Saturday's attack is the biggest on Saudi oil infrastructure since Saddam Hussein's invasion of Kuwait in 1990.Energyread more
Saudi Aramco is aiming to restore by Monday about a third of its crude output that was disrupted after drone attacks on two key oil facilities, The Wall Street Journal...Marketsread more
"Blaming Iran won't end disaster. Accepting our April '15 proposal to end war & begin talks may," Zarif said on Twitter.Energyread more
Oil prices are expected to jump as much as $10 per barrel after a coordinated drone strike hit Saudi Arabia's largest oil field, forcing the kingdom to cut its oil output in...Marketsread more
Apple's new iPhones can still send texts, download apps, and make video calls, but the company spends a lot of time and effort marketing its new phones as powerful photography...Technologyread more
The trucking industry is worth hundreds of billions of dollars per year. Uber is going after this market with Uber Freight, an online platform that matches truckers with...Technologyread more
Some U.S. manufacturers say tariffs, if targeted, will help address longstanding unfair trade practices like intellectual property theft.Traderead more
Supporters of a $15 minimum wage ballot initiative in Florida argue the state's inflation-tied pay hikes have not gone far enough.2020 Electionsread more
Saudi Arabia shut down half its oil production Saturday after drone strikes hit the world's largest oil processing facility in an attack claimed by Yemen's Houthi rebels.Politicsread more
Trusii's hydrogen water machines were supposed to help users with their health problems, but customers claim the company is involved in a giant scam.Technologyread more
The decoupling of the world's two weightiest economies seems as inescapable as its extent and global impact remains incalculable.Politicsread more
Old software security holes are more stubborn than many think.
A report issued Monday by HP shows that almost half of the companies who suffered a cyber attack in 2014 were hit by hackers taking advantage of old exploits.
In fact, 44 percent of known breaches in 2014 stemmed from vulnerabilities caused by unpatched code that was two to four years old, showing that many companies are not adequately updating security patches, according to HP's Cyber Risk Report.
"The biggest theme we took out of this is that the past has come back to haunt us," said Frank Mong, the vice president of solutions enterprise security products for Hewlett-Packard.
"When you look at why people are still getting hacked or breached, I think a big contributor to that is either not knowing if you were patched or if you were patched and you were secure at one point, but something happened in operations that caused you not to be patched again," Mong said.
For example, when a company's server goes down, operations will usually reboot or reimage it to get it working again. When this happens, all security patches are lost and must be reinstalled. Because the process of reinstalling all security patches can be very manual, some patches may be missed.
"When you look at the problems we saw in 2014, the devil is in the details and companies need to go back and look at their operational practices because you let one little slip happen and you could have a big problem on your hands," Mong said.
While old security holes going unpatched was the big reason for cyber incidents last year, more attacks are increasingly targeting connected devices, specifically mobile devices, Mong said.
Mong said that HP researches found no new mobile ransomware samples in January 2014, but by November last year saw 183 new types of ransomware, attacking Android devices.
Google's Android operating system has become a primary target for hackers because app marketplaces for Android tend to be less regulated. This enables hackers easily to build malicious apps that can be downloaded by anyone.
"That type of surge shows that once we are good corporate citizens and we start patching our servers, start patching our PCs, the adversary starts to maneuver and starts to change the game," Mong said. "And in this case, they are attacking Android mobile devices because there is opportunity there."