Articles about Security

It's the time of year when industry experts like to dust off their crystal balls, examine the pattern of tea leaves in the bottom of their cups and try to predict what the coming year is going to hold.

As far as security is concerned most commentators think we can expect the increase in numbers and sophistication of attacks we've seen in 2017 to continue, but there are some new things to worry about too.

Continue reading →

Cybersecurity experts are in agreement: enterprises simply cannot afford to skip investing in protections that safeguard their networks, systems and data. But with budgets straining, even as attacks are more prolific and powerful than ever, they need security that doesn’t break the bank. Fortunately, there several steps enterprises can take to cost-effectively bolster their cybersecurity.

In 2017, there were plenty of high-profile attacks to put people on edge. It’s been reported that there have been millions of records stolen using ransoms and extortion attempts. Who can forget WannaCry, the massive cyberattack in mid-May that spread around the world in days, crippling businesses in 150 countries by hijacking more than 230,000 computers, locking up data and demanding money to set them free? The attack used ransomware, a type of malware that encrypts data until you pay a ransom. Then there were other ransomware attacks like Petya and NotPetya. And of course, there’s always the steady drumbeat of viruses and distributed denial of service (DDoS) attacks.

Continue reading →

2017 was an eventful year in the world of email and cybersecurity. Large companies made headlines in 2017, falling victim to cyber attacks and data breaches that compromised millions of customer records. Email harassment and invasion of privacy tactics also rose to prominence in 2017.

Through it all, email has showcased its staying power and the ability to adapt to the ever-changing landscape of personal and business communications.

Continue reading →

Cyber attacks have been on the rise throughout 2017. According to endpoint security specialist Carbon Black, from January to December there has been a 328 percent jump in attacks against endpoints.

This means a business with 10,000 employees seeing about 1,000 attacks every single day. It's ransomware that continues to be a main attack vector for criminals though. Not only is it proliferating in underground markets on the dark web, it also cost global businesses an estimated $5 billion in 2017 - according to Cybersecurity Ventures.

Continue reading →

Researchers at cyber security company Kaspersky Lab have discovered a new Android mobile Trojan called Loapi.

It uses a modular architecture, allowing functions to be added to the software so it can be used for anything from crypto currency mining to DDos attacks. Crucially though Loapi can create such a heavy workload on an infected device that the battery overheats and destroys the phone.

Continue reading →

US concerns about links between Kaspersky Labs and the Russian government led to a ban on the security software being used on US government computers. The ban was only recently signed into law by Donald Trump, and now Kaspersky has filed a lawsuit against the Department of Homeland Security in response.

Kaspersky Labs is asking a federal court to overturn Trump's ban. The Moscow-based company maintains that it does not have links to the Kremlin, and has published an open letter saying that it had not been afforded "adequate due process" and that the US government's decision was based on flawed information.

Continue reading →

New research from cyber exposure company Tenable reveals a widespread lack of consumer awareness surrounding the impact of data breaches.

The results based on an online Harris Poll of more than 2000 US adults show that only 12 percent think their data has been stolen over the past year. But given the Equifax breach exposed up to 143 million Americans, that number is statistically impossible.

Continue reading →

Although the adoption of cloud services has increased over the past few years, many organizations are still unwilling to make the move to the cloud due to security and compliance concerns.

But Jim Hansen, VP of product marketing at security management firm AlienVault argues that companies with limited resources and budget should actually consider moving to the cloud in order to benefit from stronger security and compliance, in addition to other business benefits. We spoke to him to find out more.

Continue reading →

Microsoft has been bundling a password manager that features a dangerous flaw with some versions of Windows 10, a Google security researcher has revealed. Tavis Ormandy noticed that his copy of Windows 10 included Keeper, which he had previously found to be injecting privileged UI into pages.

The version that Microsoft was including with Windows 10 featured the same bug. What does this mean? In short, it allows any website to steal passwords from you.

Continue reading →

It's quite interesting to see just how far Microsoft has come since Satya Nadella became CEO. The company has gotten out of its comfort zone and made its products more appealing to a wider range of customers, embracing rival platforms and the open-source community. Having Visual Studio on Macs and tons of apps on Android and iOS is something that would have been unheard of only a few years ago.

The same goes for offering a subsystem for Linux or OpenSSH support on Windows 10. That last bit may not excite everyone, but it is especially useful for those who want to log in remotely on Linux devices -- which would have normally required third-party tools like PuTTY. Microsoft is not stopping there though, as it's taking things to the next level by adding a native OpenSSH client and server to Windows 10.

Continue reading →

Businesses rely more and more on data, but a new study shows up significant differences in the value that is placed on confidential data around the world and in different industries.

The research from cyber security firm Trustwave involved more than 500 IT decision makers in the United States, Canada, United Kingdom, Australia and Japan, examining attitudes towards the value of confidential data.

Continue reading →

While machine learning and artificial intelligence are becoming key to cyber security, a new survey shows that a majority of security professionals worry that the technology could be used against them.

The study by cyber security company Webroot reveals that 91 percent are concerned about hackers using AI against companies in cyber attacks.

Continue reading →

While 2017 saw enhancements in defenses -- such as the use of artificial intelligence -- it also demonstrated that cyber criminals continue to find their way around defensive measures with new evasion techniques.

Anti-evasion software specialist Minerva Labs has released its Year in Review report, which takes an in-depth look at the approaches used by common malware families to bypass anti-malware tools, including antivirus and analysis sandboxes.

Continue reading →

Open source is the future of computing. Don't believe me? Three of the most important technology companies -- Microsoft, Apple, and Google -- not only license open source software, but they contribute to open source projects too. While closed source will likely never go away, it is becoming less important.

Today, popular anti-virus and security company, Avast, announces that it too is contributing to the open source community. You see, it is releasing the code for its machine-code decompiler on GitHub. Called "RetDec," the decompiler had been under development since 2011, originally by AVG -- a company Avast bought in 2016.

Continue reading →

If you have an HP laptop, there's a reasonable chance that you have an keylogger installed. The tool is embedded in Synaptics touchpad drivers.

Before you start panicking too much, it's worth noting that the keylogging capabilities of the tool are disabled by default, but that's not to say there's no cause for alarm. This may all sound slightly familiar; back in May, HP hit the headlines for a keylogger that was buried in an audio driver. If you want to check if you are affected by the latest privacy violation -- and what you can do about it -- read on...

Continue reading →