Articles about Security

Traditional methods of securing endpoints rely on installed agents and are affected by network dependencies.

Endpoint security specialist Absolute is launching a new version of its solution that's always connected to every endpoint. Absolute 7 uses Persistence technology that’s embedded in the firmware of many popular endpoint devices, to deliver always-connected visibility and control with a tether to every device both on and off the corporate network.

Continue reading →

Although other forms of authentication are gaining traction, the password is still the most common method of identifying yourself to websites. Levels of password security should therefore be an important consideration for online businesses, especially in eCommerce.

But a Password Power Rankings survey out today from password manager Dashlane shows that 46 percent of consumer sites, including Dropbox, Netflix, and Pandora, and 36 percent of enterprise sites, including DocuSign and Amazon Web Services, are failing to implement the most basic password security requirements.

Continue reading →

Privileged accounts allow access to all aspects of a company's IT infrastructure, so if they fall into the wrong hands the consequences can be disastrous.

A new hardware appliance solution from identity management specialist One Identity aims to make it easy for businesses to deploy, operate and maintain their privileged password systems.

Continue reading →

New data protection rules are due to come into effect in Europe next year, and Google is highlighting the rights and obligations that are being introduced. The General Data Protection Regulation (GDPR) comes into force in May and Google, like other businesses, will need to comply.

While Google needs to ensure that its own products and services fulfill legal requirements, the company also points out that "customers and partners have significant obligations under these new laws." A new website serves to explain everything that you need to know, including detailing how to control how your data is used and shared.

Continue reading →

With security breaches and theft of sensitive data on the increase, enterprises are searching for ways of keeping their information secure.

One technique that can be used is data sanitization but it's still relatively unknown and often misunderstood within the technology and IT security industry. To try to change this a new independent network, known as the International Data Sanitization Consortium (IDSC), is launching to champion and promote data sanitization best practices.

Continue reading →

The impact of the recent HBO hack continues to be felt. We've already seen scripts and spoilers leak online and now there's a new cache of leaks along with a ransom demand from those responsible.

The data dump includes details of the script for episode five of the current season, and a video directed at HBO CEO Richard Plepler in which the unknown hackers -- who sign off as "Mr. Smith" -- give the company three days to pay up a ransom in Bitcoin.

Continue reading →

Season seven of Game of Thrones has been something of a disaster for HBO. Not in terms of interest or viewing figures, of course, but in terms of hacking, leaks, spoilers and piracy.

Last night saw the official airing of episode four of season seven but this particular episode, The Spoils of War, leaked some days ago. Distribution partner Star India has admitted the leak came from its website, and HBO has called in the FBI to investigate the hack that lead to a number of episode and script leaks.

Continue reading →

WikiLeaks has published the latest installment of its cache of CIA documentation known as Vault 7. This time around we learn about Project Dumbo, a hacking tool which allows for the control of webcams and microphones.

Wired, Bluetooth and wireless devices can all be detected by Dumbo. In addition to this, Dumbo gives the CIA the ability to delete or corrupt recordings that have been made. WikiLeaks has published user guides for three versions of Dumbo, the most recent of which is dated June 2015.

Continue reading →

A bipartisan group of US senators have introduced a new bill to better secure Internet of Things (IoT) devices and to protect security researchers as they attempt to find vulnerabilities in these devices.

The Internet of Things Cybersecurity Improvement Act 2017 will require manufacturers that supply the US government with connected devices to comply with industry-wide security practices.

Continue reading →

Whether or not password managers are a good idea is up for debate. I understand the concerns about storing all of your login credentials in a single place -- in the cloud no less. With that said, the benefits outweigh the negatives. Look, it is impossible to remember a unique password for countless web sites nowadays. One alternative to a password manager is reusing the same password on numerous sites, and that is foolish behavior. Right now, a solution like LastPass or 1Password is the best we have, and I suggest it wholeheartedly.

LastPass in particular is great, as it is free to use and is cross-platform. It even works on Linux desktop operating systems such as Ubuntu, Fedora, and Chrome OS. For a single dollar every month, you can opt for a premium account that supports the developer and gives you a few exclusive features. Well, guess what? LastPass is doubling the monthly fee for the Premium tier from one dollar to two. Yes, rather than $12 a year, it is now $24. Still extremely inexpensive, right? No one would complain about that, right? Wrong. Many LastPass users are stupidly complaining.

Continue reading →

LogMeIn has revealed a major new deal which it says will help its services become smarter and more personalized than ever.

The privacy firm has announced that it will acquire the digital self-service, chatbot and virtual assistant company Nanorep to provide more personalized experiences for its customers.

Continue reading →

A new survey of IT and security professionals reveals that many teams lack the appropriate endpoint detection and response tools to quickly and efficiently deal with security alerts without the need to take endpoints offline to re-image them.

The survey of 385 North American professionals by forensic security specialist Guidance Software reveals that 95 percent of respondents say advanced software functionality for malware removal and system recovery -- without the need to re-image a system -- is important in an endpoint security suite.

Continue reading →

As the overall percentage of encrypted traffic increases, hackers are increasingly using SSL to conceal device infections, and hide their other activities.

A new study from Zscaler finds that an average of 60 percent of the transactions in the Zscaler security cloud have been delivered over SSL/TLS.

Continue reading →

The latest DDoS intelligence report from Kaspersky Lab shows that long-lasting attacks are making a comeback.

The longest attack in the second quarter of this year was active for 277 hours (more than 11 days) -- which is a 131 percent increase compared to the first quarter and a current record for the year.

Continue reading →

Millions of smartphones around the world could have been affected by a Wi-Fi security flaw, security researchers have claimed.

Broadcom's mobile Wi-Fi chips hid a vulnerability on them which could have allowed malicious actors to potentially attack a billion Android or iOS devices.

Continue reading →