Articles about Security

Both users and their endpoint devices are the primary target for cyber criminals with phishing being the most prevalent threat according to a new report.

The study from research and education specialist the SANS Institute finds security professionals rate phishing at 72 percent, spyware at 50 percent, ransomware at 49 percent, and Trojans at 47 percent as being the top threats today.

Continue reading →

Increasingly businesses are moving their data and applications to the cloud. But there are always concerns about how secure the information is.

Network security company Portnox has put together an infographic looking at some of the myths surrounding cloud security and explaining why they're ill-founded.

Continue reading →

The UK government has made no secret of its desire to exert greater control over the internet, and home secretary Amber Rudd has gone as far as suggesting that encryption should be weakened -- and backdoors should be included in software -- to make it easier to carry out surveillance on terrorists.

Lord Jonathan Evans, the former chief of MI5 in the UK, acknowledged that encryption had got in the way of monitoring communication between extremists, but said this should not be used as an excuse to weaken security.

Continue reading →

A few months ago, Google brought phishing protection to Gmail on Android. Now the company is doing the same for the iOS version of the app.

The feature is rolling out over the next few weeks, and it offers a couple of safety nets to protect users from visiting potentially dangerous links in emails.

Continue reading →

Organizations in the financial services sector are forced to innovate in order to stay relevant. At the same time, innovation is being slowed down by the need to keep data and applications safe, putting organizations in this vertical in quite a tough spot.

This conclusion was given out in a new report by Claranet. The report says that striking the right balance between innovation and security is becoming a "key competitive differentiator" in the sector.

Continue reading →

The latest addition to WikiLeaks' Vault 7 cache of CIA documents and tools is a user guide for CouchPotato. This project is designed to capture RTSP/H.264 video streams, typically from networked cameras.

This is rather different to the approach taken with the Dumbo project which required physical access to a computer. The CouchPotato documentation is relatively recent, only dating back to February 14, 2014.

Continue reading →

Microsoft has today announced Coco Framework, a means of simplifying the adoption of blockchain protocol technology. The aim is to speed up the adoption of blockchain-based systems in the enterprise, whilst simultaneously increasing privacy.

Coco -- short for Confidential Consortium -- will be available in 2018, and Microsoft will be making the technology open source to help increase uptake. Intel is working with Microsoft as a hardware and software partner, and Coco Framework features Intel Software Guard Extensions (Intel SGX) to improve transaction speed at scale.

Continue reading →

Employees are putting corporate data at risk by using unsecured hotspots and over sharing on cloud services, according to a new report.

The study from cloud security specialist Bitglass set up Wi-Fi hotspots in random public spaces for two hour time slots, and captured and analyzed traffic, finding that of the 834 people in the public spaces, 187 unique devices (around 20 percent) connected.

Continue reading →

The number one priority for security executives is achieving complete breach intolerance according to a new study from endpoint security company Endgame in conjunction with Forrester Research.

The study of over 150 security decision makers in large US enterprises also finds 64 percent of executives are concerned that the next breach or attack they experience could be severe, a fear that is heightened by the fact that decision makers don’t know the system or the vector that will be attacked next.

Continue reading →

Many businesses rely on outsourcing some or all of their IT to managed service providers (MSPs), but a new study from Kaspersky Lab reveals that two out of three MSPs are suffering from a shortage of qualified cyber security staff.

Among the findings are that cyber security is no longer seen as a separate or optional function among MSPs with 92 percent now including it as part of their portfolio of services. More than half (51 percent) cite security as essential to their customers' operational continuity in the next three to five years.

Continue reading →

Two months ago, Russian security software firm Kaspersky Labs filed antitrust complaints against Microsoft in Europe, alleging that the software giant was favoring its own Windows Defender over third-party anti-virus software in Windows 10.

In response to that lawsuit, Microsoft has made changes to how the forthcoming Windows 10 Fall Creators Update works with anti-virus software, and an appeased Kaspersky has dropped its complaint.

Continue reading →

Last year, the interconnectedness of cybercrime was demonstrated by a variety of supply chain hacks and other well-known cybersecurity issues that coalesced to create massive botnets powered by compromised Internet-of-Things (IoT) devices. The events from the first half of 2017 highlight another long-developing issue, which has been made worse by a variety of data dumps from actors such as WikiLeaks, TheShadowBrokers, and others: the leakage of state-sponsored and cybercriminal hacking tools and exploits.

Much like leaked personal data, once those vulnerabilities, exploits, and tools are exposed, they forever remain in the cybercriminal public domain. The May outbreak of WannaCry ransomware and the June outbreak of the data-destroying malware NotPetya both leveraged leaked NSA exploits to disrupt numerous organizations across the globe.

Continue reading →

If you work in the cybersecurity industry or are interested in getting into the field, it’s important to stay up to date with the latest trends, developments and advancements. One of the best ways to stay updated with the most recent industry changes is to follow the top giants in the security industry.

The cybersecurity industry is a quickly expanding market, growing in response to the increasing number of cyber crimes. According to the most recent report of Cybersecurity Ventures, its spending is expected to reach $1 trillion over the next 5 years.

Continue reading →

There is a lot of nasty talk about cloud security solutions on the web. From calling them "inherently insecure" to branding them a as a source of imminent risk, the "folding arms gang," or CISOs/CSOs in favor of maintaining legacy solutions and the on-premise model, have surely gone to town to cast a cloud over cloud security solutions.

As a result, a number of myths about cloud security are spreading though the information security industry. Now’s the time to set the story straight and debunk the top cloud security myths once and for all.

Continue reading →

Apple recently removed some VPN clients from the App Store in China at the request of the Chinese Government. Why? That country is largely anti-privacy, and it does not want its citizens bypassing its censorship of the web. If you live in China, the government can decide what you can and can't view online. If you get caught circumventing these controls, the government can harshly punish you. Sad, right? This is why it is imperative that Linux-based privacy-centric open source operating systems such as Tails continue their development -- you never know when it might be needed (including in the USA).

If you aren't familiar with Tails, please know that it is a "Live" Linux distro that focuses on security and privacy. In other words, it can potentially cover your tracks from heavy-handed governments and other entities. Today, Tails achieve a minor point update, making the newest stable version 3.1. While it is hardly monumental from a feature perspective, it is urgent that all users upgrade as some serious vulnerabilities have been patched.

Continue reading →