Even when it was launched, Windows 8 was seen as a gamble — but one that Microsoft had to make.
The stunning, out-of-nowhere success of tablets was making the PC look stodgy and out-of-date, so Microsoft had to show that Windows could still be relevant beyond its traditional desktop home. The company's response was Windows 8, with its colourful tiled interface and the emphasis on Windows as a touchscreen operating system for a new age of computing — a bet-the-company move, according to then-CEO Steve Ballmer.
To reinforce the shift, Microsoft even developed its own new PC-tablet hybrid, the Surface, to show off the potential of the new operating system.
iPhone users are usually considered safe from malware, but a new report from Palo Alto Networks suggests that reputation may be about to change. Palo Alto's researchers have discovereda bug called Wirelurker, which the company says may have already impacted hundreds of thousands of users. The bug is primarily spreading through the Maiyadi App Store, a third-party source for OS X software in China, and researchers estimated the infected apps have been downloaded 356,104 times already. Once the computer is infected, Wirelurker spreads to iOS devices that connect over USB, rewriting existing programs on the device through binary file replacement. It's the first such bug that can infect iPhones that haven't been jailbroken, and according to Palo Alto Networks, it's also the first bug discovered in the wild that can turn legitimate iOS apps into malware without downloading additional software.
Symantec has found an unusual new threat called Regin aka Backdoor.Regin. The software, which is essentially a very powerful Trojan Horse, appears to have been circulating in the wild since 2008 and has been hitting governmental, industrial, and individual systems with impunity, using sophisticated encryption and targeting systems to spy on targets.
The anti-virus company has released a white paper on the new threat, noting its similarity to the specially targeted Stuxnet virus that attacked Iranian nuclear reactors.
The IT folks at Target weren't stupid or lazy. They had actually done a lot of security work, but it wasn't enough. Modern enterprises are so large and complex that applying best security practices at all times and locations is just too much to ask.
But we all can do better. As a starting point, consider these six programming techniques, products and services which tend to minimize the most common of security problems.
We know that most attackers are lazy and looking for low-hanging fruit. The harder a target you make yourself, the less likely it is that you will be compromised.