Articles about Security

One of the basic problems businesses face in preventing attacks is effective discovery and identification of their technology assets.

This is made worse by the growth of BYOD and Internet of Things devices. Israel-based Axonius is looking to solve this problem with the launch of its Cybersecurity Asset Management Platform to enable customers to see and secure all their devices.

Continue reading →

A new report from threat intelligence specialist Recorded Future looks at the changing way in which attackers are using vulnerabilities.

In contrast to previous years, most of the criminal exploit kits and phishing campaigns seen in 2017 have favored Microsoft products, rather than the Adobe Flash vulnerabilities which previous research showed as being the most popular.

Continue reading →

Cyber security company McAfee is announcing an expanded product portfolio that evolves security operations capabilities and allows for rapid response to today’s threats.

McAfee's updated Enterprise Security Manager (McAfee ESM 11) uses a new data architecture optimized for scalability, performance, faster search, and collaboration. This is combined with the newly launched McAfee Behavioral Analytics, and enhanced McAfee Investigator, McAfee Advanced Threat Defense, and McAfee Active Response.

Continue reading →

New research reveals that 56 percent of surveyed decision makers from IT and risk, fraud or compliance functions report that their organization has suffered a ransomware attack in the last 12 months, compared to under half (48 percent) who said the same in 2016.

The study of 500 businesses in the UK, France, Germany and USA commissioned by SentinelOne and carried out by Vanson Bourne shows 69 percent say the most successful ransomware attack resulted in the attacker being able to encrypt some data, with five percent paying the ransom to decrypt the data.

Continue reading →

According to new research, 97 percent believe unsecured IoT devices could be catastrophic for their organization, yet just 29 percent actively monitor for related third-party risks.

The study conducted by the Ponemon Institute and risk assurance body Shared Assessments shows 81 percent of respondents say that a data breach caused by an unsecured IoT device is likely to occur in the next two years.

Continue reading →

Although it's relatively new, the cryptocurrency industry was the fifth most attacked by DDoS in the final quarter of 2017.

Imperva's latest Global DDoS Threat Landscape Report finds the spike in cryptocurrency prices has attracted the attention of attackers. Also the number of exchanges has increased to 190, up from 70 in Q3.

Continue reading →

Attacks such as ransomware are able to bypass legacy security solutions because organizations are neglecting to patch, update, or replace their current products according to a new report.

The study from cyber security company Webroot also shows cryptojacking gaining ground, with over 5,000 websites being compromised with JavaScript cryptocurrency miner CoinHive to mine Monero since September 2017.

Continue reading →

Cyber security is seen as one of the biggest threats to business. Yet employees are not being supported by their organizations when it comes to investing in their continued education and career development.

Crowd sourced IT and security training solution Cybrary, along with cyber security research body the Cyentia Institute, have produced a report looking at the cyber skills gap.

Continue reading →

A new report from digital threat management company RiskIQ states malicious mobile apps declined at the end of 2017.

To reach these findings the firm analyzed 120 mobile app stores and it puts the decline down largely to a decrease in the inventory of AndroidAPKDescargar, the most prolific dealer of blacklisted apps.

Continue reading →

As much as we'd like to think otherwise, no software is free of security issues. That's why it's important for tech companies to play an active role in finding and fixing as many bugs as possible before they're exploited. Implementing a bug bounty program can be very effective, as the product is exposed to various testing mindsets and approaches which can uncover some nasty surprises.

Netflix, which has over 100 million users across the globe, today introduces its first bug bounty program that's open to the public, with rewards that can reach $15,000 for the most-valuable findings that security researchers report.

Continue reading →

AMD has confirmed that some of its processors contain vulnerabilities after they were found by CTS Labs researchers. In all, 13 critical flaws were found, including RyzenFall, MasterKey, Fallout and Chimera. They affect a range of AMD products.

The flaws are not dissimilar to the previous Meltdown/Spectre vulnerabilities, and CTS Labs gave AMD just 24 hours' notice before going public. The chipmaker says that patches are on the way, and tries to suggest that the vulnerabilities are not a cause for major concern.

Continue reading →

The US has repeatedly voiced concerns about Kaspersky Labs, expressing distrust of the Russian company. So concerned is the Trump administration about possible ties to the Russian government, that Kaspersky software is banned from official computers.

This is clearly something that the company is not happy with, and it has already launched a lawsuit against the US government. In a bid to silence those who say that data is being fed to the Kremlin, Kaspersky is planning to open a data center in Switzerland.

Continue reading →

The foundations of the digital world are set to be shaken in the next two years according to the findings of a new report from the Information Security Forum (ISF).

The Threat Horizon 2020 report highlights nine major threats, broken down into three themes, that organizations can expect to face by 2020 as a result of  developments in technology.

Continue reading →

The average website was attacked 44 times a day during the last quarter of 2017, according to new research from security specialist SiteLock.

The company analyzed six million sites to identify trends in the behavior and tactics of attackers. Though the number of attacks represents a 25 percent decrease over the previous quarter, it still means a site could be attacked 16,000 times a year.

Continue reading →

Hackers and cyber criminals often seek to exploit human errors like misconfigurations, poor security practices and the use of shadow IT.

In order to help businesses assess the risk XM Cyber is launching an automated advanced persistent threat (APT) simulation platform, HaXM, to continuously expose all attack vectors, above and below the surface.

Continue reading →