’t haunted. It’s hacked. In the real world, the latter is the scarier of the two.

Sometimes it seems like the Internet is plotting against you, and nothing is safe, ever. Even if you don't have any thugs waiting to steal your data, there are hackers - thieves - who will steal it anyway, waiting to take it when you least expect it. One of the most secure ways to protect your company's digital assets is to enact a "zero trust" policy for your network.

A cyber espionage campaign called "Sandworm" has been discovered recently. The hacking attack, said to be based in Russia, has been targeting government leaders and organizations since as early as 2009. The researchers responsible for the discovery, iSight Partners, came to this conclusion after examining the code used in the campaign.

Major retailers are having a rough time of it these days concerning the security of their customer's financial information. Last December, Target was hit with malware that compromised 40 million customer credit and debit card accounts, and recently, Home Depot was hit with the same malware. What's a connoisseur of mass-produced boxed goods to do?

If 2014 hasn't been a legendary year for data breaches yet, it certainly is now. Community Health Systems, a hospital network for over 206 facilities across the United States, has been the target of a data breach resulting in 4.5 million records being compromised by Chinese hackers, including Social Security numbers, birthdays, names, addresses, and telephone numbers.

For Washington D.C. residents, there's a dubious threat looming in their backyards putting their personal data at risk. It's Coco, a Siamese cat wearing a high-tech collar designed for hacking WiFi networks. Have you taken the proper security measures to protect your sensitive information from feline foes like Coco?

All of the security breaches and vulnerabilities of 2014 sure have made for an interesting year; first Heartbleed, then the Internet Explorer vulnerability, GameOver Zeus, and the Russian password-stealing gang. In light of these events, you really have to ask the question, "how can we fight these threats?" Symantec has told The Wall Street Journal that they feel antivirus technology is "dead."

USB devices have long been a staple of the technology world, but are notoriously vulnerable to exploitation from hackers and malware. As malware grows more and more sophisticated, you can no longer trust simple antivirus scans to protect your business.

When it comes time to upgrade, many smartphone users will sell off their old device in hopes of making extra cash. However, if the phone's memory is improperly wiped, an experienced hacker can use advanced tools to recover sensitive data off the used phone. Let's talk about how this happens and what can possibly be recovered by a hacker.

Apple's iOS operating system might be well known for its impressive security features, but that doesn't mean that it's invulnerable to all threats. In fact, backdoors may have been located in the operating system, which allow Apple and law enforcement agencies like the NSA to access the devices.