Cloud Security

Apple Adds Two-Factor Authentication to iTunes Accounts

Apple has introduced a new two-factor authentication system designed to help protect users’ iTunes and App Store accounts and prevent attackers or unauthorized users from taking over users’ accounts. The system is similar to the one that Google has implemented for Gmail, utilizing verification codes sent via SMS.

google chrome security update

How To: Chrome Browser Privacy Settings


The Web browser is the primary portal through which the vast majority of connected users access and interact with the Internet. Each browser has its own security and privacy settings and those settings have an enormous impact on the nature of the relationship between users’ data and the services they encounter online. Google’s Chrome browser has extensive, easy to navigate privacy settings that let users manage everything from digital certificates to location tracking to “Do Not Track” requests.

SAN JUAN, Puerto Rico – Dan Hubbard has lately been a regular face at a lot of big data meet-ups. He’s also often been the lone security face at these meet-ups, which are dominated by analytics, search, social media and advertising professionals. That may change soon for the CTO of DNS and security service provider OpenDNS, who announced today at the Kaspersky Security Analyst Summit that security researchers will have free access to a new tool called Umbrella Security Graph.

Of all the problems that entrepreneur Kim Dotcom has faced in the last decade, including several arrests, insider trading charges and even a raid on his New Zealand home involving black helicopters and dozens of agents in body armor, the criticism of the cryptography employed by his new Mega cloud-storage service would seem to be fairly low on the list. However, Dotcom is taking that criticism rather personally, if the €10,000 reward he’s offering to anyone who can break the service’s crypto is any indication.

Information systems and algorithms designed to personalize online search results will give attackers the ability to influence the information available to their victims in the coming years. Researchers, in turn, must seek ways to fortify these systems against malicious manipulation, according to the Emerging Cyber Threats Report 2013 [PDF], a report released ahead of yesterday’s Georgia Tech Cyber Security Summit 2012.

The non-profit Cloud Security Alliance today released guidelines for the nascent Security as a Service (SecaaS) specialization within the broader realm of cloud computing. The goal, the group says, is to help companies and consumers gain a better handle on how best to evaluate, build and deploy off-premise Security Information and Event Management systems as they grow in popularity.

The Apache Software Foundation is warning users about a configuration problem in the open-source CloudStack platform that could allow an attacker to take a number of unwanted actions, including deleting all of the virtual machines on a system.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.